Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://s3.us-east-2.amazonaws.com/revealedgceconomies/vdiq197yvi/ImgBurn_822881.exe?

Overview

General Information

Sample URL:https://s3.us-east-2.amazonaws.com/revealedgceconomies/vdiq197yvi/ImgBurn_822881.exe?
Analysis ID:1538471
Infos:

Detection

Score:48
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for dropped file
Checks for available system drives (often done to infect USB drives)
Creates a process in suspended mode (likely to inject code)
Drops PE files
Found dropped PE file which has not been started or loaded
Queries keyboard layouts
Queries the volume information (name, serial number etc) of a device
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 3704 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6864 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1948,i,18086677487560941788,16590809308708294037,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6680 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5528 --field-trial-handle=1948,i,18086677487560941788,16590809308708294037,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 4048 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://s3.us-east-2.amazonaws.com/revealedgceconomies/vdiq197yvi/ImgBurn_822881.exe?" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • rundll32.exe (PID: 6648 cmdline: C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding MD5: EF3179D498793BF4234F708D3BE28633)
  • ImgBurn_822881.exe (PID: 7272 cmdline: "C:\Users\user\Downloads\ImgBurn_822881.exe" MD5: B0122909933A4243C6055AF589ABCF51)
  • MPC-HC.1.9.19.x86.exe (PID: 7836 cmdline: "C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exe" MD5: 987F955A9CC69937A6BF6C1B5C8DA647)
    • MPC-HC.1.9.19.x86.tmp (PID: 7856 cmdline: "C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmp" /SL5="$902A0,16070317,185856,C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exe" MD5: 97E8309859A8F2E96633F3ABAD8727F0)
      • MPC-HC.1.9.19.x86.exe (PID: 7948 cmdline: "C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exe" /SPAWNWND=$90294 /NOTIFYWND=$902A0 MD5: 987F955A9CC69937A6BF6C1B5C8DA647)
        • MPC-HC.1.9.19.x86.tmp (PID: 7972 cmdline: "C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp" /SL5="$D0188,16070317,185856,C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exe" /SPAWNWND=$90294 /NOTIFYWND=$902A0 MD5: 97E8309859A8F2E96633F3ABAD8727F0)
      • mpc-hc.exe (PID: 1284 cmdline: "C:\Program Files (x86)\MPC-HC\mpc-hc.exe" MD5: 4A7D6D2643C29D1769DF5BA1D548185C)
        • chrome.exe (PID: 7380 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://github.com/clsid2/mpc-hc/releases MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 6940 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=772 --field-trial-handle=1588,i,684023181700708914,18408882208510045909,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Multi AV Scanner detection for dropped file
Source: C:\Users\user\Downloads\ImgBurn_822881.exe (copy)ReversingLabs: Detection: 37%
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49708 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49709 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:49710 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.26.5.9:443 -> 192.168.2.16:49713 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:49714 version: TLS 1.2
Source: unknownHTTPS traffic detected: 140.82.121.3:443 -> 192.168.2.16:49717 version: TLS 1.2
Source: unknownHTTPS traffic detected: 185.199.108.133:443 -> 192.168.2.16:49718 version: TLS 1.2
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: z:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: x:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: v:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: t:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: r:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: p:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: n:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: l:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: j:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: h:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: f:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: d:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: b:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: y:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: w:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: u:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: s:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: q:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: o:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: m:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: k:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: i:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: g:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: e:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: c:
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeFile opened: a:
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: global trafficDNS traffic detected: DNS query: s3.us-east-2.amazonaws.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: contentworldinc.com
Source: global trafficDNS traffic detected: DNS query: github.com
Source: global trafficDNS traffic detected: DNS query: raw.githubusercontent.com
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49699 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 49698 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49699
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49698
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49708 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49709 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:49710 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.26.5.9:443 -> 192.168.2.16:49713 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:49714 version: TLS 1.2
Source: unknownHTTPS traffic detected: 140.82.121.3:443 -> 192.168.2.16:49717 version: TLS 1.2
Source: unknownHTTPS traffic detected: 185.199.108.133:443 -> 192.168.2.16:49718 version: TLS 1.2
Source: classification engineClassification label: mal48.win@37/131@11/116
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\Downloads\f49b3257-f62a-478f-b4f0-8489b6810a44.tmp
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeMutant created: \Sessions\1\BaseNamedObjects\MediaPlayerClassicW
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpMutant created: \Sessions\1\BaseNamedObjects\'mpchc_setup_mutex'
Source: C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exeFile created: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp
Source: C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
Source: C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpFile read: C:\Users\user\Desktop\desktop.ini
Source: C:\Windows\System32\rundll32.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion RegisteredOrganization
Source: unknownProcess created: C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1948,i,18086677487560941788,16590809308708294037,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://s3.us-east-2.amazonaws.com/revealedgceconomies/vdiq197yvi/ImgBurn_822881.exe?"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5528 --field-trial-handle=1948,i,18086677487560941788,16590809308708294037,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1948,i,18086677487560941788,16590809308708294037,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5528 --field-trial-handle=1948,i,18086677487560941788,16590809308708294037,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: unknownProcess created: C:\Users\user\Downloads\ImgBurn_822881.exe "C:\Users\user\Downloads\ImgBurn_822881.exe"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: unknownProcess created: C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exe "C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exe"
Source: C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exeProcess created: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmp "C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmp" /SL5="$902A0,16070317,185856,C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exe"
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpProcess created: C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exe "C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exe" /SPAWNWND=$90294 /NOTIFYWND=$902A0
Source: C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exeProcess created: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp "C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp" /SL5="$D0188,16070317,185856,C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exe" /SPAWNWND=$90294 /NOTIFYWND=$902A0
Source: C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exeProcess created: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmp "C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmp" /SL5="$902A0,16070317,185856,C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exe"
Source: C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exeProcess created: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp "C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp" /SL5="$D0188,16070317,185856,C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exe" /SPAWNWND=$90294 /NOTIFYWND=$902A0
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpProcess created: C:\Program Files (x86)\MPC-HC\mpc-hc.exe "C:\Program Files (x86)\MPC-HC\mpc-hc.exe"
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://github.com/clsid2/mpc-hc/releases
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=772 --field-trial-handle=1588,i,684023181700708914,18408882208510045909,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpProcess created: C:\Program Files (x86)\MPC-HC\mpc-hc.exe "C:\Program Files (x86)\MPC-HC\mpc-hc.exe"
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://github.com/clsid2/mpc-hc/releases
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=772 --field-trial-handle=1588,i,684023181700708914,18408882208510045909,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: uxtheme.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: windows.storage.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: wldp.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: cryptbase.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: textinputframework.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: coreuicomponents.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: coremessaging.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: ntmarta.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: wintypes.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: wintypes.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: wintypes.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: textshaping.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: sspicli.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: secur32.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: iphlpapi.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: mswsock.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: dnsapi.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: fwpuclnt.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: rasadhlp.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: schannel.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: mskeyprotect.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: ntasn1.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: ncrypt.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeSection loaded: ncryptsslp.dll
Source: C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exeSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exeSection loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: mpr.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: textinputframework.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: coreuicomponents.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: coremessaging.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: edputil.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: urlmon.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: iertutil.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: srvcli.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: netutils.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: windows.staterepositoryps.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: appresolver.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: bcp47langs.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: slc.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: sppc.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: onecorecommonproxystub.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: onecoreuapcommonproxystub.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: pcacli.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: sfc_os.dll
Source: C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exeSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exeSection loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: mpr.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: textinputframework.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: coreuicomponents.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: coremessaging.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: textshaping.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: dwmapi.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: shfolder.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: rstrtmgr.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: ncrypt.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: ntasn1.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: msftedit.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: windows.globalization.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: bcp47langs.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: bcp47mrm.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: globinputhost.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: windows.ui.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: windowmanagementapi.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: inputhost.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: twinapi.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: twinapi.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: explorerframe.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: sfc.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: sfc_os.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: linkinfo.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: ntshrui.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: srvcli.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: cscapi.dll
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpSection loaded: netutils.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: apphelp.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: aclayers.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: mpr.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: sfc.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: sfc_os.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: acgenral.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: uxtheme.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: winmm.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: samcli.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: msacm32.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: version.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: userenv.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: dwmapi.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: urlmon.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: sspicli.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: winmmbase.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: winmmbase.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: iertutil.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: srvcli.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: netutils.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: msimg32.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: oledlg.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: d3d9.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: wininet.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: windows.storage.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: wldp.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: avrt.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: windowscodecs.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: profapi.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: textshaping.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: dataexchange.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: d3d11.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: dcomp.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: dxgi.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: twinapi.appcore.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: winhttp.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: mswsock.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: iphlpapi.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: winnsi.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: textinputframework.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: coreuicomponents.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: coremessaging.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: ntmarta.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: wintypes.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: wintypes.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: wintypes.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: wtsapi32.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: winsta.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: explorerframe.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: dnsapi.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: rasadhlp.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: fwpuclnt.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: schannel.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: mskeyprotect.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: ntasn1.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: msasn1.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: dpapi.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: cryptsp.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: rsaenh.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: gpapi.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: ncrypt.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: ncryptsslp.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: windows.shell.servicehostbuilder.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: onecoreuapcommonproxystub.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: ieframe.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: netapi32.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: wkscli.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: windows.staterepositoryps.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: edputil.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: secur32.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: mlang.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: policymanager.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeSection loaded: onecorecommonproxystub.dll
Source: C:\Users\user\Downloads\ImgBurn_822881.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InProcServer32
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion RegisteredOwner
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpWindow found: window name: TSelectLanguageForm
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile opened: C:\Windows\SysWOW64\MSFTEDIT.DLL
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-G1JA9.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-E1CCJ.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-HRP5E.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-H1HG0.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\is-VGCFT.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-E5DT3.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-JOOLQ.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\LAVFilters\is-LRKKH.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-I8O7B.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\is-I5VSF.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\is-Q271V.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-GB9QV.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-GGN6G.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-4J1PM.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-S9DSV.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Users\user\AppData\Local\Temp\is-CSEKA.tmp\_isetup\_setup64.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\LAVFilters\is-NI1KP.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-JLURM.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-SG7J4.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-KAM7D.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\LAVFilters\is-MNOND.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\LAVFilters\is-8I2S7.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\CrashReporter\is-VLCLE.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-5G7SG.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-VJ7MT.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\CrashReporter\is-0SBI0.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\is-EHUPO.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\LAVFilters\is-A4ORV.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-9U2V9.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\LAVFilters\is-8S77H.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-GBT2L.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-O5PQ3.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-HM83S.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-A27KQ.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\CrashReporter\is-COO4M.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-F602M.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\LAVFilters\is-FA2AP.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-PF32S.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-E6IKC.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exeFile created: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\LAVFilters\is-M8EL4.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-2SST0.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-276B0.tmpJump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\Downloads\Unconfirmed 271687.crdownloadJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-F3958.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-MR3Q5.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-RT0HS.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-JNJ28.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-9F7JP.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-6EMAN.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-S4643.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-49CFF.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-0VBGR.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-KGDJ9.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\is-E50CV.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-4IFSU.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-N3ECJ.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-B3Q3D.tmpJump to dropped file
Source: C:\Users\user\Downloads\ImgBurn_822881.exeFile created: C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exeJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-4LSBI.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-CIPNU.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-A3VA9.tmpJump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\Downloads\f49b3257-f62a-478f-b4f0-8489b6810a44.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\LAVFilters\is-Q09AS.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-SMKID.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\LAVFilters\is-NU37N.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\LAVFilters\is-DCB43.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\Lang\is-V0FJK.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\Program Files (x86)\MPC-HC\is-5RD0J.tmpJump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC\MPC-HC.lnk
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpFile created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC\Uninstall MPC-HC.lnk
Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-G1JA9.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-E1CCJ.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-HRP5E.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-H1HG0.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\is-VGCFT.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-E5DT3.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\LAVFilters\is-LRKKH.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-JOOLQ.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-I8O7B.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\is-I5VSF.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\is-Q271V.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-GB9QV.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-GGN6G.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-4J1PM.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-S9DSV.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\is-CSEKA.tmp\_isetup\_setup64.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\LAVFilters\is-NI1KP.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-JLURM.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-SG7J4.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-KAM7D.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\LAVFilters\is-8I2S7.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\LAVFilters\is-MNOND.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\CrashReporter\is-VLCLE.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-5G7SG.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-VJ7MT.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\LAVFilters\is-A4ORV.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\is-EHUPO.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\CrashReporter\is-0SBI0.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-9U2V9.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-GBT2L.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\LAVFilters\is-8S77H.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-HM83S.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-O5PQ3.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-A27KQ.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-F602M.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\CrashReporter\is-COO4M.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-E6IKC.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\LAVFilters\is-FA2AP.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-PF32S.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\LAVFilters\is-M8EL4.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-276B0.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-2SST0.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-F3958.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-MR3Q5.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-RT0HS.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-JNJ28.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-6EMAN.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-9F7JP.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-S4643.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-49CFF.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-0VBGR.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-KGDJ9.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\is-E50CV.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-4IFSU.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-N3ECJ.tmpJump to dropped file
Source: C:\Users\user\Downloads\ImgBurn_822881.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exeJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-B3Q3D.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-4LSBI.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-CIPNU.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-A3VA9.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\LAVFilters\is-Q09AS.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-SMKID.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\LAVFilters\is-NU37N.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\LAVFilters\is-DCB43.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpDropped PE file which has not been started: C:\Program Files (x86)\MPC-HC\Lang\is-V0FJK.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\08070809
Source: C:\Users\user\AppData\Local\Temp\is-0GQ2H.tmp\MPC-HC.1.9.19.x86.tmpKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\04070809
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\08070809
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\04070809
Source: C:\Users\user\Downloads\ImgBurn_822881.exeProcess information queried: ProcessInformation
Source: C:\Program Files (x86)\MPC-HC\mpc-hc.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://github.com/clsid2/mpc-hc/releases
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpQueries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpQueries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmpQueries volume information: C:\ VolumeInformation

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire Infrastructure1
Replication Through Removable Media		Windows Management Instrumentation1
Registry Run Keys / Startup Folder		11
Process Injection		2
Masquerading		OS Credential Dumping1
Security Software Discovery		Remote ServicesData from Local System2
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job1
DLL Side-Loading		1
Registry Run Keys / Startup Folder		11
Process Injection		LSASS Memory1
Process Discovery		Remote Desktop ProtocolData from Removable Media1
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
DLL Side-Loading		1
Rundll32		Security Account Manager11
Peripheral Device Discovery		SMB/Windows Admin SharesData from Network Shared Drive2
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
DLL Side-Loading		NTDS2
System Owner/User Discovery		Distributed Component Object ModelInput CaptureProtocol ImpersonationTraffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon ScriptSoftware PackingLSA Secrets1
File and Directory Discovery		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC ScriptsSteganographyCached Domain Credentials21
System Information Discovery		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://s3.us-east-2.amazonaws.com/revealedgceconomies/vdiq197yvi/ImgBurn_822881.exe?0%VirustotalBrowse

Dropped Files

SourceDetectionScannerLabelLink
C:\Users\user\Downloads\ImgBurn_822881.exe (copy)38%ReversingLabsWin32.Adware.Snackarcin
C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exe0%ReversingLabs
C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp4%ReversingLabs
C:\Users\user\AppData\Local\Temp\is-CSEKA.tmp\_isetup\_setup64.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\CrashReporter\crashrpt.dll (copy)0%ReversingLabs
C:\Program Files (x86)\MPC-HC\CrashReporter\dbghelp.dll (copy)0%ReversingLabs
C:\Program Files (x86)\MPC-HC\CrashReporter\is-VLCLE.tmp2%ReversingLabs
C:\Program Files (x86)\MPC-HC\LAVFilters\IntelQuickSyncDecoder.dll (copy)0%ReversingLabs
C:\Program Files (x86)\MPC-HC\LAVFilters\LAVAudio.ax (copy)0%ReversingLabs
C:\Program Files (x86)\MPC-HC\LAVFilters\LAVSplitter.ax (copy)0%ReversingLabs
C:\Program Files (x86)\MPC-HC\LAVFilters\LAVVideo.ax (copy)0%ReversingLabs
C:\Program Files (x86)\MPC-HC\LAVFilters\avcodec-lav-59.dll (copy)0%ReversingLabs
C:\Program Files (x86)\MPC-HC\LAVFilters\avfilter-lav-8.dll (copy)0%ReversingLabs
C:\Program Files (x86)\MPC-HC\LAVFilters\avformat-lav-59.dll (copy)4%ReversingLabs
C:\Program Files (x86)\MPC-HC\LAVFilters\avutil-lav-57.dll (copy)0%ReversingLabs
C:\Program Files (x86)\MPC-HC\LAVFilters\is-FA2AP.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\LAVFilters\is-MNOND.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\LAVFilters\is-Q09AS.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-0VBGR.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-276B0.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-2SST0.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-49CFF.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-4IFSU.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-4J1PM.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-4LSBI.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-5G7SG.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-6EMAN.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-9F7JP.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-9U2V9.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-A27KQ.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-A3VA9.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-B3Q3D.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-CIPNU.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-E1CCJ.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-E5DT3.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-E6IKC.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-F3958.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-F602M.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-G1JA9.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-GB9QV.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-GBT2L.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-GGN6G.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-H1HG0.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-HM83S.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-HRP5E.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-I8O7B.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-JLURM.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-JNJ28.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-JOOLQ.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-KAM7D.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-KGDJ9.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-MR3Q5.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-N3ECJ.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-O5PQ3.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-PF32S.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-RT0HS.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-S4643.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-S9DSV.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-SG7J4.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-SMKID.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-V0FJK.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\Lang\is-VJ7MT.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\d3dcompiler_47.dll (copy)0%ReversingLabs
C:\Program Files (x86)\MPC-HC\d3dx9_43.dll (copy)3%ReversingLabs
C:\Program Files (x86)\MPC-HC\is-5RD0J.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\is-EHUPO.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\is-I5VSF.tmp0%ReversingLabs
C:\Program Files (x86)\MPC-HC\is-Q271V.tmp2%ReversingLabs

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
s3.us-east-2.amazonaws.com0%VirustotalBrowse
www.google.com0%VirustotalBrowse

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
s3.us-east-2.amazonaws.com
3.5.132.70
truefalseunknown
contentworldinc.com
104.26.5.9
truefalse
    		unknown
    github.com
    		140.82.121.3
    		truefalse
      		unknown
      raw.githubusercontent.com
      		185.199.108.133
      		truefalse
        		unknown
        www.google.com
        		142.250.185.164
        		truefalseunknown

        World Map of Contacted IPs

        • No. of IPs < 25%
        • 25% < No. of IPs < 50%
        • 50% < No. of IPs < 75%
        • 75% < No. of IPs

        Public IPs

        IPDomainCountryFlagASNASN NameMalicious
        142.250.185.99
        		unknownUnited States
        		15169GOOGLEUSfalse
        1.1.1.1
        		unknownAustralia
        		13335CLOUDFLARENETUSfalse
        108.177.15.84
        		unknownUnited States
        		15169GOOGLEUSfalse
        3.5.132.70
        		s3.us-east-2.amazonaws.comUnited States
        		16509AMAZON-02USfalse
        140.82.121.3
        		github.comUnited States
        		36459GITHUBUSfalse
        104.26.5.9
        		contentworldinc.comUnited States
        		13335CLOUDFLARENETUSfalse
        239.255.255.250
        		unknownReserved
        		unknownunknownfalse
        142.250.185.164
        		www.google.comUnited States
        		15169GOOGLEUSfalse
        185.199.108.133
        		raw.githubusercontent.comNetherlands
        		54113FASTLYUSfalse
        142.250.186.142
        		unknownUnited States
        		15169GOOGLEUSfalse
        142.250.186.110
        		unknownUnited States
        		15169GOOGLEUSfalse
        216.58.212.163
        		unknownUnited States
        		15169GOOGLEUSfalse

        Private

        IP
        192.168.2.16
        127.0.0.1

        General Information

        Joe Sandbox version:41.0.0 Charoite
        Analysis ID:1538471
        Start date and time:2024-10-21 11:24:03 +02:00
        Joe Sandbox product:CloudBasic
        Overall analysis duration:
        Hypervisor based Inspection enabled:false
        Report type:full
        Cookbook file name:defaultwindowsinteractivecookbook.jbs
        Sample URL:https://s3.us-east-2.amazonaws.com/revealedgceconomies/vdiq197yvi/ImgBurn_822881.exe?
        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
        Number of analysed new started processes analysed:26
        Number of new started drivers analysed:0
        Number of existing processes analysed:0
        Number of existing drivers analysed:0
        Number of injected processes analysed:1
        Technologies:
        • EGA enabled
        Analysis Mode:stream
        Analysis stop reason:Timeout
        Detection:MAL
        Classification:mal48.win@37/131@11/116

        Warnings

        • Exclude process from analysis (whitelisted): svchost.exe
        • Excluded IPs from analysis (whitelisted): 216.58.212.163, 142.250.186.110, 108.177.15.84, 34.104.35.123
        • Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, clientservices.googleapis.com, clients.l.google.com
        • Not all processes where analyzed, report is missing behavior information
        • Report size getting too big, too many NtAllocateVirtualMemory calls found.
        • Report size getting too big, too many NtCreateKey calls found.
        • Report size getting too big, too many NtEnumerateKey calls found.
        • Report size getting too big, too many NtOpenKeyEx calls found.
        • Report size getting too big, too many NtProtectVirtualMemory calls found.
        • Report size getting too big, too many NtQueryValueKey calls found.
        • VT rate limit hit for: C:\Users\user\Downloads\ImgBurn_822881.exe (copy)

        Created / dropped Files

        C:\Program Files (x86)\MPC-HC\Authors.txt (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:Unicode text, UTF-8 text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:A06D04466F4C4337402B04D8DD04166E
        SHA1:EB4D7B76778158614011641AC5E24DB1C0E50414
        SHA-256:6AE163B528231FE0AA35A03A6800F3228ACF75EC5CAD8C52183C3E2419079353
        SHA-512:8BC0E3B3D17CA080621E26B6D519797E3A16AB5E3B8B5520E63C870E897BCCED970376B4B84487E29147F94FBFCBA16FBB6C8E3D613202EBDB0ADD62FFCCC2B7
        Malicious:false
        Reputation:unknown
        Preview:Active..-----------------------..clsid2 https://github.com/clsid2/mpc-hc Code, Project manager..adipose https://github.com/adipose/mpc-hc Code, Transifex..nevcairiel https://github.com/Nevcairiel/LAVFilters LAVFilters author......Inactive..--------.._xxl <drevil_xxl@users.sourceforge.net> FFmpeg..Alexander Wild <alexwild@users.sourceforge.net> Code, German..alexmarsev <alexmarsev@users.sourceforge.net> Code..Armada <armada651@users.sourceforge.net> Code..Arto Jarvinen <ar-jar@users.sourceforge.net> Code..Attila T. Afra <attila.afra@gmail.com> Code..Beliyaal <beliyaal@users.sourceforge.net> Code..bobdynlan <bobdynlan@users.sourceforge.net> Code..Casimir666 <casimir666@users.sourceforge.net> Project founder, Code, French..demi_alucard

        C:\Program Files (x86)\MPC-HC\COPYING.txt (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:D32239BCB673463AB874E80D47FAE504
        SHA1:8624BCDAE55BAEEF00CD11D5DFCFA60F68710A02
        SHA-256:8CEB4B9EE5ADEDDE47B31E975C1D90C73AD27B6B165A1DCD80C7C545EB65B903
        SHA-512:7633623B66B5E686BB94DD96A7CDB5A7E5EE00E87004FAB416A5610D59C62BADAF512A2E26E34E2455B7ED6B76690D2CD47464836D7D85D78B51D50F7E933D5C
        Malicious:false
        Reputation:unknown
        Preview: GNU GENERAL PUBLIC LICENSE. Version 3, 29 June 2007.. Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>. Everyone is permitted to copy and distribute verbatim copies. of this license document, but changing it is not allowed... Preamble.. The GNU General Public License is a free, copyleft license for.software and other kinds of works... The licenses for most software and other practical works are designed.to take away your freedom to share and change the works. By contrast,.the GNU General Public License is intended to guarantee your freedom to.share and change all versions of a program--to make sure it remains free.software for all its users. We, the Free Software Foundation, use the.GNU General Public License for most of our software; it applies also to.any other work released this way by its authors. You can apply it to.your programs, too... When we speak of free software, we are referring to

        C:\Program Files (x86)\MPC-HC\CrashReporter\CrashReporter_LICENSE.txt (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:08B3FABEC0B0CE2ABAE4AEFD9F0163E9
        SHA1:6CF34EF130539FDA0D54F2336570A65A7BDF0F06
        SHA-256:9C1755960FE19FDD10E96225F9BBF11771228C0E760EEDA74C80F05C66F895C7
        SHA-512:02CE0BBA6FB2F2DF0D0036FF7153F39020A45E37F9FC36255332427335508FAEDEF65BB9765E25811451912414DDED1113EBBCD35E1057D84FB599B89ED7BF46
        Malicious:false
        Reputation:unknown
        Preview:Copyright (c) 2014, Idol Software, Inc...All rights reserved.....Redistribution and use in source and binary forms without modification, are permitted provided that the following conditions are met:....1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.....2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer.. in the documentation and/or other materials provided with the distribution.....THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT..LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT..HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT..LIMITED TO, PROCUREMENT OF SUBSTITUTE GOOD

        C:\Program Files (x86)\MPC-HC\CrashReporter\crashrpt.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:1ADED05B7B42134AE37362E2C4BFCF8E
        SHA1:D07A4A8DD01CF32B3E739AD94299267D945895A9
        SHA-256:3995C0B9B91EAAE75FFDE05DE06D9FBB0983CB49E9B0198D5497B434A2D0245F
        SHA-512:A12EB32567DDD4F594EA266F61AB226B7E831A7E012198D6F8AC243666E277CA55777C893477A7D09CC7B33C7F386A472E397884E497B0E8BA99C4F60DEB179D
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........xd.............`.......`...V...`........}.......}.......}.......a..............3}......3}......3}..............3}......Rich....................PE..L...1.qZ...........!.....z...........g.......................................p............@.........................p...H.......P....@.......................P..\...P...p...................`...........@............................................text....x.......z.................. ..`.rdata..J............~..............@..@.data........ ......................@....rsrc........@......................@..@.reloc..\....P......................@..B........................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\CrashReporter\dbghelp.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:4003E34416EBD25E4C115D49DC15E1A7
        SHA1:FAF95EC65CDE5BD833CE610BB8523363310EC4AD
        SHA-256:C06430B8CB025BE506BE50A756488E1BCC3827C4F45158D93E4E3EEB98CE1E4F
        SHA-512:88F5D417377CD62BDE417640A79B6AC493E80F0C8B1F63A99378A2A67695EF8E4A541CEDB91ACFA296ED608E821FEE466983806F0D082ED2E74B0CD93EB4FB84
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........v...%...%...%m.Q%...%m.P%...%..d%...%...%5..%..f%...%..a%...%..Q%...%..P%...%...%...%..`%...%..g%...%Rich...%........PE..L....4gK...........!.....(...................@............................................@.........................P!..c.......<....................h....... ..........................................@.......................`....................text....'.......(.................. ..`.data........@...H...,..............@....rsrc................t..............@..@.reloc..n.... .......x..............@..B........................................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\CrashReporter\is-0SBI0.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):140800
        Entropy (8bit):6.527139628223048
        Encrypted:false
        SSDEEP:
        MD5:1ADED05B7B42134AE37362E2C4BFCF8E
        SHA1:D07A4A8DD01CF32B3E739AD94299267D945895A9
        SHA-256:3995C0B9B91EAAE75FFDE05DE06D9FBB0983CB49E9B0198D5497B434A2D0245F
        SHA-512:A12EB32567DDD4F594EA266F61AB226B7E831A7E012198D6F8AC243666E277CA55777C893477A7D09CC7B33C7F386A472E397884E497B0E8BA99C4F60DEB179D
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........xd.............`.......`...V...`........}.......}.......}.......a..............3}......3}......3}..............3}......Rich....................PE..L...1.qZ...........!.....z...........g.......................................p............@.........................p...H.......P....@.......................P..\...P...p...................`...........@............................................text....x.......z.................. ..`.rdata..J............~..............@..@.data........ ......................@....rsrc........@......................@..@.reloc..\....P......................@..B........................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\CrashReporter\is-COO4M.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):1213200
        Entropy (8bit):6.38472698519676
        Encrypted:false
        SSDEEP:
        MD5:4003E34416EBD25E4C115D49DC15E1A7
        SHA1:FAF95EC65CDE5BD833CE610BB8523363310EC4AD
        SHA-256:C06430B8CB025BE506BE50A756488E1BCC3827C4F45158D93E4E3EEB98CE1E4F
        SHA-512:88F5D417377CD62BDE417640A79B6AC493E80F0C8B1F63A99378A2A67695EF8E4A541CEDB91ACFA296ED608E821FEE466983806F0D082ED2E74B0CD93EB4FB84
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........v...%...%...%m.Q%...%m.P%...%..d%...%...%5..%..f%...%..a%...%..Q%...%..P%...%...%...%..`%...%..g%...%Rich...%........PE..L....4gK...........!.....(...................@............................................@.........................P!..c.......<....................h....... ..........................................@.......................`....................text....'.......(.................. ..`.data........@...H...,..............@....rsrc................t..............@..@.reloc..n.... .......x..............@..B........................................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\CrashReporter\is-G979D.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1308
        Entropy (8bit):5.1417237607003115
        Encrypted:false
        SSDEEP:
        MD5:08B3FABEC0B0CE2ABAE4AEFD9F0163E9
        SHA1:6CF34EF130539FDA0D54F2336570A65A7BDF0F06
        SHA-256:9C1755960FE19FDD10E96225F9BBF11771228C0E760EEDA74C80F05C66F895C7
        SHA-512:02CE0BBA6FB2F2DF0D0036FF7153F39020A45E37F9FC36255332427335508FAEDEF65BB9765E25811451912414DDED1113EBBCD35E1057D84FB599B89ED7BF46
        Malicious:false
        Reputation:unknown
        Preview:Copyright (c) 2014, Idol Software, Inc...All rights reserved.....Redistribution and use in source and binary forms without modification, are permitted provided that the following conditions are met:....1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.....2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer.. in the documentation and/or other materials provided with the distribution.....THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT..LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT..HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT..LIMITED TO, PROCUREMENT OF SUBSTITUTE GOOD

        C:\Program Files (x86)\MPC-HC\CrashReporter\is-VLCLE.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):687616
        Entropy (8bit):6.648173623031608
        Encrypted:false
        SSDEEP:
        MD5:120805D2D3BE17362CBD0E219EF9D7DB
        SHA1:7B00500A007EEA2B7C64AE21E49C1F5BA3AD2435
        SHA-256:3C9740FB8F57172F0127702A3EAB1A433AD32782425C58C51CDDC30AC2EC9E73
        SHA-512:2E0747FBE62997C8873D77BD95C310CB03D522BE33ECAA4F599E1D916D554351462DC265E575846D27A6475684741B482E175D46C384D79C4DC3D92BDBABA1E9
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......HMbk.,.8.,.8.,.8...8.,.8...8.,.8...8.,.8.H.9.,.8.H.9J,.8.H.9*,.8.T.8.,.8.T.8.,.8.,.8<-.8.H.9,,.8.H.8.,.8.,.8.,.8.H.9.,.8Rich.,.8........................PE..L...:.qZ.................f...$...................@.......................................@..................................|...........@...................P..Dm......p...........................@...@............................................text....d.......f.................. ..`.rdata...............j..............@..@.data....^.......P...~..............@....rsrc....@.......B..................@..@.reloc..Dm...P...n..................@..B................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\CrashReporter\sendrpt.exe (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:120805D2D3BE17362CBD0E219EF9D7DB
        SHA1:7B00500A007EEA2B7C64AE21E49C1F5BA3AD2435
        SHA-256:3C9740FB8F57172F0127702A3EAB1A433AD32782425C58C51CDDC30AC2EC9E73
        SHA-512:2E0747FBE62997C8873D77BD95C310CB03D522BE33ECAA4F599E1D916D554351462DC265E575846D27A6475684741B482E175D46C384D79C4DC3D92BDBABA1E9
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......HMbk.,.8.,.8.,.8...8.,.8...8.,.8...8.,.8.H.9.,.8.H.9J,.8.H.9*,.8.T.8.,.8.T.8.,.8.,.8<-.8.H.9,,.8.H.8.,.8.,.8.,.8.H.9.,.8Rich.,.8........................PE..L...:.qZ.................f...$...................@.......................................@..................................|...........@...................P..Dm......p...........................@...@............................................text....d.......f.................. ..`.rdata...............j..............@..@.data....^.......P...~..............@....rsrc....@.......B..................@..@.reloc..Dm...P...n..................@..B................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\LAVFilters\IntelQuickSyncDecoder.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:1E3C2D9E13EC1E38D80C4B3F70BBCFB0
        SHA1:7E2619BE7189F9E9A20A0D5177BA02E3C919066C
        SHA-256:C26FF6F2122EB05CE98CEE6D5EEA060D9A95FD097724AB6B6C9BE290CCE1A337
        SHA-512:AFB477DB5E487D79CFFDECD0ED2A6052327CFCFA5C8FF8C91013DD260C4A1A11994E75F4A963A088884B3B350229DD4AB41B4A3BCFAF2FF2B70152DE0CCD2A1D
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................................................................PE..L......a...........!.....x..................................................P............@.........................@.......@....................................;...F..T............................G..@...............T............................text...zw.......x.................. ..`.rdata...$.......&...|..............@..@.data...81.......&..................@....rsrc...............................@..@.reloc...;.......<..................@..B........................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\LAVFilters\LAVAudio.ax (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:E3B835B5C4201607AC159CFF41F8E37D
        SHA1:36C2971418E4697C83C11B7E1A66C404D43543E4
        SHA-256:21C2FEBEF5EBAAAC455FDEF311724BA96D95EE9E5C8FBCDC137B5D007A84C291
        SHA-512:2D0A437C87FBC99C213731F273FB1FFDC7F29FA490E28AAFF77DB9B39ACB1B739C06D7E22673EDE1FE2E363A993B2162FD1EACD4F707A0E4929AA39B29FBB9B6
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................................................................PE..L......a...........!.........Z......F........................................ .......X....@..........................t......`u...........4......................(*...K..p...........................(L..@............................................text............................... ..`.rdata..v...........................@..@.data... ............p..............@....rsrc....4.......6..................@..@.reloc..(*.......,..................@..B........................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\LAVFilters\LAVFilters.Dependencies.manifest (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:XML 1.0 document, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:C74F5C6EA4F00E03526D94A097C37802
        SHA1:0706B46C2586C834A12F28538CC50A3B2768DD08
        SHA-256:02ED6041FFC345B910F88B9886E36E330D286D891C0E5CBE3C05303D56681299
        SHA-512:68C389836A2997D3E107CE48A00FEC24F148CFD10442ADF8D65DB8C0F16D9196F63065EC926E534A840E52F9F272CDF94439BCB97BA86B7497330DD7106709B2
        Malicious:false
        Reputation:unknown
        Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">.. <assemblyIdentity type='win32' name='LAVFilters.Dependencies' version='1.0.0.0' />.. <file name="avutil-lav-57.dll" />.. <file name="swresample-lav-4.dll" />.. <file name="avcodec-lav-59.dll" />.. <file name="avformat-lav-59.dll" />.. <file name="swscale-lav-6.dll" />.. <file name="avfilter-lav-8.dll" />.. <file name="libbluray.dll" />..</assembly>..

        C:\Program Files (x86)\MPC-HC\LAVFilters\LAVSplitter.ax (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:0E1B215B571CC923F2E2594483084DEC
        SHA1:48B2D19534C2A75282480F8D655AC5591D4E3148
        SHA-256:C98D4F2B9EBBE5A25FA70C9B066CE75B4F71F989B01556116CBEF95221B6FF6C
        SHA-512:870099BB0B89323B07FA4348F675F0D7E9DAC2C5D551BA3E7B2DFA948CD74FC5C104866FA786D56DA7E105B74AC51D37036673546A8C4C4B394BC49E9795976B
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................................................................................................................PE..L......a...........!.........................................................p............@..........................d.......d..........(&......................4U......p........................... ...@............................................text............................... ..`.rdata..............................@..@.data....W.......J...p..............@....rsrc...(&.......(..................@..@.reloc..4U.......V..................@..B................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\LAVFilters\LAVVideo.ax (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:8D86A6C2411E970E95974FCB2D99803A
        SHA1:B2B4DFFDCF1E481D0BE3B786BA9016CEEE5C2ACD
        SHA-256:5649DD94F162DF96FB2C5163734BC15A77EC52DD1D2E0111CE5B023CE4C88698
        SHA-512:4F843F365D9BE50CE13A39BE3378C0084FEA7320038D535111BC08642109DC5B51C7AC39AFE34C6A0A5356C7D8434AF5CAA8F821F4B9155313EBA3A84C1DD5FE
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...................................(...........!..L.!This program cannot be run in DOS mode....$...............................................................................................................................................................................PE..L......a...........!.....,.........."........@............................... ......=.....@.................................`........`...-......................p....X..p............................Y..@............@...............................text....*.......,.................. ..`.rdata.......@.......0..............@..@.data....V.......J..................@....rsrc....-...`.......4..............@..@.reloc..p............b..............@..B................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\LAVFilters\avcodec-lav-59.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:ED5E7CCD263B7771C677A44865A1252E
        SHA1:13744C2F542DE27388D3DC351C5C4CD9AED5F039
        SHA-256:F136B74450CFC8DA39D8CD8420FE936EE6964971F295DFC4FED50BD0B8DCC252
        SHA-512:2A2393844D8A8F846CE13639A848B13829182DAF9B46D7B5FC23D9D5A5463A6EC0CED9208289464A9F13131F61E8D97577F9D4710894DEC9F90ACDA5A14C8CE0
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......a..........&!...$..........R..........0...............................P.......9....@... .............................. ..L%...p..............................`@......................D.......................(%...............................text...............................`.P`.data...`....0......................@.`..rdata..@.(..P....(..2..............@.p@.bss......R..@........................p..edata..............."..............@.0@.idata..L%... ...&...:..............@.0..CRT....,....P.......`..............@.0..tls.........`.......b..............@.0..rsrc........p.......d..............@.0..reloc...............h..............@.0B.debug.......@..|...................@.../19.....#...........................@..B/31......E...p...F...>..............@..B/45.....k.v.......v.................@..B/57.....T.....T.....................@.0B/70...........[......x..

        C:\Program Files (x86)\MPC-HC\LAVFilters\avfilter-lav-8.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:1F6AC69E0FA6D3ECF9ADDC5AD3B42DAF
        SHA1:7406E13C90801F44618AE884A5A0EF67B96F5010
        SHA-256:82D3337D786AB3012C4578070EE606F36E5BBC757CDDCC0D6D3AE1B96B39CB51
        SHA-512:B6D8A4C75CBA1642BB2DD2A2EF9A3444292AF3651FEC4BD5CFE343C26B396D83E43AEFAF19BD7C58577805DB18AA354F28C71B01422404C1A4D0C8EA0D0F2F3D
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......a..........&!...$.l................................................................@... ......................... .... ..H....`.......................p..h...`.......................$........................"..T............................text...4k.......l..................`.P`.data...H............r..............@.0..rdata..@g.......h...t..............@.`@.bss....0.............................`..edata.. ...........................@.0@.idata..H.... ......................@.0..CRT....,....@......................@.0..tls.........P......................@.0..rsrc........`......................@.0..reloc..h....p......................@.0B.debug..........|...................@.../19.................................@..B/31......i...p...j..................@..B/45.....zR.......T...N..............@..B/57.....X6...@...8..................@.0B/70......B.......D......

        C:\Program Files (x86)\MPC-HC\LAVFilters\avformat-lav-59.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:CC99E1B634DE6CED0D103CA7AF81CD2D
        SHA1:365DA26EF22589319D8513F892C9D5F9FCA36D78
        SHA-256:1CB3D498684707B85C4A387DB7E3ACAC8D82711726F34F2DD04A5DF979A4FB8E
        SHA-512:ED04E23CB5C0A9493BFA49390D83A838CECC89953D649529D3B91D30FB9A1485A0281C62C4B6C4AA8179C0A97C8577C916E6052A773A5EE98483FBB050B644BC
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 4%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......a..........&!...$..:...L..*...........0:...............................M.......M...@... .......................J.......K. ?...`K......................pK.....`pM......................EJ.......................K.(............................text.....:.......:.................`.p`.data........0:.. ....:.............@.`..rdata...^...P:..^...::.............@.`@.bss....X(....J.......................`..edata........J.......J.............@.0@.idata.. ?....K..@....J.............@.0..CRT....,....@K.......J.............@.0..tls.........PK.......J.............@.0..rsrc........`K.......J.............@.0..reloc.......pK.......J.............@.0B.debug.......pM.|.....L.............@.../19...........M......"M.............@..B/31.....H.....1.......1.............@..B/45......d...@7..f....6.............@..B/57.....$.....J.......J.............@.0B/70.....JY....L..Z....L.

        C:\Program Files (x86)\MPC-HC\LAVFilters\avutil-lav-57.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:B88672982FDD9C208EDD9805EBCAF516
        SHA1:C26741254E5ABB4BF68F6ED0CFA1067BB4E42673
        SHA-256:DBE34BB341AA0113FE35E65B448626D1487D309202BE31698E2BABC3DD326979
        SHA-512:3C028A69D8F4803B9BEBCB386FE6CFCBD24134E437C9867434914CD3E2F6C9657EADEFB389D21518DA73FF3CCDBAF13F032CD9E9D0C8A9F175B48E059A7FA0E0
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......a..........&!...$.f...N.......................................................-....@... ..........................<...@.......p...........................4..`.......................D.......................lB...............................text...4e.......f..................`.P`.data................l..............@.`..rdata...Y.......Z...p..............@.`@.bss....T.............................`..edata...<.......>..................@.0@.idata.......@......................@.0..CRT....,....P......................@.0..tls.........`......................@.0..rsrc........p......................@.0..reloc...4.......6..................@.0B.debug..........|....T..............@.../19..................b..............@..B/31.....z....`&.....................@..B/45..........`'.....................@..B/57.........p,.....................@.0B/70......R... -..T......

        C:\Program Files (x86)\MPC-HC\LAVFilters\is-8I2S7.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):201852
        Entropy (8bit):6.410560363959846
        Encrypted:false
        SSDEEP:
        MD5:1F6AC69E0FA6D3ECF9ADDC5AD3B42DAF
        SHA1:7406E13C90801F44618AE884A5A0EF67B96F5010
        SHA-256:82D3337D786AB3012C4578070EE606F36E5BBC757CDDCC0D6D3AE1B96B39CB51
        SHA-512:B6D8A4C75CBA1642BB2DD2A2EF9A3444292AF3651FEC4BD5CFE343C26B396D83E43AEFAF19BD7C58577805DB18AA354F28C71B01422404C1A4D0C8EA0D0F2F3D
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......a..........&!...$.l................................................................@... ......................... .... ..H....`.......................p..h...`.......................$........................"..T............................text...4k.......l..................`.P`.data...H............r..............@.0..rdata..@g.......h...t..............@.`@.bss....0.............................`..edata.. ...........................@.0@.idata..H.... ......................@.0..CRT....,....@......................@.0..tls.........P......................@.0..rsrc........`......................@.0..reloc..h....p......................@.0B.debug..........|...................@.../19.................................@..B/31......i...p...j..................@..B/45.....zR.......T...N..............@..B/57.....X6...@...8..................@.0B/70......B.......D......

        C:\Program Files (x86)\MPC-HC\LAVFilters\is-8S77H.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):255488
        Entropy (8bit):6.467265073283629
        Encrypted:false
        SSDEEP:
        MD5:E3B835B5C4201607AC159CFF41F8E37D
        SHA1:36C2971418E4697C83C11B7E1A66C404D43543E4
        SHA-256:21C2FEBEF5EBAAAC455FDEF311724BA96D95EE9E5C8FBCDC137B5D007A84C291
        SHA-512:2D0A437C87FBC99C213731F273FB1FFDC7F29FA490E28AAFF77DB9B39ACB1B739C06D7E22673EDE1FE2E363A993B2162FD1EACD4F707A0E4929AA39B29FBB9B6
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................................................................PE..L......a...........!.........Z......F........................................ .......X....@..........................t......`u...........4......................(*...K..p...........................(L..@............................................text............................... ..`.rdata..v...........................@..@.data... ............p..............@....rsrc....4.......6..................@..@.reloc..(*.......,..................@..B........................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\LAVFilters\is-A4ORV.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):13180028
        Entropy (8bit):6.672966736260132
        Encrypted:false
        SSDEEP:
        MD5:ED5E7CCD263B7771C677A44865A1252E
        SHA1:13744C2F542DE27388D3DC351C5C4CD9AED5F039
        SHA-256:F136B74450CFC8DA39D8CD8420FE936EE6964971F295DFC4FED50BD0B8DCC252
        SHA-512:2A2393844D8A8F846CE13639A848B13829182DAF9B46D7B5FC23D9D5A5463A6EC0CED9208289464A9F13131F61E8D97577F9D4710894DEC9F90ACDA5A14C8CE0
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......a..........&!...$..........R..........0...............................P.......9....@... .............................. ..L%...p..............................`@......................D.......................(%...............................text...............................`.P`.data...`....0......................@.`..rdata..@.(..P....(..2..............@.p@.bss......R..@........................p..edata..............."..............@.0@.idata..L%... ...&...:..............@.0..CRT....,....P.......`..............@.0..tls.........`.......b..............@.0..rsrc........p.......d..............@.0..reloc...............h..............@.0B.debug.......@..|...................@.../19.....#...........................@..B/31......E...p...F...>..............@..B/45.....k.v.......v.................@..B/57.....T.....T.....................@.0B/70...........[......x..

        C:\Program Files (x86)\MPC-HC\LAVFilters\is-DCB43.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):538624
        Entropy (8bit):6.554049349563921
        Encrypted:false
        SSDEEP:
        MD5:0E1B215B571CC923F2E2594483084DEC
        SHA1:48B2D19534C2A75282480F8D655AC5591D4E3148
        SHA-256:C98D4F2B9EBBE5A25FA70C9B066CE75B4F71F989B01556116CBEF95221B6FF6C
        SHA-512:870099BB0B89323B07FA4348F675F0D7E9DAC2C5D551BA3E7B2DFA948CD74FC5C104866FA786D56DA7E105B74AC51D37036673546A8C4C4B394BC49E9795976B
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................................................................................................................PE..L......a...........!.........................................................p............@..........................d.......d..........(&......................4U......p........................... ...@............................................text............................... ..`.rdata..............................@..@.data....W.......J...p..............@....rsrc...(&.......(..................@..@.reloc..4U.......V..................@..B................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\LAVFilters\is-FA2AP.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):123004
        Entropy (8bit):6.446652960268184
        Encrypted:false
        SSDEEP:
        MD5:B41C2EEC0DE69431EAC1351EDA217F16
        SHA1:1C343A62EC8759BEE43665CF597D75C73CBC52B1
        SHA-256:EA81DCF66BEB5929F8FCB5E0DF251E72AADFF31346C5E87575DF79E6FA4F8375
        SHA-512:6F2B9CA48511F74C4C7D8726E8B199729DCD0FDDD1286620D8155AB25BB30B8C91C092ED5A78D56F20D7BDAA45385E2ABD59580F42843F073BFDA94C9011FA3D
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......a..........&!...$.z...................................................`............@... .................................8....0.......................@......`P...............................................................................text....y.......z..................`.P`.data...P...........................@.P..rdata...?.......@..................@.`@.bss....t.............................0..edata..............................@.0@.idata..8...........................@.0..CRT....,...........................@.0..tls......... ......................@.0..rsrc........0......................@.0..reloc.......@......................@.0B.debug.......P..|...................@.../19..........`......................@..B/31......%.......&..................@..B/45.....w....@......................@..B/57.....<........ ...v..............@.0B/70.......... ..........

        C:\Program Files (x86)\MPC-HC\LAVFilters\is-KOOLH.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:XML 1.0 document, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):493
        Entropy (8bit):4.981564792676434
        Encrypted:false
        SSDEEP:
        MD5:C74F5C6EA4F00E03526D94A097C37802
        SHA1:0706B46C2586C834A12F28538CC50A3B2768DD08
        SHA-256:02ED6041FFC345B910F88B9886E36E330D286D891C0E5CBE3C05303D56681299
        SHA-512:68C389836A2997D3E107CE48A00FEC24F148CFD10442ADF8D65DB8C0F16D9196F63065EC926E534A840E52F9F272CDF94439BCB97BA86B7497330DD7106709B2
        Malicious:false
        Reputation:unknown
        Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">.. <assemblyIdentity type='win32' name='LAVFilters.Dependencies' version='1.0.0.0' />.. <file name="avutil-lav-57.dll" />.. <file name="swresample-lav-4.dll" />.. <file name="avcodec-lav-59.dll" />.. <file name="avformat-lav-59.dll" />.. <file name="swscale-lav-6.dll" />.. <file name="avfilter-lav-8.dll" />.. <file name="libbluray.dll" />..</assembly>..

        C:\Program Files (x86)\MPC-HC\LAVFilters\is-LRKKH.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):676988
        Entropy (8bit):6.528245576780367
        Encrypted:false
        SSDEEP:
        MD5:B88672982FDD9C208EDD9805EBCAF516
        SHA1:C26741254E5ABB4BF68F6ED0CFA1067BB4E42673
        SHA-256:DBE34BB341AA0113FE35E65B448626D1487D309202BE31698E2BABC3DD326979
        SHA-512:3C028A69D8F4803B9BEBCB386FE6CFCBD24134E437C9867434914CD3E2F6C9657EADEFB389D21518DA73FF3CCDBAF13F032CD9E9D0C8A9F175B48E059A7FA0E0
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......a..........&!...$.f...N.......................................................-....@... ..........................<...@.......p...........................4..`.......................D.......................lB...............................text...4e.......f..................`.P`.data................l..............@.`..rdata...Y.......Z...p..............@.`@.bss....T.............................`..edata...<.......>..................@.0@.idata.......@......................@.0..CRT....,....P......................@.0..tls.........`......................@.0..rsrc........p......................@.0..reloc...4.......6..................@.0B.debug..........|....T..............@.../19..................b..............@..B/31.....z....`&.....................@..B/45..........`'.....................@..B/57.........p,.....................@.0B/70......R... -..T......

        C:\Program Files (x86)\MPC-HC\LAVFilters\is-M8EL4.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):1041920
        Entropy (8bit):6.6371967291092675
        Encrypted:false
        SSDEEP:
        MD5:8D86A6C2411E970E95974FCB2D99803A
        SHA1:B2B4DFFDCF1E481D0BE3B786BA9016CEEE5C2ACD
        SHA-256:5649DD94F162DF96FB2C5163734BC15A77EC52DD1D2E0111CE5B023CE4C88698
        SHA-512:4F843F365D9BE50CE13A39BE3378C0084FEA7320038D535111BC08642109DC5B51C7AC39AFE34C6A0A5356C7D8434AF5CAA8F821F4B9155313EBA3A84C1DD5FE
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...................................(...........!..L.!This program cannot be run in DOS mode....$...............................................................................................................................................................................PE..L......a...........!.....,.........."........@............................... ......=.....@.................................`........`...-......................p....X..p............................Y..@............@...............................text....*.......,.................. ..`.rdata.......@.......0..............@..@.data....V.......J..................@....rsrc....-...`.......4..............@..@.reloc..p............b..............@..B................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\LAVFilters\is-MNOND.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):315392
        Entropy (8bit):6.679341930132071
        Encrypted:false
        SSDEEP:
        MD5:3B4C5B31E37ED4579283C471D1652AA1
        SHA1:5B2F1F03330F55B9117EFCB275A56C0806FE7BE0
        SHA-256:D36212F8775F1110584474ACCBA2C9A89567CDC3A171E2A44DAE6B201F63BC82
        SHA-512:ADED1E13BA4DDFE3858D44749DE6C02AF1CFA154C7D590B2A5FAE6E8D3689798A9930CBD84396EF96A9BB46A8BE074A4F9BCF36F309917993026197E96BDFBF1
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................................................................................................PE..L......a...........!.........D.......S..............................................n.....@.........................@...........<................................-..X...p..............................@...............P............................text............................... ..`.rdata..............................@..@.data...............................@....rsrc...............................@..@.reloc...-..........................@..B................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\LAVFilters\is-NI1KP.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):395776
        Entropy (8bit):6.570108161995195
        Encrypted:false
        SSDEEP:
        MD5:1E3C2D9E13EC1E38D80C4B3F70BBCFB0
        SHA1:7E2619BE7189F9E9A20A0D5177BA02E3C919066C
        SHA-256:C26FF6F2122EB05CE98CEE6D5EEA060D9A95FD097724AB6B6C9BE290CCE1A337
        SHA-512:AFB477DB5E487D79CFFDECD0ED2A6052327CFCFA5C8FF8C91013DD260C4A1A11994E75F4A963A088884B3B350229DD4AB41B4A3BCFAF2FF2B70152DE0CCD2A1D
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................................................................PE..L......a...........!.....x..................................................P............@.........................@.......@....................................;...F..T............................G..@...............T............................text...zw.......x.................. ..`.rdata...$.......&...|..............@..@.data...81.......&..................@....rsrc...............................@..@.reloc...;.......<..................@..B........................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\LAVFilters\is-NU37N.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):5041788
        Entropy (8bit):6.475117418270643
        Encrypted:false
        SSDEEP:
        MD5:CC99E1B634DE6CED0D103CA7AF81CD2D
        SHA1:365DA26EF22589319D8513F892C9D5F9FCA36D78
        SHA-256:1CB3D498684707B85C4A387DB7E3ACAC8D82711726F34F2DD04A5DF979A4FB8E
        SHA-512:ED04E23CB5C0A9493BFA49390D83A838CECC89953D649529D3B91D30FB9A1485A0281C62C4B6C4AA8179C0A97C8577C916E6052A773A5EE98483FBB050B644BC
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......a..........&!...$..:...L..*...........0:...............................M.......M...@... .......................J.......K. ?...`K......................pK.....`pM......................EJ.......................K.(............................text.....:.......:.................`.p`.data........0:.. ....:.............@.`..rdata...^...P:..^...::.............@.`@.bss....X(....J.......................`..edata........J.......J.............@.0@.idata.. ?....K..@....J.............@.0..CRT....,....@K.......J.............@.0..tls.........PK.......J.............@.0..rsrc........`K.......J.............@.0..reloc.......pK.......J.............@.0B.debug.......pM.|.....L.............@.../19...........M......"M.............@..B/31.....H.....1.......1.............@..B/45......d...@7..f....6.............@..B/57.....$.....J.......J.............@.0B/70.....JY....L..Z....L.

        C:\Program Files (x86)\MPC-HC\LAVFilters\is-Q09AS.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):579196
        Entropy (8bit):6.569262046956974
        Encrypted:false
        SSDEEP:
        MD5:440676407C4C752C9A8F3E25C9592164
        SHA1:2B4B306B5485B51D0ABD80DEC8C697A8030A40DB
        SHA-256:06A5E6C19933A5D0E700D4442BAF1BC7B2F18979A6537F70679EDBF6FF05D7AE
        SHA-512:4A3C7F865A780C4DC6AA02BF7309EE03A3E8311D3A3364D31E23C54299A564EA629DA96886097253EF9B48DD335652997B1DF7ED5B013FF08867D558C37B5877
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......a..........&!...$.@...................P......................................l.....@... ......................@.......P..,................................(..`.......................$.......................@Q...............................text...D?.......@..................`.P`.data...P....P.......F..............@.P..rdata..LN...`...P...H..............@.`@.bss....D.............................`..edata.......@......................@.0@.idata..,....P......................@.0..CRT....,....`......................@.0..tls.........p......................@.0..rsrc...............................@.0..reloc...(.......*..................@.0B.debug..........|...................@.../19......k.......l..................@..B/31......Q...@...R...F..............@..B/45......v.......x..................@..B/57.....H.... ......................@.0B/70......!......."......

        C:\Program Files (x86)\MPC-HC\LAVFilters\libbluray.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:3B4C5B31E37ED4579283C471D1652AA1
        SHA1:5B2F1F03330F55B9117EFCB275A56C0806FE7BE0
        SHA-256:D36212F8775F1110584474ACCBA2C9A89567CDC3A171E2A44DAE6B201F63BC82
        SHA-512:ADED1E13BA4DDFE3858D44749DE6C02AF1CFA154C7D590B2A5FAE6E8D3689798A9930CBD84396EF96A9BB46A8BE074A4F9BCF36F309917993026197E96BDFBF1
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................................................................................................PE..L......a...........!.........D.......S..............................................n.....@.........................@...........<................................-..X...p..............................@...............P............................text............................... ..`.rdata..............................@..@.data...............................@....rsrc...............................@..@.reloc...-..........................@..B................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\LAVFilters\swresample-lav-4.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:B41C2EEC0DE69431EAC1351EDA217F16
        SHA1:1C343A62EC8759BEE43665CF597D75C73CBC52B1
        SHA-256:EA81DCF66BEB5929F8FCB5E0DF251E72AADFF31346C5E87575DF79E6FA4F8375
        SHA-512:6F2B9CA48511F74C4C7D8726E8B199729DCD0FDDD1286620D8155AB25BB30B8C91C092ED5A78D56F20D7BDAA45385E2ABD59580F42843F073BFDA94C9011FA3D
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......a..........&!...$.z...................................................`............@... .................................8....0.......................@......`P...............................................................................text....y.......z..................`.P`.data...P...........................@.P..rdata...?.......@..................@.`@.bss....t.............................0..edata..............................@.0@.idata..8...........................@.0..CRT....,...........................@.0..tls......... ......................@.0..rsrc........0......................@.0..reloc.......@......................@.0B.debug.......P..|...................@.../19..........`......................@..B/31......%.......&..................@..B/45.....w....@......................@..B/57.....<........ ...v..............@.0B/70.......... ..........

        C:\Program Files (x86)\MPC-HC\LAVFilters\swscale-lav-6.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:440676407C4C752C9A8F3E25C9592164
        SHA1:2B4B306B5485B51D0ABD80DEC8C697A8030A40DB
        SHA-256:06A5E6C19933A5D0E700D4442BAF1BC7B2F18979A6537F70679EDBF6FF05D7AE
        SHA-512:4A3C7F865A780C4DC6AA02BF7309EE03A3E8311D3A3364D31E23C54299A564EA629DA96886097253EF9B48DD335652997B1DF7ED5B013FF08867D558C37B5877
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......a..........&!...$.@...................P......................................l.....@... ......................@.......P..,................................(..`.......................$.......................@Q...............................text...D?.......@..................`.P`.data...P....P.......F..............@.P..rdata..LN...`...P...H..............@.`@.bss....D.............................`..edata.......@......................@.0@.idata..,....P......................@.0..CRT....,....`......................@.0..tls.........p......................@.0..rsrc...............................@.0..reloc...(.......*..................@.0B.debug..........|...................@.../19......k.......l..................@..B/31......Q...@...R...F..............@..B/45......v.......x..................@..B/57.....H.... ......................@.0B/70......!......."......

        C:\Program Files (x86)\MPC-HC\Lang\is-0VBGR.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):190976
        Entropy (8bit):4.117469872512372
        Encrypted:false
        SSDEEP:
        MD5:DE6380C83C5F68E52B86CB9FD5B7FADF
        SHA1:AB3F11C70078662303E026AB8149F3E1CA32A826
        SHA-256:FB2F888425113733CF17F52F63DDECCEA879556C2AB904C40AD77DE0FEB928EA
        SHA-512:AD225CB1E96F191DFAD59D61C229968C236EEE201D1E7B17EE07791A906DC57E2E56DAC1AD7BE8BE6F3408AAF78CA922E17831F848CE1398619D6C17F7247688
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.................................................................!....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-276B0.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):178176
        Entropy (8bit):4.032115775884918
        Encrypted:false
        SSDEEP:
        MD5:C4D312B8D2D3F3192D585A7AA62A6CE3
        SHA1:5051D85A8F681205CE272B86A57493CC31E5BF6B
        SHA-256:8C82A6CE431070FF4E85985031A29C77B9233EFCEB114C5D17D9D6A8E05BB54A
        SHA-512:893CCC36B460A3A2A671CFD73100D82B7C811A013CD51EC067DE154136FADB290386C5BE64536F4E6B90E7934086676CF8B32C4A651A9AC148953A803851B114
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................................@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..0....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-2SST0.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):192000
        Entropy (8bit):4.7628653602458595
        Encrypted:false
        SSDEEP:
        MD5:3A2D3D85B179FF6E5600B0A87F873893
        SHA1:D76176D8575FB4B5E09EC703704614079FA33803
        SHA-256:A252CF221EBCDB317B1F2453616C73C658569CEDCCAF08D9057702C3851E5C66
        SHA-512:A845D4F837AF7B3306D195D8FFEE7E0F087F6F4580F5EF5B7E2097C763EA83F44A0E3AA5E3156DB5FEA79F9D1BB6C98BDAEB0A7EF227C1A433C094CB1C37FC19
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................;.....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-49CFF.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):186368
        Entropy (8bit):4.1470042031366114
        Encrypted:false
        SSDEEP:
        MD5:8B6D0C0FB828BB872C9F31EF8B018A83
        SHA1:CA0E3A30D869782B0D13D65E23AB3AB164B0C968
        SHA-256:8EB1B383BF6D5D4B9F41EF58BB659339182AF50317CBC085B8CD992EFACBCA88
        SHA-512:06BBEC79866936AB455BBF46511ACC3112ACB478D9D6CEB97D50A4F76243EB5A1F10C9814632F560822D56B40EDCDA59C5C88B4E799A573EE309B4C70319895D
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................................@.......................................... ..`............................................................................................................rdata..............................@..@.rsrc...`.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-4IFSU.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):171008
        Entropy (8bit):4.045547790651712
        Encrypted:false
        SSDEEP:
        MD5:0CBEA25D94B127EBC1FE73BD3598CFB4
        SHA1:B8EC9279544BC338A4885C385C6B30BDA993750F
        SHA-256:86578FAE7DF0845BD6A2A2135262C68F93EFA8F7A045F35014934704F30253E7
        SHA-512:AA95731DC2A733E2D2EE09EF180475784E96326A60373991414CDFAD646777303715791BA66A1B8B49F46B711C4FF69E34706D8F037ED8ED343728ECADCDA935
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................lR....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N...i...rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-4J1PM.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):194560
        Entropy (8bit):4.045799099414401
        Encrypted:false
        SSDEEP:
        MD5:8ED5E880FD85F786DEE96A93675A8E59
        SHA1:D762F09958DF699758432987569CCA504A2BB51E
        SHA-256:90F7BF314B434A5A1289A6C123C1C84745EE594665AFEEDCA3D7A4899220CB23
        SHA-512:3E396EEC5F90A46555CFFF7879932CC2421B187FF97DFCC566420611E2509762C1BDCA7ED1BCDDBA7CAB816CF9A5C42E19C58AC7E5D12829F1FDC66F15F86AE6
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................... ......E.....@.......................................... ..0............................................................................................................rdata..............................@..@.rsrc...0.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..P....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-4LSBI.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):186368
        Entropy (8bit):4.1011412839067845
        Encrypted:false
        SSDEEP:
        MD5:5086ADF93D4C3EA198225CDB8203CB9E
        SHA1:600B10DA38FE0E21E10EE7299E4F01E17D5B70A4
        SHA-256:DF354D3CDEB3D8C3B7BD38CA64BF5E3DD980981E8EA19B1A9677660C7A2C8238
        SHA-512:B2B581816515D32B5EA67C8F930CB194A878CB38BE9AEF57DE62FC4A1160A1BBEB71024BC55016CAEB638020B7D65899F58A75C3B83C923B246C931324A5B6EA
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.................................................................S....@.......................................... ..p............................................................................................................rdata..............................@..@.rsrc...p.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-5G7SG.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):180736
        Entropy (8bit):4.043737264924058
        Encrypted:false
        SSDEEP:
        MD5:77F10955AD32383F1930C882BA928B68
        SHA1:BE9D2F076BE8FB7A0E743A2704A7E2C6A7194153
        SHA-256:B8068AFD9D2AD363351093248B837EEBB91C33E0A77687D07DC382568842F532
        SHA-512:C00A57D742EBA3117968BF032681B3C256AEC8732E71A226D088EAA801959AECE27833C68B015AF07F202194B1FFE10BE79ECE0E9CB416A4E667D31D2F4A034D
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................t.....@.......................................... ..X............................................................................................................rdata..............................@..@.rsrc...X.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..x....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-6EMAN.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):181760
        Entropy (8bit):4.062248069098844
        Encrypted:false
        SSDEEP:
        MD5:FDDAC75C89D11A95C0A3C15530A3A7C2
        SHA1:64FC1E6C4070C5809D83E70D388D8A764E29049B
        SHA-256:CBA5254593ADE0999258AE58BA16455F8028FF5516FC5B25AE8BBE59BEEE3E2B
        SHA-512:172694E9E280EE9B0DA021CC0AC911505C3B9BF27E8D7912515ADF63D079DEAA90428B9576E12BEEC002FB0FEC7C17611FDAF5E9DD9C670AD4DD43F0CAA0684B
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.................................................................-....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..(....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-9F7JP.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):185344
        Entropy (8bit):4.646807333738151
        Encrypted:false
        SSDEEP:
        MD5:99AA69B9CD6A98707E65FFF9C2E9398C
        SHA1:B4B0F4C462212D361ECC3BF374EDC9F982C8FF60
        SHA-256:982A4455404C5D3E3947CB6209D960F5BCE57C52BFC0AFC73FD51741ADFBFBEC
        SHA-512:02A4B36046F8FB55F341B027C51A3176F0A9D3BCB9CA694FA3D132C3FB2746616063D89D455187D0B06E912545EE139F81E9238197816A056FBA947F5B865B8F
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.................................................................c....@.......................................... ..8............................................................................................................rdata..............................@..@.rsrc...8.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..X....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-9U2V9.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):189952
        Entropy (8bit):3.981809091111126
        Encrypted:false
        SSDEEP:
        MD5:72094B231E180BB40D2B4932ACF227D9
        SHA1:A83BA4DBE8B1BFBD6C2BBC220190FE8398B5E2FC
        SHA-256:0E4A35966E46490F3370366E7CD9FCB432FB607AA05B138577A8532D41EEEF1E
        SHA-512:E516BF195500FFE54F8B70CDDB276C3F096EA3AEF9512293C44D85202F20D5DC82EB1AD5F4562DFB79F3F4CB00D390FDCCBE386E6716264AF436242373963727
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................[.....@.......................................... ..H............................................................................................................rdata..............................@..@.rsrc...H.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..h....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-A27KQ.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):164352
        Entropy (8bit):4.675603254813225
        Encrypted:false
        SSDEEP:
        MD5:2EE2C0DF32A3F646AFC33D217BDEA32A
        SHA1:844F40F12EE9B31BF59A91935067DE18C0C054FC
        SHA-256:59E090E36648BFB09EB02D6F161FF5C920BB14FCFB820918D92D917CE008E972
        SHA-512:B1A1CC3E078E2E66E55EED3DB85CB847AFB762774FC69A39CDD9157CD1068DC3CDC7277E823E21460AE04196763F0FA3FEB827D62204761798A2175CAEE54B7C
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................................@.......................................... ...|...........................................................................................................rdata..............................@..@.rsrc....|... ...~..................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N...M...rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-A3VA9.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):178688
        Entropy (8bit):4.026905560457394
        Encrypted:false
        SSDEEP:
        MD5:CC16E8BE43881BD04242B30E98F523A9
        SHA1:DC5CF04809861B9A7323FF9E08EF7BC13070D97E
        SHA-256:CFD6C458955A29928F439CE9C3E3DC4E2BFC4FE3D2789C013C809B0088761648
        SHA-512:C5525831C30773A5FB2E32B91EEA9358D1F1C02B66D780C53560A06AECD54C4D5B6A2AE0AE62D27137F9046D2939943DF5817916189638B55BE5F0F3BF2C162E
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.................................................................<....@.......................................... ..............................................................................................................rdata..............................@..@.rsrc....... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-B3Q3D.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):179712
        Entropy (8bit):4.159523163576614
        Encrypted:false
        SSDEEP:
        MD5:FF23261D6E67F6AA29691E6D91A15038
        SHA1:B9FF5C6F6B9ACDCFC382AF7DB97C2A1F9DDA0433
        SHA-256:B56DE1692B2A2F3795209860A1F57897EFE1E703251166F3CFFC5AAA2D39DEC4
        SHA-512:AFEA2715868215C2F8192F58EEF82E8423830DF9FEDAD17BA9D47A1DBBE638B7A3E905F2EEDC14949D58EC75C4442168F722D6872CCF87C6FBE58957F45F60D5
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.................................................................c....@.......................................... ..............................................................................................................rdata..............................@..@.rsrc....... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-CIPNU.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):182272
        Entropy (8bit):4.066305048505067
        Encrypted:false
        SSDEEP:
        MD5:EA9A3673B9C198D4B10B260E483080AD
        SHA1:8E5963D7CCF16F713485CF8E7DCAC91BBDAFC504
        SHA-256:7B35403B02541D09967AD1FFFB22629D3B7E97F186E6D022CA2F10A65BD7D473
        SHA-512:291CB63EE9B04A4B48920B0A9B77EC71A38F7C7D33667DE1AF7D77CEFFD8792F211A778F275198E1799CEE41C101C0C439C68C7D3803B48FE169A9041703ABE0
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................................@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-E1CCJ.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):176640
        Entropy (8bit):4.398245450397112
        Encrypted:false
        SSDEEP:
        MD5:57188AFD124A4E10210590EE16774CF4
        SHA1:B58633C9BDBA432D5FB004AE4FAE0E15ABE1AEBD
        SHA-256:76D7BBB93E9DF7272DE6BE0BB7FABABADF03E7E3B19D604800F12674F5C122B3
        SHA-512:E42B62E92B0C642E056FE25301263C61A3B0FC5A840A14F4A8D38B395DC0ED01F2F5B565856B6FFF5EA7AF66D3A84B097F3C4F19F77E7A977641E4BD2D077C6B
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................................@.......................................... ..............................................................................................................rdata..............................@..@.rsrc....... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-E5DT3.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):176640
        Entropy (8bit):4.0623033297896445
        Encrypted:false
        SSDEEP:
        MD5:0E806EB66535D054428EF69DD5834874
        SHA1:8BE8B0D654B171F5F564DD59717705867AF2CE77
        SHA-256:BDB44EB30E5F6F17AB07A086B6FCE4B3E497A17F2B4ED30D9FE992CAE00E8E52
        SHA-512:A262A6F89DC4C1FB193CCFBED77B5A6545EE70A5217D0AA28F5075E614C196C30A668F004C9A290C1731665D2E2D069BF0C85E7590EA3BCBCF71A17F2E10F486
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.....................................................................@.......................................... ..............................................................................................................rdata..............................@..@.rsrc....... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N...~...rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-E6IKC.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):191488
        Entropy (8bit):4.006737768928531
        Encrypted:false
        SSDEEP:
        MD5:80269F10F5A3CC284AD1ECDA087BBA5D
        SHA1:8971ACE3C9F73940DF5FFAED309D22377A42798C
        SHA-256:239D89C53F0D8B34F4884E0C4C30BCFD0CFC948AC96CD214B4BFAFA099F616AC
        SHA-512:E2766363DD93B55480651E5D515DFDAB181C984B4AED0EB10717ECF421F3999F8A52BA758E208285CA74723933CE05A77D144CE058E1FEEFE24C6DF46FAAE58B
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.................................................................M....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-F3958.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):168448
        Entropy (8bit):4.7405412206642
        Encrypted:false
        SSDEEP:
        MD5:A88437086922A205F4194CDC50FFC85B
        SHA1:77F14FE659CFE9A2CA2B06D95E9B86797DBB8E8A
        SHA-256:5D0AA911679FA7195E453F66846C068A20EDE5C8E453CF17AE5BE0A84D202143
        SHA-512:58007903BE578330CF82A68B7FF07FC81C066E75EC91DBFF5CD93A1897B44468DD416B45C1994383991D0814CDC07790F9163139605446B9A1C8FBB2EA605566
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.................................................................D....@.......................................... .. ............................................................................................................rdata..............................@..@.rsrc... .... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..@^...rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-F602M.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):199168
        Entropy (8bit):3.95119609100196
        Encrypted:false
        SSDEEP:
        MD5:C4C4A41CCD88A844F26197699705DFD8
        SHA1:26C27915F3DC46AAECA5B2273B9E3326CD04C140
        SHA-256:E37B5EC34EF66BD6DD4A3F478B3FFB99F9904FDCFDB24EAF61F0E612566C5AF9
        SHA-512:083687E8FA1B58DBEDA79BDF27D427FE2ACA8E70A9F9BA30675B5ECC3156134870F7FCE4332C4D8F40C52CC2F8F69BF7C3C22161C9B7762F24E1A08A0352E926
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.........................................................0......b.....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-G1JA9.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):138752
        Entropy (8bit):5.219677660312387
        Encrypted:false
        SSDEEP:
        MD5:60CD604C41C1E8218F9F5F1F6799A686
        SHA1:696A362B5B7193573E5F18FC14EEF91FF379B6B1
        SHA-256:69321C760C634098C9C79FB96B23C09FF831529CC7C1D99AC0C395D8E6C75F93
        SHA-512:6761A9BB58E03120FBBA3BDAF7E8EEAFC84FB78B92D49C513F4A6D2EA521C9C5359C28A31AD36283047ABD64B9BC437D1A88D5E2A8DAB3A7AB487420106CBB05
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.........................................................@............@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-GB9QV.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):180224
        Entropy (8bit):4.662011097550516
        Encrypted:false
        SSDEEP:
        MD5:7368763429D404935CBD744F1F939914
        SHA1:3973505792CF9824C57355581B86A163C5C18C9D
        SHA-256:8E1E969A7550D8D093AC8F3F698EEB8F7633B00768479C32A2C92E0CAE9F4E2E
        SHA-512:29B166369C88B5935FEC9AECEEEA36ECCFDD2096A058E7EE6824664697C5385213CEE180981ACFBDE71FB87C644B969A717333FA3DA86195581B14293CF01540
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................w.....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-GBT2L.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):184832
        Entropy (8bit):3.9693192116648714
        Encrypted:false
        SSDEEP:
        MD5:418405946D28892B9DBCDA4453A336AA
        SHA1:2B57D2004DA08F34C32999D08CD3862F837CA6F9
        SHA-256:C1112D5093078FE2D4F62FF7311ED8B051A22DA14E09E2168D3EF37F2F9543FD
        SHA-512:6A61CBFE8FD81CBBC08744FE38E0F69C56140419EB78E0EAE365E4AA8E99732E80482B3EBA8493FBD824C66423AE3FFD479BEA0073117C1DE553E0C0C03F421B
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................................@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..0....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-GGN6G.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):180736
        Entropy (8bit):4.168392903766762
        Encrypted:false
        SSDEEP:
        MD5:0EC7A056C48904465E6B46DC364C7B2B
        SHA1:7B6046AD829B47D025F1A7243C25E96ABAEAA0BD
        SHA-256:385FF43720B7B09216C8FBCAF1BA3ADD99F6E6C5215956DA5D1777CA0A7A4E55
        SHA-512:CF0F080737AE14A7A380F575579E92C78876F7B6666066B63D411CFFA2E233A7264EE8FA9F269C34E5542BD8118F090EA0563CACE293B2BE6736B90BDB045F4C
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................mh....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-H1HG0.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):176640
        Entropy (8bit):4.549807763547179
        Encrypted:false
        SSDEEP:
        MD5:0759729F74890F902BF88161F58345D7
        SHA1:BA98C9D0F157E9B8B4FB90687B825A09AA45A98E
        SHA-256:03BF24320728FA06A07505D1E7817D5CD896A56303E4045489D8914AC87D71AC
        SHA-512:C8FED3B3660B9ABD8E3C7A4B0C56E15A25A6F57D33A3F9C996773F3B4D16ABBC6BC56DB8E3E95C5F3A163BAA3408E713AA3BD1DD233CB3CEBAE9F6C6EE4D00F0
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................................@.......................................... ..x............................................................................................................rdata..............................@..@.rsrc...x.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N...~...rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-HM83S.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):180736
        Entropy (8bit):3.987047605657096
        Encrypted:false
        SSDEEP:
        MD5:55A63397BF67136DBBB4C91F451E6132
        SHA1:913F468B99EE2078D82FB3536F9358015F98B004
        SHA-256:900775CE498AC02CFAEB792AF2A72CD8209D15CE4605811F1C26EA199AA7F230
        SHA-512:6B5C043779BA46BCBCD269312A5B4EFCFCB2975542A8E35E60D9C3F2D64E8FE999F55C2833F76654DD5BFD8174C284BBBF086FB0939924A4322FA4333C349EC5
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.................................................................^....@.......................................... .. ............................................................................................................rdata..............................@..@.rsrc... .... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..@....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-HRP5E.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):181760
        Entropy (8bit):4.081166508786724
        Encrypted:false
        SSDEEP:
        MD5:AA33CBDF5AB55B44AE097242BD24795D
        SHA1:CDF36EE4BC1916215103A755B8FE04195FAD18C3
        SHA-256:61AB62690AC754AE765391E969F8F7348D526E4709645EEF12B95250C4872E68
        SHA-512:923A41F3ABA7D8A606FFEACB3F030D0BB660E464747E1F90BB63328D2F08E84FAE04018C35C59F5862A7E58BBEC84750DC73843E52FC63033AB8EC4A532D9CEA
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................................@.......................................... .. ............................................................................................................rdata..............................@..@.rsrc... .... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..@....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-I8O7B.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):172544
        Entropy (8bit):4.534027640263222
        Encrypted:false
        SSDEEP:
        MD5:AAD4748118620391902E3D66F9229B13
        SHA1:3D4F60A7AD447D0931D9A8FB2349796306940018
        SHA-256:C9AD17189907CBD1863F22731B1787F0689AEEF14C02C93C41960E655FA30AD5
        SHA-512:185C70D96C00019F282FB70C852BE568274B08F8EB1AD34FF52DE0DE8FC1298C238134D95387D3122E303043CE04578898EB56E4B346CA81D29795E0137D430A
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................T.....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N...n...rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-JLURM.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):122368
        Entropy (8bit):5.185140911986958
        Encrypted:false
        SSDEEP:
        MD5:ED885BEB3C9D63CA3CF4EEA079D2E1D7
        SHA1:2DA6703F696A9057C72D3945F58B18ADB395B667
        SHA-256:6CB02C6C33CC5B2E578BA875EC7A097DB8C48F8DFAC6FCD61538341414358271
        SHA-512:B89B2AD9540364279801832DEE7673DCA1E7339513BD70CABF8D6D3CE226F9E0A211A1F98B8B0775A0808CE43F8C540B989136E621EC1AB4EF6868E80FA40BE0
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................................@.......................................... ..`............................................................................................................rdata..............................@..@.rsrc...`.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-JNJ28.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):186368
        Entropy (8bit):4.584124040700956
        Encrypted:false
        SSDEEP:
        MD5:52FC13B102284AB1E362B747A16480DC
        SHA1:EACA9C9459E401BE930F823AE3293922606C57E5
        SHA-256:5ED5F4318F12D39FE45212AFB5886A769A9C364B76F53C20653ABF199F2C61F2
        SHA-512:E11BDD64A95A53B87A8C43E8FF142EA41FAC94ED3B7FD956369156F6D095E69DD7472EED6D5C4FEE663A7CC8EB02A037D3A1B2DA74039AC8F7260D594CE047FB
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................p.....@.......................................... ..x............................................................................................................rdata..............................@..@.rsrc...x.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-JOOLQ.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):189952
        Entropy (8bit):3.9883815415551536
        Encrypted:false
        SSDEEP:
        MD5:5F2F3DF346AE6D5E17E3D6D373CF00EE
        SHA1:05340A1A8F6ADB1544DDC0660F1C4925508F2B02
        SHA-256:412B6AD87D267818EC5E544CF661EB7E93904108D1676BAAE1C8B164C71219C2
        SHA-512:E152C78BF67EB59FB9D8929D6A7F76CCC778D8B5502BAF612F7BAE5FA86AB2FC77389E53C0AB3721277EFC73BC3F52B2F3E7931B9F7AAF4CD675A35AE82CB0DC
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................f ....@.......................................... ..x............................................................................................................rdata..............................@..@.rsrc...x.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-KAM7D.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):178688
        Entropy (8bit):4.02029665351393
        Encrypted:false
        SSDEEP:
        MD5:556AA59F6343492594C5963D1D53E4A2
        SHA1:D5111F1728B9BCDB8BF684EB3E8654DA2BEC8807
        SHA-256:5308E5183F0B5D4EB41C1F53BFC98EF445D80FD1DEB2CA7E7DF4EC46D3BC9E4B
        SHA-512:37226DF22AF239C39CA6E9D6EEA349BAD84BDE019D54FEFFCEB79BCE5CB0829DDAE98D5CED2EE0E86B858B4981FA9D0A25344F5225BE0F2EAAFFA553FA662A24
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................\.....@.......................................... ..@............................................................................................................rdata..............................@..@.rsrc...@.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..`....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-KGDJ9.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):178688
        Entropy (8bit):4.656944160039455
        Encrypted:false
        SSDEEP:
        MD5:577A2DBDC100AD8305DF324BD8C35678
        SHA1:2CEF25B260873D0CE6BFD234077C0855230C0B9C
        SHA-256:75DC0781181B5DF50B30F5D30186F6B04ED86781DE86C8E8AA316E5842B5C713
        SHA-512:21D001C2D334D7EB82888D0F850687351ED476CE9E59074E80E288512EBB12452379DAC593B1E8B7EA82F551EA12143B27491F73B27FEF268BAE0CF63D114891
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.................................................................]....@.......................................... ..P............................................................................................................rdata..............................@..@.rsrc...P.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..p....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-MR3Q5.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):124928
        Entropy (8bit):5.175412940165455
        Encrypted:false
        SSDEEP:
        MD5:10895F04B24EF44E5DF76D1177171618
        SHA1:B46E3D8DAC149DC2776F0332F3FF3F9CC8ECA10E
        SHA-256:5571DD4300B23F95D933D43AD6A9D00A07DF1786CB1C27CF64E6967D03D078BA
        SHA-512:464DD6C55468639E66C91FD5211185A1375847CA48ACAC7C3CCD4501F151BC164C7D104C8B1D93B8714023046CF9A773B2B473F3F0705B8D5C005FF48D21AAEC
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................................@.......................................... ..H............................................................................................................rdata..............................@..@.rsrc...H.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..h....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-N3ECJ.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):147968
        Entropy (8bit):4.765280163800668
        Encrypted:false
        SSDEEP:
        MD5:B59E9670244F82800AE22ABFE0C1C751
        SHA1:140E1C540A9C9C2F79FB09E7AA45B3FD2C4A7278
        SHA-256:2312757F6CE34E217DB3F478086443816F4A965A915715192E2DF72972BC1892
        SHA-512:42FEDD8CA41C3E99992DC729AE74311D59580C6FA3E3C248DB38629A66896C9DAFDD76EDF2EAC898B22B4BDDCFF1458CBA65141BD18C37BDDE8CAAE05DD98A5E
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.........@...............................................`......<.....@.......................................... ...<...........................................................................................................rdata..............................@..@.rsrc....<... ...>..................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-O5PQ3.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):195584
        Entropy (8bit):4.73804013385777
        Encrypted:false
        SSDEEP:
        MD5:AB9274F1ED43C51593AC344CC7FA0B42
        SHA1:BB4F05F33EC53494514B148CB5767BA33DCD43D5
        SHA-256:59DF223F68029FC1B3A99934C8437049C83F617DEE52D2A47D7E220B1DCE327B
        SHA-512:E74BDDA8C5B9D61BF020D83A35100A15935EEE7148E9CC6DDC87B49AF0E99C4ED22E10D948951AE15F7772C73A63270C501F00A982558172B749FF0D5F146DB3
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................... ...........@.......................................... ..h............................................................................................................rdata..............................@..@.rsrc...h.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-PF32S.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):180736
        Entropy (8bit):4.633675453397267
        Encrypted:false
        SSDEEP:
        MD5:903F340C8359E070BDAC67DF553356C7
        SHA1:C59E1FB68DF64C8D68728D6233502BAF7A6BE503
        SHA-256:656528EDD498146406A4868E1583BCDE98E78C8FC88DC110556185C4F0145EA7
        SHA-512:08FF82D685416B1A264C196FFAD97FD2F2F42118174324BBEC30D2F86F8915D4D93EFA8F567FD0146462EADE84186300F06E5B5F0EDB4186F076EB62280FE88B
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................................@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..8....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-RT0HS.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):198656
        Entropy (8bit):3.973100637519258
        Encrypted:false
        SSDEEP:
        MD5:F99F398FB63E45CBF8DB652B987B9D71
        SHA1:13C28E7F6039EA9AC1AB0B64F2D5F193C8CCEA4D
        SHA-256:8F8C97AD5945F0262287DE7A6CD045DE82EF7BFA2D52C1DBA7D6397F948F2860
        SHA-512:276B8780B7042F87014C18036F968EE9F89BB13F6261557D006D74A9B8F5C8820985FC77E04216ECB031AE3CF9988B8C24C10255B12153F7ECD15706FBB2B443
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.........................................................0.......z....@.......................................... ..H............................................................................................................rdata..............................@..@.rsrc...H.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..h....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-S4643.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):185344
        Entropy (8bit):4.630234470115411
        Encrypted:false
        SSDEEP:
        MD5:9094B536B063B68D3E7E85D7E3B9C3AA
        SHA1:038173C4C7ABE4683C89918E6E32CBF851169976
        SHA-256:83D006F5C30B2C2716E47CD5E4A709D7CE13CBAE67572BE857FF9C8D0E450E13
        SHA-512:D9807A068D1879E1BFEF106482BA20A1FC102770DA8978BB8257DA4E636F29A2197B0DE39BC86FDBC0694CEF2887FEA60C1B5CB1DDF2AF146CC992E9A65D17B6
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................F.....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..(....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-S9DSV.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):165888
        Entropy (8bit):4.602656227809015
        Encrypted:false
        SSDEEP:
        MD5:827E7FAD335C176B0F419C892F0BFCDB
        SHA1:96BAB10061C52339E6E9B1AD7D42B8113678118C
        SHA-256:D97DBF112BD8747EF0E9D2E73D430E00C552C815FE429E01478266AA01447331
        SHA-512:4D3DF5D565BF418B8912B50A1A31AA8A5A5B1473BDE110B3C58661FBC607AE1FD2A1A164153318B57C9DB11BEB65B34920C0D38AB8991094FA45C21BC39329BD
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.................................................................2....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N...T...rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-SG7J4.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):177152
        Entropy (8bit):4.017408256084606
        Encrypted:false
        SSDEEP:
        MD5:38F60160315675D3A015C3B06D9D7EA2
        SHA1:FF09866411CC72D1D084E632DA4E6B2265C4E624
        SHA-256:24FCADF19AD8CEEAE3274836C560D89DAF4CD57A91846D98E4B886D648816DD5
        SHA-512:C32DEA5B8DB1B2925E1019C88B15B1FF1B945146A1CC6A3767CF1A7B506F6A351B71B91B11DC966CAEF472B9BC51C5AB89074435EEB9D5F8A05BB0BB1BDD6E4A
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................4W....@.......................................... ..............................................................................................................rdata..............................@..@.rsrc....... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-SMKID.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):201216
        Entropy (8bit):3.9500512045157175
        Encrypted:false
        SSDEEP:
        MD5:7373FB5D26099CDC1CEFABA397EA02C1
        SHA1:85C86B02E595AF95FA1DD589089A642BA2375298
        SHA-256:7B116786E06B33FE0073E3491244C853EE48A0627273E2695CAA8A2084FCC5F3
        SHA-512:6029528027DF89FD15D82E2EF940AEF9CA872819972B3BB64E9B6F5C3157CE51F0AD5AE8FDF058416176F619E48C9C7CFBFF0EF7D9B0D0A5ADE043BB32D4273E
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.........................................................0............@.......................................... .. ............................................................................................................rdata..............................@..@.rsrc... .... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..@....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-V0FJK.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):183808
        Entropy (8bit):4.024625456341424
        Encrypted:false
        SSDEEP:
        MD5:313D8AD8972F5F7296DCF1FD0F341013
        SHA1:61750DF55FDE587167DD3BEB191068A8C6FAAE5D
        SHA-256:7D9792087E399797F55FC72675B73FF437D161D85CD391B9F605DA927005C202
        SHA-512:2433BAA0FFAD998F5CF7805632FCB5B01BEFDD7299B2D41F2C2867A712F002494478DD94746A3B0CD42D6D6F9A9061744388CAFFF3BA3B644F2C2340AF1DFFD2
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.....................................................................@.......................................... ..8............................................................................................................rdata..............................@..@.rsrc...8.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..X....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\is-VJ7MT.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):182272
        Entropy (8bit):3.997562140145238
        Encrypted:false
        SSDEEP:
        MD5:39997F59407FBEF13824204D1CBA94B6
        SHA1:88D8679B2FA516FA0D7386876EE92FF196E8DD4C
        SHA-256:0DBC6E48C486E763DDAF7F8AC0F4BFBABF5D38DEF5792DF2995A2875B0A08542
        SHA-512:337B0592EA6E7D280C5C3B5266FB54CCAFFE88906AB5C511A6B818AC5B368FD81499E61A98DD9349CBA5799D77A0B97E4810308A51DA6D76D45068083AE3CECA
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................pm....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.ar.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:827E7FAD335C176B0F419C892F0BFCDB
        SHA1:96BAB10061C52339E6E9B1AD7D42B8113678118C
        SHA-256:D97DBF112BD8747EF0E9D2E73D430E00C552C815FE429E01478266AA01447331
        SHA-512:4D3DF5D565BF418B8912B50A1A31AA8A5A5B1473BDE110B3C58661FBC607AE1FD2A1A164153318B57C9DB11BEB65B34920C0D38AB8991094FA45C21BC39329BD
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.................................................................2....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N...T...rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.be.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:7368763429D404935CBD744F1F939914
        SHA1:3973505792CF9824C57355581B86A163C5C18C9D
        SHA-256:8E1E969A7550D8D093AC8F3F698EEB8F7633B00768479C32A2C92E0CAE9F4E2E
        SHA-512:29B166369C88B5935FEC9AECEEEA36ECCFDD2096A058E7EE6824664697C5385213CEE180981ACFBDE71FB87C644B969A717333FA3DA86195581B14293CF01540
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................w.....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.bg.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:52FC13B102284AB1E362B747A16480DC
        SHA1:EACA9C9459E401BE930F823AE3293922606C57E5
        SHA-256:5ED5F4318F12D39FE45212AFB5886A769A9C364B76F53C20653ABF199F2C61F2
        SHA-512:E11BDD64A95A53B87A8C43E8FF142EA41FAC94ED3B7FD956369156F6D095E69DD7472EED6D5C4FEE663A7CC8EB02A037D3A1B2DA74039AC8F7260D594CE047FB
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................p.....@.......................................... ..x............................................................................................................rdata..............................@..@.rsrc...x.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.bn.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:3A2D3D85B179FF6E5600B0A87F873893
        SHA1:D76176D8575FB4B5E09EC703704614079FA33803
        SHA-256:A252CF221EBCDB317B1F2453616C73C658569CEDCCAF08D9057702C3851E5C66
        SHA-512:A845D4F837AF7B3306D195D8FFEE7E0F087F6F4580F5EF5B7E2097C763EA83F44A0E3AA5E3156DB5FEA79F9D1BB6C98BDAEB0A7EF227C1A433C094CB1C37FC19
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................;.....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.bs_BA.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:EA9A3673B9C198D4B10B260E483080AD
        SHA1:8E5963D7CCF16F713485CF8E7DCAC91BBDAFC504
        SHA-256:7B35403B02541D09967AD1FFFB22629D3B7E97F186E6D022CA2F10A65BD7D473
        SHA-512:291CB63EE9B04A4B48920B0A9B77EC71A38F7C7D33667DE1AF7D77CEFFD8792F211A778F275198E1799CEE41C101C0C439C68C7D3803B48FE169A9041703ABE0
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................................@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.ca.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:F99F398FB63E45CBF8DB652B987B9D71
        SHA1:13C28E7F6039EA9AC1AB0B64F2D5F193C8CCEA4D
        SHA-256:8F8C97AD5945F0262287DE7A6CD045DE82EF7BFA2D52C1DBA7D6397F948F2860
        SHA-512:276B8780B7042F87014C18036F968EE9F89BB13F6261557D006D74A9B8F5C8820985FC77E04216ECB031AE3CF9988B8C24C10255B12153F7ECD15706FBB2B443
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.........................................................0.......z....@.......................................... ..H............................................................................................................rdata..............................@..@.rsrc...H.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..h....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.cs.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:0EC7A056C48904465E6B46DC364C7B2B
        SHA1:7B6046AD829B47D025F1A7243C25E96ABAEAA0BD
        SHA-256:385FF43720B7B09216C8FBCAF1BA3ADD99F6E6C5215956DA5D1777CA0A7A4E55
        SHA-512:CF0F080737AE14A7A380F575579E92C78876F7B6666066B63D411CFFA2E233A7264EE8FA9F269C34E5542BD8118F090EA0563CACE293B2BE6736B90BDB045F4C
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................mh....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.da.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:C4D312B8D2D3F3192D585A7AA62A6CE3
        SHA1:5051D85A8F681205CE272B86A57493CC31E5BF6B
        SHA-256:8C82A6CE431070FF4E85985031A29C77B9233EFCEB114C5D17D9D6A8E05BB54A
        SHA-512:893CCC36B460A3A2A671CFD73100D82B7C811A013CD51EC067DE154136FADB290386C5BE64536F4E6B90E7934086676CF8B32C4A651A9AC148953A803851B114
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................................@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..0....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.de.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:313D8AD8972F5F7296DCF1FD0F341013
        SHA1:61750DF55FDE587167DD3BEB191068A8C6FAAE5D
        SHA-256:7D9792087E399797F55FC72675B73FF437D161D85CD391B9F605DA927005C202
        SHA-512:2433BAA0FFAD998F5CF7805632FCB5B01BEFDD7299B2D41F2C2867A712F002494478DD94746A3B0CD42D6D6F9A9061744388CAFFF3BA3B644F2C2340AF1DFFD2
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.....................................................................@.......................................... ..8............................................................................................................rdata..............................@..@.rsrc...8.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..X....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.el.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:AB9274F1ED43C51593AC344CC7FA0B42
        SHA1:BB4F05F33EC53494514B148CB5767BA33DCD43D5
        SHA-256:59DF223F68029FC1B3A99934C8437049C83F617DEE52D2A47D7E220B1DCE327B
        SHA-512:E74BDDA8C5B9D61BF020D83A35100A15935EEE7148E9CC6DDC87B49AF0E99C4ED22E10D948951AE15F7772C73A63270C501F00A982558172B749FF0D5F146DB3
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................... ...........@.......................................... ..h............................................................................................................rdata..............................@..@.rsrc...h.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.en_GB.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:0CBEA25D94B127EBC1FE73BD3598CFB4
        SHA1:B8EC9279544BC338A4885C385C6B30BDA993750F
        SHA-256:86578FAE7DF0845BD6A2A2135262C68F93EFA8F7A045F35014934704F30253E7
        SHA-512:AA95731DC2A733E2D2EE09EF180475784E96326A60373991414CDFAD646777303715791BA66A1B8B49F46B711C4FF69E34706D8F037ED8ED343728ECADCDA935
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................lR....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N...i...rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.es.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:C4C4A41CCD88A844F26197699705DFD8
        SHA1:26C27915F3DC46AAECA5B2273B9E3326CD04C140
        SHA-256:E37B5EC34EF66BD6DD4A3F478B3FFB99F9904FDCFDB24EAF61F0E612566C5AF9
        SHA-512:083687E8FA1B58DBEDA79BDF27D427FE2ACA8E70A9F9BA30675B5ECC3156134870F7FCE4332C4D8F40C52CC2F8F69BF7C3C22161C9B7762F24E1A08A0352E926
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.........................................................0......b.....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.eu.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:39997F59407FBEF13824204D1CBA94B6
        SHA1:88D8679B2FA516FA0D7386876EE92FF196E8DD4C
        SHA-256:0DBC6E48C486E763DDAF7F8AC0F4BFBABF5D38DEF5792DF2995A2875B0A08542
        SHA-512:337B0592EA6E7D280C5C3B5266FB54CCAFFE88906AB5C511A6B818AC5B368FD81499E61A98DD9349CBA5799D77A0B97E4810308A51DA6D76D45068083AE3CECA
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................pm....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.fi.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:CC16E8BE43881BD04242B30E98F523A9
        SHA1:DC5CF04809861B9A7323FF9E08EF7BC13070D97E
        SHA-256:CFD6C458955A29928F439CE9C3E3DC4E2BFC4FE3D2789C013C809B0088761648
        SHA-512:C5525831C30773A5FB2E32B91EEA9358D1F1C02B66D780C53560A06AECD54C4D5B6A2AE0AE62D27137F9046D2939943DF5817916189638B55BE5F0F3BF2C162E
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.................................................................<....@.......................................... ..............................................................................................................rdata..............................@..@.rsrc....... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.fr.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:7373FB5D26099CDC1CEFABA397EA02C1
        SHA1:85C86B02E595AF95FA1DD589089A642BA2375298
        SHA-256:7B116786E06B33FE0073E3491244C853EE48A0627273E2695CAA8A2084FCC5F3
        SHA-512:6029528027DF89FD15D82E2EF940AEF9CA872819972B3BB64E9B6F5C3157CE51F0AD5AE8FDF058416176F619E48C9C7CFBFF0EF7D9B0D0A5ADE043BB32D4273E
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.........................................................0............@.......................................... .. ............................................................................................................rdata..............................@..@.rsrc... .... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..@....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.gl.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:72094B231E180BB40D2B4932ACF227D9
        SHA1:A83BA4DBE8B1BFBD6C2BBC220190FE8398B5E2FC
        SHA-256:0E4A35966E46490F3370366E7CD9FCB432FB607AA05B138577A8532D41EEEF1E
        SHA-512:E516BF195500FFE54F8B70CDDB276C3F096EA3AEF9512293C44D85202F20D5DC82EB1AD5F4562DFB79F3F4CB00D390FDCCBE386E6716264AF436242373963727
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................[.....@.......................................... ..H............................................................................................................rdata..............................@..@.rsrc...H.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..h....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.he.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:2EE2C0DF32A3F646AFC33D217BDEA32A
        SHA1:844F40F12EE9B31BF59A91935067DE18C0C054FC
        SHA-256:59E090E36648BFB09EB02D6F161FF5C920BB14FCFB820918D92D917CE008E972
        SHA-512:B1A1CC3E078E2E66E55EED3DB85CB847AFB762774FC69A39CDD9157CD1068DC3CDC7277E823E21460AE04196763F0FA3FEB827D62204761798A2175CAEE54B7C
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................................@.......................................... ...|...........................................................................................................rdata..............................@..@.rsrc....|... ...~..................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N...M...rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.hr.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:FDDAC75C89D11A95C0A3C15530A3A7C2
        SHA1:64FC1E6C4070C5809D83E70D388D8A764E29049B
        SHA-256:CBA5254593ADE0999258AE58BA16455F8028FF5516FC5B25AE8BBE59BEEE3E2B
        SHA-512:172694E9E280EE9B0DA021CC0AC911505C3B9BF27E8D7912515ADF63D079DEAA90428B9576E12BEEC002FB0FEC7C17611FDAF5E9DD9C670AD4DD43F0CAA0684B
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.................................................................-....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..(....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.hu.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:5086ADF93D4C3EA198225CDB8203CB9E
        SHA1:600B10DA38FE0E21E10EE7299E4F01E17D5B70A4
        SHA-256:DF354D3CDEB3D8C3B7BD38CA64BF5E3DD980981E8EA19B1A9677660C7A2C8238
        SHA-512:B2B581816515D32B5EA67C8F930CB194A878CB38BE9AEF57DE62FC4A1160A1BBEB71024BC55016CAEB638020B7D65899F58A75C3B83C923B246C931324A5B6EA
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.................................................................S....@.......................................... ..p............................................................................................................rdata..............................@..@.rsrc...p.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.hy.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:0759729F74890F902BF88161F58345D7
        SHA1:BA98C9D0F157E9B8B4FB90687B825A09AA45A98E
        SHA-256:03BF24320728FA06A07505D1E7817D5CD896A56303E4045489D8914AC87D71AC
        SHA-512:C8FED3B3660B9ABD8E3C7A4B0C56E15A25A6F57D33A3F9C996773F3B4D16ABBC6BC56DB8E3E95C5F3A163BAA3408E713AA3BD1DD233CB3CEBAE9F6C6EE4D00F0
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................................@.......................................... ..x............................................................................................................rdata..............................@..@.rsrc...x.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N...~...rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.id.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:556AA59F6343492594C5963D1D53E4A2
        SHA1:D5111F1728B9BCDB8BF684EB3E8654DA2BEC8807
        SHA-256:5308E5183F0B5D4EB41C1F53BFC98EF445D80FD1DEB2CA7E7DF4EC46D3BC9E4B
        SHA-512:37226DF22AF239C39CA6E9D6EEA349BAD84BDE019D54FEFFCEB79BCE5CB0829DDAE98D5CED2EE0E86B858B4981FA9D0A25344F5225BE0F2EAAFFA553FA662A24
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................\.....@.......................................... ..@............................................................................................................rdata..............................@..@.rsrc...@.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..`....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.it.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:418405946D28892B9DBCDA4453A336AA
        SHA1:2B57D2004DA08F34C32999D08CD3862F837CA6F9
        SHA-256:C1112D5093078FE2D4F62FF7311ED8B051A22DA14E09E2168D3EF37F2F9543FD
        SHA-512:6A61CBFE8FD81CBBC08744FE38E0F69C56140419EB78E0EAE365E4AA8E99732E80482B3EBA8493FBD824C66423AE3FFD479BEA0073117C1DE553E0C0C03F421B
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................................@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..0....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.ja.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:60CD604C41C1E8218F9F5F1F6799A686
        SHA1:696A362B5B7193573E5F18FC14EEF91FF379B6B1
        SHA-256:69321C760C634098C9C79FB96B23C09FF831529CC7C1D99AC0C395D8E6C75F93
        SHA-512:6761A9BB58E03120FBBA3BDAF7E8EEAFC84FB78B92D49C513F4A6D2EA521C9C5359C28A31AD36283047ABD64B9BC437D1A88D5E2A8DAB3A7AB487420106CBB05
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.........................................................@............@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.ko.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:B59E9670244F82800AE22ABFE0C1C751
        SHA1:140E1C540A9C9C2F79FB09E7AA45B3FD2C4A7278
        SHA-256:2312757F6CE34E217DB3F478086443816F4A965A915715192E2DF72972BC1892
        SHA-512:42FEDD8CA41C3E99992DC729AE74311D59580C6FA3E3C248DB38629A66896C9DAFDD76EDF2EAC898B22B4BDDCFF1458CBA65141BD18C37BDDE8CAAE05DD98A5E
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.........@...............................................`......<.....@.......................................... ...<...........................................................................................................rdata..............................@..@.rsrc....<... ...>..................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.lt.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:AA33CBDF5AB55B44AE097242BD24795D
        SHA1:CDF36EE4BC1916215103A755B8FE04195FAD18C3
        SHA-256:61AB62690AC754AE765391E969F8F7348D526E4709645EEF12B95250C4872E68
        SHA-512:923A41F3ABA7D8A606FFEACB3F030D0BB660E464747E1F90BB63328D2F08E84FAE04018C35C59F5862A7E58BBEC84750DC73843E52FC63033AB8EC4A532D9CEA
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................................@.......................................... .. ............................................................................................................rdata..............................@..@.rsrc... .... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..@....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.ms_MY.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:38F60160315675D3A015C3B06D9D7EA2
        SHA1:FF09866411CC72D1D084E632DA4E6B2265C4E624
        SHA-256:24FCADF19AD8CEEAE3274836C560D89DAF4CD57A91846D98E4B886D648816DD5
        SHA-512:C32DEA5B8DB1B2925E1019C88B15B1FF1B945146A1CC6A3767CF1A7B506F6A351B71B91B11DC966CAEF472B9BC51C5AB89074435EEB9D5F8A05BB0BB1BDD6E4A
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................4W....@.......................................... ..............................................................................................................rdata..............................@..@.rsrc....... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.nl.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:55A63397BF67136DBBB4C91F451E6132
        SHA1:913F468B99EE2078D82FB3536F9358015F98B004
        SHA-256:900775CE498AC02CFAEB792AF2A72CD8209D15CE4605811F1C26EA199AA7F230
        SHA-512:6B5C043779BA46BCBCD269312A5B4EFCFCB2975542A8E35E60D9C3F2D64E8FE999F55C2833F76654DD5BFD8174C284BBBF086FB0939924A4322FA4333C349EC5
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.................................................................^....@.......................................... .. ............................................................................................................rdata..............................@..@.rsrc... .... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..@....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.pa.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:AAD4748118620391902E3D66F9229B13
        SHA1:3D4F60A7AD447D0931D9A8FB2349796306940018
        SHA-256:C9AD17189907CBD1863F22731B1787F0689AEEF14C02C93C41960E655FA30AD5
        SHA-512:185C70D96C00019F282FB70C852BE568274B08F8EB1AD34FF52DE0DE8FC1298C238134D95387D3122E303043CE04578898EB56E4B346CA81D29795E0137D430A
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................T.....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N...n...rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.pl.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:DE6380C83C5F68E52B86CB9FD5B7FADF
        SHA1:AB3F11C70078662303E026AB8149F3E1CA32A826
        SHA-256:FB2F888425113733CF17F52F63DDECCEA879556C2AB904C40AD77DE0FEB928EA
        SHA-512:AD225CB1E96F191DFAD59D61C229968C236EEE201D1E7B17EE07791A906DC57E2E56DAC1AD7BE8BE6F3408AAF78CA922E17831F848CE1398619D6C17F7247688
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.................................................................!....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.pt_BR.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:80269F10F5A3CC284AD1ECDA087BBA5D
        SHA1:8971ACE3C9F73940DF5FFAED309D22377A42798C
        SHA-256:239D89C53F0D8B34F4884E0C4C30BCFD0CFC948AC96CD214B4BFAFA099F616AC
        SHA-512:E2766363DD93B55480651E5D515DFDAB181C984B4AED0EB10717ECF421F3999F8A52BA758E208285CA74723933CE05A77D144CE058E1FEEFE24C6DF46FAAE58B
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.................................................................M....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.pt_PT.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:5F2F3DF346AE6D5E17E3D6D373CF00EE
        SHA1:05340A1A8F6ADB1544DDC0660F1C4925508F2B02
        SHA-256:412B6AD87D267818EC5E544CF661EB7E93904108D1676BAAE1C8B164C71219C2
        SHA-512:E152C78BF67EB59FB9D8929D6A7F76CCC778D8B5502BAF612F7BAE5FA86AB2FC77389E53C0AB3721277EFC73BC3F52B2F3E7931B9F7AAF4CD675A35AE82CB0DC
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................f ....@.......................................... ..x............................................................................................................rdata..............................@..@.rsrc...x.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.ro.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:8ED5E880FD85F786DEE96A93675A8E59
        SHA1:D762F09958DF699758432987569CCA504A2BB51E
        SHA-256:90F7BF314B434A5A1289A6C123C1C84745EE594665AFEEDCA3D7A4899220CB23
        SHA-512:3E396EEC5F90A46555CFFF7879932CC2421B187FF97DFCC566420611E2509762C1BDCA7ED1BCDDBA7CAB816CF9A5C42E19C58AC7E5D12829F1FDC66F15F86AE6
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................... ......E.....@.......................................... ..0............................................................................................................rdata..............................@..@.rsrc...0.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..P....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.ru.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:9094B536B063B68D3E7E85D7E3B9C3AA
        SHA1:038173C4C7ABE4683C89918E6E32CBF851169976
        SHA-256:83D006F5C30B2C2716E47CD5E4A709D7CE13CBAE67572BE857FF9C8D0E450E13
        SHA-512:D9807A068D1879E1BFEF106482BA20A1FC102770DA8978BB8257DA4E636F29A2197B0DE39BC86FDBC0694CEF2887FEA60C1B5CB1DDF2AF146CC992E9A65D17B6
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................F.....@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..(....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.sk.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:8B6D0C0FB828BB872C9F31EF8B018A83
        SHA1:CA0E3A30D869782B0D13D65E23AB3AB164B0C968
        SHA-256:8EB1B383BF6D5D4B9F41EF58BB659339182AF50317CBC085B8CD992EFACBCA88
        SHA-512:06BBEC79866936AB455BBF46511ACC3112ACB478D9D6CEB97D50A4F76243EB5A1F10C9814632F560822D56B40EDCDA59C5C88B4E799A573EE309B4C70319895D
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................................@.......................................... ..`............................................................................................................rdata..............................@..@.rsrc...`.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.sl.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:77F10955AD32383F1930C882BA928B68
        SHA1:BE9D2F076BE8FB7A0E743A2704A7E2C6A7194153
        SHA-256:B8068AFD9D2AD363351093248B837EEBB91C33E0A77687D07DC382568842F532
        SHA-512:C00A57D742EBA3117968BF032681B3C256AEC8732E71A226D088EAA801959AECE27833C68B015AF07F202194B1FFE10BE79ECE0E9CB416A4E667D31D2F4A034D
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!................................................................t.....@.......................................... ..X............................................................................................................rdata..............................@..@.rsrc...X.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..x....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.sr.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:903F340C8359E070BDAC67DF553356C7
        SHA1:C59E1FB68DF64C8D68728D6233502BAF7A6BE503
        SHA-256:656528EDD498146406A4868E1583BCDE98E78C8FC88DC110556185C4F0145EA7
        SHA-512:08FF82D685416B1A264C196FFAD97FD2F2F42118174324BBEC30D2F86F8915D4D93EFA8F567FD0146462EADE84186300F06E5B5F0EDB4186F076EB62280FE88B
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................................@.......................................... ...............................................................................................................rdata..............................@..@.rsrc........ ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..8....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.sv.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:0E806EB66535D054428EF69DD5834874
        SHA1:8BE8B0D654B171F5F564DD59717705867AF2CE77
        SHA-256:BDB44EB30E5F6F17AB07A086B6FCE4B3E497A17F2B4ED30D9FE992CAE00E8E52
        SHA-512:A262A6F89DC4C1FB193CCFBED77B5A6545EE70A5217D0AA28F5075E614C196C30A668F004C9A290C1731665D2E2D069BF0C85E7590EA3BCBCF71A17F2E10F486
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.....................................................................@.......................................... ..............................................................................................................rdata..............................@..@.rsrc....... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N...~...rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.th_TH.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:A88437086922A205F4194CDC50FFC85B
        SHA1:77F14FE659CFE9A2CA2B06D95E9B86797DBB8E8A
        SHA-256:5D0AA911679FA7195E453F66846C068A20EDE5C8E453CF17AE5BE0A84D202143
        SHA-512:58007903BE578330CF82A68B7FF07FC81C066E75EC91DBFF5CD93A1897B44468DD416B45C1994383991D0814CDC07790F9163139605446B9A1C8FBB2EA605566
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.................................................................D....@.......................................... .. ............................................................................................................rdata..............................@..@.rsrc... .... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..@^...rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.tr.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:FF23261D6E67F6AA29691E6D91A15038
        SHA1:B9FF5C6F6B9ACDCFC382AF7DB97C2A1F9DDA0433
        SHA-256:B56DE1692B2A2F3795209860A1F57897EFE1E703251166F3CFFC5AAA2D39DEC4
        SHA-512:AFEA2715868215C2F8192F58EEF82E8423830DF9FEDAD17BA9D47A1DBBE638B7A3E905F2EEDC14949D58EC75C4442168F722D6872CCF87C6FBE58957F45F60D5
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.................................................................c....@.......................................... ..............................................................................................................rdata..............................@..@.rsrc....... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.tt.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:577A2DBDC100AD8305DF324BD8C35678
        SHA1:2CEF25B260873D0CE6BFD234077C0855230C0B9C
        SHA-256:75DC0781181B5DF50B30F5D30186F6B04ED86781DE86C8E8AA316E5842B5C713
        SHA-512:21D001C2D334D7EB82888D0F850687351ED476CE9E59074E80E288512EBB12452379DAC593B1E8B7EA82F551EA12143B27491F73B27FEF268BAE0CF63D114891
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.................................................................]....@.......................................... ..P............................................................................................................rdata..............................@..@.rsrc...P.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..p....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.uk.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:99AA69B9CD6A98707E65FFF9C2E9398C
        SHA1:B4B0F4C462212D361ECC3BF374EDC9F982C8FF60
        SHA-256:982A4455404C5D3E3947CB6209D960F5BCE57C52BFC0AFC73FD51741ADFBFBEC
        SHA-512:02A4B36046F8FB55F341B027C51A3176F0A9D3BCB9CA694FA3D132C3FB2746616063D89D455187D0B06E912545EE139F81E9238197816A056FBA947F5B865B8F
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!.................................................................c....@.......................................... ..8............................................................................................................rdata..............................@..@.rsrc...8.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..X....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.vi.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:57188AFD124A4E10210590EE16774CF4
        SHA1:B58633C9BDBA432D5FB004AE4FAE0E15ABE1AEBD
        SHA-256:76D7BBB93E9DF7272DE6BE0BB7FABABADF03E7E3B19D604800F12674F5C122B3
        SHA-512:E42B62E92B0C642E056FE25301263C61A3B0FC5A840A14F4A8D38B395DC0ED01F2F5B565856B6FFF5EA7AF66D3A84B097F3C4F19F77E7A977641E4BD2D077C6B
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................................@.......................................... ..............................................................................................................rdata..............................@..@.rsrc....... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.zh_CN.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:ED885BEB3C9D63CA3CF4EEA079D2E1D7
        SHA1:2DA6703F696A9057C72D3945F58B18ADB395B667
        SHA-256:6CB02C6C33CC5B2E578BA875EC7A097DB8C48F8DFAC6FCD61538341414358271
        SHA-512:B89B2AD9540364279801832DEE7673DCA1E7339513BD70CABF8D6D3CE226F9E0A211A1F98B8B0775A0808CE43F8C540B989136E621EC1AB4EF6868E80FA40BE0
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................................@.......................................... ..`............................................................................................................rdata..............................@..@.rsrc...`.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Lang\mpcresources.zh_TW.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:10895F04B24EF44E5DF76D1177171618
        SHA1:B46E3D8DAC149DC2776F0332F3FF3F9CC8ECA10E
        SHA-256:5571DD4300B23F95D933D43AD6A9D00A07DF1786CB1C27CF64E6967D03D078BA
        SHA-512:464DD6C55468639E66C91FD5211185A1375847CA48ACAC7C3CCD4501F151BC164C7D104C8B1D93B8714023046CF9A773B2B473F3F0705B8D5C005FF48D21AAEC
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................PE..L......a.........."!......................................................................@.......................................... ..H............................................................................................................rdata..............................@..@.rsrc...H.... ......................@..@.......a........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... .......rsrc$01.....N..h....rsrc$02............................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\Shaders11\0-255 to 16-235.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:8AF52DC70F493BF4B44E6BBC83EC068E
        SHA1:4ED0FFB66375F1EB5E98C646C71A359D405D083D
        SHA-256:9C28C3DA364ADFEF7FFBD634C90707203B44324C6FE2018D79036E724A296C83
        SHA-512:0B6C45E139CEF1E5A0D969427E1820B35BE2A90FB625EEC351D5F1A96F8865B1FC6ADD594CA09B09314BB0EC455A3AE0484D613757834677B1A2B71F4779F4A8
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2009-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */.. ..Texture2D tex : register(t0);..SamplerState samp : register(s0);....#define const_1 ( 16.0 / 255.0)..#define const_2 (219.0 / 255.0)....float4 main(float4 pos : SV_POSITION, float2 coord : TEXCOORD) : SV_Target..{...// original p

        C:\Program Files (x86)\MPC-HC\Shaders11\16-235 to 0-255 [SD].hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:A41A748492604C35BC0EEAD2B270EF77
        SHA1:F25865D68A95B618B4B86EF00CA1DFF3C120A14A
        SHA-256:4087B92BBFDC29FBD079EC4E62E98E864FB461C74F4E8F87E49E130D5F07DF5F
        SHA-512:59C6F324C746D2B99DC77258B6036E23A07E75F131C327F45F08F06164B293D69E84DEF15277C70EB5DFAA9F081B3BD58CF3850E2125BABD83A75EF767FF4817
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2009-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....// Run this shader before suserng.....Texture2D tex : register(t0);..SamplerState samp : register(s0);....cbuffer PS_CONSTANTS : register(b0)..{...float2 pxy;...float width;...float height;...uint counter;...float clock;..};.

        C:\Program Files (x86)\MPC-HC\Shaders11\16-235 to 0-255.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:D98157C3E896265BB340AE6589AE15AB
        SHA1:32F0FF491BE88ABE1367056B8B51F699CCA0F291
        SHA-256:63E930BA9E304D8D915066F48DD10AAB88934EC69E90497F2DD80AB0E249E48A
        SHA-512:C9ACC8722BE8D329F567DEC672453CB6ADB8D2D3C3517261905311CF7BD4BD1A7739790CBFC4634CF04A5481D77901EA6E74B0EC36B72D170C20ECB508546ECE
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2007-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */.. ..Texture2D tex : register(t0);..SamplerState samp : register(s0);....#define const_1 ( 16.0 / 255.0)..#define const_2 (255.0 / 219.0)....float4 main(float4 pos : SV_POSITION, float2 coord : TEXCOORD) : SV_Target..{...// original p

        C:\Program Files (x86)\MPC-HC\Shaders11\Adaptive sharpen.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ISO-8859 text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:AF24207C4F6B99002CA909EF3E2D640A
        SHA1:89DE07E608D383830DFA9370019DF4B537B84C13
        SHA-256:0EB43204BD84B763756E0FA2378D685B91346064BF7AF0C9FAE941D8EABE5BDB
        SHA-512:D1DA90F3C94D01E0DB94292FAEA722BBFE556108D2AD701B778FC126E548D999FBE8A1CD01C9012A6DB378E67319FC955F5026A74CDCB3FDCEAD3D9AD7EC3F12
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0....// Copyright (c) 2015, bacondither..// All rights reserved...//..// Redistribution and use in source and binary forms, with or without..// modification, are permitted provided that the following conditions..// are met:..// 1. Redistributions of source code must retain the above copyright..// notice, this list of conditions and the following disclaimer..// in this position and unchanged...// 2. Redistributions in binary form must reproduce the above copyright..// notice, this list of conditions and the following disclaimer in the..// documentation and/or other materials provided with the distribution...//..// THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR..// IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES..// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED...// IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,..// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONS

        C:\Program Files (x86)\MPC-HC\Shaders11\BT.601 to BT.709 [HD].hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:1BDF6A05D2F917D3005839A300682FC0
        SHA1:A7D5934F17A2557CDC0C4FB6B45A83CAFA654046
        SHA-256:4244AC08A1495D7F0EB6F7DB39289E4B9CB158FD75CFC3D5DF5D8998A2D95BD3
        SHA-512:7D4105DC51CB92A826991FCCCEAAE0DD5F11BAF907D1B315676D7AF4DAB20A4489E5D256C331CCEB8847915F6079DB152F5272A07481AE2A84714CED338342F1
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2011 Jan-Willem Krans (janwillem32 <at> hotmail.com).. * (C) 2011-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....// Correct video colorspace BT.601 [SD] to BT.709 [HD] for HD video input...// Use this shader only if BT.709 [HD] encoded video is incorrectly matrixed to full range RG

        C:\Program Files (x86)\MPC-HC\Shaders11\Deinterlace (blend).hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:2F5F9CE9F462DF9CF3CB25254EBAD4F2
        SHA1:E03361D9F4320938B423FFE39160A23A3F93386A
        SHA-256:052785472D9DF9895600EF044BD63358C5654D66D202AD36DABACD10EC6C5B24
        SHA-512:FD7BC0C28C3B332523D6FEA1D542FB35897BA1EBFF675F4CCE989F9DFE630D2E2EE23BC55A41D1B0087C9DC9445D1FCE8D22DE2B9EFBC44D42EE344CF2C8ED8A
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....// Run this shader before suserng.....Texture2D tex : register(t0);..SamplerState samp : register(s0);....cbuffer PS_CONSTANTS : register(b0)..{...float px;...float py;...float width;...float height;..

        C:\Program Files (x86)\MPC-HC\Shaders11\Denoise.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:74A49AF5322C22F9EA2149EB15B2FF33
        SHA1:DA2E3A26B46FDC335F90C35E5D196C8FF1E96159
        SHA-256:6711B3A74FD250DE4B0BF5C3953EEB73CE6786926930199EBF5538F2206A8E8A
        SHA-512:EB8BAE6DE30D0DC23DEB3F210CE3512C6C04D91F2DD0A1ACACBC587237C88ECC11AAE15E08568B4BE1DC431D7F37F66CB13D9BA4AA48C3D37FD99132B7CB2992
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....Texture2D tex : register(t0);..SamplerState samp : register(s0);....cbuffer PS_CONSTANTS : register(b0)..{...float px;...float py;...float2 wh;...uint counter;...float clock;..};....#define val0 (1.0)

        C:\Program Files (x86)\MPC-HC\Shaders11\Edge sharpen.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:E01D0EFB46B67FD9E8A895D16B578385
        SHA1:F54C771A9AC1E4B60D4E3DDFBCFEB6C194DA407B
        SHA-256:7DAD54FFB6D1F092FBD3CC1B4AF03A77C3490775D3604B73DDC99EB995C825CE
        SHA-512:16CA5299575104102A113E894C3DA260D7E61BD0A7BD96435DDD48FE14945D84655D8ADF583AF40531D15A9128B0261653284DF82EE61847B45CDDA7C5011460
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */.. ..Texture2D tex : register(t0);..SamplerState samp : register(s0);....cbuffer PS_CONSTANTS : register(b0)..{...float2 pxy;...float width;...float height;...uint counter;...float clock;..};....#define N

        C:\Program Files (x86)\MPC-HC\Shaders11\Gaussian Blur 3x3.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:09C21BD4AA6D1FA5963F442C107ABD58
        SHA1:5C898BD95F8582AE9FBFAE3400C2B053E471D243
        SHA-256:1A6FEB86E089EA642E4D1FEEB78FA522B7FEDF4C7BAE064F55E5B27C6C742BDD
        SHA-512:D36A647DE9CA4DC6515F0046DC9BB6C7562ED7A86A961B5578EB5E026511113E87D904B89EC1DC4FD420D3736DD042D680A5445BAC0A6389632259183A5D6C96
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....Texture2D tex : register(t0);..SamplerState samp : register(s0);....cbuffer PS_CONSTANTS : register(b0)..{...float px;...float py;...float2 wh;...uint counter;...float clock;..};....float4 main(float4

        C:\Program Files (x86)\MPC-HC\Shaders11\Gaussian Blur_pass1.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:BFF5BD02C2A7319A7D8B55D54EF3D678
        SHA1:8C59F3D8097BE9DB4CBC01ECA5D3BE62870C2D25
        SHA-256:DCC1EBEA51CF5ECA71ABE08BEA4E197E08E7F58696533A54B9AED3F3910520C9
        SHA-512:F763AC6C1B50B429F1AFEFC0DF8D414F3507AC50E01DD025DC962F4E255997EBAF61DCBCB542A9FE05D2F5600DAE4FDDC100C205FD4A167F822D25120F37A840
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>.....(dx11) Gaussian Blur_pass1: (gBlur7, Horizontal pass) by butterw..First pass of 2-pass shader. As with all blur shaders, use pre-upsuserng for maximum effect ! ..uses a separable Gaussian Kernel, without hw linear sampling optimization. ..Perf per pass: (7 texture, 11 arithme

        C:\Program Files (x86)\MPC-HC\Shaders11\Gaussian Blur_pass2.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:BA1A1BBC29CA4014278B862245713947
        SHA1:7FBBB78EFBED0E55C05C1CB069B7B03B0E80D4C2
        SHA-256:209AEE28BD8F4656D08830979FAA8D3E4BFDDAF142528580AB7789BE3F88AE1B
        SHA-512:60780D4AFC0C9723E18CB5404CFBAB972352EAB2B8ED04E21D2389EB22B7387DD6F4E909550774988149C511A9FA71DAFC50302EB6BBA2073E954867BFEBDE68
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... ..(dx11) Gaussian Blur_pass2 (gBlur7, Vertical Pass) by butterw..Second pass of a 2-pass shader, please ensure the 2 passes use the same parameters. ..As with all blur shaders, use pre-upsuserng for maximum effect ! ..uses a separable Gaussian Kernel, without hw linear samplin

        C:\Program Files (x86)\MPC-HC\Shaders11\Grayscale.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:B145E6D39B62D79FDDAC3EC7A755F586
        SHA1:63948F6E004323BA666B4089D5CED935B7748C6C
        SHA-256:4374B3AB53645C41BA2007FAB5704B7EEDA3A698276037EE544E82AC176F0275
        SHA-512:4C53A437956DF6F1D4818BC536FDF39AB1A63C16ED9F22B31463D1747077B6A08123DD051323A84659F792F8FDDA18735C5B3EC6AF80965ACFD9B28DE366AA3A
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....Texture2D tex : register(t0);..SamplerState samp : register(s0);....float4 main(float4 pos : SV_POSITION, float2 coord : TEXCOORD) : SV_Target..{...float c = dot(tex.Sample(samp, coord), float4(0.299, 0.58

        C:\Program Files (x86)\MPC-HC\Shaders11\Invert.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:BD08631A39CF054BBD4488D06CB93075
        SHA1:7E2550C2AC040166DD1F919B5A2554B842991D5B
        SHA-256:3D758709F63E8B74601C6C9E622771D50F4D7B679A1806F31F1CF760E5F9E25B
        SHA-512:99AF4C255B2F24FE10934DF2509D4CABDDEB3BD87974F878243D57D49ACEE5FEE5B2000E9AAF893205C3D3F1F4A8A8F0DEEE3F98E45233E104B2943FE73BBF8A
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....Texture2D tex : register(t0);..SamplerState samp : register(s0);....float4 main(float4 pos : SV_POSITION, float2 coord : TEXCOORD) : SV_Target..{...float4 c = float4(1, 1, 1, 1) - tex.Sample(samp, coord);.

        C:\Program Files (x86)\MPC-HC\Shaders11\LCD angle correction.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with very long lines (321), with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:9AA2ED2D0862225AD1AC1A284A24181D
        SHA1:1628797B84719A1DE7F4AA93971CB4801574DAB0
        SHA-256:26FC37649CECF195FB0780DC9B7C9F776AB28F9E0CA2AE072DB5F8D6B80778D9
        SHA-512:4427D603929D1E2F69EB0A2DE05894BD965C201FED2A59E5469F874BD161B34A598373163463BC299C8DEC2E162B53AD91859006CFB77FB75D33F67DB170F030
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2011 Jan-Willem Krans (janwillem32 <at> hotmail.com).. * (C) 2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....// (C) 2011 Jan-Willem Krans (janwillem32 <at> hotmail.com) released under GPL v2; see COPYING.txt....// Brightness, contrast and gamma controls for RGB, linearly scaled from

        C:\Program Files (x86)\MPC-HC\Shaders11\Letterbox.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:A54E939A72B380C76F0B58E6B68004DD
        SHA1:C4A972C0434C82669A7559C0BB87E2CF1B677965
        SHA-256:0DC87AFCD33C5D8C2975208BDF280815E3E7DD951F98F6ACB900C2F9CAD5ECB9
        SHA-512:F9C033473CA23CFAAEE32AE21DA45E45FB5A29B6B8A9B6D8D8D6993C8C1ACBB74008BD848538C0D13C6A544A26CE1E0A0406F9F835C92C7B82B74362792D4DEC
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....Texture2D tex : register(t0);..SamplerState samp : register(s0);....cbuffer PS_CONSTANTS : register(b0)..{...float2 pxy;...float width;...float height;...uint counter;...float clock;..};....float4 mai

        C:\Program Files (x86)\MPC-HC\Shaders11\LumaSharpen.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:85DEB5DADD8DA87D3A68072E78ADB535
        SHA1:21B9F1F6652BF6DF5E08F6AAA10F57146F5C3EF1
        SHA-256:6A934E83C37AAE2E3F4BF2DF7B2A2E8791874090D6170110FF046A7DDE842588
        SHA-512:2EBBE61877AD023605D1CC922F1CD2E22B4A5F23CDBBCBD26DF7682FFE191FC63270C3E3AC490D05FA3D464E3BC330CDA4B025C4B2B74173B9A1293814566162
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0..../* --- Settings --- */....// -- Sharpening --..#define sharp_strength 0.65 //[0.10 to 3.00] Strength of the sharpening..#define sharp_clamp 0.035 //[0.000 to 1.000] Limits maximum amount of sharpening a pixel recieves - Default is 0.035....// -- Advanced sharpening settings --..#define pattern 2 //[1|2|3|4] Choose a sample pattern. 1 = Fast, 2 = Normal, 3 = Wider, 4 = Pyramid shaped...#define offset_bias 1.0 //[0.0 to 6.0] Offset bias adjusts the radius of the sampling pattern... //I designed the pattern for offset_bias 1.0, but feel free to experiment.....// -- Debug sharpening settings --..#define show_sharpen 0 //[0 or 1] Visualize the strength of the sharpen (multiplied by 4 to see it better)......Texture2D tex : register(t0);..SamplerState samp : register(s0);....cbuffer PS_CONSTANTS : register(b0)..{...float px;...float py;...float2 wh;...uint counter;...float clock;..};....../* --- Main code --- */

        C:\Program Files (x86)\MPC-HC\Shaders11\Nightvision.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:39687150CEEEC8829785186830BF86E7
        SHA1:DA55863F4CC4A8D126C0CC1FB7CF05F8578B6F33
        SHA-256:60850D2D2455D2DA0AA9AD35163CE57183238E4693901B4E3A06C347C4E666D5
        SHA-512:F8E9CC229B8B0CEC137D17C00F30DA1B7888B3D744676A0BB91E110F3FAD58F96D79BB74C200C1FAAC5564907BA2B206DE3C8802431E39B38FBAAFAE2419D262
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2007-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....Texture2D tex : register(t0);..SamplerState samp : register(s0);....float4 main(float4 pos : SV_POSITION, float2 coord : TEXCOORD) : SV_Target..{...float c = dot(tex.Sample(samp, coord), float4(0.2, 0.6, 0.1, 0.1));.....return flo

        C:\Program Files (x86)\MPC-HC\Shaders11\Procamp.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:A0783481A2D691E8423151E3E9C755AE
        SHA1:1A0DCE4CC9D593481A6662735778BB41006658B0
        SHA-256:357E6C7C9981F00EBF031D4E7C3E4D427C76734E7641A8039C1FA3B4FE7915A0
        SHA-512:92116A794F790FCD7808B6881708686FC27E7BF13EB3DF8938469964FBA61C68970EC2DC795C719440C69842F6152A4BA5C74B2C23224628285F1BB448C990C1
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....Texture2D tex : register(t0);..SamplerState samp : register(s0);....#define PI acos(-1)....static float4x4 r2y = {... 0.299, 0.587, 0.114, 0.000,...-0.147, -0.289, 0.437, 0.000,... 0.615, -0.515, -0.100

        C:\Program Files (x86)\MPC-HC\Shaders11\Sepia.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:AE8D6416FD71F215AD49C1F9EC3865E3
        SHA1:1671DAEDBE99F5B7E01541261F0DA2F7240034DC
        SHA-256:3E35BD5172A22A9D8C433B8E9FC4B61ACEF9A39E751154D2B4ECA79CB88728C8
        SHA-512:47795AF079F1BDA9C160E3D9ECE5BAD46CBC5EFF825B830F751306960BF0470879B9823D87D342F342A461F1A9395B09056160F3FD194F089162545915D4165D
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0..../* --- Settings --- */....#define ColorTone float3(1.40, 1.10, 0.90) //[0.00 to 2.55, 0.00 to 2.55, 0.00 to 2.55] What color to tint the image..#define GreyPower 0.11 //[0.00 to 1.00] How much desaturate the image before tinting it..#define SepiaPower 0.58 //[0.00 to 1.00] How much to tint the image..../* --- Defining Constants --- */....Texture2D tex : register(t0);..SamplerState samp : register(s0);....cbuffer PS_CONSTANTS : register(b0)..{...float2 pxy;...float width;...float height;...uint counter;...float clock;..};......../* --- Main code --- */..../*------------------------------------------------------------------------------........SEPIA..------------------------------------------------------------------------------*/....float4 SepiaPass( float4 colorInput )..{...float3 sepia = colorInput.rgb;......// calculating amounts of input, grey and sepia colors to blend and combine...float grey = dot(sepi

        C:\Program Files (x86)\MPC-HC\Shaders11\Sharpen complex 2.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:0BECCC2B7BB17B6E67F77E4D804796DD
        SHA1:2452643433CF2C39B441109086B990DAC44F2BFA
        SHA-256:7F7B2B8210DD16FD303E13DC62BAAE88C94CCEEE30FE68C31784CE61985CB0BB
        SHA-512:CD7A72CE472AEBC26B2497445FBD2BF66BC5033A604D2DD8D34FBF4D516DFE10149D723CF229445D299222A7A7D9DE219118C6FE4D46C97600A18A314092A26A
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2009-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....Texture2D tex : register(t0);..SamplerState samp : register(s0);....cbuffer PS_CONSTANTS : register(b0)..{...float px;...float py;...float2 wh;...uint counter;...float clock;..};..../* Parameters */....// for the blur filter.

        C:\Program Files (x86)\MPC-HC\Shaders11\Sharpen complex.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:CF65E913A0B24E2FB2859F745DF0643F
        SHA1:5FE7B3E2F3F27057BAA6F73514648EFC6E6B96AD
        SHA-256:F9BBFDD96FA3A5DB9ACBD8E9BFCFD0D3509E14300F6F147DF873C0B8036F1657
        SHA-512:60636C83A7869EB27B59C691F2BD75E68B13EFB4B4872A91443BCCB88CAF23E2CDC8CF0D328659431BF518D5859EA26406EB2499803694C87D598860515DAE99
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....Texture2D tex : register(t0);..SamplerState samp : register(s0);....cbuffer PS_CONSTANTS : register(b0)..{...float px;...float py;...float2 wh;...uint counter;...float clock;..};....float4 main(float4

        C:\Program Files (x86)\MPC-HC\Shaders11\Sharpen.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:xbm image (x, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:6356BAA391488A257AAE8082053EA001
        SHA1:BAA321B0340F7211BEE7B4C56134FC66019E34BD
        SHA-256:483D71D26683786465AFC741FF65F4EA1B65B58DD165DBDA7B64C09A6FFD84B6
        SHA-512:2CFDE19663CCF6F5A4163E4C70202B57DC4D62C41FEA9FEF228B9E4223EE0D5B9BC17485C76C7F1A957662D0BA3089DC740880948F142BC5DE39690292C51304
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....Texture2D tex : register(t0);..SamplerState samp : register(s0);....cbuffer PS_CONSTANTS : register(b0)..{...float px;...float py;...float2 wh;...uint counter;...float clock;..};....#define val0 (2.0)

        C:\Program Files (x86)\MPC-HC\Shaders11\Threshold.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:FA50C372021768AFC7BF714A92D7E18D
        SHA1:6E60C7EB4DF1EE93B173C77292191AE3D925B618
        SHA-256:F00285862009599845F3ABA4447B166F9905C68C1B602D39FD89E555D255A174
        SHA-512:170B491D66931AB60CFFEDBDAA58549FC00BA460EF9DBC137AC18978861DD228627AE6AC36097661B9AFE80DC81DB00F954F730E4FC91F9F3EE1C5FD848F1647
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0....Texture2D tex : register(t0);..SamplerState samp : register(s0);....#define threshold 0.5....float4 main(float4 pos : SV_POSITION, float2 coord : TEXCOORD) : SV_Target..{...float c0 = dot(tex.Sample(samp, coord), float4(0.2126, 0.7152, 0.0722, 0)); // grayscale.....return c0 < threshold ? 0 : 1;..}..

        C:\Program Files (x86)\MPC-HC\Shaders11\YV12 chroma upsampling.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:E90408343F17FD55B2553AFD684BF3C3
        SHA1:8E7B482CDC997BEFD6FE7F23360048922B0EE3D2
        SHA-256:9C83AFD453E56F55E761B1A5F249982CF6411DFE3CD8188905FCFE2C58F8ECB0
        SHA-512:246E91019744F5282B7A117D72976240178198D9B87615361842C002F94EF19C15EB1D77BDC9AB30159AF76CB489460BD8701CE6E9A456880B5C9C73E2FD0BD7
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2008-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....// YV12 chroma upsampling fixer by Kurt Bernhard 'Leak' Pruenner....// Use with YV12 output if the half-resolution chroma gets upsampled..// in hardware by doubling the values instead of interpolating between them..// (i.e. if you

        C:\Program Files (x86)\MPC-HC\Shaders11\is-00SS8.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):2850
        Entropy (8bit):5.2217152237068305
        Encrypted:false
        SSDEEP:
        MD5:CF65E913A0B24E2FB2859F745DF0643F
        SHA1:5FE7B3E2F3F27057BAA6F73514648EFC6E6B96AD
        SHA-256:F9BBFDD96FA3A5DB9ACBD8E9BFCFD0D3509E14300F6F147DF873C0B8036F1657
        SHA-512:60636C83A7869EB27B59C691F2BD75E68B13EFB4B4872A91443BCCB88CAF23E2CDC8CF0D328659431BF518D5859EA26406EB2499803694C87D598860515DAE99
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....Texture2D tex : register(t0);..SamplerState samp : register(s0);....cbuffer PS_CONSTANTS : register(b0)..{...float px;...float py;...float2 wh;...uint counter;...float clock;..};....float4 main(float4

        C:\Program Files (x86)\MPC-HC\Shaders11\is-18ES8.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):337
        Entropy (8bit):5.2293929092024785
        Encrypted:false
        SSDEEP:
        MD5:FA50C372021768AFC7BF714A92D7E18D
        SHA1:6E60C7EB4DF1EE93B173C77292191AE3D925B618
        SHA-256:F00285862009599845F3ABA4447B166F9905C68C1B602D39FD89E555D255A174
        SHA-512:170B491D66931AB60CFFEDBDAA58549FC00BA460EF9DBC137AC18978861DD228627AE6AC36097661B9AFE80DC81DB00F954F730E4FC91F9F3EE1C5FD848F1647
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0....Texture2D tex : register(t0);..SamplerState samp : register(s0);....#define threshold 0.5....float4 main(float4 pos : SV_POSITION, float2 coord : TEXCOORD) : SV_Target..{...float c0 = dot(tex.Sample(samp, coord), float4(0.2126, 0.7152, 0.0722, 0)); // grayscale.....return c0 < threshold ? 0 : 1;..}..

        C:\Program Files (x86)\MPC-HC\Shaders11\is-1VRBM.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):2242
        Entropy (8bit):5.338005698599505
        Encrypted:false
        SSDEEP:
        MD5:BA1A1BBC29CA4014278B862245713947
        SHA1:7FBBB78EFBED0E55C05C1CB069B7B03B0E80D4C2
        SHA-256:209AEE28BD8F4656D08830979FAA8D3E4BFDDAF142528580AB7789BE3F88AE1B
        SHA-512:60780D4AFC0C9723E18CB5404CFBAB972352EAB2B8ED04E21D2389EB22B7387DD6F4E909550774988149C511A9FA71DAFC50302EB6BBA2073E954867BFEBDE68
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... ..(dx11) Gaussian Blur_pass2 (gBlur7, Vertical Pass) by butterw..Second pass of a 2-pass shader, please ensure the 2 passes use the same parameters. ..As with all blur shaders, use pre-upsuserng for maximum effect ! ..uses a separable Gaussian Kernel, without hw linear samplin

        C:\Program Files (x86)\MPC-HC\Shaders11\is-3TNVB.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1018
        Entropy (8bit):5.195247880810591
        Encrypted:false
        SSDEEP:
        MD5:BD08631A39CF054BBD4488D06CB93075
        SHA1:7E2550C2AC040166DD1F919B5A2554B842991D5B
        SHA-256:3D758709F63E8B74601C6C9E622771D50F4D7B679A1806F31F1CF760E5F9E25B
        SHA-512:99AF4C255B2F24FE10934DF2509D4CABDDEB3BD87974F878243D57D49ACEE5FEE5B2000E9AAF893205C3D3F1F4A8A8F0DEEE3F98E45233E104B2943FE73BBF8A
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....Texture2D tex : register(t0);..SamplerState samp : register(s0);....float4 main(float4 pos : SV_POSITION, float2 coord : TEXCOORD) : SV_Target..{...float4 c = float4(1, 1, 1, 1) - tex.Sample(samp, coord);.

        C:\Program Files (x86)\MPC-HC\Shaders11\is-6JGP3.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1033
        Entropy (8bit):5.233063483252164
        Encrypted:false
        SSDEEP:
        MD5:B145E6D39B62D79FDDAC3EC7A755F586
        SHA1:63948F6E004323BA666B4089D5CED935B7748C6C
        SHA-256:4374B3AB53645C41BA2007FAB5704B7EEDA3A698276037EE544E82AC176F0275
        SHA-512:4C53A437956DF6F1D4818BC536FDF39AB1A63C16ED9F22B31463D1747077B6A08123DD051323A84659F792F8FDDA18735C5B3EC6AF80965ACFD9B28DE366AA3A
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....Texture2D tex : register(t0);..SamplerState samp : register(s0);....float4 main(float4 pos : SV_POSITION, float2 coord : TEXCOORD) : SV_Target..{...float c = dot(tex.Sample(samp, coord), float4(0.299, 0.58

        C:\Program Files (x86)\MPC-HC\Shaders11\is-8DD8O.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):2026
        Entropy (8bit):5.287539846761354
        Encrypted:false
        SSDEEP:
        MD5:1BDF6A05D2F917D3005839A300682FC0
        SHA1:A7D5934F17A2557CDC0C4FB6B45A83CAFA654046
        SHA-256:4244AC08A1495D7F0EB6F7DB39289E4B9CB158FD75CFC3D5DF5D8998A2D95BD3
        SHA-512:7D4105DC51CB92A826991FCCCEAAE0DD5F11BAF907D1B315676D7AF4DAB20A4489E5D256C331CCEB8847915F6079DB152F5272A07481AE2A84714CED338342F1
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2011 Jan-Willem Krans (janwillem32 <at> hotmail.com).. * (C) 2011-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....// Correct video colorspace BT.601 [SD] to BT.709 [HD] for HD video input...// Use this shader only if BT.709 [HD] encoded video is incorrectly matrixed to full range RG

        C:\Program Files (x86)\MPC-HC\Shaders11\is-8LPDR.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1268
        Entropy (8bit):5.239006577971886
        Encrypted:false
        SSDEEP:
        MD5:A54E939A72B380C76F0B58E6B68004DD
        SHA1:C4A972C0434C82669A7559C0BB87E2CF1B677965
        SHA-256:0DC87AFCD33C5D8C2975208BDF280815E3E7DD951F98F6ACB900C2F9CAD5ECB9
        SHA-512:F9C033473CA23CFAAEE32AE21DA45E45FB5A29B6B8A9B6D8D8D6993C8C1ACBB74008BD848538C0D13C6A544A26CE1E0A0406F9F835C92C7B82B74362792D4DEC
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....Texture2D tex : register(t0);..SamplerState samp : register(s0);....cbuffer PS_CONSTANTS : register(b0)..{...float2 pxy;...float width;...float height;...uint counter;...float clock;..};....float4 mai

        C:\Program Files (x86)\MPC-HC\Shaders11\is-93GES.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with very long lines (321), with CRLF line terminators
        Category:dropped
        Size (bytes):3126
        Entropy (8bit):5.107750511176609
        Encrypted:false
        SSDEEP:
        MD5:9AA2ED2D0862225AD1AC1A284A24181D
        SHA1:1628797B84719A1DE7F4AA93971CB4801574DAB0
        SHA-256:26FC37649CECF195FB0780DC9B7C9F776AB28F9E0CA2AE072DB5F8D6B80778D9
        SHA-512:4427D603929D1E2F69EB0A2DE05894BD965C201FED2A59E5469F874BD161B34A598373163463BC299C8DEC2E162B53AD91859006CFB77FB75D33F67DB170F030
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2011 Jan-Willem Krans (janwillem32 <at> hotmail.com).. * (C) 2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....// (C) 2011 Jan-Willem Krans (janwillem32 <at> hotmail.com) released under GPL v2; see COPYING.txt....// Brightness, contrast and gamma controls for RGB, linearly scaled from

        C:\Program Files (x86)\MPC-HC\Shaders11\is-9G34Q.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):2024
        Entropy (8bit):5.2377959574600235
        Encrypted:false
        SSDEEP:
        MD5:A0783481A2D691E8423151E3E9C755AE
        SHA1:1A0DCE4CC9D593481A6662735778BB41006658B0
        SHA-256:357E6C7C9981F00EBF031D4E7C3E4D427C76734E7641A8039C1FA3B4FE7915A0
        SHA-512:92116A794F790FCD7808B6881708686FC27E7BF13EB3DF8938469964FBA61C68970EC2DC795C719440C69842F6152A4BA5C74B2C23224628285F1BB448C990C1
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....Texture2D tex : register(t0);..SamplerState samp : register(s0);....#define PI acos(-1)....static float4x4 r2y = {... 0.299, 0.587, 0.114, 0.000,...-0.147, -0.289, 0.437, 0.000,... 0.615, -0.515, -0.100

        C:\Program Files (x86)\MPC-HC\Shaders11\is-DVJAE.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1435
        Entropy (8bit):5.034877999140006
        Encrypted:false
        SSDEEP:
        MD5:AE8D6416FD71F215AD49C1F9EC3865E3
        SHA1:1671DAEDBE99F5B7E01541261F0DA2F7240034DC
        SHA-256:3E35BD5172A22A9D8C433B8E9FC4B61ACEF9A39E751154D2B4ECA79CB88728C8
        SHA-512:47795AF079F1BDA9C160E3D9ECE5BAD46CBC5EFF825B830F751306960BF0470879B9823D87D342F342A461F1A9395B09056160F3FD194F089162545915D4165D
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0..../* --- Settings --- */....#define ColorTone float3(1.40, 1.10, 0.90) //[0.00 to 2.55, 0.00 to 2.55, 0.00 to 2.55] What color to tint the image..#define GreyPower 0.11 //[0.00 to 1.00] How much desaturate the image before tinting it..#define SepiaPower 0.58 //[0.00 to 1.00] How much to tint the image..../* --- Defining Constants --- */....Texture2D tex : register(t0);..SamplerState samp : register(s0);....cbuffer PS_CONSTANTS : register(b0)..{...float2 pxy;...float width;...float height;...uint counter;...float clock;..};......../* --- Main code --- */..../*------------------------------------------------------------------------------........SEPIA..------------------------------------------------------------------------------*/....float4 SepiaPass( float4 colorInput )..{...float3 sepia = colorInput.rgb;......// calculating amounts of input, grey and sepia colors to blend and combine...float grey = dot(sepi

        C:\Program Files (x86)\MPC-HC\Shaders11\is-EDB84.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1989
        Entropy (8bit):5.26287252162633
        Encrypted:false
        SSDEEP:
        MD5:09C21BD4AA6D1FA5963F442C107ABD58
        SHA1:5C898BD95F8582AE9FBFAE3400C2B053E471D243
        SHA-256:1A6FEB86E089EA642E4D1FEEB78FA522B7FEDF4C7BAE064F55E5B27C6C742BDD
        SHA-512:D36A647DE9CA4DC6515F0046DC9BB6C7562ED7A86A961B5578EB5E026511113E87D904B89EC1DC4FD420D3736DD042D680A5445BAC0A6389632259183A5D6C96
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....Texture2D tex : register(t0);..SamplerState samp : register(s0);....cbuffer PS_CONSTANTS : register(b0)..{...float px;...float py;...float2 wh;...uint counter;...float clock;..};....float4 main(float4

        C:\Program Files (x86)\MPC-HC\Shaders11\is-GRNFO.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1087
        Entropy (8bit):5.224872467088878
        Encrypted:false
        SSDEEP:
        MD5:D98157C3E896265BB340AE6589AE15AB
        SHA1:32F0FF491BE88ABE1367056B8B51F699CCA0F291
        SHA-256:63E930BA9E304D8D915066F48DD10AAB88934EC69E90497F2DD80AB0E249E48A
        SHA-512:C9ACC8722BE8D329F567DEC672453CB6ADB8D2D3C3517261905311CF7BD4BD1A7739790CBFC4634CF04A5481D77901EA6E74B0EC36B72D170C20ECB508546ECE
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2007-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */.. ..Texture2D tex : register(t0);..SamplerState samp : register(s0);....#define const_1 ( 16.0 / 255.0)..#define const_2 (255.0 / 219.0)....float4 main(float4 pos : SV_POSITION, float2 coord : TEXCOORD) : SV_Target..{...// original p

        C:\Program Files (x86)\MPC-HC\Shaders11\is-K1LCT.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):2628
        Entropy (8bit):5.299687457030167
        Encrypted:false
        SSDEEP:
        MD5:E90408343F17FD55B2553AFD684BF3C3
        SHA1:8E7B482CDC997BEFD6FE7F23360048922B0EE3D2
        SHA-256:9C83AFD453E56F55E761B1A5F249982CF6411DFE3CD8188905FCFE2C58F8ECB0
        SHA-512:246E91019744F5282B7A117D72976240178198D9B87615361842C002F94EF19C15EB1D77BDC9AB30159AF76CB489460BD8701CE6E9A456880B5C9C73E2FD0BD7
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2008-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....// YV12 chroma upsampling fixer by Kurt Bernhard 'Leak' Pruenner....// Use with YV12 output if the half-resolution chroma gets upsampled..// in hardware by doubling the values instead of interpolating between them..// (i.e. if you

        C:\Program Files (x86)\MPC-HC\Shaders11\is-M1H5R.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):2627
        Entropy (8bit):5.246014526364438
        Encrypted:false
        SSDEEP:
        MD5:E01D0EFB46B67FD9E8A895D16B578385
        SHA1:F54C771A9AC1E4B60D4E3DDFBCFEB6C194DA407B
        SHA-256:7DAD54FFB6D1F092FBD3CC1B4AF03A77C3490775D3604B73DDC99EB995C825CE
        SHA-512:16CA5299575104102A113E894C3DA260D7E61BD0A7BD96435DDD48FE14945D84655D8ADF583AF40531D15A9128B0261653284DF82EE61847B45CDDA7C5011460
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */.. ..Texture2D tex : register(t0);..SamplerState samp : register(s0);....cbuffer PS_CONSTANTS : register(b0)..{...float2 pxy;...float width;...float height;...uint counter;...float clock;..};....#define N

        C:\Program Files (x86)\MPC-HC\Shaders11\is-M65BF.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1345
        Entropy (8bit):5.241539852529995
        Encrypted:false
        SSDEEP:
        MD5:A41A748492604C35BC0EEAD2B270EF77
        SHA1:F25865D68A95B618B4B86EF00CA1DFF3C120A14A
        SHA-256:4087B92BBFDC29FBD079EC4E62E98E864FB461C74F4E8F87E49E130D5F07DF5F
        SHA-512:59C6F324C746D2B99DC77258B6036E23A07E75F131C327F45F08F06164B293D69E84DEF15277C70EB5DFAA9F081B3BD58CF3850E2125BABD83A75EF767FF4817
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2009-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....// Run this shader before suserng.....Texture2D tex : register(t0);..SamplerState samp : register(s0);....cbuffer PS_CONSTANTS : register(b0)..{...float2 pxy;...float width;...float height;...uint counter;...float clock;..};.

        C:\Program Files (x86)\MPC-HC\Shaders11\is-MLMUR.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):10994
        Entropy (8bit):4.929910627789649
        Encrypted:false
        SSDEEP:
        MD5:85DEB5DADD8DA87D3A68072E78ADB535
        SHA1:21B9F1F6652BF6DF5E08F6AAA10F57146F5C3EF1
        SHA-256:6A934E83C37AAE2E3F4BF2DF7B2A2E8791874090D6170110FF046A7DDE842588
        SHA-512:2EBBE61877AD023605D1CC922F1CD2E22B4A5F23CDBBCBD26DF7682FFE191FC63270C3E3AC490D05FA3D464E3BC330CDA4B025C4B2B74173B9A1293814566162
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0..../* --- Settings --- */....// -- Sharpening --..#define sharp_strength 0.65 //[0.10 to 3.00] Strength of the sharpening..#define sharp_clamp 0.035 //[0.000 to 1.000] Limits maximum amount of sharpening a pixel recieves - Default is 0.035....// -- Advanced sharpening settings --..#define pattern 2 //[1|2|3|4] Choose a sample pattern. 1 = Fast, 2 = Normal, 3 = Wider, 4 = Pyramid shaped...#define offset_bias 1.0 //[0.0 to 6.0] Offset bias adjusts the radius of the sampling pattern... //I designed the pattern for offset_bias 1.0, but feel free to experiment.....// -- Debug sharpening settings --..#define show_sharpen 0 //[0 or 1] Visualize the strength of the sharpen (multiplied by 4 to see it better)......Texture2D tex : register(t0);..SamplerState samp : register(s0);....cbuffer PS_CONSTANTS : register(b0)..{...float px;...float py;...float2 wh;...uint counter;...float clock;..};....../* --- Main code --- */

        C:\Program Files (x86)\MPC-HC\Shaders11\is-OA634.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1021
        Entropy (8bit):5.199420241354347
        Encrypted:false
        SSDEEP:
        MD5:39687150CEEEC8829785186830BF86E7
        SHA1:DA55863F4CC4A8D126C0CC1FB7CF05F8578B6F33
        SHA-256:60850D2D2455D2DA0AA9AD35163CE57183238E4693901B4E3A06C347C4E666D5
        SHA-512:F8E9CC229B8B0CEC137D17C00F30DA1B7888B3D744676A0BB91E110F3FAD58F96D79BB74C200C1FAAC5564907BA2B206DE3C8802431E39B38FBAAFAE2419D262
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2007-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....Texture2D tex : register(t0);..SamplerState samp : register(s0);....float4 main(float4 pos : SV_POSITION, float2 coord : TEXCOORD) : SV_Target..{...float c = dot(tex.Sample(samp, coord), float4(0.2, 0.6, 0.1, 0.1));.....return flo

        C:\Program Files (x86)\MPC-HC\Shaders11\is-Q1P7C.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ISO-8859 text, with CRLF line terminators
        Category:dropped
        Size (bytes):10238
        Entropy (8bit):5.209802846292347
        Encrypted:false
        SSDEEP:
        MD5:AF24207C4F6B99002CA909EF3E2D640A
        SHA1:89DE07E608D383830DFA9370019DF4B537B84C13
        SHA-256:0EB43204BD84B763756E0FA2378D685B91346064BF7AF0C9FAE941D8EABE5BDB
        SHA-512:D1DA90F3C94D01E0DB94292FAEA722BBFE556108D2AD701B778FC126E548D999FBE8A1CD01C9012A6DB378E67319FC955F5026A74CDCB3FDCEAD3D9AD7EC3F12
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0....// Copyright (c) 2015, bacondither..// All rights reserved...//..// Redistribution and use in source and binary forms, with or without..// modification, are permitted provided that the following conditions..// are met:..// 1. Redistributions of source code must retain the above copyright..// notice, this list of conditions and the following disclaimer..// in this position and unchanged...// 2. Redistributions in binary form must reproduce the above copyright..// notice, this list of conditions and the following disclaimer in the..// documentation and/or other materials provided with the distribution...//..// THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR..// IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES..// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED...// IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,..// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONS

        C:\Program Files (x86)\MPC-HC\Shaders11\is-QA77R.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):2397
        Entropy (8bit):5.319778603458883
        Encrypted:false
        SSDEEP:
        MD5:BFF5BD02C2A7319A7D8B55D54EF3D678
        SHA1:8C59F3D8097BE9DB4CBC01ECA5D3BE62870C2D25
        SHA-256:DCC1EBEA51CF5ECA71ABE08BEA4E197E08E7F58696533A54B9AED3F3910520C9
        SHA-512:F763AC6C1B50B429F1AFEFC0DF8D414F3507AC50E01DD025DC962F4E255997EBAF61DCBCB542A9FE05D2F5600DAE4FDDC100C205FD4A167F822D25120F37A840
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>.....(dx11) Gaussian Blur_pass1: (gBlur7, Horizontal pass) by butterw..First pass of 2-pass shader. As with all blur shaders, use pre-upsuserng for maximum effect ! ..uses a separable Gaussian Kernel, without hw linear sampling optimization. ..Perf per pass: (7 texture, 11 arithme

        C:\Program Files (x86)\MPC-HC\Shaders11\is-SNQ0F.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1085
        Entropy (8bit):5.223383334214005
        Encrypted:false
        SSDEEP:
        MD5:8AF52DC70F493BF4B44E6BBC83EC068E
        SHA1:4ED0FFB66375F1EB5E98C646C71A359D405D083D
        SHA-256:9C28C3DA364ADFEF7FFBD634C90707203B44324C6FE2018D79036E724A296C83
        SHA-512:0B6C45E139CEF1E5A0D969427E1820B35BE2A90FB625EEC351D5F1A96F8865B1FC6ADD594CA09B09314BB0EC455A3AE0484D613757834677B1A2B71F4779F4A8
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2009-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */.. ..Texture2D tex : register(t0);..SamplerState samp : register(s0);....#define const_1 ( 16.0 / 255.0)..#define const_2 (219.0 / 255.0)....float4 main(float4 pos : SV_POSITION, float2 coord : TEXCOORD) : SV_Target..{...// original p

        C:\Program Files (x86)\MPC-HC\Shaders11\is-STI7V.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1319
        Entropy (8bit):5.226632803963064
        Encrypted:false
        SSDEEP:
        MD5:2F5F9CE9F462DF9CF3CB25254EBAD4F2
        SHA1:E03361D9F4320938B423FFE39160A23A3F93386A
        SHA-256:052785472D9DF9895600EF044BD63358C5654D66D202AD36DABACD10EC6C5B24
        SHA-512:FD7BC0C28C3B332523D6FEA1D542FB35897BA1EBFF675F4CCE989F9DFE630D2E2EE23BC55A41D1B0087C9DC9445D1FCE8D22DE2B9EFBC44D42EE344CF2C8ED8A
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....// Run this shader before suserng.....Texture2D tex : register(t0);..SamplerState samp : register(s0);....cbuffer PS_CONSTANTS : register(b0)..{...float px;...float py;...float width;...float height;..

        C:\Program Files (x86)\MPC-HC\Shaders11\is-TC6OS.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):3436
        Entropy (8bit):5.213334445417465
        Encrypted:false
        SSDEEP:
        MD5:0BECCC2B7BB17B6E67F77E4D804796DD
        SHA1:2452643433CF2C39B441109086B990DAC44F2BFA
        SHA-256:7F7B2B8210DD16FD303E13DC62BAAE88C94CCEEE30FE68C31784CE61985CB0BB
        SHA-512:CD7A72CE472AEBC26B2497445FBD2BF66BC5033A604D2DD8D34FBF4D516DFE10149D723CF229445D299222A7A7D9DE219118C6FE4D46C97600A18A314092A26A
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2009-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....Texture2D tex : register(t0);..SamplerState samp : register(s0);....cbuffer PS_CONSTANTS : register(b0)..{...float px;...float py;...float2 wh;...uint counter;...float clock;..};..../* Parameters */....// for the blur filter.

        C:\Program Files (x86)\MPC-HC\Shaders11\is-TNRLC.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:xbm image (x, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1846
        Entropy (8bit):5.260438624163199
        Encrypted:false
        SSDEEP:
        MD5:6356BAA391488A257AAE8082053EA001
        SHA1:BAA321B0340F7211BEE7B4C56134FC66019E34BD
        SHA-256:483D71D26683786465AFC741FF65F4EA1B65B58DD165DBDA7B64C09A6FFD84B6
        SHA-512:2CFDE19663CCF6F5A4163E4C70202B57DC4D62C41FEA9FEF228B9E4223EE0D5B9BC17485C76C7F1A957662D0BA3089DC740880948F142BC5DE39690292C51304
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....Texture2D tex : register(t0);..SamplerState samp : register(s0);....cbuffer PS_CONSTANTS : register(b0)..{...float px;...float py;...float2 wh;...uint counter;...float clock;..};....#define val0 (2.0)

        C:\Program Files (x86)\MPC-HC\Shaders11\is-VSMT7.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1901
        Entropy (8bit):5.288950823002461
        Encrypted:false
        SSDEEP:
        MD5:74A49AF5322C22F9EA2149EB15B2FF33
        SHA1:DA2E3A26B46FDC335F90C35E5D196C8FF1E96159
        SHA-256:6711B3A74FD250DE4B0BF5C3953EEB73CE6786926930199EBF5538F2206A8E8A
        SHA-512:EB8BAE6DE30D0DC23DEB3F210CE3512C6C04D91F2DD0A1ACACBC587237C88ECC11AAE15E08568B4BE1DC431D7F37F66CB13D9BA4AA48C3D37FD99132B7CB2992
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_4_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....Texture2D tex : register(t0);..SamplerState samp : register(s0);....cbuffer PS_CONSTANTS : register(b0)..{...float px;...float py;...float2 wh;...uint counter;...float clock;..};....#define val0 (1.0)

        C:\Program Files (x86)\MPC-HC\Shaders\0-255 to 16-235.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:1C33CB0F71881AF2598A4EF37054AB94
        SHA1:81B6907EF8A73E251B4D2C1B3F7AFF971F104E64
        SHA-256:70570553EFC5DF5E77A00A025CA682B54DFBF0C0A912B5AE86103D7E6DED4552
        SHA-512:A3BB6B38D1D963DBC761BED1C82BF1CFCA1141707A73B3DC4AD9D330A84C34F890484B570123B60005C461AB1BCC98D3803F4122034143105E340717E0874746
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0..../*.. * (C) 2009-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);....#define const_1 ( 16.0 / 255.0)..#define const_2 (219.0 / 255.0)....float4 main(float2 tex : TEXCOORD0) : COLOR..{...// original pixel...float4 c0 = tex2D(s0, tex);.....return (c0 * const_2) + const

        C:\Program Files (x86)\MPC-HC\Shaders\16-235 to 0-255 [SD].hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:9F3E3ECCACA6E2735D63DAB0C6B6B02D
        SHA1:5D74F729C647E3F7D0A4D92AD1ABCEA3AC83A9E3
        SHA-256:5F2CA6E0BF252222D1DB78DFD4237717786C02DF028364CA0699532E7BC7E802
        SHA-512:F72B211F0D0FC3BEEE8871AA8760989A9C9F41B253816F453C90DD78F980677C7284483238083240EE58E5B1DA52FDD808C4C76313BC9E3557932F67395B3379
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0..../*.. * (C) 2009-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);..float4 p0 : register(c0);....#define width (p0[0])..#define height (p0[1])....#define const_1 ( 16.0 / 255.0)..#define const_2 (255.0 / 219.0)....float4 main(float2 tex : TEXCOORD0) : COLOR..{...//

        C:\Program Files (x86)\MPC-HC\Shaders\16-235 to 0-255.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:9CA38B1E5EAD5C023C1A16173C580FB7
        SHA1:707027ABEEE3D1AF5CC41C757E5A1CE72CB89BED
        SHA-256:C825494358D0A8623C7C3987228D3B137F863BBC7C5F5C1BF77242AE2593331F
        SHA-512:A655FF421175E82F0F3E7BD0ECDBBCC020956BC99E76B42DADB969308829EF46F27D306C7BDDA72F1915E2D5C73FF00470C855612C25211E838A437975277000
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0..../*.. * (C) 2007-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);....#define const_1 ( 16.0 / 255.0)..#define const_2 (255.0 / 219.0)....float4 main(float2 tex : TEXCOORD0) : COLOR..{...// original pixel...float4 c0 = tex2D(s0, tex);.....return ((c0 - const_1) * cons

        C:\Program Files (x86)\MPC-HC\Shaders\Adaptive sharpen.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ISO-8859 text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:757D11F335CE97B0D86555BE2DE490B6
        SHA1:942A7AC748FC97D27C8E4382D43D09EB303D3428
        SHA-256:1FEFE4F757AAFEE89778612431AD24BC28672AED39BFA3B16DB53EAA7AC5BE12
        SHA-512:B0A418E6B087F15E0C325EE9A3177DC5FE7833BD3D214AC2624F4AC01085E16B511DBA5D69BA82D7F28673E4B6314AE5B078A256235BF60F1FA591DC0BBE767E
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_3_0....// Copyright (c) 2015, bacondither..// All rights reserved...//..// Redistribution and use in source and binary forms, with or without..// modification, are permitted provided that the following conditions..// are met:..// 1. Redistributions of source code must retain the above copyright..// notice, this list of conditions and the following disclaimer..// in this position and unchanged...// 2. Redistributions in binary form must reproduce the above copyright..// notice, this list of conditions and the following disclaimer in the..// documentation and/or other materials provided with the distribution...//..// THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR..// IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES..// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED...// IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,..// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONS

        C:\Program Files (x86)\MPC-HC\Shaders\BT.601 to BT.709 [HD].hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:3EB08137F3C6F5F5935D2B0FDD309984
        SHA1:87383DA2C710E8FBE23D1581793C7A3AE195F3AF
        SHA-256:F8C4CEB7775E0C173E7BB220ABD7DCEF418A6771B91EDF09486A9CAB5FE4548E
        SHA-512:263597637456A8291BEB50E661312DEC8674580C8AE79F942BC783E6C230BBAD0BDC5A8E7397047C13F4FA692819C0D74BCCCEF9DE9609134DA9265814B8EFBE
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2011 Jan-Willem Krans (janwillem32 <at> hotmail.com).. * (C) 2011-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....// Correct video colorspace BT.601 [SD] to BT.709 [HD] for HD video input..// Use this shader only if BT.709 [HD] encoded video is incorrectly matrixed to full range RGB

        C:\Program Files (x86)\MPC-HC\Shaders\Deinterlace (blend).hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:4CE75AC407559BB3BB19976992BC32C4
        SHA1:D6F8BCE449101C72CDF1F8ECA040A854F4095BA8
        SHA-256:02420EB8301F258D8002919248D8269E09958790F9DC5AD0D3B67E0FAB05E9D0
        SHA-512:29E9079FDF8D7974482E3C16F246D9CFE9787372811CA0A14BCDA5E732C3629BE25875945C61429B79CA2908D9E60B825A3973B139C3CF3E1E2D05647EBDBE04
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....// Run this shader before suserng.....sampler s0 : register(s0);..float4 p0 : register(c0);....#define height (p0[1])....float4 main(float2 tex : TEXCOORD0) : COLOR..{...float4 c0 = tex2D(s0, tex);.....fl

        C:\Program Files (x86)\MPC-HC\Shaders\Denoise.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:548C8A3F8A1A0DCBD7C3E99F415A0974
        SHA1:0E51ABAC5C8DF9A554E1485798B09B8DD83DB420
        SHA-256:D3B6769B1625023EC715C0AF03C0BF8B0CCA459C2DE71A9A72EF2A8CE5C8313E
        SHA-512:5D7B6D51118217F51666331D4B23440A1D1002C8F82E44B4D7CE282C6FB1167F026B9A76BCD7236072D75CAE026724D01BD57FD5A2F52F2F4F1989D710A6380B
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_3_0../*.. * (C) 2008-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....// Fail early with ps_2_0 and ps_2_b shader profiles..#ifdef MPC_HC_SHADER_PROFILE..#.if MPC_HC_SHADER_PROFILE < 2..#..error Usupported shader profile..#.endif..#endif....sampler s0 : register(s0);..float4 p0 : register(c0);....#

        C:\Program Files (x86)\MPC-HC\Shaders\Edge sharpen.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:A747C1123BB4A3977A39CB9FB245ADA4
        SHA1:43740CE631FBD6547BFF8076F6B2C79698211722
        SHA-256:8AB6EF98EAC9C232F3DBC8F7CB5A94EF4DCC65905628A25F13C6C2C4BB9A7CB6
        SHA-512:787967C9FAA65271FB929F19A87043FDE73510E03A5DE4644AAC2FF7A6EEF2225FD1782C59B2298A3B0E2EFE419C227B18C7EEE999BC8C419F73F72377876377
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);..float4 p0 : register(c0);....#define width (p0[0])..#define height (p0[1])....#define NbPixel 1..#define Edge_threshold 0.2..#define Sharpen_val0 2.0..#define Sharpen_

        C:\Program Files (x86)\MPC-HC\Shaders\Gaussian Blur 3x3.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:66E1FED0FD0F3B8BBFA9B297D2749551
        SHA1:B5AF1AF318A78D71B5ABA8222BC769A51F9C2526
        SHA-256:57D465263399BD4D15C3698D7FC660ED5684B7449405970B2064C9C8EEA24DE6
        SHA-512:3581CA57254258D6CFAEC463D47F39F3C6D18E94515D910611724A2E056D5AF63F4AACDA932E8661A749E8F887BB0CEB4AAC3AA5DDB5733FDF07224B75843A34
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);..float4 p1 : register(c1);....#define dx (p1[0])..#define dy (p1[1])....float4 main(float2 tex : TEXCOORD0) : COLOR..{...// Pixels definition: original, blurred...float4 orig;..

        C:\Program Files (x86)\MPC-HC\Shaders\Gaussian Blur_pass1.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:FE70F2850A6FA76D29DD2F08B31468E6
        SHA1:C922B9D7177982AF889305138AA74235C029498F
        SHA-256:84FAD05C774D9035B9D7FBCBCA376FD0F711F143B6C5A33F35E220C79C42D4AC
        SHA-512:1C711347EB3418321A70E70720C50B4CBF820BD6AA8B07C5DEBF76FA98BA40F8CDFE1CBEE4A6AACD266D681BA7E248D96FEFCF4A6E287A813A7EAD9C19F2E1DB
        Malicious:false
        Reputation:unknown
        Preview:#define Mode 1..../* blurGauss_pass1: Gaussian blur X (horiz. pass)..by butterw, License: GPL v3....First pass of 2-pass shader. As with all blur shaders, use pre-upsuserng for maximum effect. ..blurGauss_pass1 (horiz. pass) >> blurGauss_pass2 (vert. pass)..Mode=1 uses a separable Gaussian Kernel, without hw linear sampling optimization ..default Kernel 7-tap Gaussian, sigma=1.5. A different sigma/Kernel K can be selected in the code. ......tested in mpc-hc v1.9.8.38 ..- hw linear sampling (modes 2, 3, 4) doesn't work as expected (uses nearest neighbor sampling instead) !!!..- loading _pass1.hlsl now automatically loads _pass2.hlsl.....you can run the the 2-pass shader multiple times to achieve a stronger blur (ex: 3 times)..1=Blur Gaussian (3x)..PreResize1=.\blurGauss_pass1.hlsl;.\blurGauss_pass1.hlsl;.\blurGauss_pass1.hlsl....Separable Gaussian Kernel with linear sampling (9-tap filter approx.) ..http://rastergrid.com/blog/2010/09/efficient-gaussian-blur-with-linear-sampling/....*/

        C:\Program Files (x86)\MPC-HC\Shaders\Gaussian Blur_pass2.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:C4645BB688D84F5828C5F6D4B41C0641
        SHA1:69FFB53E88DEFC99096347D0239C0D109F8508D4
        SHA-256:04DAECB58ADE90378D8F778486E324C61E5563DF75BFA2B8C65FFA0E15B67C60
        SHA-512:C58CA8AACEC14DB20545DDB7695DA5BD85EF800B3F9E67275D18593353F6B41628C31C4708778B38D7178F2F51FFEA1E57097FEC11A93A56C97E3FB5784CD64A
        Malicious:false
        Reputation:unknown
        Preview:#define Mode 1..../* blurGauss_pass2: Gaussian blur (Vertical Pass)..Second pass of 2-pass shader, please ensure the 2 passes use the same parameters/Mode. ....by butterw, License: GPL v3..*/....sampler s0: register(s0);..float2 p1: register(c1);....#if Mode==1 //gBlur7, http://dev.theomader.com/gaussian-kernel-calculator/....//#define K.float4(0.324225, 0.233638, 0.087348, 0.016901) //sigma=1.2...#define K.float4(0.266346, 0.215007, 0.113085, 0.038735) //sigma=1.5 (default) ...//#define K.float4(0.230781, 0.198557, 0.126451, 0.059602) //sigma=1.8..#elif Mode==2...#define Offsets float2(0.0, 4/3.) //(3 texture, 6 arithmetic)...#define K ..float2(0.29411764705882354, 0.35294117647058826)..#elif Mode==3....#define Offsets float3(0.0, 1.3846153846, 3.2307692308)...#define K..float3(0.2270270270, 0.3162162162, 0.0702702703)..#elif Mode==4...#define Offsets float4(0.0, 1.411764705882353, 3.2941176470588234, 5.176470588235294)...#define K..float4(0.1964825501511404, 0.2969069646728344, 0.09

        C:\Program Files (x86)\MPC-HC\Shaders\Grayscale.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:619F86335A66BB49BD12BBFC5545BBC7
        SHA1:7DD48C7A55DBCB064167BF819B5A52BB2891355D
        SHA-256:00D900E21419017232B8455D91BD5BDCF5C391B5ECB1E8AD9A27EA8D4D9E2550
        SHA-512:4E0DC1712A78538428930854366B5A0B16156965D9C283A6A1EC498E4791F3DBDBA7C88F89A5C8790934C7647A15B6A33030021B66A89E3E2CAEDFCC9A415476
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);....float4 main(float2 tex : TEXCOORD0) : COLOR..{...float c0 = dot(tex2D(s0, tex), float4(0.299, 0.587, 0.114, 0));.....return c0;..}..

        C:\Program Files (x86)\MPC-HC\Shaders\Invert.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:E05AC0DC1B62E7FD2BD1EE4A303215D3
        SHA1:936421107F1B0021F189BD74160BB8DC021A594F
        SHA-256:FDCF3ED4202C6AE471290073C8959EE9CE06E2696D2F89AEC980E62DAA8EB786
        SHA-512:B9E675B43463C555EAC594C35DC015B3B9E6B4A360658566A0322E976C03BF74ADBF18F5CFCB409AD7D350E5D47C4DC239A3739ABA9D6BFFBDFE986990C79FEE
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);....float4 main(float2 tex : TEXCOORD0) : COLOR..{...float4 c0 = float4(1, 1, 1, 1) - tex2D(s0, tex);.....return c0;..}..

        C:\Program Files (x86)\MPC-HC\Shaders\LCD angle correction.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with very long lines (313), with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:193A295E7BD2C09F5105DDD1BB8FF391
        SHA1:852175B2FB307233B9B5D4A226E83FB0B9980C49
        SHA-256:919BB772F33FCD55B3D839D0919A2DB239EEB9507749DFD2DF7BDE2DAE604A26
        SHA-512:17AA192AABB9F8785852EEEBA0C3F8477F711C1E3563BE5AF23A9DC49BECCBFB568B1EA2B973FA224B265CF7AE19AA3BF3BB576564C9D869D569CCD0A78AC01A
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2011 Jan-Willem Krans (janwillem32 <at> hotmail.com).. * (C) 2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....// Brightness, contrast and gamma controls for RGB, linearly scaled from top to bottom...// This shader can be run as a screen space pixel shader. It requires compiling with

        C:\Program Files (x86)\MPC-HC\Shaders\Letterbox.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:69A18104F8FF07E207C1D122DA5FFC8B
        SHA1:9A69F576121F26D4276A506A237CBE4AB6931BF1
        SHA-256:C5C61B94CFB35369B22C7FE6E0CB0BFA56A1AD6229F8DA15D0254678F540FD69
        SHA-512:DD3B61E16175FD92AB61C77C2029D0739064ADECADB32855BCE35B531EF990325A9F19AE0676512F39593CF667515EC63CD6667BF8E74D36C59BD08B08DA5D67
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);..float4 p0 : register(c0);....#define width (p0[0])..#define height (p0[1])....float4 main(float2 tex : TEXCOORD0) : COLOR..{...float4 c0 = 0;.....float2 ar = float2(16, 9);...

        C:\Program Files (x86)\MPC-HC\Shaders\LumaSharpen.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:xbm image (x, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:832450439A9E637D667E9526A0FCADAD
        SHA1:42387FFE41FEAF3F5C4880C146360AD8A3986C5B
        SHA-256:DF10D44A1E65921A5361680B6076AFD76E48C2ACEA8E769B2F63924AB2873B4F
        SHA-512:41CEE2F88A1E6471E57395644D6C3DDCF0B2123027905C5574816A1FB11F0381C8F80057705947CFD8F54AE4D7733E193216C875478EF796116287362811ED6B
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../* --- Settings --- */....// -- Sharpening --..#define sharp_strength 0.65 //[0.10 to 3.00] Strength of the sharpening..#define sharp_clamp 0.035 //[0.000 to 1.000] Limits maximum amount of sharpening a pixel recieves - Default is 0.035....// -- Advanced sharpening settings --..#define pattern 2 //[1|2|3|4] Choose a sample pattern. 1 = Fast, 2 = Normal, 3 = Wider, 4 = Pyramid shaped...#define offset_bias 1.0 //[0.0 to 6.0] Offset bias adjusts the radius of the sampling pattern... //I designed the pattern for offset_bias 1.0, but feel free to experiment.....// -- Debug sharpening settings --..#define show_sharpen 0 //[0 or 1] Visualize the strength of the sharpen (multiplied by 4 to see it better)....../* --- Defining Constants --- */..#define myTex2D(s,p) tex2D(s,p)....#ifndef s0.. sampler s0 : register(s0);.. #define s1 s0..//sampler s1 : register(s1);.... float4 p0 : register(c0);.. float4 p1 : register(c1

        C:\Program Files (x86)\MPC-HC\Shaders\Nightvision.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:456E9A1307BB3078A349BA6FA9C6F706
        SHA1:85FD34363275E3A8B82C9BD4C61EF6FB4E02D829
        SHA-256:FD6AEC3E1FD0567132909BB4BB936C76369AF5BB1B7D3D10679F317EBFF1587B
        SHA-512:0934BFC92ECF65789A734743D259EEDE138907D3B0D522C5C6A61732AB17E4FE4E16612CAE25C7FCE3D34DFB966C36142CCC78A690EB95B5F1AF3A715593940C
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2007-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);....float4 main(float2 tex : TEXCOORD0) : COLOR..{...float c = dot(tex2D(s0, tex), float4(0.2, 0.6, 0.1, 0.1));...return float4(0, c, 0, 0);..}..

        C:\Program Files (x86)\MPC-HC\Shaders\Procamp.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:xbm image (x, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:0F4E1EE69B4FEC07EE1108D74EF24F1A
        SHA1:44F1E5DA02AAD43D81FEC3B816A1879F8DAD1387
        SHA-256:3BE6640324BA202C5C1EF649E57DAE5313A9D774785E53C6B3BFF365A261C19D
        SHA-512:1CA19EA64FEED660C342FADA51623A7B82A10E95BDB74C963A03D2FE5CDF4A51BFA344200EC1BB14379AEB862E38F12C1CFA838108676297AFDAA6BA4EE2EA6C
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);..float4 p0 : register(c0);..float4 p1 : register(c1);....#define width (p0[0])..#define height (p0[1])..#define counter (p0[2])..#define clock (p0[3])..#define one_over_wi

        C:\Program Files (x86)\MPC-HC\Shaders\Sepia.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:xbm image (x, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:725567E95D53D984A8DDD43896806DEA
        SHA1:2639FF23F1C9CCAA67D0F6C27C90D83946C229DA
        SHA-256:F9D2FD790B576B130641F41195E7DC7FCC3E71D13459BC3946861E395C6003D3
        SHA-512:B4D0E477992996C166A30C4FE438E8CA7CFC86EB1CD242B1CF51212DA991859A21505500206280CEB0A3476967C192FF8112E6106B1D94DC33D3CA1B724F3C88
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../* --- Settings --- */....#define ColorTone float3(1.40, 1.10, 0.90) //[0.00 to 2.55, 0.00 to 2.55, 0.00 to 2.55] What color to tint the image..#define GreyPower 0.11 //[0.00 to 1.00] How much desaturate the image before tinting it..#define SepiaPower 0.58 //[0.00 to 1.00] How much to tint the image..../* --- Defining Constants --- */..#define myTex2D(s,p) tex2D(s,p)....#ifndef s0.. sampler s0 : register(s0);.. #define s1 s0..//sampler s1 : register(s1);.... float4 p0 : register(c0);.. float4 p1 : register(c1);....// #define width (p0[0])..// #define height (p0[1])..// #define counter (p0[2])..// #define clock (p0[3])..// #define px (p1[0]) //one_over_width ..// #define py (p1[1]) //one_over_height.... #define px (p1.x) //one_over_width .. #define py (p1.y) //one_over_height.. .. #define screen_size float2(p0.x,p0.y).... #define pixel float2(px,py)....//#define pxy float2(p1.xy)....//#define PI aco

        C:\Program Files (x86)\MPC-HC\Shaders\Sharpen complex 2.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:0ECF98DD2FFA9FA4EEBD52D10DF06783
        SHA1:7C6A0BB21F3A278077E73AF8792C8D5FFB99E533
        SHA-256:73B37243E8AF11730921C2AF5A1B325B22C9F867D82883A96CF8A4BDC20BF576
        SHA-512:482D21F03F7066D55D24B311753835840302E5E932F8544868CD1F16CDD908BA5BB03C062E81DF80A8F788A507EDB7821E2017612ADF6E777C96B09E1AC5EAA0
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_a../*.. * (C) 2009-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */..../* Sharpen complex v2 (requires ps >= 2a) */....sampler s0 : register(s0);..float4 p0 : register(c0);..float4 p1 : register(c1);....#define width (p0[0])..#define height (p0[1])....// pixel "width"..#define px (p1[0])..#define

        C:\Program Files (x86)\MPC-HC\Shaders\Sharpen complex.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:9FEF7AB3B35A958C121B547C5F81FBF9
        SHA1:A41CF60346C58F22AB50E8CAED47FFAA802FD6D2
        SHA-256:85A099BF341176DD097F20B9A2AC23068C94092F7C0C2F6A9D05A895EA923776
        SHA-512:265F365C13D57FA5B4E2F1FE94FF0215658246D5FDFDF8A6B647A9C49B48F7A1F308C84A53587F42533EEA01B443B6A5307F1E5ACD439B654CD49FF0DC18527B
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);..float4 p1 : register(c1);....#define dx (p1[0])..#define dy (p1[1])....float4 main(float2 tex : TEXCOORD0) : COLOR..{...// Pixels definition: original, blurred, corrected, fina

        C:\Program Files (x86)\MPC-HC\Shaders\Sharpen.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:xbm image (x, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:8EA0F5FE1FC1088B2C14EDD5975F779C
        SHA1:4C7AC3E9B1027C76E97642F8FEA22856D306F9DC
        SHA-256:1AF40E7014199E4711C824A47AEE9D921F146CC35077608DE08192BBFC84817D
        SHA-512:C2848CDB29791C8E10B5CA616EA4E0BE34E0A8CC8FD364D192A513BD90271C68DC8EE1C7B872A70F3586F5E12279B0E32D0A21E6B26117D00041E3D25AB085AC
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);..float4 p0 : register(c0);..float4 p1 : register(c1);....#define width (p0[0])..#define height (p0[1])....#define val0 (2.0)..#define val1 (-0.125)..#define effect_width (1.6)

        C:\Program Files (x86)\MPC-HC\Shaders\Threshold.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:85A5227882C2C54B6AD41FBEA747431F
        SHA1:57E2F8EDD1AEF633A97CB43B01BD163B67C30EEA
        SHA-256:DDDC605187189A798C76D191215B8F6A149E3BDB036DF9086DC707AD61E44470
        SHA-512:108DB477E416728086724D7147CF47F8DA02549B8F31162873DE26B57124D900EC1CE579306CF6125C64079227FA3536EED0106A3BA6DC40EA08FB8C7D51A866
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0..sampler s0 : register(s0);....#define threshold 0.5....float4 main(float2 tex : TEXCOORD0) : COLOR..{...float c0 = dot(tex2D(s0, tex), float4(0.2126, 0.7152, 0.0722, 0)); // grayscale.....return c0 > threshold;..}..

        C:\Program Files (x86)\MPC-HC\Shaders\YV12 chroma upsampling.hlsl (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:397BCEB1B13A85FBA3B1E0064360F283
        SHA1:5E76BB2894EA3B9E9ADBC7535F02B9DB7BE7A09D
        SHA-256:C556B10853D7862B5D73A80473FF7C87AB9BFED4C7188256A8BCA28FCB1846EB
        SHA-512:6F5776A40FF229730B5382BE1F0DC388D1675783CDA7E68D4ADCA1BB1A3F92EF520AF14AD73DD344231F2307FA7281AC09D67A223ECD1B51AA00297D66E71026
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2008-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....// YV12 chroma upsampling fixer by Kurt Bernhard 'Leak' Pruenner....// Use with YV12 output if the half-resolution chroma gets upsampled..// in hardware by doubling the values instead of interpolating between them..// (i.e. if you

        C:\Program Files (x86)\MPC-HC\Shaders\is-24T89.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1735
        Entropy (8bit):5.361080430163981
        Encrypted:false
        SSDEEP:
        MD5:C4645BB688D84F5828C5F6D4B41C0641
        SHA1:69FFB53E88DEFC99096347D0239C0D109F8508D4
        SHA-256:04DAECB58ADE90378D8F778486E324C61E5563DF75BFA2B8C65FFA0E15B67C60
        SHA-512:C58CA8AACEC14DB20545DDB7695DA5BD85EF800B3F9E67275D18593353F6B41628C31C4708778B38D7178F2F51FFEA1E57097FEC11A93A56C97E3FB5784CD64A
        Malicious:false
        Reputation:unknown
        Preview:#define Mode 1..../* blurGauss_pass2: Gaussian blur (Vertical Pass)..Second pass of 2-pass shader, please ensure the 2 passes use the same parameters/Mode. ....by butterw, License: GPL v3..*/....sampler s0: register(s0);..float2 p1: register(c1);....#if Mode==1 //gBlur7, http://dev.theomader.com/gaussian-kernel-calculator/....//#define K.float4(0.324225, 0.233638, 0.087348, 0.016901) //sigma=1.2...#define K.float4(0.266346, 0.215007, 0.113085, 0.038735) //sigma=1.5 (default) ...//#define K.float4(0.230781, 0.198557, 0.126451, 0.059602) //sigma=1.8..#elif Mode==2...#define Offsets float2(0.0, 4/3.) //(3 texture, 6 arithmetic)...#define K ..float2(0.29411764705882354, 0.35294117647058826)..#elif Mode==3....#define Offsets float3(0.0, 1.3846153846, 3.2307692308)...#define K..float3(0.2270270270, 0.3162162162, 0.0702702703)..#elif Mode==4...#define Offsets float4(0.0, 1.411764705882353, 3.2941176470588234, 5.176470588235294)...#define K..float4(0.1964825501511404, 0.2969069646728344, 0.09

        C:\Program Files (x86)\MPC-HC\Shaders\is-567TF.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1137
        Entropy (8bit):5.225272673050189
        Encrypted:false
        SSDEEP:
        MD5:69A18104F8FF07E207C1D122DA5FFC8B
        SHA1:9A69F576121F26D4276A506A237CBE4AB6931BF1
        SHA-256:C5C61B94CFB35369B22C7FE6E0CB0BFA56A1AD6229F8DA15D0254678F540FD69
        SHA-512:DD3B61E16175FD92AB61C77C2029D0739064ADECADB32855BCE35B531EF990325A9F19AE0676512F39593CF667515EC63CD6667BF8E74D36C59BD08B08DA5D67
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);..float4 p0 : register(c0);....#define width (p0[0])..#define height (p0[1])....float4 main(float2 tex : TEXCOORD0) : COLOR..{...float4 c0 = 0;.....float2 ar = float2(16, 9);...

        C:\Program Files (x86)\MPC-HC\Shaders\is-71GGP.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1010
        Entropy (8bit):5.2047299993285
        Encrypted:false
        SSDEEP:
        MD5:9CA38B1E5EAD5C023C1A16173C580FB7
        SHA1:707027ABEEE3D1AF5CC41C757E5A1CE72CB89BED
        SHA-256:C825494358D0A8623C7C3987228D3B137F863BBC7C5F5C1BF77242AE2593331F
        SHA-512:A655FF421175E82F0F3E7BD0ECDBBCC020956BC99E76B42DADB969308829EF46F27D306C7BDDA72F1915E2D5C73FF00470C855612C25211E838A437975277000
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0..../*.. * (C) 2007-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);....#define const_1 ( 16.0 / 255.0)..#define const_2 (255.0 / 219.0)....float4 main(float2 tex : TEXCOORD0) : COLOR..{...// original pixel...float4 c0 = tex2D(s0, tex);.....return ((c0 - const_1) * cons

        C:\Program Files (x86)\MPC-HC\Shaders\is-7JRM4.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):957
        Entropy (8bit):5.212006404590827
        Encrypted:false
        SSDEEP:
        MD5:619F86335A66BB49BD12BBFC5545BBC7
        SHA1:7DD48C7A55DBCB064167BF819B5A52BB2891355D
        SHA-256:00D900E21419017232B8455D91BD5BDCF5C391B5ECB1E8AD9A27EA8D4D9E2550
        SHA-512:4E0DC1712A78538428930854366B5A0B16156965D9C283A6A1EC498E4791F3DBDBA7C88F89A5C8790934C7647A15B6A33030021B66A89E3E2CAEDFCC9A415476
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);....float4 main(float2 tex : TEXCOORD0) : COLOR..{...float c0 = dot(tex2D(s0, tex), float4(0.299, 0.587, 0.114, 0));.....return c0;..}..

        C:\Program Files (x86)\MPC-HC\Shaders\is-AIH19.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1008
        Entropy (8bit):5.202978947712847
        Encrypted:false
        SSDEEP:
        MD5:1C33CB0F71881AF2598A4EF37054AB94
        SHA1:81B6907EF8A73E251B4D2C1B3F7AFF971F104E64
        SHA-256:70570553EFC5DF5E77A00A025CA682B54DFBF0C0A912B5AE86103D7E6DED4552
        SHA-512:A3BB6B38D1D963DBC761BED1C82BF1CFCA1141707A73B3DC4AD9D330A84C34F890484B570123B60005C461AB1BCC98D3803F4122034143105E340717E0874746
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0..../*.. * (C) 2009-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);....#define const_1 ( 16.0 / 255.0)..#define const_2 (219.0 / 255.0)....float4 main(float2 tex : TEXCOORD0) : COLOR..{...// original pixel...float4 c0 = tex2D(s0, tex);.....return (c0 * const_2) + const

        C:\Program Files (x86)\MPC-HC\Shaders\is-BO5QJ.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ISO-8859 text, with CRLF line terminators
        Category:dropped
        Size (bytes):9904
        Entropy (8bit):5.198051216727897
        Encrypted:false
        SSDEEP:
        MD5:757D11F335CE97B0D86555BE2DE490B6
        SHA1:942A7AC748FC97D27C8E4382D43D09EB303D3428
        SHA-256:1FEFE4F757AAFEE89778612431AD24BC28672AED39BFA3B16DB53EAA7AC5BE12
        SHA-512:B0A418E6B087F15E0C325EE9A3177DC5FE7833BD3D214AC2624F4AC01085E16B511DBA5D69BA82D7F28673E4B6314AE5B078A256235BF60F1FA591DC0BBE767E
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_3_0....// Copyright (c) 2015, bacondither..// All rights reserved...//..// Redistribution and use in source and binary forms, with or without..// modification, are permitted provided that the following conditions..// are met:..// 1. Redistributions of source code must retain the above copyright..// notice, this list of conditions and the following disclaimer..// in this position and unchanged...// 2. Redistributions in binary form must reproduce the above copyright..// notice, this list of conditions and the following disclaimer in the..// documentation and/or other materials provided with the distribution...//..// THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR..// IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES..// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED...// IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,..// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONS

        C:\Program Files (x86)\MPC-HC\Shaders\is-CAPES.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1898
        Entropy (8bit):5.265885018749925
        Encrypted:false
        SSDEEP:
        MD5:3EB08137F3C6F5F5935D2B0FDD309984
        SHA1:87383DA2C710E8FBE23D1581793C7A3AE195F3AF
        SHA-256:F8C4CEB7775E0C173E7BB220ABD7DCEF418A6771B91EDF09486A9CAB5FE4548E
        SHA-512:263597637456A8291BEB50E661312DEC8674580C8AE79F942BC783E6C230BBAD0BDC5A8E7397047C13F4FA692819C0D74BCCCEF9DE9609134DA9265814B8EFBE
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2011 Jan-Willem Krans (janwillem32 <at> hotmail.com).. * (C) 2011-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....// Correct video colorspace BT.601 [SD] to BT.709 [HD] for HD video input..// Use this shader only if BT.709 [HD] encoded video is incorrectly matrixed to full range RGB

        C:\Program Files (x86)\MPC-HC\Shaders\is-D3M2F.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):2651
        Entropy (8bit):5.1997517220160265
        Encrypted:false
        SSDEEP:
        MD5:9FEF7AB3B35A958C121B547C5F81FBF9
        SHA1:A41CF60346C58F22AB50E8CAED47FFAA802FD6D2
        SHA-256:85A099BF341176DD097F20B9A2AC23068C94092F7C0C2F6A9D05A895EA923776
        SHA-512:265F365C13D57FA5B4E2F1FE94FF0215658246D5FDFDF8A6B647A9C49B48F7A1F308C84A53587F42533EEA01B443B6A5307F1E5ACD439B654CD49FF0DC18527B
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);..float4 p1 : register(c1);....#define dx (p1[0])..#define dy (p1[1])....float4 main(float2 tex : TEXCOORD0) : COLOR..{...// Pixels definition: original, blurred, corrected, fina

        C:\Program Files (x86)\MPC-HC\Shaders\is-H7VSC.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):2677
        Entropy (8bit):5.37996036394343
        Encrypted:false
        SSDEEP:
        MD5:FE70F2850A6FA76D29DD2F08B31468E6
        SHA1:C922B9D7177982AF889305138AA74235C029498F
        SHA-256:84FAD05C774D9035B9D7FBCBCA376FD0F711F143B6C5A33F35E220C79C42D4AC
        SHA-512:1C711347EB3418321A70E70720C50B4CBF820BD6AA8B07C5DEBF76FA98BA40F8CDFE1CBEE4A6AACD266D681BA7E248D96FEFCF4A6E287A813A7EAD9C19F2E1DB
        Malicious:false
        Reputation:unknown
        Preview:#define Mode 1..../* blurGauss_pass1: Gaussian blur X (horiz. pass)..by butterw, License: GPL v3....First pass of 2-pass shader. As with all blur shaders, use pre-upsuserng for maximum effect. ..blurGauss_pass1 (horiz. pass) >> blurGauss_pass2 (vert. pass)..Mode=1 uses a separable Gaussian Kernel, without hw linear sampling optimization ..default Kernel 7-tap Gaussian, sigma=1.5. A different sigma/Kernel K can be selected in the code. ......tested in mpc-hc v1.9.8.38 ..- hw linear sampling (modes 2, 3, 4) doesn't work as expected (uses nearest neighbor sampling instead) !!!..- loading _pass1.hlsl now automatically loads _pass2.hlsl.....you can run the the 2-pass shader multiple times to achieve a stronger blur (ex: 3 times)..1=Blur Gaussian (3x)..PreResize1=.\blurGauss_pass1.hlsl;.\blurGauss_pass1.hlsl;.\blurGauss_pass1.hlsl....Separable Gaussian Kernel with linear sampling (9-tap filter approx.) ..http://rastergrid.com/blog/2010/09/efficient-gaussian-blur-with-linear-sampling/....*/

        C:\Program Files (x86)\MPC-HC\Shaders\is-JENJ1.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1790
        Entropy (8bit):5.2471213272737405
        Encrypted:false
        SSDEEP:
        MD5:66E1FED0FD0F3B8BBFA9B297D2749551
        SHA1:B5AF1AF318A78D71B5ABA8222BC769A51F9C2526
        SHA-256:57D465263399BD4D15C3698D7FC660ED5684B7449405970B2064C9C8EEA24DE6
        SHA-512:3581CA57254258D6CFAEC463D47F39F3C6D18E94515D910611724A2E056D5AF63F4AACDA932E8661A749E8F887BB0CEB4AAC3AA5DDB5733FDF07224B75843A34
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);..float4 p1 : register(c1);....#define dx (p1[0])..#define dy (p1[1])....float4 main(float2 tex : TEXCOORD0) : COLOR..{...// Pixels definition: original, blurred...float4 orig;..

        C:\Program Files (x86)\MPC-HC\Shaders\is-KU90Q.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with very long lines (313), with CRLF line terminators
        Category:dropped
        Size (bytes):2915
        Entropy (8bit):5.07809882722948
        Encrypted:false
        SSDEEP:
        MD5:193A295E7BD2C09F5105DDD1BB8FF391
        SHA1:852175B2FB307233B9B5D4A226E83FB0B9980C49
        SHA-256:919BB772F33FCD55B3D839D0919A2DB239EEB9507749DFD2DF7BDE2DAE604A26
        SHA-512:17AA192AABB9F8785852EEEBA0C3F8477F711C1E3563BE5AF23A9DC49BECCBFB568B1EA2B973FA224B265CF7AE19AA3BF3BB576564C9D869D569CCD0A78AC01A
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2011 Jan-Willem Krans (janwillem32 <at> hotmail.com).. * (C) 2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....// Brightness, contrast and gamma controls for RGB, linearly scaled from top to bottom...// This shader can be run as a screen space pixel shader. It requires compiling with

        C:\Program Files (x86)\MPC-HC\Shaders\is-L28M3.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):941
        Entropy (8bit):5.177255453393304
        Encrypted:false
        SSDEEP:
        MD5:456E9A1307BB3078A349BA6FA9C6F706
        SHA1:85FD34363275E3A8B82C9BD4C61EF6FB4E02D829
        SHA-256:FD6AEC3E1FD0567132909BB4BB936C76369AF5BB1B7D3D10679F317EBFF1587B
        SHA-512:0934BFC92ECF65789A734743D259EEDE138907D3B0D522C5C6A61732AB17E4FE4E16612CAE25C7FCE3D34DFB966C36142CCC78A690EB95B5F1AF3A715593940C
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2007-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);....float4 main(float2 tex : TEXCOORD0) : COLOR..{...float c = dot(tex2D(s0, tex), float4(0.2, 0.6, 0.1, 0.1));...return float4(0, c, 0, 0);..}..

        C:\Program Files (x86)\MPC-HC\Shaders\is-LJ1R1.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:xbm image (x, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):11161
        Entropy (8bit):4.951177997673802
        Encrypted:false
        SSDEEP:
        MD5:832450439A9E637D667E9526A0FCADAD
        SHA1:42387FFE41FEAF3F5C4880C146360AD8A3986C5B
        SHA-256:DF10D44A1E65921A5361680B6076AFD76E48C2ACEA8E769B2F63924AB2873B4F
        SHA-512:41CEE2F88A1E6471E57395644D6C3DDCF0B2123027905C5574816A1FB11F0381C8F80057705947CFD8F54AE4D7733E193216C875478EF796116287362811ED6B
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../* --- Settings --- */....// -- Sharpening --..#define sharp_strength 0.65 //[0.10 to 3.00] Strength of the sharpening..#define sharp_clamp 0.035 //[0.000 to 1.000] Limits maximum amount of sharpening a pixel recieves - Default is 0.035....// -- Advanced sharpening settings --..#define pattern 2 //[1|2|3|4] Choose a sample pattern. 1 = Fast, 2 = Normal, 3 = Wider, 4 = Pyramid shaped...#define offset_bias 1.0 //[0.0 to 6.0] Offset bias adjusts the radius of the sampling pattern... //I designed the pattern for offset_bias 1.0, but feel free to experiment.....// -- Debug sharpening settings --..#define show_sharpen 0 //[0 or 1] Visualize the strength of the sharpen (multiplied by 4 to see it better)....../* --- Defining Constants --- */..#define myTex2D(s,p) tex2D(s,p)....#ifndef s0.. sampler s0 : register(s0);.. #define s1 s0..//sampler s1 : register(s1);.... float4 p0 : register(c0);.. float4 p1 : register(c1

        C:\Program Files (x86)\MPC-HC\Shaders\is-M9D1K.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:xbm image (x, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):2170
        Entropy (8bit):5.245918244120284
        Encrypted:false
        SSDEEP:
        MD5:0F4E1EE69B4FEC07EE1108D74EF24F1A
        SHA1:44F1E5DA02AAD43D81FEC3B816A1879F8DAD1387
        SHA-256:3BE6640324BA202C5C1EF649E57DAE5313A9D774785E53C6B3BFF365A261C19D
        SHA-512:1CA19EA64FEED660C342FADA51623A7B82A10E95BDB74C963A03D2FE5CDF4A51BFA344200EC1BB14379AEB862E38F12C1CFA838108676297AFDAA6BA4EE2EA6C
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);..float4 p0 : register(c0);..float4 p1 : register(c1);....#define width (p0[0])..#define height (p0[1])..#define counter (p0[2])..#define clock (p0[3])..#define one_over_wi

        C:\Program Files (x86)\MPC-HC\Shaders\is-O3MD7.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):2427
        Entropy (8bit):5.229757114575866
        Encrypted:false
        SSDEEP:
        MD5:A747C1123BB4A3977A39CB9FB245ADA4
        SHA1:43740CE631FBD6547BFF8076F6B2C79698211722
        SHA-256:8AB6EF98EAC9C232F3DBC8F7CB5A94EF4DCC65905628A25F13C6C2C4BB9A7CB6
        SHA-512:787967C9FAA65271FB929F19A87043FDE73510E03A5DE4644AAC2FF7A6EEF2225FD1782C59B2298A3B0E2EFE419C227B18C7EEE999BC8C419F73F72377876377
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);..float4 p0 : register(c0);....#define width (p0[0])..#define height (p0[1])....#define NbPixel 1..#define Edge_threshold 0.2..#define Sharpen_val0 2.0..#define Sharpen_

        C:\Program Files (x86)\MPC-HC\Shaders\is-OMHDL.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1182
        Entropy (8bit):5.237694972876292
        Encrypted:false
        SSDEEP:
        MD5:9F3E3ECCACA6E2735D63DAB0C6B6B02D
        SHA1:5D74F729C647E3F7D0A4D92AD1ABCEA3AC83A9E3
        SHA-256:5F2CA6E0BF252222D1DB78DFD4237717786C02DF028364CA0699532E7BC7E802
        SHA-512:F72B211F0D0FC3BEEE8871AA8760989A9C9F41B253816F453C90DD78F980677C7284483238083240EE58E5B1DA52FDD808C4C76313BC9E3557932F67395B3379
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0..../*.. * (C) 2009-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);..float4 p0 : register(c0);....#define width (p0[0])..#define height (p0[1])....#define const_1 ( 16.0 / 255.0)..#define const_2 (255.0 / 219.0)....float4 main(float2 tex : TEXCOORD0) : COLOR..{...//

        C:\Program Files (x86)\MPC-HC\Shaders\is-PGLMH.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):942
        Entropy (8bit):5.17302073708032
        Encrypted:false
        SSDEEP:
        MD5:E05AC0DC1B62E7FD2BD1EE4A303215D3
        SHA1:936421107F1B0021F189BD74160BB8DC021A594F
        SHA-256:FDCF3ED4202C6AE471290073C8959EE9CE06E2696D2F89AEC980E62DAA8EB786
        SHA-512:B9E675B43463C555EAC594C35DC015B3B9E6B4A360658566A0322E976C03BF74ADBF18F5CFCB409AD7D350E5D47C4DC239A3739ABA9D6BFFBDFE986990C79FEE
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);....float4 main(float2 tex : TEXCOORD0) : COLOR..{...float4 c0 = float4(1, 1, 1, 1) - tex2D(s0, tex);.....return c0;..}..

        C:\Program Files (x86)\MPC-HC\Shaders\is-Q0LGJ.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:xbm image (x, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1797
        Entropy (8bit):5.0723108074992975
        Encrypted:false
        SSDEEP:
        MD5:725567E95D53D984A8DDD43896806DEA
        SHA1:2639FF23F1C9CCAA67D0F6C27C90D83946C229DA
        SHA-256:F9D2FD790B576B130641F41195E7DC7FCC3E71D13459BC3946861E395C6003D3
        SHA-512:B4D0E477992996C166A30C4FE438E8CA7CFC86EB1CD242B1CF51212DA991859A21505500206280CEB0A3476967C192FF8112E6106B1D94DC33D3CA1B724F3C88
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../* --- Settings --- */....#define ColorTone float3(1.40, 1.10, 0.90) //[0.00 to 2.55, 0.00 to 2.55, 0.00 to 2.55] What color to tint the image..#define GreyPower 0.11 //[0.00 to 1.00] How much desaturate the image before tinting it..#define SepiaPower 0.58 //[0.00 to 1.00] How much to tint the image..../* --- Defining Constants --- */..#define myTex2D(s,p) tex2D(s,p)....#ifndef s0.. sampler s0 : register(s0);.. #define s1 s0..//sampler s1 : register(s1);.... float4 p0 : register(c0);.. float4 p1 : register(c1);....// #define width (p0[0])..// #define height (p0[1])..// #define counter (p0[2])..// #define clock (p0[3])..// #define px (p1[0]) //one_over_width ..// #define py (p1[1]) //one_over_height.... #define px (p1.x) //one_over_width .. #define py (p1.y) //one_over_height.. .. #define screen_size float2(p0.x,p0.y).... #define pixel float2(px,py)....//#define pxy float2(p1.xy)....//#define PI aco

        C:\Program Files (x86)\MPC-HC\Shaders\is-QIVIJ.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:xbm image (x, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1690
        Entropy (8bit):5.240212606157901
        Encrypted:false
        SSDEEP:
        MD5:8EA0F5FE1FC1088B2C14EDD5975F779C
        SHA1:4C7AC3E9B1027C76E97642F8FEA22856D306F9DC
        SHA-256:1AF40E7014199E4711C824A47AEE9D921F146CC35077608DE08192BBFC84817D
        SHA-512:C2848CDB29791C8E10B5CA616EA4E0BE34E0A8CC8FD364D192A513BD90271C68DC8EE1C7B872A70F3586F5E12279B0E32D0A21E6B26117D00041E3D25AB085AC
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....sampler s0 : register(s0);..float4 p0 : register(c0);..float4 p1 : register(c1);....#define width (p0[0])..#define height (p0[1])....#define val0 (2.0)..#define val1 (-0.125)..#define effect_width (1.6)

        C:\Program Files (x86)\MPC-HC\Shaders\is-QT03T.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):2505
        Entropy (8bit):5.280381895172436
        Encrypted:false
        SSDEEP:
        MD5:397BCEB1B13A85FBA3B1E0064360F283
        SHA1:5E76BB2894EA3B9E9ADBC7535F02B9DB7BE7A09D
        SHA-256:C556B10853D7862B5D73A80473FF7C87AB9BFED4C7188256A8BCA28FCB1846EB
        SHA-512:6F5776A40FF229730B5382BE1F0DC388D1675783CDA7E68D4ADCA1BB1A3F92EF520AF14AD73DD344231F2307FA7281AC09D67A223ECD1B51AA00297D66E71026
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2008-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....// YV12 chroma upsampling fixer by Kurt Bernhard 'Leak' Pruenner....// Use with YV12 output if the half-resolution chroma gets upsampled..// in hardware by doubling the values instead of interpolating between them..// (i.e. if you

        C:\Program Files (x86)\MPC-HC\Shaders\is-SJR2A.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1861
        Entropy (8bit):5.330943487276964
        Encrypted:false
        SSDEEP:
        MD5:548C8A3F8A1A0DCBD7C3E99F415A0974
        SHA1:0E51ABAC5C8DF9A554E1485798B09B8DD83DB420
        SHA-256:D3B6769B1625023EC715C0AF03C0BF8B0CCA459C2DE71A9A72EF2A8CE5C8313E
        SHA-512:5D7B6D51118217F51666331D4B23440A1D1002C8F82E44B4D7CE282C6FB1167F026B9A76BCD7236072D75CAE026724D01BD57FD5A2F52F2F4F1989D710A6380B
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_3_0../*.. * (C) 2008-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....// Fail early with ps_2_0 and ps_2_b shader profiles..#ifdef MPC_HC_SHADER_PROFILE..#.if MPC_HC_SHADER_PROFILE < 2..#..error Usupported shader profile..#.endif..#endif....sampler s0 : register(s0);..float4 p0 : register(c0);....#

        C:\Program Files (x86)\MPC-HC\Shaders\is-SK55N.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:C source, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):3276
        Entropy (8bit):5.200862169160671
        Encrypted:false
        SSDEEP:
        MD5:0ECF98DD2FFA9FA4EEBD52D10DF06783
        SHA1:7C6A0BB21F3A278077E73AF8792C8D5FFB99E533
        SHA-256:73B37243E8AF11730921C2AF5A1B325B22C9F867D82883A96CF8A4BDC20BF576
        SHA-512:482D21F03F7066D55D24B311753835840302E5E932F8544868CD1F16CDD908BA5BB03C062E81DF80A8F788A507EDB7821E2017612ADF6E777C96B09E1AC5EAA0
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_a../*.. * (C) 2009-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */..../* Sharpen complex v2 (requires ps >= 2a) */....sampler s0 : register(s0);..float4 p0 : register(c0);..float4 p1 : register(c1);....#define width (p0[0])..#define height (p0[1])....// pixel "width"..#define px (p1[0])..#define

        C:\Program Files (x86)\MPC-HC\Shaders\is-SPH4I.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1150
        Entropy (8bit):5.200143064930187
        Encrypted:false
        SSDEEP:
        MD5:4CE75AC407559BB3BB19976992BC32C4
        SHA1:D6F8BCE449101C72CDF1F8ECA040A854F4095BA8
        SHA-256:02420EB8301F258D8002919248D8269E09958790F9DC5AD0D3B67E0FAB05E9D0
        SHA-512:29E9079FDF8D7974482E3C16F246D9CFE9787372811CA0A14BCDA5E732C3629BE25875945C61429B79CA2908D9E60B825A3973B139C3CF3E1E2D05647EBDBE04
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0../*.. * (C) 2003-2006 Gabest.. * (C) 2006-2013 see Authors.txt.. *.. * This file is part of MPC-HC... *.. * MPC-HC is free software; you can redistribute it and/or modify.. * it under the terms of the GNU General Public License as published by.. * the Free Software Foundation; either version 3 of the License, or.. * (at your option) any later version... *.. * MPC-HC is distributed in the hope that it will be useful,.. * but WITHOUT ANY WARRANTY; without even the implied warranty of.. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.. * GNU General Public License for more details... *.. * You should have received a copy of the GNU General Public License.. * along with this program. If not, see <http://www.gnu.org/licenses/>... *.. */....// Run this shader before suserng.....sampler s0 : register(s0);..float4 p0 : register(c0);....#define height (p0[1])....float4 main(float2 tex : TEXCOORD0) : COLOR..{...float4 c0 = tex2D(s0, tex);.....fl

        C:\Program Files (x86)\MPC-HC\Shaders\is-UG04E.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):249
        Entropy (8bit):5.209452396284435
        Encrypted:false
        SSDEEP:
        MD5:85A5227882C2C54B6AD41FBEA747431F
        SHA1:57E2F8EDD1AEF633A97CB43B01BD163B67C30EEA
        SHA-256:DDDC605187189A798C76D191215B8F6A149E3BDB036DF9086DC707AD61E44470
        SHA-512:108DB477E416728086724D7147CF47F8DA02549B8F31162873DE26B57124D900EC1CE579306CF6125C64079227FA3536EED0106A3BA6DC40EA08FB8C7D51A866
        Malicious:false
        Reputation:unknown
        Preview:// $MinimumShaderProfile: ps_2_0..sampler s0 : register(s0);....#define threshold 0.5....float4 main(float2 tex : TEXCOORD0) : COLOR..{...float c0 = dot(tex2D(s0, tex), float4(0.2126, 0.7152, 0.0722, 0)); // grayscale.....return c0 > threshold;..}..

        C:\Program Files (x86)\MPC-HC\d3dcompiler_47.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:960AE99A15B1C8C9FBDDDE97606478F9
        SHA1:0C856BA7367E719466ADB73227C39DFFEADDDE27
        SHA-256:E3009E3738FAB1F7CD685567C5AA1EB0A408AC51D0CDA5DA788841174D7625B1
        SHA-512:437E6E893A43529E181BD98FF7F16996A79012DA02F15E1DED8EF4818383E98AF6F5A8AFCCAE351DD0F1C0A2E4F7A8A1F2BA43E2C5A9B29F9F6F5F58AB35EF87
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........k?...l...l...l-3.l...l-3.l...l...l ..l-3.l...l-3.l...l-3.l...l-3.lt..l-3.l...l-3.l...lRich...l........................PE..L...p.X...........!......3...........).......3...............................6.......6...@A..........................3.u.....4.d.....4.@.....................5......@...............................G..@.............4..............................text.....3.......3................. ..`.data.........3..^....3.............@....idata........4......<4.............@..@.rsrc...@.....4......N4.............@..@.reloc........5......T4.............@..B................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\d3dx9_43.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:86E39E9161C3D930D93822F1563C280D
        SHA1:F5944DF4142983714A6D9955E6E393D9876C1E11
        SHA-256:0B28546BE22C71834501F7D7185EDE5D79742457331C7EE09EFC14490DD64F5F
        SHA-512:0A3E311C4FD5C2194A8807469E47156AF35502E10AEB8A3F64A01FF802CD8669C7E668CC87B593B182FD830A126D002B5D5D7B6C77991158BFFDB0B5B997F6B3
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 3%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......N..=.a.n.a.n.a.n.a.n.a.n.3hn.a.n.3jn.a.n.3^nZa.n.3on.a.n.3_n.a.n-..n.a.n.3nn.a.n.3in.a.nRich.a.n........................PE..L....1.K...........!.........4......................................................m.....@..........................i..&,...Z..d....................f..X.......x.......................................@............................................text............................... ..`.data....P..........................@....rsrc...............................@..@.reloc..>...........................@..B........................................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\is-5RD0J.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):7884800
        Entropy (8bit):6.611392068048327
        Encrypted:false
        SSDEEP:
        MD5:4A7D6D2643C29D1769DF5BA1D548185C
        SHA1:E7EE857F9E867BA95D3AB95D4637866F960B8147
        SHA-256:B51450DF5B6E03734D08B605D8F09E6652D5B16B1D6D5174CB6935400301CEA2
        SHA-512:5203C3D3A5B60B995C920B03ECD8C6886745B3C56465A0D02389DAB3393EBF380F043AE44ACC81B2A387826839B53E38015A272A285418170072BE12200242BE
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...................................P...........!..L.!This program cannot be run in DOS mode....$.......................................................................................................................................................................................................................PE..L......a.........."......&T...0.......J......@T...@...................................x...@.................................@hg.......u.0K................... ..t....`.p.....................`.......Y.@............@T.@....fg......................text....%T......&T................. ..`.rdata..T|...@T..~...*T.............@..@.data...`.....g..p....g.............@....rsrc...0K....u..L....i.............@..@.reloc..t.... .......dr.............@..B........................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\is-E50CV.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):1998168
        Entropy (8bit):6.7631254131269465
        Encrypted:false
        SSDEEP:
        MD5:86E39E9161C3D930D93822F1563C280D
        SHA1:F5944DF4142983714A6D9955E6E393D9876C1E11
        SHA-256:0B28546BE22C71834501F7D7185EDE5D79742457331C7EE09EFC14490DD64F5F
        SHA-512:0A3E311C4FD5C2194A8807469E47156AF35502E10AEB8A3F64A01FF802CD8669C7E668CC87B593B182FD830A126D002B5D5D7B6C77991158BFFDB0B5B997F6B3
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......N..=.a.n.a.n.a.n.a.n.a.n.3hn.a.n.3jn.a.n.3^nZa.n.3on.a.n.3_n.a.n-..n.a.n.3nn.a.n.3in.a.nRich.a.n........................PE..L....1.K...........!.........4......................................................m.....@..........................i..&,...Z..d....................f..X.......x.......................................@............................................text............................... ..`.data....P..........................@....rsrc...............................@..@.reloc..>...........................@..B........................................................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\is-EHUPO.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):2515456
        Entropy (8bit):6.933545648523911
        Encrypted:false
        SSDEEP:
        MD5:111AAA06774FAC398E83FE489DCCF1AE
        SHA1:6666875195D8FBDD431765FF1C591B2DE1B0572F
        SHA-256:F2F22361AF9A9E1EBAC25DEC8380C7221F4D33F7F02F8F56B8C3CB85D8DA6726
        SHA-512:805A9950F5F4870E7FF56E14C2C02312CCA848C1B80CA5FE27775ECD8F4AF462B4BBFB4A44E25E0E0F3CBA8BB0A9DCC4D37C8D0F04F82DE15D854D25DF2BB707
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................................................................PE..L......a.........."!.....H....&..............`................................&.....e.&...@.............................l...l...(........%...................&.....L...p...............................@............`..x............................text....G.......H.................. ..`.rdata..(E...`...F...L..............@..@.data...............................@....rsrc....%.......%.................@..@.reloc........&......X&.............@..B........................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\is-GKU7E.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:ASCII text
        Category:dropped
        Size (bytes):35147
        Entropy (8bit):4.573442652974749
        Encrypted:false
        SSDEEP:
        MD5:D32239BCB673463AB874E80D47FAE504
        SHA1:8624BCDAE55BAEEF00CD11D5DFCFA60F68710A02
        SHA-256:8CEB4B9EE5ADEDDE47B31E975C1D90C73AD27B6B165A1DCD80C7C545EB65B903
        SHA-512:7633623B66B5E686BB94DD96A7CDB5A7E5EE00E87004FAB416A5610D59C62BADAF512A2E26E34E2455B7ED6B76690D2CD47464836D7D85D78B51D50F7E933D5C
        Malicious:false
        Reputation:unknown
        Preview: GNU GENERAL PUBLIC LICENSE. Version 3, 29 June 2007.. Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>. Everyone is permitted to copy and distribute verbatim copies. of this license document, but changing it is not allowed... Preamble.. The GNU General Public License is a free, copyleft license for.software and other kinds of works... The licenses for most software and other practical works are designed.to take away your freedom to share and change the works. By contrast,.the GNU General Public License is intended to guarantee your freedom to.share and change all versions of a program--to make sure it remains free.software for all its users. We, the Free Software Foundation, use the.GNU General Public License for most of our software; it applies also to.any other work released this way by its authors. You can apply it to.your programs, too... When we speak of free software, we are referring to

        C:\Program Files (x86)\MPC-HC\is-I5VSF.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):5690832
        Entropy (8bit):6.7114817889323675
        Encrypted:false
        SSDEEP:
        MD5:BBA4E2768744311A4C3146471DA7E65D
        SHA1:7FC33E7CA179F2D3007BBFF422635041DC7D4C81
        SHA-256:DF1E41F627E47B991001189C627CEC14A58E006BE2B003EF9E2E3CEE627D0404
        SHA-512:D1110153077FE58758700D7B832ACCCFE4126AE8405D5B3911D3246D35D9F0261EA703B6E5EAEA52AA5685A28E60D6A6D1646EEF6077F782D460CF23CA3007A0
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$............P.P.P..Q.P..Q_..P..Q...P..Q.P..Q...P..Q...P2.Q...P..Q.P.P...P2.Q...P2.Q.P2.XP.P.0P.P2.Q.PRich.P........PE..L...._Da...........!.....`B..r.......A;......pB...............................W......7W...@..........................XS.....tbS.(.....T...............V..!....T.(...t.O...............................O.@............pB..............................text...F_B......`B................. ..`.rdata.......pB......dB.............@..@.data...p....pS..f...`S.............@....rsrc.........T.......S.............@..@.reloc..(.....T.......S.............@..B........................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\is-Q271V.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):1267339
        Entropy (8bit):6.432557081344389
        Encrypted:false
        SSDEEP:
        MD5:469709D75934E624390971E4E18DB50A
        SHA1:95891DD6731A6B8040D05C92149F3E336D41CDDF
        SHA-256:F49B377FBED4069A62D8CB12626E299B836DA19F62AD4D6B5C580CBC504982DB
        SHA-512:92F2625CCD802EF14CDFE5E6B13DAA98FAF4C2A7BC84D3218ACC691E4FC9E6AB6BD28EE839D11889D77ECE7CEB57369A8130CF689FA96D5AAE406988FDCFBA2A
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Reputation:unknown
        Preview:MZP.....................@.......................InUn....................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L......W............................l........ ....@.......................................@......@..............................@8...0..h.................................................... .......................................................text............................... ..`.itext.............................. ..`.data...h0... ...2..................@....bss.....a...`.......0...................idata..@8.......:...0..............@....tls....<............j...................rdata....... .......j..............@..@.rsrc...h....0.......l..............@..@....................................@..@........................................................................................................................................

        C:\Program Files (x86)\MPC-HC\is-SERGA.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:Unicode text, UTF-8 text, with CRLF line terminators
        Category:dropped
        Size (bytes):5766
        Entropy (8bit):4.343710367299482
        Encrypted:false
        SSDEEP:
        MD5:A06D04466F4C4337402B04D8DD04166E
        SHA1:EB4D7B76778158614011641AC5E24DB1C0E50414
        SHA-256:6AE163B528231FE0AA35A03A6800F3228ACF75EC5CAD8C52183C3E2419079353
        SHA-512:8BC0E3B3D17CA080621E26B6D519797E3A16AB5E3B8B5520E63C870E897BCCED970376B4B84487E29147F94FBFCBA16FBB6C8E3D613202EBDB0ADD62FFCCC2B7
        Malicious:false
        Reputation:unknown
        Preview:Active..-----------------------..clsid2 https://github.com/clsid2/mpc-hc Code, Project manager..adipose https://github.com/adipose/mpc-hc Code, Transifex..nevcairiel https://github.com/Nevcairiel/LAVFilters LAVFilters author......Inactive..--------.._xxl <drevil_xxl@users.sourceforge.net> FFmpeg..Alexander Wild <alexwild@users.sourceforge.net> Code, German..alexmarsev <alexmarsev@users.sourceforge.net> Code..Armada <armada651@users.sourceforge.net> Code..Arto Jarvinen <ar-jar@users.sourceforge.net> Code..Attila T. Afra <attila.afra@gmail.com> Code..Beliyaal <beliyaal@users.sourceforge.net> Code..bobdynlan <bobdynlan@users.sourceforge.net> Code..Casimir666 <casimir666@users.sourceforge.net> Project founder, Code, French..demi_alucard

        C:\Program Files (x86)\MPC-HC\is-VGCFT.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):3550208
        Entropy (8bit):6.55410464930608
        Encrypted:false
        SSDEEP:
        MD5:960AE99A15B1C8C9FBDDDE97606478F9
        SHA1:0C856BA7367E719466ADB73227C39DFFEADDDE27
        SHA-256:E3009E3738FAB1F7CD685567C5AA1EB0A408AC51D0CDA5DA788841174D7625B1
        SHA-512:437E6E893A43529E181BD98FF7F16996A79012DA02F15E1DED8EF4818383E98AF6F5A8AFCCAE351DD0F1C0A2E4F7A8A1F2BA43E2C5A9B29F9F6F5F58AB35EF87
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........k?...l...l...l-3.l...l-3.l...l...l ..l-3.l...l-3.l...l-3.l...l-3.lt..l-3.l...l-3.l...lRich...l........................PE..L...p.X...........!......3...........).......3...............................6.......6...@A..........................3.u.....4.d.....4.@.....................5......@...............................G..@.............4..............................text.....3.......3................. ..`.data.........3..^....3.............@....idata........4......<4.............@..@.rsrc...@.....4......N4.............@..@.reloc........5......T4.............@..B................................................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\mediainfo.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:BBA4E2768744311A4C3146471DA7E65D
        SHA1:7FC33E7CA179F2D3007BBFF422635041DC7D4C81
        SHA-256:DF1E41F627E47B991001189C627CEC14A58E006BE2B003EF9E2E3CEE627D0404
        SHA-512:D1110153077FE58758700D7B832ACCCFE4126AE8405D5B3911D3246D35D9F0261EA703B6E5EAEA52AA5685A28E60D6A6D1646EEF6077F782D460CF23CA3007A0
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$............P.P.P..Q.P..Q_..P..Q...P..Q.P..Q...P..Q...P2.Q...P..Q.P.P...P2.Q...P2.Q.P2.XP.P.0P.P2.Q.PRich.P........PE..L...._Da...........!.....`B..r.......A;......pB...............................W......7W...@..........................XS.....tbS.(.....T...............V..!....T.(...t.O...............................O.@............pB..............................text...F_B......`B................. ..`.rdata.......pB......dB.............@..@.data...p....pS..f...`S.............@....rsrc.........T.......S.............@..@.reloc..(.....T.......S.............@..B........................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\mpc-hc.exe (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:4A7D6D2643C29D1769DF5BA1D548185C
        SHA1:E7EE857F9E867BA95D3AB95D4637866F960B8147
        SHA-256:B51450DF5B6E03734D08B605D8F09E6652D5B16B1D6D5174CB6935400301CEA2
        SHA-512:5203C3D3A5B60B995C920B03ECD8C6886745B3C56465A0D02389DAB3393EBF380F043AE44ACC81B2A387826839B53E38015A272A285418170072BE12200242BE
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...................................P...........!..L.!This program cannot be run in DOS mode....$.......................................................................................................................................................................................................................PE..L......a.........."......&T...0.......J......@T...@...................................x...@.................................@hg.......u.0K................... ..t....`.p.....................`.......Y.@............@T.@....fg......................text....%T......&T................. ..`.rdata..T|...@T..~...*T.............@..@.data...`.....g..p....g.............@....rsrc...0K....u..L....i.............@..@.reloc..t.... .......dr.............@..B........................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\mpciconlib.dll (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:111AAA06774FAC398E83FE489DCCF1AE
        SHA1:6666875195D8FBDD431765FF1C591B2DE1B0572F
        SHA-256:F2F22361AF9A9E1EBAC25DEC8380C7221F4D33F7F02F8F56B8C3CB85D8DA6726
        SHA-512:805A9950F5F4870E7FF56E14C2C02312CCA848C1B80CA5FE27775ECD8F4AF462B4BBFB4A44E25E0E0F3CBA8BB0A9DCC4D37C8D0F04F82DE15D854D25DF2BB707
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................................................................PE..L......a.........."!.....H....&..............`................................&.....e.&...@.............................l...l...(........%...................&.....L...p...............................@............`..x............................text....G.......H.................. ..`.rdata..(E...`...F...L..............@..@.data...............................@....rsrc....%.......%.................@..@.reloc........&......X&.............@..B........................................................................................................................................................................................................................................................................................

        C:\Program Files (x86)\MPC-HC\unins000.dat

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:InnoSetup Log MPC-HC {2624B969-7135-4EB1-B0F6-2D8C397B45F7}, version 0x418, 28233 bytes, 960781\37\user\376\, C:\Program Files (x86)\MPC-HC\376\377\377\
        Category:dropped
        Size (bytes):28233
        Entropy (8bit):3.921710984883035
        Encrypted:false
        SSDEEP:
        MD5:DFA640321F4AC4C6A4BD2C01E5FB5063
        SHA1:0A1D9BBECDC9D79DEB44FED601E411F16E32A802
        SHA-256:73D0C86FF945E745620BB8A8A8FFD96DAC19205219E8F0128D8AC546ED73915C
        SHA-512:7EF827AE5DF8FBFFE71A69979B57455891CFF8D775BEADD99B530A53AB7F17881728B42649A386CE15C9858B06923CE25AE6A36173728B52042CB4F451DBCFC5
        Malicious:false
        Reputation:unknown
        Preview:Inno Setup Uninstall Log (b)....................................{2624B969-7135-4EB1-B0F6-2D8C397B45F7}..........................................................................................MPC-HC..................................................................................................................................In..%.............................................................................................................................+2......s........9.6.0.7.8.1......c.a.l.i......C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.P.C.-.H.C..................!.... .....$"...H...IFPS...."...%...........................................................................................................................................................BOOLEAN..............TWIZARDFORM....TWIZARDFORM.........TNEWRADIOBUTTON....TNEWRADIOBUTTON.........TSETUPSTEP.........TUNINSTALLSTEP.........TMSGBOXTYPE.................!MAIN....-1..0...dll:kernel32.dll.IsProcessorFeaturePresent....

        C:\Program Files (x86)\MPC-HC\unins000.exe (copy)

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:469709D75934E624390971E4E18DB50A
        SHA1:95891DD6731A6B8040D05C92149F3E336D41CDDF
        SHA-256:F49B377FBED4069A62D8CB12626E299B836DA19F62AD4D6B5C580CBC504982DB
        SHA-512:92F2625CCD802EF14CDFE5E6B13DAA98FAF4C2A7BC84D3218ACC691E4FC9E6AB6BD28EE839D11889D77ECE7CEB57369A8130CF689FA96D5AAE406988FDCFBA2A
        Malicious:true
        Reputation:unknown
        Preview:MZP.....................@.......................InUn....................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L......W............................l........ ....@.......................................@......@..............................@8...0..h.................................................... .......................................................text............................... ..`.itext.............................. ..`.data...h0... ...2..................@....bss.....a...`.......0...................idata..@8.......:...0..............@....tls....<............j...................rdata....... .......j..............@..@.rsrc...h....0.......l..............@..@....................................@..@........................................................................................................................................

        C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC\MPC-HC.lnk

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Icon number=0, Archive, ctime=Mon Oct 21 08:25:33 2024, mtime=Mon Oct 21 08:25:33 2024, atime=Sun Jan 30 11:00:00 2022, length=7884800, window=hide
        Category:dropped
        Size (bytes):1174
        Entropy (8bit):4.528588088175185
        Encrypted:false
        SSDEEP:
        MD5:AFB2FB7BA7CCF211A71CEB49FA96088F
        SHA1:367DD4429481F3D9A82E5087A15531FA09A600BA
        SHA-256:3491B0442CD2BEE5BEA6A1A70A94A4153E8E03FE6A4D9A231974D7C3824E4BA2
        SHA-512:D94D1BACE13566D80EF924D03E1B2A51DEA9AFB0D8FA8862F747E6EC738DC89194B6551F47D18AC5C631DBB28360553223FB10A43C6057D431A9BBCBB0CD8596
        Malicious:false
        Reputation:unknown
        Preview:L..................F.... ....|.-.#..2..-.#....+......Px.....................{....P.O. .:i.....+00.../C:\.....................1.....UY.K..PROGRA~2.........O.IUY.K....................V.....t...P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....T.1.....UY3K..MPC-HC..>......UY1KUY3K.....Z.......................M.P.C.-.H.C.....`.2..Px.>T.` .mpc-hc.exe..F......UY1KUY1K....*Z........................m.p.c.-.h.c...e.x.e.......W...............-.......V...........B@.W.....C:\Program Files (x86)\MPC-HC\mpc-hc.exe....M.P.C.-.H.C. .1...9...1.9.7.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.P.C.-.H.C.\.m.p.c.-.h.c...e.x.e...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.P.C.-.H.C.%.%.P.r.o.g.r.a.m.F.i.l.e.s.(.x.8.6.).%.\.M.P.C.-.H.C.\.m.p.c.-.h.c...e.x.e.........*................@Z|...K.J.........`.......X.......960781...........hT..CrF.f4... ..z\..........%..hT..CrF.f4... ..z\..........%.............1SPS.XF.L8C....&.m.q.......

        C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC\Uninstall MPC-HC.lnk

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Archive, ctime=Mon Oct 21 08:25:33 2024, mtime=Mon Oct 21 08:25:33 2024, atime=Mon Oct 21 08:25:23 2024, length=1267339, window=hide
        Category:dropped
        Size (bytes):1116
        Entropy (8bit):4.611498643626445
        Encrypted:false
        SSDEEP:
        MD5:43ECAE299E285634DC25649B720E0CD3
        SHA1:8066304904C34D4BAB9CE198E730410E56F5101C
        SHA-256:F9B8354AE24B2510A72AC08AEDE8F41CCF4788945207C0EC7A0E0677E0E45F6D
        SHA-512:891B68247218F8BCF59B5AFAB9C9E810DC559704C2C1903F170FC923223D65DA54D8274B66902144F4AAEAE3D171606AA77CA14DFD2D8B4ED57F3EB17ECE02EE
        Malicious:false
        Reputation:unknown
        Preview:L..................F.... .....-.#....-.#..~..(.#...V...........................P.O. .:i.....+00.../C:\.....................1.....UY1K..PROGRA~2.........O.IUY3K....................V.....)?..P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....T.1.....UY3K..MPC-HC..>......UY1KUY3K.....Z....................!...M.P.C.-.H.C.....f.2..V..UY,K .unins000.exe..J......UY1KUY1K....(Z......................5.u.n.i.n.s.0.0.0...e.x.e.......Y...............-.......X...........B@.W.....C:\Program Files (x86)\MPC-HC\unins000.exe....U.n.i.n.s.t.a.l.l. .M.P.C.-.H.C.9.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.P.C.-.H.C.\.u.n.i.n.s.0.0.0...e.x.e...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.P.C.-.H.C.........*................@Z|...K.J.........`.......X.......960781...........hT..CrF.f4... ...z\..........%..hT..CrF.f4... ...z\..........%.............1SPS.XF.L8C....&.m.q............/...S.-.1.-.5.-.2.1.-.2.2.4.6.1.2.2.6.5.8.-.3.6.9.3.4

        C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exe

        Download File
        Process:C:\Users\user\Downloads\ImgBurn_822881.exe
        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):16687163
        Entropy (8bit):7.99864901932948
        Encrypted:true
        SSDEEP:
        MD5:987F955A9CC69937A6BF6C1B5C8DA647
        SHA1:B89B479ACC3710D8089C5C10EE925878B3B13E41
        SHA-256:D9CCA609F0686D5929B4AB6EAD0D2AFCDE1B8F76E38B36E1293C7F58040D2A51
        SHA-512:A0215543E2CAA115E33D206325E7E57BAEE277B3E7713C78B7DA05496BED1B3515FBB4431395D87F925998FBB100E87FCC7A4D030DEF0AF4E9CB0699EA16E7B6
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L......W..................................... ....@..........................p............@......@......................................p............................................................................................................text...D........................... ..`.itext..d........................... ..`.data........ ......................@....bss.....V...0...........................idata..............................@....tls.................&...................rdata...............&..............@..@.rsrc...p............(..............@..@....................................@..@........................................................................................................................................

        C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp

        Download File
        Process:C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exe
        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):1244672
        Entropy (8bit):6.459632560987053
        Encrypted:false
        SSDEEP:
        MD5:97E8309859A8F2E96633F3ABAD8727F0
        SHA1:CE2EF7C09F5AA0ED58DAD798AAD65DDC339DD22F
        SHA-256:90DF18EB06D199C583544F179B1BB466A6FD59736D4B0DBAC35C8DD3FBA9A425
        SHA-512:8FD3450D77CE409B2621FD04475636431B57A4301A883B831B17CDF19BA345DD7D827A9076C11383697E4EAB19D3060DE8E67ECAEE6D0B9F79B2201E5A773160
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 4%
        Reputation:unknown
        Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L......W............................l........ ....@.......................................@......@..............................@8...0..h.................................................... .......................................................text............................... ..`.itext.............................. ..`.data...h0... ...2..................@....bss.....a...`.......0...................idata..@8.......:...0..............@....tls....<............j...................rdata....... .......j..............@..@.rsrc...h....0.......l..............@..@....................................@..@........................................................................................................................................

        C:\Users\user\AppData\Local\Temp\is-CSEKA.tmp\_isetup\_setup64.tmp

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:PE32+ executable (console) x86-64, for MS Windows
        Category:dropped
        Size (bytes):6144
        Entropy (8bit):4.720366600008286
        Encrypted:false
        SSDEEP:
        MD5:E4211D6D009757C078A9FAC7FF4F03D4
        SHA1:019CD56BA687D39D12D4B13991C9A42EA6BA03DA
        SHA-256:388A796580234EFC95F3B1C70AD4CB44BFDDC7BA0F9203BF4902B9929B136F95
        SHA-512:17257F15D843E88BB78ADCFB48184B8CE22109CC2C99E709432728A392AFAE7B808ED32289BA397207172DE990A354F15C2459B6797317DA8EA18B040C85787E
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Reputation:unknown
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......^...............l...............=\......=\......=\......Rich............................PE..d.....R..........#............................@.............................`.......,......................................................<!.......P..H....@..0.................................................................... ...............................text............................... ..`.rdata..|.... ......................@..@.data...,....0......................@....pdata..0....@......................@..@.rsrc...H....P......................@..@................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 21 08:24:32 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
        Category:dropped
        Size (bytes):2673
        Entropy (8bit):3.981947741488531
        Encrypted:false
        SSDEEP:
        MD5:828EF788B4FD5376C6926CD825B4DF57
        SHA1:0A2FC45ECB3FB62AA16605E6DDD84B83642670F5
        SHA-256:AB6EFF14787876C3936E3DEF4E00764749E6E008C73628F8033A4C4D986FFA41
        SHA-512:97C00FF16780748AC392BF0836DE2E213635BDEA0CBD4C6764FDB49C90C30DC08C043BC362E8147FEE6FE7ACE9BB626D18C098C0569FE5685CEAFE5317AD0A66
        Malicious:false
        Reputation:unknown
        Preview:L..................F.@.. ...$+.,....${...#..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IUY.K....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VUY.K....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VUY.K....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VUY.K..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VUY.K...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........B@.W.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 21 08:24:32 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
        Category:dropped
        Size (bytes):2675
        Entropy (8bit):3.99756579470062
        Encrypted:false
        SSDEEP:
        MD5:48129B31E8751C7577DC6365E50D6CFD
        SHA1:1694A70A5B9969A91F716810BA4F45E218A4D61E
        SHA-256:13B4B6238DA76AB5EED47551A8B5153E3825DB74B4345F4EF9CF56AB48545A17
        SHA-512:6110E2087B8366CEC9FF01F047BF365FBC7DFF32F0CA0DABA0149D8881847F03FEB8A651324C81BE6931BEF4BBF59B42EC81968FC444CF23DA6FCBE0F2638E50
        Malicious:false
        Reputation:unknown
        Preview:L..................F.@.. ...$+.,....!m...#..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IUY.K....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VUY.K....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VUY.K....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VUY.K..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VUY.K...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........B@.W.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
        Category:dropped
        Size (bytes):2689
        Entropy (8bit):4.0061626573152695
        Encrypted:false
        SSDEEP:
        MD5:D50A3CD2C20888B39152E708349B30A4
        SHA1:11C35A3C7CD0E57DF7B0674352F86506C48B0E3F
        SHA-256:554B8C70A1B955C184490E1FDF086213F325E71AEB7D6D7919C1CEAD78759189
        SHA-512:E10A0F3792E4FA721F6E3DDA0459025C0B773896DC9AAAC699AB991C540124EEE8927C25036B38083EE07D0968775BF30E8DA7C4AF3DE77E9EDFA69C5A2ADC6A
        Malicious:false
        Reputation:unknown
        Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IUY.K....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VUY.K....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VUY.K....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VUY.K..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........B@.W.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 21 08:24:32 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
        Category:dropped
        Size (bytes):2677
        Entropy (8bit):3.998859485646699
        Encrypted:false
        SSDEEP:
        MD5:9C19FB1E54EDDFC280D5662C168837BD
        SHA1:5F10449C2442CB7BC7CCAE3ED4F6237C157F3FFF
        SHA-256:B301A54786F0B6600B8A669A9B13E6D014008E92743BDAFA784F299C245F4FE2
        SHA-512:ABBD2F841010F39F21AC8A4A462ACBC2CFD5985E59D58F0C705CA3CBA8444EAAB18B9D683CD435A05126285AFACEA09149C32BB3FB59D907638C4D699C2FDCB8
        Malicious:false
        Reputation:unknown
        Preview:L..................F.@.. ...$+.,....z...#..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IUY.K....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VUY.K....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VUY.K....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VUY.K..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VUY.K...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........B@.W.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 21 08:24:32 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
        Category:dropped
        Size (bytes):2677
        Entropy (8bit):3.9850285708701216
        Encrypted:false
        SSDEEP:
        MD5:86BA9D6285DCFDAA79786B1339D97E51
        SHA1:680A1746F82FA0C946AB76BF711FF1FA86392D21
        SHA-256:44C270CE69A23490C8B365D0312F09357EB219C8407E69A78F1DD0E985BB81AD
        SHA-512:A3E1D5F57176EF10591AF28FE2006B19098F98306C1A1B1A7F0C01B96BD310F70C70A8469F435264BDA2881C6C080DCBCD4DF8D82BAF00108544FC270CEBF984
        Malicious:false
        Reputation:unknown
        Preview:L..................F.@.. ...$+.,........#..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IUY.K....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VUY.K....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VUY.K....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VUY.K..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VUY.K...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........B@.W.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 21 08:24:32 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
        Category:dropped
        Size (bytes):2679
        Entropy (8bit):3.9948710032620434
        Encrypted:false
        SSDEEP:
        MD5:35655FAA45D2614CCC5EBB4C5F99D521
        SHA1:C00684A9893E40F8C0BBDEAB3A47C7422E2C72D8
        SHA-256:DBA432CE1248F3B85130D2CD6882FFF72B1ECCBE519E8FCC833E9D157D7512E8
        SHA-512:B9E4903C86CF7F3A2D8046DD3B1FAA101AEDD7787E2F5396645188F84BED055EDD3BAD2341F643FCFFA8D05AB67049006CC75F1427B6874D5E557404D28A2095
        Malicious:false
        Reputation:unknown
        Preview:L..................F.@.. ...$+.,.........#..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IUY.K....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VUY.K....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VUY.K....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VUY.K..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VUY.K...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........B@.W.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

        C:\Users\user\Desktop\MPC-HC.lnk

        Download File
        Process:C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Icon number=0, Archive, ctime=Mon Oct 21 08:25:33 2024, mtime=Mon Oct 21 08:25:37 2024, atime=Sun Jan 30 11:00:00 2022, length=7884800, window=hide
        Category:dropped
        Size (bytes):1156
        Entropy (8bit):4.5285604359484655
        Encrypted:false
        SSDEEP:
        MD5:5A90F300B869CD844E8917BBB6FED218
        SHA1:7900B3B2BEB41C33028C75DA3A04E0F3A2B6FED3
        SHA-256:FA58A94278B8501453B0868B56C4B6F5D2D6B1417BFBAF093EB4C4D397EAAB3C
        SHA-512:BB44F24E12DBED17CF57D43FA0E5C9F43A01996FF28F97E6CADEE58183A76F114F245A02BA88475985BF6209B72E25F4A7014E4A6DB81DD9A2A4F7BDAB7F4863
        Malicious:false
        Reputation:unknown
        Preview:L..................F.... ....|.-.#..P.(0.#....+......Px.....................{....P.O. .:i.....+00.../C:\.....................1.....UY1K..PROGRA~2.........O.IUY3K....................V.....)?..P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....T.1.....UY3K..MPC-HC..>......UY1KUY3K.....Z....................!...M.P.C.-.H.C.....`.2..Px.>T.` .mpc-hc.exe..F......UY1KUY1K....*Z........................m.p.c.-.h.c...e.x.e.......W...............-.......V...........B@.W.....C:\Program Files (x86)\MPC-HC\mpc-hc.exe....M.P.C.-.H.C. .1...9...1.9.......\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.P.C.-.H.C.\.m.p.c.-.h.c...e.x.e...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.P.C.-.H.C.%.%.P.r.o.g.r.a.m.F.i.l.e.s.(.x.8.6.).%.\.M.P.C.-.H.C.\.m.p.c.-.h.c...e.x.e.........*................@Z|...K.J.........`.......X.......960781...........hT..CrF.f4... ..z\..........%..hT..CrF.f4... ..z\..........%.............1SPS.XF.L8C....&.m.q............/...S.-.1.-.5

        C:\Users\user\Downloads\ImgBurn_822881.exe (copy)

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):0
        Entropy (8bit):0.0
        Encrypted:false
        SSDEEP:
        MD5:B0122909933A4243C6055AF589ABCF51
        SHA1:78EBFEA877A7FFC59155A539F6F157417A8A0211
        SHA-256:9D68C8C263F0DC1821C0C2B2B17589E806DE1A4AD54EDD3B34FFA3F4EA0C0280
        SHA-512:FC8A3A969F1C9F4ED65FA777C53D3AC743A7510B9E80535191E1EA97CB5835A086D4E8CE2A97E497302C2CF03218A8551860B8D8B7AE64FC75F1D7F825C0AF12
        Malicious:true
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 38%
        Reputation:unknown
        Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......Y.R..........................:q.......s......:q......:q.................7...........:q......:q......:q......:q......Rich....................................PE..L....."f..................i......... =`.......i...@..........................Pp.....V.m...@...................................m.......n.x$............l..)....n.......m.....................<.m.......m.@.............i..............................text....~i.......i................. ..`.rdata...T....i..V....i.............@..@.data.........m..6....m.............@....gfids..|.....n.......n.............@..@.tls..........n.......n.............@....rsrc...x$....n..&....n.............@..@.reloc........n......Dn.............@..B........................................................................................................................................................................................

        C:\Users\user\Downloads\Unconfirmed 271687.crdownload

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):23926912
        Entropy (8bit):7.698655247603634
        Encrypted:false
        SSDEEP:
        MD5:B0122909933A4243C6055AF589ABCF51
        SHA1:78EBFEA877A7FFC59155A539F6F157417A8A0211
        SHA-256:9D68C8C263F0DC1821C0C2B2B17589E806DE1A4AD54EDD3B34FFA3F4EA0C0280
        SHA-512:FC8A3A969F1C9F4ED65FA777C53D3AC743A7510B9E80535191E1EA97CB5835A086D4E8CE2A97E497302C2CF03218A8551860B8D8B7AE64FC75F1D7F825C0AF12
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......Y.R..........................:q.......s......:q......:q.................7...........:q......:q......:q......:q......Rich....................................PE..L....."f..................i......... =`.......i...@..........................Pp.....V.m...@...................................m.......n.x$............l..)....n.......m.....................<.m.......m.@.............i..............................text....~i.......i................. ..`.rdata...T....i..V....i.............@..@.data.........m..6....m.............@....gfids..|.....n.......n.............@..@.tls..........n.......n.............@....rsrc...x$....n..&....n.............@..@.reloc........n......Dn.............@..B........................................................................................................................................................................................

        C:\Users\user\Downloads\f49b3257-f62a-478f-b4f0-8489b6810a44.tmp

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):15829
        Entropy (8bit):6.391685835474668
        Encrypted:false
        SSDEEP:
        MD5:D0E3A55C471544F838A9F0502C7D4DFD
        SHA1:83031998E3FBAA9DAD58B3BF1D8574C801558EF5
        SHA-256:C5BC5BC7CE54753E4FE18974F4E143173DE415AC43D15B08938A0A823418133B
        SHA-512:EF85596D97C1FF61AD46D374C0FD4FB16B023FBA097FB27A1471038C9C3C8072C7432ADD5F8B35E13372E62EECE45CEE0DCD5BF61DC9763EEFA44C6D36DD0AEA
        Malicious:true
        Reputation:unknown
        Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......Y.R..........................:q.......s......:q......:q.................7...........:q......:q......:q......:q......Rich....................................PE..L....."f..................i......... =`.......i...@..........................Pp.....V.m...@...................................m.......n.x$............l..)....n.......m.....................<.m.......m.@.............i..............................text....~i.......i................. ..`.rdata...T....i..V....i.............@..@.data.........m..6....m.............@....gfids..|.....n.......n.............@..@.tls..........n.......n.............@....rsrc...x$....n..&....n.............@..@.reloc........n......Dn.............@..B........................................................................................................................................................................................

        Static File Info

        No static file info