Automated Malware Analysis IOC Report for

Details

File:	C:\Program Files (x86)\MPC-HC\CrashReporter\crashrpt.dll (copy)
Category:	dropped
Dump:	is-0SBI0.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\CrashReporter\dbghelp.dll (copy)
Category:	dropped
Dump:	is-COO4M.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\CrashReporter\is-0SBI0.tmp
Category:	dropped
Dump:	is-0SBI0.tmp.20.dr
ID:	dr_95
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	6.527139628223048
Encrypted:	false
Size:	140800
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\CrashReporter\is-COO4M.tmp
Category:	dropped
Dump:	is-COO4M.tmp.20.dr
ID:	dr_96
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Entropy:	6.38472698519676
Encrypted:	false
Size:	1213200
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\CrashReporter\is-VLCLE.tmp
Category:	dropped
Dump:	is-VLCLE.tmp.20.dr
ID:	dr_97
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy:	6.648173623031608
Encrypted:	false
Size:	687616
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\CrashReporter\sendrpt.exe (copy)
Category:	dropped
Dump:	is-VLCLE.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\IntelQuickSyncDecoder.dll (copy)
Category:	dropped
Dump:	is-NI1KP.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\LAVAudio.ax (copy)
Category:	dropped
Dump:	is-8S77H.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\LAVSplitter.ax (copy)
Category:	dropped
Dump:	is-DCB43.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\LAVVideo.ax (copy)
Category:	dropped
Dump:	is-M8EL4.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\avcodec-lav-59.dll (copy)
Category:	dropped
Dump:	is-A4ORV.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\avfilter-lav-8.dll (copy)
Category:	dropped
Dump:	is-8I2S7.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\avformat-lav-59.dll (copy)
Category:	dropped
Dump:	is-NU37N.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\avutil-lav-57.dll (copy)
Category:	dropped
Dump:	is-LRKKH.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\is-8I2S7.tmp
Category:	dropped
Dump:	is-8I2S7.tmp.20.dr
ID:	dr_121
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Entropy:	6.410560363959846
Encrypted:	false
Size:	201852
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\is-8S77H.tmp
Category:	dropped
Dump:	is-8S77H.tmp.20.dr
ID:	dr_17
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	6.467265073283629
Encrypted:	false
Size:	255488
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\is-A4ORV.tmp
Category:	dropped
Dump:	is-A4ORV.tmp.20.dr
ID:	dr_119
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Entropy:	6.672966736260132
Encrypted:	false
Size:	13180028
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\is-DCB43.tmp
Category:	dropped
Dump:	is-DCB43.tmp.20.dr
ID:	dr_18
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	6.554049349563921
Encrypted:	false
Size:	538624
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\is-FA2AP.tmp
Category:	dropped
Dump:	is-FA2AP.tmp.20.dr
ID:	dr_15
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Entropy:	6.446652960268184
Encrypted:	false
Size:	123004
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\is-LRKKH.tmp
Category:	dropped
Dump:	is-LRKKH.tmp.20.dr
ID:	dr_125
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Entropy:	6.528245576780367
Encrypted:	false
Size:	676988
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\is-M8EL4.tmp
Category:	dropped
Dump:	is-M8EL4.tmp.20.dr
ID:	dr_19
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	6.6371967291092675
Encrypted:	false
Size:	1041920
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\is-MNOND.tmp
Category:	dropped
Dump:	is-MNOND.tmp.20.dr
ID:	dr_14
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	6.679341930132071
Encrypted:	false
Size:	315392
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\is-NI1KP.tmp
Category:	dropped
Dump:	is-NI1KP.tmp.20.dr
ID:	dr_13
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	6.570108161995195
Encrypted:	false
Size:	395776
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\is-NU37N.tmp
Category:	dropped
Dump:	is-NU37N.tmp.20.dr
ID:	dr_123
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Entropy:	6.475117418270643
Encrypted:	false
Size:	5041788
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\is-Q09AS.tmp
Category:	dropped
Dump:	is-Q09AS.tmp.20.dr
ID:	dr_16
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Entropy:	6.569262046956974
Encrypted:	false
Size:	579196
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\libbluray.dll (copy)
Category:	dropped
Dump:	is-MNOND.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\swresample-lav-4.dll (copy)
Category:	dropped
Dump:	is-FA2AP.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\swscale-lav-6.dll (copy)
Category:	dropped
Dump:	is-Q09AS.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-0VBGR.tmp
Category:	dropped
Dump:	is-0VBGR.tmp.20.dr
ID:	dr_129
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.117469872512372
Encrypted:	false
Size:	190976
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-276B0.tmp
Category:	dropped
Dump:	is-276B0.tmp.20.dr
ID:	dr_91
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.032115775884918
Encrypted:	false
Size:	178176
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-2SST0.tmp
Category:	dropped
Dump:	is-2SST0.tmp.20.dr
ID:	dr_88
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.7628653602458595
Encrypted:	false
Size:	192000
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-49CFF.tmp
Category:	dropped
Dump:	is-49CFF.tmp.20.dr
ID:	dr_12
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.1470042031366114
Encrypted:	false
Size:	186368
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-4IFSU.tmp
Category:	dropped
Dump:	is-4IFSU.tmp.20.dr
ID:	dr_31
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.045547790651712
Encrypted:	false
Size:	171008
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-4J1PM.tmp
Category:	dropped
Dump:	is-4J1PM.tmp.20.dr
ID:	dr_130
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.045799099414401
Encrypted:	false
Size:	194560
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-4LSBI.tmp
Category:	dropped
Dump:	is-4LSBI.tmp.20.dr
ID:	dr_110
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.1011412839067845
Encrypted:	false
Size:	186368
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-5G7SG.tmp
Category:	dropped
Dump:	is-5G7SG.tmp.20.dr
ID:	dr_20
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.043737264924058
Encrypted:	false
Size:	180736
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-6EMAN.tmp
Category:	dropped
Dump:	is-6EMAN.tmp.20.dr
ID:	dr_109
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.062248069098844
Encrypted:	false
Size:	181760
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-9F7JP.tmp
Category:	dropped
Dump:	is-9F7JP.tmp.20.dr
ID:	dr_28
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.646807333738151
Encrypted:	false
Size:	185344
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-9U2V9.tmp
Category:	dropped
Dump:	is-9U2V9.tmp.20.dr
ID:	dr_107
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	3.981809091111126
Encrypted:	false
Size:	189952
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-A27KQ.tmp
Category:	dropped
Dump:	is-A27KQ.tmp.20.dr
ID:	dr_108
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.675603254813225
Encrypted:	false
Size:	164352
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-A3VA9.tmp
Category:	dropped
Dump:	is-A3VA9.tmp.20.dr
ID:	dr_105
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.026905560457394
Encrypted:	false
Size:	178688
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-B3Q3D.tmp
Category:	dropped
Dump:	is-B3Q3D.tmp.20.dr
ID:	dr_26
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.159523163576614
Encrypted:	false
Size:	179712
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-CIPNU.tmp
Category:	dropped
Dump:	is-CIPNU.tmp.20.dr
ID:	dr_30
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.066305048505067
Encrypted:	false
Size:	182272
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-E1CCJ.tmp
Category:	dropped
Dump:	is-E1CCJ.tmp.20.dr
ID:	dr_29
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.398245450397112
Encrypted:	false
Size:	176640
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-E5DT3.tmp
Category:	dropped
Dump:	is-E5DT3.tmp.20.dr
ID:	dr_24
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.0623033297896445
Encrypted:	false
Size:	176640
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-E6IKC.tmp
Category:	dropped
Dump:	is-E6IKC.tmp.20.dr
ID:	dr_113
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.006737768928531
Encrypted:	false
Size:	191488
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-F3958.tmp
Category:	dropped
Dump:	is-F3958.tmp.20.dr
ID:	dr_115
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.7405412206642
Encrypted:	false
Size:	168448
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-F602M.tmp
Category:	dropped
Dump:	is-F602M.tmp.20.dr
ID:	dr_103
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	3.95119609100196
Encrypted:	false
Size:	199168
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-G1JA9.tmp
Category:	dropped
Dump:	is-G1JA9.tmp.20.dr
ID:	dr_122
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	5.219677660312387
Encrypted:	false
Size:	138752
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-GB9QV.tmp
Category:	dropped
Dump:	is-GB9QV.tmp.20.dr
ID:	dr_86
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.662011097550516
Encrypted:	false
Size:	180224
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-GBT2L.tmp
Category:	dropped
Dump:	is-GBT2L.tmp.20.dr
ID:	dr_120
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	3.9693192116648714
Encrypted:	false
Size:	184832
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-GGN6G.tmp
Category:	dropped
Dump:	is-GGN6G.tmp.20.dr
ID:	dr_90
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.168392903766762
Encrypted:	false
Size:	180736
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-H1HG0.tmp
Category:	dropped
Dump:	is-H1HG0.tmp.20.dr
ID:	dr_111
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.549807763547179
Encrypted:	false
Size:	176640
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-HM83S.tmp
Category:	dropped
Dump:	is-HM83S.tmp.20.dr
ID:	dr_127
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	3.987047605657096
Encrypted:	false
Size:	180736
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-HRP5E.tmp
Category:	dropped
Dump:	is-HRP5E.tmp.20.dr
ID:	dr_126
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.081166508786724
Encrypted:	false
Size:	181760
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-I8O7B.tmp
Category:	dropped
Dump:	is-I8O7B.tmp.20.dr
ID:	dr_128
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.534027640263222
Encrypted:	false
Size:	172544
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-JLURM.tmp
Category:	dropped
Dump:	is-JLURM.tmp.20.dr
ID:	dr_116
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	5.185140911986958
Encrypted:	false
Size:	122368
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-JNJ28.tmp
Category:	dropped
Dump:	is-JNJ28.tmp.20.dr
ID:	dr_87
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.584124040700956
Encrypted:	false
Size:	186368
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-JOOLQ.tmp
Category:	dropped
Dump:	is-JOOLQ.tmp.20.dr
ID:	dr_114
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	3.9883815415551536
Encrypted:	false
Size:	189952
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-KAM7D.tmp
Category:	dropped
Dump:	is-KAM7D.tmp.20.dr
ID:	dr_112
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.02029665351393
Encrypted:	false
Size:	178688
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-KGDJ9.tmp
Category:	dropped
Dump:	is-KGDJ9.tmp.20.dr
ID:	dr_27
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.656944160039455
Encrypted:	false
Size:	178688
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-MR3Q5.tmp
Category:	dropped
Dump:	is-MR3Q5.tmp.20.dr
ID:	dr_117
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	5.175412940165455
Encrypted:	false
Size:	124928
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-N3ECJ.tmp
Category:	dropped
Dump:	is-N3ECJ.tmp.20.dr
ID:	dr_124
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.765280163800668
Encrypted:	false
Size:	147968
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-O5PQ3.tmp
Category:	dropped
Dump:	is-O5PQ3.tmp.20.dr
ID:	dr_93
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.73804013385777
Encrypted:	false
Size:	195584
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-PF32S.tmp
Category:	dropped
Dump:	is-PF32S.tmp.20.dr
ID:	dr_22
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.633675453397267
Encrypted:	false
Size:	180736
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-RT0HS.tmp
Category:	dropped
Dump:	is-RT0HS.tmp.20.dr
ID:	dr_89
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	3.973100637519258
Encrypted:	false
Size:	198656
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-S4643.tmp
Category:	dropped
Dump:	is-S4643.tmp.20.dr
ID:	dr_11
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.630234470115411
Encrypted:	false
Size:	185344
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-S9DSV.tmp
Category:	dropped
Dump:	is-S9DSV.tmp.20.dr
ID:	dr_85
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.602656227809015
Encrypted:	false
Size:	165888
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-SG7J4.tmp
Category:	dropped
Dump:	is-SG7J4.tmp.20.dr
ID:	dr_32
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.017408256084606
Encrypted:	false
Size:	177152
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-SMKID.tmp
Category:	dropped
Dump:	is-SMKID.tmp.20.dr
ID:	dr_106
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	3.9500512045157175
Encrypted:	false
Size:	201216
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-V0FJK.tmp
Category:	dropped
Dump:	is-V0FJK.tmp.20.dr
ID:	dr_92
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	4.024625456341424
Encrypted:	false
Size:	183808
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\is-VJ7MT.tmp
Category:	dropped
Dump:	is-VJ7MT.tmp.20.dr
ID:	dr_104
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	3.997562140145238
Encrypted:	false
Size:	182272
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.ar.dll (copy)
Category:	dropped
Dump:	is-S9DSV.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.be.dll (copy)
Category:	dropped
Dump:	is-GB9QV.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.bg.dll (copy)
Category:	dropped
Dump:	is-JNJ28.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.bn.dll (copy)
Category:	dropped
Dump:	is-2SST0.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.bs_BA.dll (copy)
Category:	dropped
Dump:	is-CIPNU.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.ca.dll (copy)
Category:	dropped
Dump:	is-RT0HS.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.cs.dll (copy)
Category:	dropped
Dump:	is-GGN6G.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.da.dll (copy)
Category:	dropped
Dump:	is-276B0.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.de.dll (copy)
Category:	dropped
Dump:	is-V0FJK.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.el.dll (copy)
Category:	dropped
Dump:	is-O5PQ3.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.en_GB.dll (copy)
Category:	dropped
Dump:	is-4IFSU.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.es.dll (copy)
Category:	dropped
Dump:	is-F602M.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.eu.dll (copy)
Category:	dropped
Dump:	is-VJ7MT.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.fi.dll (copy)
Category:	dropped
Dump:	is-A3VA9.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.fr.dll (copy)
Category:	dropped
Dump:	is-SMKID.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.gl.dll (copy)
Category:	dropped
Dump:	is-9U2V9.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.he.dll (copy)
Category:	dropped
Dump:	is-A27KQ.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.hr.dll (copy)
Category:	dropped
Dump:	is-6EMAN.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.hu.dll (copy)
Category:	dropped
Dump:	is-4LSBI.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.hy.dll (copy)
Category:	dropped
Dump:	is-H1HG0.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.id.dll (copy)
Category:	dropped
Dump:	is-KAM7D.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.it.dll (copy)
Category:	dropped
Dump:	is-GBT2L.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.ja.dll (copy)
Category:	dropped
Dump:	is-G1JA9.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.ko.dll (copy)
Category:	dropped
Dump:	is-N3ECJ.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.lt.dll (copy)
Category:	dropped
Dump:	is-HRP5E.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.ms_MY.dll (copy)
Category:	dropped
Dump:	is-SG7J4.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.nl.dll (copy)
Category:	dropped
Dump:	is-HM83S.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.pa.dll (copy)
Category:	dropped
Dump:	is-I8O7B.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.pl.dll (copy)
Category:	dropped
Dump:	is-0VBGR.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.pt_BR.dll (copy)
Category:	dropped
Dump:	is-E6IKC.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.pt_PT.dll (copy)
Category:	dropped
Dump:	is-JOOLQ.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.ro.dll (copy)
Category:	dropped
Dump:	is-4J1PM.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.ru.dll (copy)
Category:	dropped
Dump:	is-S4643.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.sk.dll (copy)
Category:	dropped
Dump:	is-49CFF.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.sl.dll (copy)
Category:	dropped
Dump:	is-5G7SG.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.sr.dll (copy)
Category:	dropped
Dump:	is-PF32S.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.sv.dll (copy)
Category:	dropped
Dump:	is-E5DT3.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.th_TH.dll (copy)
Category:	dropped
Dump:	is-F3958.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.tr.dll (copy)
Category:	dropped
Dump:	is-B3Q3D.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.tt.dll (copy)
Category:	dropped
Dump:	is-KGDJ9.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.uk.dll (copy)
Category:	dropped
Dump:	is-9F7JP.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.vi.dll (copy)
Category:	dropped
Dump:	is-E1CCJ.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.zh_CN.dll (copy)
Category:	dropped
Dump:	is-JLURM.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Lang\mpcresources.zh_TW.dll (copy)
Category:	dropped
Dump:	is-MR3Q5.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\d3dcompiler_47.dll (copy)
Category:	dropped
Dump:	is-VGCFT.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\d3dx9_43.dll (copy)
Category:	dropped
Dump:	is-E50CV.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\is-5RD0J.tmp
Category:	dropped
Dump:	is-5RD0J.tmp.20.dr
ID:	dr_84
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy:	6.611392068048327
Encrypted:	false
Size:	7884800
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior

Details

File:	C:\Program Files (x86)\MPC-HC\is-E50CV.tmp
Category:	dropped
Dump:	is-E50CV.tmp.20.dr
ID:	dr_25
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	6.7631254131269465
Encrypted:	false
Size:	1998168
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\is-EHUPO.tmp
Category:	dropped
Dump:	is-EHUPO.tmp.20.dr
ID:	dr_118
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	6.933545648523911
Encrypted:	false
Size:	2515456
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\is-I5VSF.tmp
Category:	dropped
Dump:	is-I5VSF.tmp.20.dr
ID:	dr_33
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	6.7114817889323675
Encrypted:	false
Size:	5690832
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\is-Q271V.tmp
Category:	dropped
Dump:	is-Q271V.tmp.20.dr
ID:	dr_73
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy:	6.432557081344389
Encrypted:	false
Size:	1267339
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\is-VGCFT.tmp
Category:	dropped
Dump:	is-VGCFT.tmp.20.dr
ID:	dr_23
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Entropy:	6.55410464930608
Encrypted:	false
Size:	3550208
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files (x86)\MPC-HC\mediainfo.dll (copy)
Category:	dropped
Dump:	is-I5VSF.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\mpc-hc.exe (copy)
Category:	dropped
Dump:	is-5RD0J.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Checks for available system drives (often done to infect USB drives)	Spreading	Replication Through Removable Media Peripheral Device Discovery
Creates a process in suspended mode (likely to inject code)	HIPS / PFW / Operating System Protection Evasion	Process Injection
Creates mutexes	System Summary
Disables application error messsages (SetErrorMode)	Hooking and other Techniques for Hiding and Protection
Spawns processes	System Summary	Process Injection
Tries to load missing DLLs	System Summary	DLL Side-Loading

Details

File:	C:\Program Files (x86)\MPC-HC\mpciconlib.dll (copy)
Category:	dropped
Dump:	is-EHUPO.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\unins000.exe (copy)
Category:	dropped
Dump:	is-Q271V.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exe
Category:	dropped
Dump:	MPC-HC.1.9.19.x86.exe.13.dr
ID:	dr_8
Target ID:	13
Process:	C:\Users\user\Downloads\ImgBurn_822881.exe
Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy:	7.99864901932948
Encrypted:	true
Size:	16687163
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion
Creates temporary files	System Summary
Disables application error messsages (SetErrorMode)	Hooking and other Techniques for Hiding and Protection
Parts of this applications are using Borland Delphi (Probably coded in Delphi)	System Summary
Spawns processes	System Summary	Process Injection
Tries to load missing DLLs	System Summary	DLL Side-Loading

Details

File:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Category:	dropped
Dump:	MPC-HC.1.9.19.x86.tmp.19.dr
ID:	dr_9
Target ID:	19
Process:	C:\Users\user\AppData\Local\MPC-HC\MPC-HC.1.9.19.x86.exe
Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy:	6.459632560987053
Encrypted:	false
Size:	1244672
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion
Queries keyboard layouts	Malware Analysis System Evasion	System Information Discovery
Queries the volume information (name, serial number etc) of a device	Language, Device and Operating System Detection	System Information Discovery
Stores files to the Windows start menu directory	Boot Survival	Registry Run Keys / Startup Folder
Creates files inside the program directory	System Summary	Masquerading
Creates mutexes	System Summary
Disables application error messsages (SetErrorMode)	Hooking and other Techniques for Hiding and Protection
Parts of this applications are using Borland Delphi (Probably coded in Delphi)	System Summary
Reads the Windows registered organization settings	System Summary	System Owner/User Discovery
Spawns processes	System Summary	Process Injection
Tries to load missing DLLs	System Summary	DLL Side-Loading
Executable creates window controls seldom found in malware	System Summary
Uses Rich Edit Controls	System Summary
Reads the Windows registered owner settings	System Summary	System Owner/User Discovery

Details

File:	C:\Users\user\AppData\Local\Temp\is-CSEKA.tmp\_isetup\_setup64.tmp
Category:	dropped
Dump:	_setup64.tmp.20.dr
ID:	dr_10
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	PE32+ executable (console) x86-64, for MS Windows
Entropy:	4.720366600008286
Encrypted:	false
Size:	6144
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Users\user\Downloads\ImgBurn_822881.exe (copy)
Category:	dropped
Dump:	Unconfirmed 271687.crdownload.0.dr
Target ID:	0
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Multi AV Scanner detection for dropped file	AV Detection	Security Software Discovery
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion
Queries a list of all running processes	Malware Analysis System Evasion	Process Discovery
Tries to load missing DLLs	System Summary	DLL Side-Loading
Uses an in-process (OLE) Automation server	System Summary

Details

File:	C:\Users\user\Downloads\Unconfirmed 271687.crdownload
Category:	dropped
Dump:	Unconfirmed 271687.crdownload.0.dr
ID:	dr_7
Target ID:	0
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy:	7.698655247603634
Encrypted:	false
Size:	23926912
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior

Details

File:	C:\Users\user\Downloads\f49b3257-f62a-478f-b4f0-8489b6810a44.tmp
Category:	dropped
Dump:	f49b3257-f62a-478f-b4f0-8489b6810a44.tmp.0.dr
ID:	dr_0
Target ID:	0
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy:	6.391685835474668
Encrypted:	false
Size:	15829
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Creates files inside the user directory	System Summary	Masquerading

Details

File:	C:\Program Files (x86)\MPC-HC\Authors.txt (copy)
Category:	dropped
Dump:	is-SERGA.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	Unicode text, UTF-8 text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\COPYING.txt (copy)
Category:	dropped
Dump:	is-GKU7E.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\CrashReporter\CrashReporter_LICENSE.txt (copy)
Category:	dropped
Dump:	is-G979D.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\CrashReporter\is-G979D.tmp
Category:	dropped
Dump:	is-G979D.tmp.20.dr
ID:	dr_98
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.1417237607003115
Encrypted:	false
Size:	1308
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\LAVFilters.Dependencies.manifest (copy)
Category:	dropped
Dump:	is-KOOLH.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	XML 1.0 document, ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\LAVFilters\is-KOOLH.tmp
Category:	dropped
Dump:	is-KOOLH.tmp.20.dr
ID:	dr_21
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	XML 1.0 document, ASCII text, with CRLF line terminators
Entropy:	4.981564792676434
Encrypted:	false
Size:	493
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\0-255 to 16-235.hlsl (copy)
Category:	dropped
Dump:	is-SNQ0F.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\16-235 to 0-255 [SD].hlsl (copy)
Category:	dropped
Dump:	is-M65BF.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\16-235 to 0-255.hlsl (copy)
Category:	dropped
Dump:	is-GRNFO.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\Adaptive sharpen.hlsl (copy)
Category:	dropped
Dump:	is-Q1P7C.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ISO-8859 text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\BT.601 to BT.709 [HD].hlsl (copy)
Category:	dropped
Dump:	is-8DD8O.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\Deinterlace (blend).hlsl (copy)
Category:	dropped
Dump:	is-STI7V.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\Denoise.hlsl (copy)
Category:	dropped
Dump:	is-VSMT7.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\Edge sharpen.hlsl (copy)
Category:	dropped
Dump:	is-M1H5R.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\Gaussian Blur 3x3.hlsl (copy)
Category:	dropped
Dump:	is-EDB84.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\Gaussian Blur_pass1.hlsl (copy)
Category:	dropped
Dump:	is-QA77R.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\Gaussian Blur_pass2.hlsl (copy)
Category:	dropped
Dump:	is-1VRBM.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\Grayscale.hlsl (copy)
Category:	dropped
Dump:	is-6JGP3.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\Invert.hlsl (copy)
Category:	dropped
Dump:	is-3TNVB.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\LCD angle correction.hlsl (copy)
Category:	dropped
Dump:	is-93GES.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with very long lines (321), with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\Letterbox.hlsl (copy)
Category:	dropped
Dump:	is-8LPDR.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\LumaSharpen.hlsl (copy)
Category:	dropped
Dump:	is-MLMUR.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\Nightvision.hlsl (copy)
Category:	dropped
Dump:	is-OA634.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\Procamp.hlsl (copy)
Category:	dropped
Dump:	is-9G34Q.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\Sepia.hlsl (copy)
Category:	dropped
Dump:	is-DVJAE.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\Sharpen complex 2.hlsl (copy)
Category:	dropped
Dump:	is-TC6OS.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\Sharpen complex.hlsl (copy)
Category:	dropped
Dump:	is-00SS8.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\Sharpen.hlsl (copy)
Category:	dropped
Dump:	is-TNRLC.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	xbm image (x, ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\Threshold.hlsl (copy)
Category:	dropped
Dump:	is-18ES8.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\YV12 chroma upsampling.hlsl (copy)
Category:	dropped
Dump:	is-K1LCT.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-00SS8.tmp
Category:	dropped
Dump:	is-00SS8.tmp.20.dr
ID:	dr_79
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	5.2217152237068305
Encrypted:	false
Size:	2850
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-18ES8.tmp
Category:	dropped
Dump:	is-18ES8.tmp.20.dr
ID:	dr_81
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.2293929092024785
Encrypted:	false
Size:	337
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-1VRBM.tmp
Category:	dropped
Dump:	is-1VRBM.tmp.20.dr
ID:	dr_68
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.338005698599505
Encrypted:	false
Size:	2242
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-3TNVB.tmp
Category:	dropped
Dump:	is-3TNVB.tmp.20.dr
ID:	dr_70
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.195247880810591
Encrypted:	false
Size:	1018
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-6JGP3.tmp
Category:	dropped
Dump:	is-6JGP3.tmp.20.dr
ID:	dr_69
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.233063483252164
Encrypted:	false
Size:	1033
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-8DD8O.tmp
Category:	dropped
Dump:	is-8DD8O.tmp.20.dr
ID:	dr_62
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	5.287539846761354
Encrypted:	false
Size:	2026
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-8LPDR.tmp
Category:	dropped
Dump:	is-8LPDR.tmp.20.dr
ID:	dr_72
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	5.239006577971886
Encrypted:	false
Size:	1268
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-93GES.tmp
Category:	dropped
Dump:	is-93GES.tmp.20.dr
ID:	dr_71
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with very long lines (321), with CRLF line terminators
Entropy:	5.107750511176609
Encrypted:	false
Size:	3126
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-9G34Q.tmp
Category:	dropped
Dump:	is-9G34Q.tmp.20.dr
ID:	dr_76
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.2377959574600235
Encrypted:	false
Size:	2024
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-DVJAE.tmp
Category:	dropped
Dump:	is-DVJAE.tmp.20.dr
ID:	dr_77
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.034877999140006
Encrypted:	false
Size:	1435
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-EDB84.tmp
Category:	dropped
Dump:	is-EDB84.tmp.20.dr
ID:	dr_66
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.26287252162633
Encrypted:	false
Size:	1989
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-GRNFO.tmp
Category:	dropped
Dump:	is-GRNFO.tmp.20.dr
ID:	dr_60
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.224872467088878
Encrypted:	false
Size:	1087
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-K1LCT.tmp
Category:	dropped
Dump:	is-K1LCT.tmp.20.dr
ID:	dr_82
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.299687457030167
Encrypted:	false
Size:	2628
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-M1H5R.tmp
Category:	dropped
Dump:	is-M1H5R.tmp.20.dr
ID:	dr_65
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	5.246014526364438
Encrypted:	false
Size:	2627
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-M65BF.tmp
Category:	dropped
Dump:	is-M65BF.tmp.20.dr
ID:	dr_59
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	5.241539852529995
Encrypted:	false
Size:	1345
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-MLMUR.tmp
Category:	dropped
Dump:	is-MLMUR.tmp.20.dr
ID:	dr_74
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	4.929910627789649
Encrypted:	false
Size:	10994
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-OA634.tmp
Category:	dropped
Dump:	is-OA634.tmp.20.dr
ID:	dr_75
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.199420241354347
Encrypted:	false
Size:	1021
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-Q1P7C.tmp
Category:	dropped
Dump:	is-Q1P7C.tmp.20.dr
ID:	dr_61
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ISO-8859 text, with CRLF line terminators
Entropy:	5.209802846292347
Encrypted:	false
Size:	10238
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-QA77R.tmp
Category:	dropped
Dump:	is-QA77R.tmp.20.dr
ID:	dr_67
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.319778603458883
Encrypted:	false
Size:	2397
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-SNQ0F.tmp
Category:	dropped
Dump:	is-SNQ0F.tmp.20.dr
ID:	dr_58
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.223383334214005
Encrypted:	false
Size:	1085
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-STI7V.tmp
Category:	dropped
Dump:	is-STI7V.tmp.20.dr
ID:	dr_63
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.226632803963064
Encrypted:	false
Size:	1319
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-TC6OS.tmp
Category:	dropped
Dump:	is-TC6OS.tmp.20.dr
ID:	dr_78
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	5.213334445417465
Encrypted:	false
Size:	3436
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-TNRLC.tmp
Category:	dropped
Dump:	is-TNRLC.tmp.20.dr
ID:	dr_80
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	xbm image (x, ASCII text, with CRLF line terminators
Entropy:	5.260438624163199
Encrypted:	false
Size:	1846
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders11\is-VSMT7.tmp
Category:	dropped
Dump:	is-VSMT7.tmp.20.dr
ID:	dr_64
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	5.288950823002461
Encrypted:	false
Size:	1901
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\0-255 to 16-235.hlsl (copy)
Category:	dropped
Dump:	is-AIH19.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\16-235 to 0-255 [SD].hlsl (copy)
Category:	dropped
Dump:	is-OMHDL.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\16-235 to 0-255.hlsl (copy)
Category:	dropped
Dump:	is-71GGP.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\Adaptive sharpen.hlsl (copy)
Category:	dropped
Dump:	is-BO5QJ.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ISO-8859 text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\BT.601 to BT.709 [HD].hlsl (copy)
Category:	dropped
Dump:	is-CAPES.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\Deinterlace (blend).hlsl (copy)
Category:	dropped
Dump:	is-SPH4I.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\Denoise.hlsl (copy)
Category:	dropped
Dump:	is-SJR2A.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\Edge sharpen.hlsl (copy)
Category:	dropped
Dump:	is-O3MD7.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\Gaussian Blur 3x3.hlsl (copy)
Category:	dropped
Dump:	is-JENJ1.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\Gaussian Blur_pass1.hlsl (copy)
Category:	dropped
Dump:	is-H7VSC.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\Gaussian Blur_pass2.hlsl (copy)
Category:	dropped
Dump:	is-24T89.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\Grayscale.hlsl (copy)
Category:	dropped
Dump:	is-7JRM4.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\Invert.hlsl (copy)
Category:	dropped
Dump:	is-PGLMH.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\LCD angle correction.hlsl (copy)
Category:	dropped
Dump:	is-KU90Q.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with very long lines (313), with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\Letterbox.hlsl (copy)
Category:	dropped
Dump:	is-567TF.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\LumaSharpen.hlsl (copy)
Category:	dropped
Dump:	is-LJ1R1.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	xbm image (x, ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\Nightvision.hlsl (copy)
Category:	dropped
Dump:	is-L28M3.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\Procamp.hlsl (copy)
Category:	dropped
Dump:	is-M9D1K.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	xbm image (x, ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\Sepia.hlsl (copy)
Category:	dropped
Dump:	is-Q0LGJ.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	xbm image (x, ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\Sharpen complex 2.hlsl (copy)
Category:	dropped
Dump:	is-SK55N.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\Sharpen complex.hlsl (copy)
Category:	dropped
Dump:	is-D3M2F.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\Sharpen.hlsl (copy)
Category:	dropped
Dump:	is-QIVIJ.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	xbm image (x, ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\Threshold.hlsl (copy)
Category:	dropped
Dump:	is-UG04E.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\YV12 chroma upsampling.hlsl (copy)
Category:	dropped
Dump:	is-QT03T.tmp.20.dr
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	0.0
Encrypted:	false
Size:	0
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-24T89.tmp
Category:	dropped
Dump:	is-24T89.tmp.20.dr
ID:	dr_44
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	5.361080430163981
Encrypted:	false
Size:	1735
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-567TF.tmp
Category:	dropped
Dump:	is-567TF.tmp.20.dr
ID:	dr_48
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	5.225272673050189
Encrypted:	false
Size:	1137
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-71GGP.tmp
Category:	dropped
Dump:	is-71GGP.tmp.20.dr
ID:	dr_36
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.2047299993285
Encrypted:	false
Size:	1010
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-7JRM4.tmp
Category:	dropped
Dump:	is-7JRM4.tmp.20.dr
ID:	dr_45
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.212006404590827
Encrypted:	false
Size:	957
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-AIH19.tmp
Category:	dropped
Dump:	is-AIH19.tmp.20.dr
ID:	dr_34
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.202978947712847
Encrypted:	false
Size:	1008
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-BO5QJ.tmp
Category:	dropped
Dump:	is-BO5QJ.tmp.20.dr
ID:	dr_37
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ISO-8859 text, with CRLF line terminators
Entropy:	5.198051216727897
Encrypted:	false
Size:	9904
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-CAPES.tmp
Category:	dropped
Dump:	is-CAPES.tmp.20.dr
ID:	dr_38
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	5.265885018749925
Encrypted:	false
Size:	1898
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-D3M2F.tmp
Category:	dropped
Dump:	is-D3M2F.tmp.20.dr
ID:	dr_54
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	5.1997517220160265
Encrypted:	false
Size:	2651
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-H7VSC.tmp
Category:	dropped
Dump:	is-H7VSC.tmp.20.dr
ID:	dr_43
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	5.37996036394343
Encrypted:	false
Size:	2677
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-JENJ1.tmp
Category:	dropped
Dump:	is-JENJ1.tmp.20.dr
ID:	dr_42
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.2471213272737405
Encrypted:	false
Size:	1790
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-KU90Q.tmp
Category:	dropped
Dump:	is-KU90Q.tmp.20.dr
ID:	dr_47
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with very long lines (313), with CRLF line terminators
Entropy:	5.07809882722948
Encrypted:	false
Size:	2915
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-L28M3.tmp
Category:	dropped
Dump:	is-L28M3.tmp.20.dr
ID:	dr_50
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.177255453393304
Encrypted:	false
Size:	941
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-LJ1R1.tmp
Category:	dropped
Dump:	is-LJ1R1.tmp.20.dr
ID:	dr_49
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	xbm image (x, ASCII text, with CRLF line terminators
Entropy:	4.951177997673802
Encrypted:	false
Size:	11161
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-M9D1K.tmp
Category:	dropped
Dump:	is-M9D1K.tmp.20.dr
ID:	dr_51
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	xbm image (x, ASCII text, with CRLF line terminators
Entropy:	5.245918244120284
Encrypted:	false
Size:	2170
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-O3MD7.tmp
Category:	dropped
Dump:	is-O3MD7.tmp.20.dr
ID:	dr_41
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	5.229757114575866
Encrypted:	false
Size:	2427
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-OMHDL.tmp
Category:	dropped
Dump:	is-OMHDL.tmp.20.dr
ID:	dr_35
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	5.237694972876292
Encrypted:	false
Size:	1182
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-PGLMH.tmp
Category:	dropped
Dump:	is-PGLMH.tmp.20.dr
ID:	dr_46
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.17302073708032
Encrypted:	false
Size:	942
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-Q0LGJ.tmp
Category:	dropped
Dump:	is-Q0LGJ.tmp.20.dr
ID:	dr_52
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	xbm image (x, ASCII text, with CRLF line terminators
Entropy:	5.0723108074992975
Encrypted:	false
Size:	1797
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-QIVIJ.tmp
Category:	dropped
Dump:	is-QIVIJ.tmp.20.dr
ID:	dr_55
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	xbm image (x, ASCII text, with CRLF line terminators
Entropy:	5.240212606157901
Encrypted:	false
Size:	1690
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-QT03T.tmp
Category:	dropped
Dump:	is-QT03T.tmp.20.dr
ID:	dr_57
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.280381895172436
Encrypted:	false
Size:	2505
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-SJR2A.tmp
Category:	dropped
Dump:	is-SJR2A.tmp.20.dr
ID:	dr_40
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	5.330943487276964
Encrypted:	false
Size:	1861
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-SK55N.tmp
Category:	dropped
Dump:	is-SK55N.tmp.20.dr
ID:	dr_53
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	C source, ASCII text, with CRLF line terminators
Entropy:	5.200862169160671
Encrypted:	false
Size:	3276
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-SPH4I.tmp
Category:	dropped
Dump:	is-SPH4I.tmp.20.dr
ID:	dr_39
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.200143064930187
Encrypted:	false
Size:	1150
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\Shaders\is-UG04E.tmp
Category:	dropped
Dump:	is-UG04E.tmp.20.dr
ID:	dr_56
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	5.209452396284435
Encrypted:	false
Size:	249
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\is-GKU7E.tmp
Category:	dropped
Dump:	is-GKU7E.tmp.20.dr
ID:	dr_83
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	ASCII text
Entropy:	4.573442652974749
Encrypted:	false
Size:	35147
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\is-SERGA.tmp
Category:	dropped
Dump:	is-SERGA.tmp.20.dr
ID:	dr_94
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	Unicode text, UTF-8 text, with CRLF line terminators
Entropy:	4.343710367299482
Encrypted:	false
Size:	5766
Whitelisted:	false

Details

File:	C:\Program Files (x86)\MPC-HC\unins000.dat
Category:	dropped
Dump:	unins000.dat.20.dr
ID:	dr_102
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	InnoSetup Log MPC-HC {2624B969-7135-4EB1-B0F6-2D8C397B45F7}, version 0x418, 28233 bytes, 960781\37\user\376\, C:\Program Files (x86)\MPC-HC\376\377\377\
Entropy:	3.921710984883035
Encrypted:	false
Size:	28233
Whitelisted:	false

Details

File:	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC\MPC-HC.lnk
Category:	dropped
Dump:	MPC-HC.lnk.20.dr
ID:	dr_99
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Icon number=0, Archive, ctime=Mon Oct 21 08:25:33 2024, mtime=Mon Oct 21 08:25:33 2024, atime=Sun Jan 30 11:00:00 2022, length=7884800, window=hide
Entropy:	4.528588088175185
Encrypted:	false
Size:	1174
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Stores files to the Windows start menu directory	Boot Survival	Registry Run Keys / Startup Folder

Details

File:	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC\Uninstall MPC-HC.lnk
Category:	dropped
Dump:	Uninstall MPC-HC.lnk.20.dr
ID:	dr_101
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Archive, ctime=Mon Oct 21 08:25:33 2024, mtime=Mon Oct 21 08:25:33 2024, atime=Mon Oct 21 08:25:23 2024, length=1267339, window=hide
Entropy:	4.611498643626445
Encrypted:	false
Size:	1116
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Stores files to the Windows start menu directory	Boot Survival	Registry Run Keys / Startup Folder

Details

File:	C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Category:	dropped
Dump:	Docs.lnk.0.dr
ID:	dr_6
Target ID:	0
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 21 08:24:32 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Entropy:	3.981947741488531
Encrypted:	false
Size:	2673
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Stores files to the Windows start menu directory	Boot Survival	Registry Run Keys / Startup Folder

Details

File:	C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Category:	dropped
Dump:	Gmail.lnk.0.dr
ID:	dr_4
Target ID:	0
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 21 08:24:32 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Entropy:	3.99756579470062
Encrypted:	false
Size:	2675
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Stores files to the Windows start menu directory	Boot Survival	Registry Run Keys / Startup Folder

Details

File:	C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Category:	dropped
Dump:	Google Drive.lnk.0.dr
ID:	dr_1
Target ID:	0
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Entropy:	4.0061626573152695
Encrypted:	false
Size:	2689
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Stores files to the Windows start menu directory	Boot Survival	Registry Run Keys / Startup Folder

Details

File:	C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Category:	dropped
Dump:	Sheets.lnk.0.dr
ID:	dr_3
Target ID:	0
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 21 08:24:32 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Entropy:	3.998859485646699
Encrypted:	false
Size:	2677
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Stores files to the Windows start menu directory	Boot Survival	Registry Run Keys / Startup Folder

Details

File:	C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Category:	dropped
Dump:	Slides.lnk.0.dr
ID:	dr_5
Target ID:	0
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 21 08:24:32 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Entropy:	3.9850285708701216
Encrypted:	false
Size:	2677
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Stores files to the Windows start menu directory	Boot Survival	Registry Run Keys / Startup Folder

Details

File:	C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Category:	dropped
Dump:	YouTube.lnk.0.dr
ID:	dr_2
Target ID:	0
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 21 08:24:32 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Entropy:	3.9948710032620434
Encrypted:	false
Size:	2679
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Stores files to the Windows start menu directory	Boot Survival	Registry Run Keys / Startup Folder

Details

File:	C:\Users\user\Desktop\MPC-HC.lnk
Category:	dropped
Dump:	MPC-HC.lnk0.20.dr
ID:	dr_100
Target ID:	20
Process:	C:\Users\user\AppData\Local\Temp\is-0EOK8.tmp\MPC-HC.1.9.19.x86.tmp
Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Icon number=0, Archive, ctime=Mon Oct 21 08:25:33 2024, mtime=Mon Oct 21 08:25:37 2024, atime=Sun Jan 30 11:00:00 2022, length=7884800, window=hide
Entropy:	4.5285604359484655
Encrypted:	false
Size:	1156
Whitelisted:	false

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
https://s3.us-east-2.amazonaws.com/revealedgceconomies/vdiq197yvi/ImgBurn_822881.exe?

Files

Domains

IPs

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reporthttps://s3.us-east-2.amazonaws.com/revealedgceconomies/vdiq197yvi/ImgBurn_822881.exe?

Files

Domains

IPs

IOC Report
https://s3.us-east-2.amazonaws.com/revealedgceconomies/vdiq197yvi/ImgBurn_822881.exe?