Virus.DelfInject.gen!AU

By CagedTech in Viruses

Threat Scorecard

Popularity Rank:	327
Threat Level:	10 % (Normal)
Infected Computers:	76,044

First Seen:	May 7, 2013
Last Seen:	April 16, 2026
OS(es) Affected:	Windows

Table of Contents

Aliases

15 security vendors flagged this file as malicious.

Antivirus Vendor	Detection
Panda	W32/ButterflyBot.A.worm
AVG	Dropper.Generic.AVIZ
Fortinet	W32/Injector.fam!tr
Ikarus	Trojan.Injector
AhnLab-V3	Win-Trojan/Buzus.88064.Q
Microsoft	VirTool:Win32/DelfInject.gen!AU
eTrust-Vet	Win32/Rimecud.AF
Sophos	Mal/EncPK-LL
McAfee-GW-Edition	Heuristic.LooksLike.Win32.Suspicious.C
AntiVir	TR/Spy.Gen
F-Secure	Trojan:W32/DelfInject.gen!D
Comodo	Worm.Win32.Peerfrag.BP0
BitDefender	Trojan.Inject.Delf.E
Kaspersky	Trojan.Win32.Buzus.fhsu
ClamAV	Trojan.Buzus-5397

SpyHunter Detects & Remove Virus.DelfInject.gen!AU

File System Details

Virus.DelfInject.gen!AU may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	msimfo32.exe	1801b37752cb751ac4b6d8fe7d6acd12	2
Name: msimfo32.exe MD5: 1801b37752cb751ac4b6d8fe7d6acd12 Size: 88.06 KB (88064 bytes) Detections: 2 Type: Executable File Path: C:\RECYCLER\S-1-5-21-6235212095-7412704869-181541659-8761 Group: Malware file Last Updated: May 8, 2013

Analysis Report

General information

Family Name:	PUP.DllInject
Signature status:	No Signature

Known Samples

MD5: 7c64deb5e358dfe7f13f0c4c5ab66494

SHA1: 6869f8c404050205ab2bfb214516bb7bae82cbd6

File Size: 108.05 KB, 108052 bytes

MD5: 07b31ae4d514518885def22c93c63622

SHA1: 6751ac88cdd61392b23f340278b23a70256cff2e

File Size: 8.93 MB, 8933376 bytes

MD5: 56292b0399f931a663c74d2970f43df2

SHA1: dd0df2e569c2456f797ef8b40d5390df15f4c3dd

File Size: 536.58 KB, 536576 bytes

MD5: 1e9f81a2c7e1dd6d91f2c328ff6bcd10

SHA1: 8bba07580284b35324988875f98d22e33c9fb872

File Size: 34.30 KB, 34304 bytes

MD5: bafcbf8ade3ad4803c53ea643cd77902

SHA1: c1c51eebb80f21dfa63299fdcc2714d8d86e7c8e

File Size: 115.20 KB, 115200 bytes

MD5: 81248d2b70e4db8a605e30a0e4e42621

SHA1: 40448f7c82220f59537a7f7fc8d649e6c8670482

File Size: 108.05 KB, 108052 bytes

MD5: 5119923f77b593e333601cd0ed00fa94

SHA1: 5634c751555bc94a5c291d57d636deae3a870b82

SHA256: F34CA85AE7B15FB7966A536B6F3711F1E3D2D692F1979394E9DD0B1224CFABBC

File Size: 93.18 KB, 93184 bytes

MD5: f5cf0207f3868a6d14b66072bada310f

SHA1: d8c020daf09518c69231414df2c7135b3ab42d81

SHA256: 126B0B896146825689A15693A5CA6454F352397077AD4EDDC3E2B72FBAB16E3F

File Size: 14.34 KB, 14336 bytes

MD5: 11e2c865761032eb777a05e7361b0949

SHA1: 4f400cc5ba8c629257e5ee9e36bdcdf48fe5e099

SHA256: 66D373E36A0F32E7680135FCA72F2D8CBC12E81BC3376C12A533DB30200748A3

File Size: 13.31 KB, 13312 bytes

MD5: 00e54eaa234126f7fbb568fd429c7c90

SHA1: 9328d376c56f4074d58cdb672718f1d1c7342c44

SHA256: EE3ACFC8FB033304A789A75BA8021A7EFCB0AD2CCEE18230A0C33774F03D69A4

File Size: 26.70 KB, 26696 bytes

MD5: b4fd601e96e7a41a46640295db035ecf

SHA1: f2c568220da96a4fc92b239593e0770ba30d80f9

SHA256: D6DAA1D83906163A7F23808F0E4CF69E4FC50BB44ACBDACD1C096784F941E06A

File Size: 5.37 MB, 5365248 bytes

MD5: 0fa91a991f160ab2275ba6b6d0512ff1

SHA1: 7bd1054a08a0f47757b5682b6aa298196a73ed96

SHA256: EA61E0F8D4AC612DA30F1F3B57D90EDD188C29877D54574B67A60610A0900D73

File Size: 23.55 KB, 23552 bytes

MD5: 2cdbb700401a914ba45d5250ae1383c7

SHA1: 9d953ec868db4ed5686b0bbc1334c657b8fdde9c

SHA256: 93EEDBD2029B29ECBD9B8767998C7978E135F70CB4711679CC28B8374BF7E67B

File Size: 9.73 KB, 9728 bytes

MD5: a1da8c6b0b39c5cf83ee666931c90434

SHA1: 28d955d71b8cd5e74bc8919fcda226bd0799b0a4

SHA256: ED00CDB8C694DB8F42BFF47FC5A1B158DADA245B875539847CFF1B97FE907BCC

File Size: 59.39 KB, 59392 bytes

MD5: 0085fa43c6eebf59157932371f8cc923

SHA1: 65863c9f134acd11b4d52ff0521dbc8476533a39

SHA256: 26DA02B9C4D65B8F2D6596972630394DA4E862787E1F874642E6951D82DE26CF

File Size: 14.34 KB, 14336 bytes

MD5: be27cca6942b592c59f5eeee0755cfec

SHA1: f658d1f18b7a7a032eeaa1c9bee072b4583bb6d0

SHA256: 2FEE79EDC8A64E85C61BDF1902BC856F35717085A7D044E8D6238D5F30F6DA0C

File Size: 52.22 KB, 52224 bytes

MD5: 74e8031854c44fc857c98139cfb87b34

SHA1: 5ebe1bbdcabca75a469d44c3ca8bf8f6a095a175

SHA256: 0096799CF28A7BB937A54F102D5B57CC35871EB8E08CC69008AEDDA21A1ADF26

File Size: 252.42 KB, 252416 bytes

MD5: c44b5f2c32019eb1d23327ba7eae5a43

SHA1: 26c9feee27d3a25eb4109fa0ecb798fadb03a8f7

SHA256: 9A14B09639F7296707AF6EB5CAB03A0F1023ECF3BCCE286D47FC6E5F7C0D8765

File Size: 93.70 KB, 93696 bytes

MD5: 02bdf096562b4f2304d959cc9b457a0e

SHA1: 4de83ca8986188b08c4b3d57b7d4076e89e95e61

SHA256: 12B036A65641FEE2386FC1398CBCBF00C04A5EDA740139305B3BBA64177D280D

File Size: 247.30 KB, 247296 bytes

MD5: 687a8b52c75aec6f820ed19ce662f2a7

SHA1: c2a9a614dd2509de4a908d8e6bfccd238b889aa1

SHA256: BE1A6F9959C725ABBED3147ECF10929409D7FCBA1766F52BBD6E0C4F915095AF

File Size: 29.34 KB, 29344 bytes

MD5: 2e7d767101aef83b4568339fec2c5fc6

SHA1: cff34e7b94a0b4ad1b73efb107bc0fdffd5c7f68

SHA256: 9824CE74F0D0E782C89C079726C821D873919723B7FA7139DF37AD8E9D2B1803

File Size: 7.17 KB, 7168 bytes

MD5: 7454b5a31af9b6c3ab794edb96a273c5

SHA1: b6c6a11337919b48cbd58cf31c65085ff90e571b

SHA256: F4C27C27DFB94876C75F9AE0D76DC4EC88EAC22311E0E94E9B2A3C022F0C3F90

File Size: 26.70 KB, 26696 bytes

MD5: 72e0c734fd6786067c012ade6bd2fcf2

SHA1: 17a49e5d562310fb1cf5ca1fb9886ca5f2b12c36

SHA256: EA4B79F6D7C1AED5E8692F9A0C09490054F7E7F7BC7D368AADD6A75647351224

File Size: 991.23 KB, 991232 bytes

MD5: 9eed9bfcf3e95d813ea1b0caf7a0134d

SHA1: f86a496e6ae29a6e9ac2a7633ea4d17563fc15c0

SHA256: FA9A9FDF4BC981D538F36D3BDE8114433885C5C21B9402A6B549B98EF0F5AF31

File Size: 108.05 KB, 108052 bytes

MD5: 6cf1754e8ad524e05966f34d1860a4d6

SHA1: 99b67cb1aa95abd741945e880b75232890bd8dcc

SHA256: E5102A296C43F89D951F0ACDC0A24967790549174138350CA52CF5AB9CC98D6E

File Size: 108.05 KB, 108050 bytes

MD5: 71a6c295888c639a8b0841898be27d17

SHA1: d1798297de122f69b0462d4221e6ba2aa65bbece

SHA256: 70A399C0E94C16555AF6F5F2B81FE0B97E21DF66501BA2D9946AC8D8524A0876

File Size: 51.20 KB, 51200 bytes

MD5: 4426f62f7e0a363b9cbe3541e8bd21e3

SHA1: e156937e56b067cc1d03511bd01ccba6d238f8e4

SHA256: BB094EBB508F157E4ECF848C9BA869485EE54BE571133FE857A49B78430A4BF6

File Size: 4.71 MB, 4709392 bytes

MD5: 4e58a5e71a1e941523af33c4b0284b58

SHA1: 26906ecfcc71911a89740f4fbee7df5ea2e6734f

SHA256: 4E5A107C2BF5C0163790D8F9AF0A4361A039A4222E0EB4B3788153A9EF3E78BA

File Size: 167.94 KB, 167936 bytes

MD5: 6ee8a77c909c124a921ce0afabfd3430

SHA1: bf1eaeecd842a11cebe7698f13949eed60619ab1

SHA256: FBEA74832BBCC54D795995331094902D87E97CB830274FB4C9CE6E6BDE699B06

File Size: 8.06 MB, 8062480 bytes

MD5: eba20b6754ff14e78c32cae1211fe3e0

SHA1: b16d73ec59ce768659ed3e849d88e3d9a852d71e

SHA256: A584F556C34363975990087D0BC853E79C27DE8B04EE1ECD082EAE14B1D76273

File Size: 742.40 KB, 742400 bytes

MD5: a12362172e8909086c1642cfa88edc33

SHA1: 9f557bea605e6ced2eba01af98931fb337d43e41

SHA256: 6E94852BB7CF4FF81AC2CED4BB03A0607B514A0CE8BB5BD2A1E1A75E9B7A88F1

File Size: 404.99 KB, 404992 bytes

MD5: fdc7ce848b5c218ee14d1c98abd9ead2

SHA1: 32bb674201bf51c9010ab627c365168541f6beae

SHA256: 6B592E1D35D65CDE9121E26F6CAD945A4EF56B03818D4F25F2F5BB9AE5F5877C

File Size: 108.05 KB, 108050 bytes

MD5: 121f78e291dc5ccf261665172384df50

SHA1: 96250c5a72607fed9e52995432cb50bd34cbd036

SHA256: EFF86357078B33CBC3496E3E38574C4C129A9DDB65F2EDA929F582D5036F2D3A

File Size: 819.20 KB, 819200 bytes

MD5: 1bbfb81b0ad5558a15a258712a5b6fc0

SHA1: 0ccfa178a5e3e75ceb5ad0491e4d32f78a72b947

SHA256: 86C9102A8E0F5051F84AF12199F6CB452C560488D86AEF8832EF30A67D1C9CB7

File Size: 700.93 KB, 700928 bytes

MD5: 27b4df10699bd452b1fec1414f4e99c1

SHA1: 47215af3ddc9f7532ca7af561faf9ab2600fe121

SHA256: 295B63A58E72CB5288E193C2429B73DAA8D57497D65802C95150367183D2FCF1

File Size: 1.97 MB, 1967616 bytes

MD5: 88f3fedd3111f7d4ea4718c6012bad04

SHA1: 4202f805e0c71ce7108193368ce704d75c508858

SHA256: 2B6AADD6F9C9F76C0EA36D9D2280CF5335A5B8E172DFCD715A94DF66D930BE6D

File Size: 29.34 KB, 29344 bytes

MD5: 361810b5ce1465a232d7942af83a9b19

SHA1: f2654b611c93efc94cff2a1394a523d7cb0a9406

SHA256: D7C5532C6F3D34EBC88CA3FC85B6FF8A9FEF4A26A0EA0EF845FD15B6712C74D1

File Size: 23.55 KB, 23552 bytes

MD5: 0169a7c688d4d5dfc58857ccd8128619

SHA1: 9d0f5a25fe50f1a996b247bed09b8105ee541363

SHA256: 86EB4283D0E40D1CADEAC071E1FAC19075A7A23F1DDED555888B0CF90BDB2559

File Size: 12.83 KB, 12832 bytes

MD5: 37194618c66cecf79980691866943ecc

SHA1: eacbe21c98355dbc540ab5f8cd3abd8c18f697fd

SHA256: 5C17B5EA6238C0CCDC696EBBFAAA88170D7C848D98E732483AE33FD3C8BF08DC

File Size: 1.30 MB, 1297920 bytes

MD5: e9dee8392fb448bf1f55f3bf20df5144

SHA1: dfa967a02b2c9fb7dcb3177c91673e8cb3d59c4d

SHA256: EFA80B62F6024AE1CECD21FA473EC9E2DA8C39283339B5D5A9595CCEE9B1BE37

File Size: 3.38 MB, 3377664 bytes

MD5: 6eec0b9bba6e48c0851d1f4c935c697f

SHA1: f78f80516308c83ce6bd4ad5196d77e032c6366e

SHA256: 16C10D75362618AEBC8F1B5FA3F5FC2F3AE9A012055DE9F8F8C8311E6B36C262

File Size: 1.23 MB, 1225728 bytes

MD5: 684fabc730e7232ecddcf1e1063cbff5

SHA1: bd377cfeb5d76603ace5ffab98610f27da3c4102

SHA256: 71202BD44842496B512DD6DC99C918A7BEAB0CA98CC6F4EB69123AAA6033ECBB

File Size: 188.42 KB, 188416 bytes

MD5: 3495ce175e383ec73b6ad1fa768c3fab

SHA1: 7d9fa692992b01c4d1edd35078ee2955a2c6d687

SHA256: 5C65AFA291B53D306309EF985605F02982557BA9EC5298CFCB13D084216691D4

File Size: 23.55 KB, 23552 bytes

MD5: a914ea1b43bcba783ea840a4384eb973

SHA1: 46383ecd54494b5255f8ae71f9bc618bcb77ae30

SHA256: 64BCEFDB486BE4B33633C3F3586D19B77E4F0A9D654E1977D4EFE8192C656393

File Size: 1.47 MB, 1472512 bytes

MD5: 918839052a904dd5b6d2b5c898b7b6e6

SHA1: 2dc78c80762b95c6fa2a83b313931f9435e064b1

SHA256: 492EE2F48FDFFF37D7D18E23BBDB3FABB15D11205425332C900C0C5492BA61DC

File Size: 633.86 KB, 633856 bytes

MD5: 0a2d554c53b7104316734fbba7694892

SHA1: bed8f092e72e28424b4cb9fe77a13312ebf955bf

SHA256: ACE53968AFEB384D77299E384F839F27192E1DD5B23D9B08366026098F6B33E4

File Size: 23.55 KB, 23552 bytes

MD5: 9483334f84f982db2a1a507f86a22b98

SHA1: 02ea43dfd81f2a9aa02b55d3a233255ba90f7bda

SHA256: 378DAB13C07B939943F2B8C19FADC3DBD6874910CDAEC8BE4E9A7FC966D13657

File Size: 108.05 KB, 108050 bytes

MD5: ff50a25e45e5ed42186d394ef453f21d

SHA1: 33cac4fc3614233cb83fc1d92641cf5b0bc5cfac

SHA256: 3B1FEB3F462F920717252EDB4C5D352ACEF9FED60571392CF112FA39B1CE7555

File Size: 23.55 KB, 23552 bytes

MD5: c21c8349558abf97c033a36f1bc7279e

SHA1: a21e4ddb02af117b57987ab54c4629b941c3f136

SHA256: 0F8AD061C3E9391B8E81AAE9ACF17FB014A70CEDFB9D3536045BC8644E65D25D

File Size: 611.33 KB, 611328 bytes

MD5: 0fde20af32c04081ec45934d560cbfac

SHA1: 13898bb5378ee084ffd3ff2ee1be4a829bcdb0ba

SHA256: 8E50786AECD68694CFB616B8B283871EEC9FC5DB7074211FA42D936E84C56719

File Size: 14.34 KB, 14336 bytes

MD5: 475fb392d2956aea2c3046d5985eea5b

SHA1: 930eb80590d99924c48fb8e7b9b855aa554a2774

SHA256: BF96E0C7E1B9591F6EF0EC3243B765BA1ACBB2EB6D2BDB47D9569A16EAE6F270

File Size: 2.77 MB, 2768896 bytes

MD5: dbd8ce5adbe80a05d5ab29923afabd25

SHA1: ba1a9f8523367b934321b6d9f61c45fbd2f0b372

SHA256: 077A223EB99D15A9E185DBA313FB654C28EEA9FFE5B25A6CC837CEEF3B16889A

File Size: 108.05 KB, 108052 bytes

MD5: 1e00f7893acda3f915e82a1bcf247364

SHA1: 34f2899a6111707208beea223785f92f133de36b

SHA256: 3F0C1BCD5A5583A7D15691C6CA8AF135704FA4D32A132E744F70B907D85D955F

File Size: 108.05 KB, 108050 bytes

MD5: 6b5de704dd5d513564430119c6c18854

SHA1: ee5e5d1e49d8661aed8e7ff2a259745c6044574a

SHA256: D46606DC0C0FB777659980D1938C6653952055DCA0F080FA82CC7A4DF66735D7

File Size: 23.55 KB, 23552 bytes

MD5: f2f78158d569148a0c30494593ad658c

SHA1: bbd8669de12aa5d1d3159a1ee9064f065f1c7032

SHA256: BBD4036AE64436D830985A21273F746606C92B6E420CD399C0F581777D5EB988

File Size: 51.20 KB, 51200 bytes

MD5: 8c59024c92d2cd40bc80d3d9a9ca67b9

SHA1: baae7c87920708b79ffb88ae1b45bd1636c8190f

SHA256: 54615663C2A479573257868DD0A4C6B428337AF2781002C0A86DAF6139C186DE

File Size: 38.25 KB, 38248 bytes

MD5: 39f36a45d265f796437bc2d26242886c

SHA1: 18329eeea35f4ede86d043faf4b16775a0c1c8cc

SHA256: 33967B0A2AD7FBF9C4E6B64EF28678AC234D13BFD13A92DC7ED0838A89E6C094

File Size: 39.42 KB, 39424 bytes

MD5: c4156dde767014088deaf6faba6d121d

SHA1: 08f38e36151a03f9d5c64f7600b7780a6899dd7d

SHA256: 61AB71644D9276658A5CD6117C392C53A52098881B285828F3A96725F847E7CB

File Size: 508.42 KB, 508416 bytes

MD5: 8014fa7e3b7ebd12acd43f05ef2e3c3d

SHA1: 306cb8b2ce4e076125b758d8f1221c9d46a90456

SHA256: AE2974EEADA41DB46D4FFC3BE35762C3D48E492EC7F7F348FC2AFECF4F079E7D

File Size: 233.47 KB, 233472 bytes

MD5: e90b39208d0b6ea24a29038dbf54066a

SHA1: 28844ce507235efb2dd1b4a43100a65d24c22bf4

SHA256: A3AF2993113CE9678E716DCE6AFB33118248DEFBCDDFB53D758E629CC374147F

File Size: 502.27 KB, 502272 bytes

MD5: eb415648264bbfb670baac6703bbfdb2

SHA1: b06fb6e4451ee9911a54e24a93640c13ee659be4

SHA256: 612EED929E109C0639C90A58B278F91081EDD2DDA11B3BA2FE61A88F931C5344

File Size: 23.55 KB, 23552 bytes

MD5: f788b4af322275ade1819d9e24c2cf2d

SHA1: 18f54d5a987c60506112f779f6953b44c3625fff

SHA256: E5278DDF4D0BFE02D01E1B644C90220121ED7021514FFFC2F68592D58DEC402E

File Size: 633.86 KB, 633856 bytes

MD5: de225b93a7bbffbbe16bc5511cf24156

SHA1: b5a414cc36aad09aed9fe58619101fb0d3290e52

SHA256: FBD7948AC130BD67D63F752C12027160005293E7CCFE0D77B9B14B079D1B7DFA

File Size: 8.19 MB, 8193923 bytes

MD5: 2d08b28bf20bd5858ea26ae2946297e4

SHA1: a2d149e43cda3fc57adc95fc03b7f8c7b4e163a0

SHA256: 033F5DFE0C2D250CB8AF60B85FB866DB108D087875261815F236545772C4DF70

File Size: 281.60 KB, 281600 bytes

MD5: a53db7c90b8d519de3c92ed381ec66ed

SHA1: 138a43e7cfa2af71b4ba75c2f2e2b6c12eaa1604

SHA256: 6ACD7A8657674A4AC16AE377DEB6BD3E649AD31A3CDF6F172269CF84773E5448

File Size: 29.74 KB, 29744 bytes

MD5: 7565fedf6272af8caf9e2834f9c86f4d

SHA1: c87dc8a2f00dc8b559cb7c3bee46f070b2badffd

SHA256: F4B58CBDD3EF532F3A59DCE1B2A12BD6DB95764C2C9BFCAF31E35FDA91823521

File Size: 23.55 KB, 23552 bytes

MD5: e5f5b58b90798703864f1a84b6cffbcc

SHA1: c1640c57e066de59927df459a308bb83dda55b97

SHA256: CE13A73FD9040F6E8B25F587B3A554D1E6A254C5EE5EAE2F5B6A63F1CB4FBD9F

File Size: 61.95 KB, 61952 bytes

MD5: 5f8f154a4ff4875c709e220d63bc1b8d

SHA1: 5eabe1ed731fdb76e0ce9238a52f721e7dd658ab

SHA256: 8376CF8CBC5BA894936CC7F43F4256D728EE3AFBFD78B54109962926B3F1697C

File Size: 23.55 KB, 23552 bytes

MD5: 08d74fc03a030c50adbbbaf4274d3ca2

SHA1: efd8c91be92f7af6d6dfdeb2cb1b0823bb32c3dd

SHA256: EE9EB80E8D197523FC20D137EEDBD35A7D975E0322D6ED2D959D260A2F0AB1D5

File Size: 121.86 KB, 121856 bytes

MD5: e106cd93091a83dca02279f760c085ed

SHA1: b49e04283126b2b33cea79017621860ee726be2c

SHA256: 47E24C479CEEF89C417E432D8CDC7E31E9784092B8038853E6439B326D91B54C

File Size: 19.46 KB, 19456 bytes

MD5: cabb3e064462a98314681655714268c4

SHA1: 67701764f1e0284046c722a5eb7533a0a0591801

SHA256: 3EF4AC72AA2473B7638F90A73A0934EDF4BF77839037420901D8A66DC52FECED

File Size: 86.53 KB, 86528 bytes

MD5: 853c433018033459e2d4099e7e46d1ff

SHA1: 4060393e9ab50f48d5cd6590face70aa249bfaa5

SHA256: 12318BF8B47BF7F61AAEBA5FD63165430F67716B2E4EB9B71E42C3FB1142327E

File Size: 1.19 MB, 1191424 bytes

MD5: e6884f8f1cd62e5a62f2a8e4e8e5793c

SHA1: 2a800ceca43f2cd32984d5308da2fd3e017722e8

SHA256: 246AA353875960BB2D0B4AF622EE3AD78C0C797F57C0911529965F336B6BE04C

File Size: 653.31 KB, 653312 bytes

MD5: c55cee2e91fc8488fa9ad875946af3f2

SHA1: 35fc8a73db59a8c8c2762015cc0a1d82ca6af810

SHA256: 3561FAF5946B74C896381895DC07687A4116550A43733DD7A3996C3D5D019631

File Size: 908.80 KB, 908800 bytes

MD5: ce8dcdcf411b226693030343a402802a

SHA1: 8aa8c8dcbb2b23e17204ea81adb9d8b9b701bc4c

SHA256: 3D5450402923F0011389365EE781E75916616D3F9475876B1D29B9B1CD617B14

File Size: 1.26 MB, 1255281 bytes

MD5: 45233c61c89816b3ca1d7497e92743a5

SHA1: d8660d6889e0d4c5f34c80405f9af40128358cee

SHA256: 5A73E1751F691405A530884EF0C8E0086D2DF0F9AACD999453D360CEA28B5D48

File Size: 627.71 KB, 627712 bytes

MD5: 0c989c890c8e3b2775d3f8790a2dc074

SHA1: 82d5914ab676dfdc1df3188d94d58f93f91a01e2

SHA256: 31AD81102713CD8943C833CBBC8BA958297C413F2F4B4A676ECE84B1A02949AA

File Size: 25.60 KB, 25600 bytes

MD5: b15ab7bbb5dea2aa8ad5237354f29fad

SHA1: 87ebabf4b7f56251cfbf4f345cff0039d3c8e1a9

SHA256: 4C59F00CBFB8024FAA951D8473FCDFACCC06AA315E7F888D400AFF661466EFA1

File Size: 140.80 KB, 140800 bytes

MD5: 1a479a63796b760ad784666f42ebb98f

SHA1: 8d400b039974baf7244e94264a5217f28f72eb05

SHA256: 6174547BBB0DB585276EAB88FBD660CE3924B6BB5D63E1BA789C02AE083DEDB4

File Size: 37.38 KB, 37376 bytes

MD5: ad00404f4cb2dc17159d2b0fdff31018

SHA1: 093a5e71c4a1f03f87826f1d6293672b401c269c

SHA256: C2BF4A435E834489F041DFD0C7954DBCC1B6D2F4914E787EBA52FBD5B1CCE657

File Size: 1.72 MB, 1722651 bytes

MD5: a8ad93566df775afefd80dc31edf7b9e

SHA1: 9e8d897c715f3cad993c1b7f99240a8845a4b902

SHA256: B5AF4B8E5900E272784454B594FE3AB49EB2FEDE8FF8A5842176D14AC0DDDA71

File Size: 2.30 MB, 2300416 bytes

MD5: 2aed9e61dab35442bd4b8603f3c7c404

SHA1: 9b522d14ff2761c6762e16923ccd7064aae467bd

SHA256: 28ECE5A821A48211A4D38F747903363CF293F9CF0BBDDA0E30BE62C040CD59AC

File Size: 827.90 KB, 827904 bytes

MD5: 90c95495998e704dbd64148b2dbfc792

SHA1: ae440440edf275d5bc38507238581e6dd0b9f368

SHA256: 9C850A5F331EDD2C24182C6388DA727F520CA1F58D93F21735248FABD05FA8BE

File Size: 9.99 MB, 9986560 bytes

MD5: 3773b33c06346a1ed4d15b1d80d4911f

SHA1: 7e9669b2774412ea49be9b282043c0d6996cdd89

SHA256: 3F9F21334001E1DA928A04C6C1BC30BE6A61B67C7C02BF57BB510ADC375E6D3D

File Size: 392.19 KB, 392192 bytes

MD5: 5b964e9e7f97232738e46b11f874646e

SHA1: f3246373f212ad033bcdf826403ee0a4416022dd

SHA256: F40FCC35DCB2F236130F981895743317EE7AC2E7088F77B697C93E2A53B84524

File Size: 79.36 KB, 79360 bytes

MD5: 33319f06bf60b634cf7b3c8080e98e58

SHA1: 3398d87062690ece3be646ede88362a6da895441

SHA256: 94B396990426050BFEBC6FAA620BF1CFE000216571E7E6184C1D04033346A20B

File Size: 760.83 KB, 760832 bytes

MD5: ddd55f74c87f23125117febe9edc7958

SHA1: 37b1a449296e2f419db9a9409701d1e3e5ee146e

SHA256: 0C8E347CC63173A52AA0BE50819968B8729B8952F6DB7E9ED00BAC29EB603CCD

File Size: 462.85 KB, 462848 bytes

MD5: b9037c333e7da3fd1b53dbc1afd8238e

SHA1: 2ba2ae2fd85443b9d5a846787b65abbbb7734b80

SHA256: 7C23396F1501119EDD5C444782A88CE20D53C6B56AD5D41C440FDEFA8EDB118E

File Size: 8.64 MB, 8642560 bytes

MD5: 6687b0f32dfef40256885d777b37a402

SHA1: aade07d89e03394ed3f91346a8e9a2c594e8898c

SHA256: 2B600FF331D90017E6B3C82D8E78A5EB45993FB9CABA03A0C695AD52DDF14329

File Size: 913.41 KB, 913408 bytes

MD5: 2cb53c2e3eed16d32cf1a4b8eef3339d

SHA1: 52393a06487722fa5edd58ba338a7da6baa4603c

SHA256: 36C347FE44DFEE33210F3F04688B2DE35AA30BF49B1981D7C4E81EFF02ACCD34

File Size: 166.91 KB, 166912 bytes

MD5: 0f6a171a3dc65832ad9794680da9bffd

SHA1: 7cddf6a1657a71e1c7bf72a7c8bb498f2f9ae779

SHA256: 738682B2F894AE1C6F8F6EBFAC70E3C2E75FD43EA0FCDE840BEA938A414978B3

File Size: 72.19 KB, 72192 bytes

MD5: cfb02d6b9ad62e58c47c8c5553540bcb

SHA1: 5eabdb8065779a57b789bea1cb45c38fda5d0648

SHA256: EF0DC496FD59A74EA1B6C03D0A4D585387F642911A2C419F1EA57C1BAE58271B

File Size: 14.34 KB, 14336 bytes

MD5: b96e4e4466b04437fc7875559ccf1983

SHA1: 08fd136f59b0822de87a00c293fad19459ee8819

SHA256: 6F0E80E6F0DDAA5F8CDED576D7F60413D0D59D3AF6DFBF1637F383276B32BD13

File Size: 24.06 KB, 24064 bytes

MD5: 325222495c4ff0e649253ca049c7373b

SHA1: 250d96b127dc35df864c10428ccde4d333a6d460

SHA256: FF4FA8328E67B91EBD2BA3939C767F6239B812DC291053480CEBEEA862A14714

File Size: 142.34 KB, 142336 bytes

MD5: 184b92c4ffb5a8ff98454f7f08ab4c88

SHA1: 811768d4c62f2470aa69cfa5862073678063e278

SHA256: 9A951FE3120BF9CB37A41EFB0EF3EE518969311223762DF1BD7BC7B60ACB4214

File Size: 1.29 MB, 1288704 bytes

MD5: 615a6a863a2f8876a1b55b09f5363a03

SHA1: 633bc80660f1028db325904510f76a319662f7cc

SHA256: 30A4960BB8257C7B1FF756D42B498A495179493ADBD2591752C07FD0BFC2E509

File Size: 7.31 MB, 7308288 bytes

MD5: 15cc96d4232dbe028bbcd284b51ab0e2

SHA1: a8d43129e97e37122e4ad3acec6e83b8ae7001bc

SHA256: 6BE550CECBA07200C0BC01A44EBCA07C41942201D47100C81514FECF205A366B

File Size: 537.09 KB, 537088 bytes

MD5: 1545b7d30320510d1f1c8214c1e97055

SHA1: 9f765b7139837aa74e2b0cc662b450f8cd89c92c

SHA256: EEB76A4E70507E6F72E7F3AEF279C6FA0550F30A043DBA8B6BAF474D355030D5

File Size: 645.63 KB, 645632 bytes

MD5: fb11d23972e1cccfba65afc9642d3e5a

SHA1: a495907e8f1649fb12d21e5c25c4db1af979d46a

SHA256: 71EB0A72735A647669638926EC0307702E9858E80039929384B24FAD0A2988F7

File Size: 23.55 KB, 23552 bytes

MD5: a7a2b080d25b2c2c28d835fbe7347147

SHA1: 465652c26ae0d433810c381c146a3a6218dcd7df

SHA256: 79B19B60E7B76ADBE214761F334C70958EB65099F04D1CAFB9F97691B3BEF4F5

File Size: 1.03 MB, 1028096 bytes

MD5: 9fd892fe10e253b149d4b96c700a6ba9

SHA1: 1db618992b151f1ab127c6d303543b22f93b5c3b

SHA256: 553ECC6E1B264DB2BA79A22E30C10E44C6720EBB5A6D02E3503BDBBD3CF731B6

File Size: 353.21 KB, 353211 bytes

MD5: d40d045ead33a2da7c060a0bc11edf26

SHA1: 8b801167b68fc7127915f62ddb2ae162e8397b2c

SHA256: 42A32E85CD3EEF914CCA0859A1DED1E08D04712307343908526DB865D5201727

File Size: 157.73 KB, 157734 bytes

MD5: 46390c1fa50d94ffa64b8ad6458a830e

SHA1: 2bc7893427f9211adbb15ab7f289be527e69c269

SHA256: 14AE2D0002EDF39A5C2737B4C5378EBEFC76E88B0BD3B9ADA3EB656D0A2EA2CB

File Size: 2.11 MB, 2109440 bytes

MD5: 066ed450d496210504d4b9dd55e9ffb4

SHA1: 0f05c87ad9d3f66c22b36e30689bbc122fa917b5

SHA256: 516685FC95272C87108F1008B412C5EBC2B13C850E8C90E46B26FCB98042A014

File Size: 76.80 KB, 76800 bytes

MD5: 286f294bfb964a10b51e579f5179d75b

SHA1: 0b93203aac89eedffea127ce431ed4eb807389bd

SHA256: 3861C26E9C7543F87BCB893296174C0B15C6406130CBE58159BC4B30EFE53491

File Size: 7.73 MB, 7728128 bytes

MD5: 6e68e6eaed109b17bca55d6343eee55a

SHA1: 24d2d8324cec5e4a0860efc7326050ba2741091d

SHA256: 9C51978E156C991EDEDDFB29456E25649674B56B6D2BF2AB7CAEC2CA8F0FA9A9

File Size: 43.01 KB, 43008 bytes

MD5: d6114228e293ff51cf3b80ebbb426516

SHA1: 7e9ec3b493b05bf50fbc6ed99e95eed2fb29cbc7

SHA256: 5A0267438057E2F28F99B556EA44D30D1CA3340B891E0B142173F6023C60D077

File Size: 26.70 KB, 26696 bytes

MD5: 50f03ab7cdd6d8c18f312caa75f27cc5

SHA1: 0b2bdb310939a3af5a7c0597b109cb272594ebe4

SHA256: 3978124E8CB119066A3DFC61D3AF334C9F9AD50C0A121F97A147700C060ACDB9

File Size: 393.73 KB, 393728 bytes

MD5: ee5ea41fbdc2545741cd27181c8f70d3

SHA1: 4779f7655472e68508a4b56291747e0a7fda2566

SHA256: EF6E637CB8E30B53DB79D63EDFBC459428813E49796929F3600B723126228454

File Size: 602.62 KB, 602624 bytes

MD5: 22d004bda96e03c9463bfa102e2d4cf3

SHA1: aa73b27bf435468224209e2a06c2e8b2e6c9d8ad

SHA256: 13BB95EB2BB897EEDA101B738C7C7DA044CD2169A0551C781290F8EBB2C518A1

File Size: 73.22 KB, 73217 bytes

MD5: 474bb4ad1d3eda95f8d83e8230664538

SHA1: 15472949e206e4897e71c72d34de9cef1b04bec6

SHA256: 8D28160C7901C0338D9DD595A408D0F8ED9EC26F2AA351F701F4D6F9F0246210

File Size: 2.81 MB, 2807808 bytes

MD5: c07e905528e717d5f155ad259d3c8d06

SHA1: 6879d2c242f1e5bbef02a76f5ce105521612f80b

SHA256: 94220672B615C8BFB55E26ACDC7C19931CB21D46B5CB8E7A48A21ECAAB6873E5

File Size: 23.55 KB, 23552 bytes

MD5: 597c6f03faa8d0355a8fc93f51ac283d

SHA1: 49cd3ab57feff4da2878fe512636f83fe4196413

SHA256: 9323036D2938B40E03A80DC88E8F0A05F00C31354E42804855FD3136598C11D0

File Size: 1.40 MB, 1402880 bytes

MD5: b2be0c2f8ca00c9b15169ad50f2a537f

SHA1: 8d872f3ebc7f4e7099e28e083b6588f6dd8b6c42

SHA256: A3E7319422A41FA955A0CFE2C9217608EA5673D4A005FADC572EFB29B6A2857E

File Size: 8.21 MB, 8209408 bytes

MD5: a1272cdef9c8a149202ead811f4e6a2f

SHA1: 8a5ea33efcef4c3c40202e0f9bb86ebd72f8771e

SHA256: 7D9990C589B1F4FDC85F5B2C6C65A7B52830A70BE086E43676D49BAE0835156B

File Size: 1.01 MB, 1014784 bytes

MD5: f2102460135137e68a556da88647390d

SHA1: 4e0ceee6941755817c2a0ce679fd1060cf097569

SHA256: C84C3E72697C1912DA11A38EC21091AA21989394F58CFEFF4FB20A679E36D3E1

File Size: 407.04 KB, 407040 bytes

MD5: a31bb8ed78d437ae6f3846063a76f8cf

SHA1: 616fadf8c0351a1e6c1dd15320bfa0801bda8154

SHA256: 4174D0F4F75A39DDD953BBB5241FA2CA0B1E352C570A14F5B0F736D1AC890EA9

File Size: 1.79 MB, 1792512 bytes

MD5: 4d46b02cb11777e2d322375d326a0158

SHA1: 967b2f5cdfdc6a840795730146bacf8c9dd28a79

SHA256: BC0C93CA69C502A59FE67069B5F11F06CD02F1DDC09216A38997B5E19748F095

File Size: 3.52 MB, 3517968 bytes

MD5: b84599c90297452fb8ca25b56a9dd51f

SHA1: 85a4755f4eb35f3b9fd3796cc6e969346206a3d4

SHA256: 94F9334BF8494F7C29663A453E6C041F7A24D1313599B01BA0ED0F3CE01AAEC8

File Size: 82.43 KB, 82432 bytes

MD5: 08ecccc82553e955a1ec1618c1fa3551

SHA1: bdb23c0e0585b372783eebbff1f85b945ae2b862

SHA256: D7D21F24FF89F6FCAFF44EFE5E61F13351CB80359FB1CEF0463B419A4D18B792

File Size: 108.05 KB, 108052 bytes

MD5: 9a31dcff64b341eba224cc4f8ef2cdc2

SHA1: 2e5bfcc1110140051a935b64fbea1ac1910a0943

SHA256: FEF3BA26FAED41D54E6BABB78A19751E653C1DA8FD160EE0C90091820BBAA0F0

File Size: 23.04 KB, 23040 bytes

MD5: f3a3b5fe6b9170e7001d69fac636af70

SHA1: 24bcbd44de65fba25b77a38f7d77025810ae065f

SHA256: CAE38F8889A4F01ACC2BA2DA0ACB7362210B0C95C17346DB7F69058079D6AE80

File Size: 23.55 KB, 23552 bytes

MD5: eed405b0d17664f672492deebe20864a

SHA1: a1e286d62c358d83a9a66d8b3c8c2d4928d38192

SHA256: 4E389DE967A1DA82BD5C3D16FF9D2A0F3DF45FB50086D8C53521A9CED0AB0395

File Size: 23.04 KB, 23040 bytes

MD5: 63a59fc4361b12d7f3502ca206338ff7

SHA1: d7bfa82b97f6457ebbbf69ff9991fca397572980

SHA256: 8B206F4169D50C008A5E97B461A02DFE34D6308331B82A7E594B56C4C8C7FBC2

File Size: 26.70 KB, 26696 bytes

MD5: d690a4f058c6bb9fbfe15ab6beadbbb7

SHA1: d766532e8ea50c4f4aadc70f0e060746759fa06c

SHA256: 5AAE3364669682302CABA2D852E0DABF9809FA09228177DDF8A36C8D4EAFC7F4

File Size: 1.41 MB, 1411558 bytes

MD5: 540e279020c7f5e2e2a68e84a9366d60

SHA1: 31536fb363800c70df77e6b5e85e62fc13db7ec7

SHA256: B51C68347AF23419F13E4A25B07E848679B3DEDCC70636A11A8BED8CFF68D23C

File Size: 3.24 MB, 3237376 bytes

MD5: 440af9f5d9b31d53722cceb6cc63c1a9

SHA1: a4457e5acf310a925f56a425ce09f2cc138c54ac

SHA256: 3691D79B1A95A20A6EE160F075528E333CC15D86FE9576DEAF68133C01C01FFE

File Size: 26.70 KB, 26696 bytes

MD5: baae580106f72228c18f3a068a516a41

SHA1: 6e5d9d31a97fb1788bbfe05f56c6dafde6f7df4d

SHA256: 145C27A760954667A79CE311777178A834BDD0585EC25A961337F79380C7666C

File Size: 146.94 KB, 146944 bytes

MD5: 0e0054521e85a83be8c400747a99e458

SHA1: 22f70871cfc8eae46e3c691398b9e42d6402ac3d

SHA256: BD20C3435DCCB7476D1DC2CD6ED1DEBD38380F06618BC734999F789F56CF7C23

File Size: 1.83 MB, 1830400 bytes

MD5: c83025a110ba40f33386ca963c0196b2

SHA1: 4a73302d35e08a0027d3d771c892a9f142410800

SHA256: 9F626B061C3643D04540248390097F0F326518B03B41585761CA2B7F0255C6CD

File Size: 2.14 MB, 2143232 bytes

MD5: 51c6bf6da8c9b2e80249a3f74f5f2836

SHA1: ce908c093ee198e033aebc6d0b2cf90932581dc2

SHA256: EEC64F4AAFDCAD8828123165C5E82D7B5D65F64E9E9CFC9B4D399EDF19052C31

File Size: 6.43 MB, 6425088 bytes

MD5: 76e5608745d376fc98071348280c89fc

SHA1: 1ea90cf3e5ac015916b57542f572ccc3335fb1c0

SHA256: A4F8197DD95F69658ACFB769D814B299428E3F480B6CBE07C2CC15173583521E

File Size: 108.05 KB, 108052 bytes

MD5: 4dae72eef8ceade4dafe1cc4cecce535

SHA1: 014639949a34ee113d51fc3c8d6eef74953a98e3

SHA256: 97F52C24E6075C53CAB9C9B7A2CC63F893C5C557677348045C08B2465E6BC1D5

File Size: 108.05 KB, 108049 bytes

MD5: 42ca4edb3693ce651ee91fc8aae1b04b

SHA1: 6cedd13669754a632c396983fd669d43d2bb62a2

SHA256: 13E3C039C711EE53A9EA827DB8BE62A0DDF861A098D87F133F428EA21D7103A4

File Size: 1.88 MB, 1875872 bytes

MD5: e307814e3d2de542138df80af88cd132

SHA1: 99312c823ec3cca48c521501827cb0c805d2ae74

SHA256: 67B88B2D3A5F40F8D0F8F958BA58B9344B6C02E1EAA7C4159F250110C5C6C11E

File Size: 40.96 KB, 40960 bytes

MD5: a06bd66f96dfcd47ab7829bdde64def6

SHA1: 0ef32451afe2b1e39708b4de5d2e50c660df98c0

SHA256: B8BD9F8174C168ADACB9D58666F7162A97CAD0B339E3FDE82399F93EBEC0109F

File Size: 1.09 MB, 1085952 bytes

MD5: f90eb4c46fb1b7eca985c1ca245f9cba

SHA1: eeb89dc6a71b585c10df4e2c5358e2d6af24faa5

SHA256: AF689147CB1B9254B8246B62AB5758245DFEC4C6084F03E66F9E0BF9A248AAB7

File Size: 7.32 MB, 7319552 bytes

MD5: d213ef7cefb5d8779bbb5b62ae5daacc

SHA1: 026c7c4226acce39a05b4e96737ddfc825bb3874

SHA256: 9CE55C4F602575AB2A81E60BF3E9C01BD3AC5FBBBF8BE1B14E44EF8B27BD26F2

File Size: 26.70 KB, 26696 bytes

MD5: cfc0ccf343c9265a2b134fe7907379e1

SHA1: 0bea76bde4df907e0c271354b53b3ac1c5d42c71

SHA256: 34E73E1961852955D26A9B2737B027FA38D0E179E2DFF8D390AB0D9B04687838

File Size: 448.51 KB, 448512 bytes

MD5: 944c9477b2ce39e2e22f58cedb13129d

SHA1: b88ce180fe37a0475e80101d2406125e82d379e8

SHA256: 23A8A15A10FCC06BE13EFE6902E65D61D7CF97C72BCEF9C84F212B362D7263F3

File Size: 108.05 KB, 108050 bytes

MD5: 043ab9f05680ae332d49f173d07df84d

SHA1: 5c50df89696e306aacacb335094164fbb72fa0e4

SHA256: A9B7F876732A34F427FFB4648F5A9C5CEEB06918E8D3E1AC2B5BB440A0CC137D

File Size: 166.91 KB, 166912 bytes

MD5: 5c75b32d187740166914a8f65417343c

SHA1: 385058c6197c793a3c71f69101d8fefda39fb5d5

SHA256: E6EC5BA72A01A60B627DDCBF20E50E4B87E18E94692F3D07BF48554728F60CFE

File Size: 217.09 KB, 217088 bytes

MD5: 4e00328d83d6bc593f14d188ef7f4fed

SHA1: 920045826a9fc4f66c382026a21f392e27800a36

SHA256: 4E2410060CF366FD4E604FE5A652208F7850E2954DD50A718AC5057DE7109F35

File Size: 41.47 KB, 41472 bytes

MD5: 8c700cc1e1be141e9850d9ca2aa72322

SHA1: 1a46be36fe39350786d20e5a33533f405f1a0b77

SHA256: AE090AA8A3E8D17C160AFE2579D30EAA73280BD469F735CA84424327BC3A54AD

File Size: 8.26 MB, 8257024 bytes

MD5: ef4866219408a1eb03e486b996998e24

SHA1: 613a7e79c373f8bdd9ce556916ce323d8adfc121

SHA256: DC07F3B83BA4924E9F61E1060E37A0FE8575F2A6E70FCA806AD7E6114705567C

File Size: 366.08 KB, 366080 bytes

MD5: 23e6779414a92d290aebe502297c6726

SHA1: d65359b0734162aedc2afb54298dde497a2dbdd8

SHA256: 4D946E7D5CC2408082DFD2879EF73B4B4D8A579814EB7D9524393705E1AA1D07

File Size: 209.41 KB, 209408 bytes

MD5: 1b760f1df672c904b05cbb52aa42aa80

SHA1: 73dfbe65fd8b32f579d6b97e95e21a32f8510775

SHA256: 496AAE71CE5113D5CC2EEEC2F99CB6C11915D0C48A5FD3BFAA6DD21558D172B3

File Size: 3.69 MB, 3687936 bytes

MD5: 88dfb3a71988bed391270af14a7fc606

SHA1: f16dd7874f3cead37c796d97165c84c6bd78b2de

SHA256: 0113C4013F9564F9CC5FCA42BFD9737D7093E2EC5B590AD3DBA80479A8546BF0

File Size: 2.57 MB, 2572288 bytes

MD5: 73a4b41542c76b19fa79a02bef777e70

SHA1: ffa741b2449e99b3a315b0010d0ec602e97ea737

SHA256: CC605EF7AC9C704AB2BF7B89A51000EE7E92A3FFFC8D3BAEC6FA0672E3163D87

File Size: 15.36 KB, 15360 bytes

MD5: e2d6d7d8760d81d170e8c07e9683cb5b

SHA1: 8a5b910a41f84a93cf7e69944c273c8f68fc308e

SHA256: 60E9AD473179CA1750C55B161A341473E888D46A0ABA2EFDEBFBF3B501B60BDD

File Size: 108.05 KB, 108052 bytes

MD5: d6ca275f845630cecbb0f261063591aa

SHA1: b650235d2683587fdb7678d39fceb72160468dd6

SHA256: 7AAD142C11BFAF70BA9ACC0060EC20B1429A6445BB9C6F4935D68F0FE1700796

File Size: 4.98 MB, 4977152 bytes

MD5: e0b066d21a1d01a507e0fe12b9cd1632

SHA1: a80b57bde72be9de7292e594d513697ce409d7aa

SHA256: 94B2421D2384C96D3C186993C862A6FB9A37B1255DBCA3F0B136387FC695CE03

File Size: 690.18 KB, 690176 bytes

MD5: 98e8947546a30ea228a8890110809896

SHA1: 9ee2f4a2933ab9040e60ffe06eca8fb9849dd2e3

SHA256: DC6D736186443BA82A8A3F2F549F178FC4EBA0E4AF882AFA709EEAA662D9335E

File Size: 26.70 KB, 26696 bytes

MD5: ce26085d20314129f099705d98af8b1e

SHA1: 77bc5def326924543108161a432652d5192fb14d

SHA256: A365F04D34F1D076317A3F0A0CB02585C8FFDE1BE7B0888BA8A386D63D4F86E3

File Size: 26.70 KB, 26696 bytes

MD5: e39b0a0d186b9556d85729af485816ca

SHA1: 08b729e03e0cce794ae0d65fb36d207f404860b1

SHA256: 2D9B88668220D35CD1610E88F6C89B2B51635910180C0ACF55072BA27956A7C6

File Size: 1.16 MB, 1162752 bytes

MD5: 8cd801c2e9ece9790e89538304b41a7e

SHA1: 680cad764d8c6ef6622131cb877a64b2ea2eddcd

SHA256: DB7C5EF74B6FEB4DF63E5B26DD7E530FB74C44BCFB2F9E0BF4F28C768E51F01D

File Size: 7.81 MB, 7814656 bytes

MD5: d41e951f7eec4b66daa6755368440d42

SHA1: 0f545f57175eae71426baa139a992ec717a0e6ba

SHA256: 1796432D4E786FD5B9E4AC9DE41B77BC70194B12CE5DF0513263D418FF5F5558

File Size: 1.79 MB, 1792512 bytes

MD5: f265619bb61f597c195024f87916f6ef

SHA1: 12dc8f597f049263824fd0aef74a8a725ece764c

SHA256: FB07A2A4990EECC8C8158AB61361866E8D81CD43C754A7DBB80914DB33A31B03

File Size: 26.70 KB, 26696 bytes

MD5: 0a1c0a5bf2f2706eb1d3f74a4e26a7b1

SHA1: 4f68326307b97b01361ddcfd17aa470768a5e4a8

SHA256: AF56128971D4A80786838A290EE7959A541DD32573899460044DB9226879C201

File Size: 2.61 MB, 2612224 bytes

MD5: b9f07d8f1e857869e088fcc0d838413a

SHA1: 0729985592e16ee0f0acd4b0d2305e38a4953f11

SHA256: 82D568CCCCD9ACA2419760BA87CAB8E4F1432A818C60425825F5E9C2B8261E3C

File Size: 7.35 MB, 7345152 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have debug information
File doesn't have exports table
File doesn't have relocations information
File doesn't have resources
File doesn't have security information
File has exports table
File has TLS information
File is .NET application
File is 32-bit executable

File is 64-bit executable
File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name	Value
Assembly Version	2025.1126.1521.42 3.0.0.0 1.1.5.6 1.1.5.4 1.0.0.0 0.12.2.0
Comments	A library of utilities for interfacing with classic console games. Data Structures Read and Write to process memory. Make PC cheat trainers easily! 歪歪加强版注入器
Company Name	acidicoala ʕ •ᴥ•ʔ AotForms brXRhSJwWN6ZGrfsn2yB2FVxUpkFjj461apqbQYpgRh1hRJnwMamFYByQjyCKm02CTA3eIpqMubxuOGOXZxjebqpBR1yTemffItwv40bhdFIvTxkljCx89tdIDqR5yUmVm888fPW7RahpzY42TLkq F9 Inject Igor Pavlov Injector JN Inject LopApp.ClientApp MCPatch Indonesia Meta.Core Show More MisterModzZ Injector Nebula launcher New Age Software LLC PG3DInjector REPX Steam006 Tekkenscript Inc. Tsuda Kageyu VixEector Warp World Inc. 歪歪加强版注入器
File Description	7z SFX 64Inject AotForms Audition Custom Engine Automatic DLL injector brXRhSJwWN6ZGrfsn2yB2FVxUpkFjj461apqbQYpgRh1hRJnwMamFYByQjyCKm02CTA3eIpqMubxuOGOXZxjebqpBR1yTemffItwv40bhdFIvTxkljCx89tdIDqR5yUmVm888fPW7RahpzY42TLkq Bypass ConnectorLib DLL-Injector DLLInjector Show More DLLInjectorApp Empowering automation in Tekken development with advanced scripting tools. EraLauncher ESPLINEDLLINJECTOR F9 Inject FNModLauncher Injector JN Inject Launcher LinkNeverDie.Com_Lib LopApp.ClientApp Mars Executor Memory Meta.Core MinHook - The Minimalistic API Hook Library for x64/x86 MisterModzZ Injector Nebula launcher Nucleus.Inject PG3DInjector REPX SBMultiLoader SelfBot SkyCoop SUPREME DLL PANEL VixEector wpf zMW3 歪歪加强版注入器
File Version	25.01 11.0.0.0 10.5.0.0 3.0.4 3.0.3 3.0.0.0 1.3.4.0 1.3.3.0 1.2.28.0 1.2.2.0 Show More 1.1.5.6 1.1.5.4 1.00 1.0.0.7 1.0.0.0 0.12.2
Internal Name	7z.sfx 64Inject.exe ACELoader.exe AotForms.dll brXRhSJwWN6ZGrfsn2yB2FVxUpkFjj461apqbQYpgRh1hRJnwMamFYByQjyCKm02CTA3eIpqMubxuOGOXZxjebqpBR1yTemffItwv40bhdFIvTxkljCx89tdIDqR5yUmVm888fPW7RahpzY42TLkq.dll Bypass.exe ConnectorLib.dll DLL-Injector.exe DLLInjector DLLInjectorApp.exe Show More EraLauncher.exe ESPLINEDLLINJECTOR.exe F9 Inject.dll FNModLauncher.exe Injector.dll JN Inject.dll Koaloader Launcher.exe LinkNeverDie.Com_Lib.dll LopApp.ClientApp.dll Mars Executor.exe Memory.dll Meta.Core.dll MinHookD MisterModzZ Injector.dll Nebula launcher.dll Nucleus.Inject.exe PG3DInjector.dll REPX.dll SBMultiLoader.exe SelfBot.exe SkyCoop.dll SUPREME DLL PANEL.exe TekkenScript.exe TJprojMain VixEector.dll wpf.exe zMW3.exe
Legal Copyright	Copyright (c) 1999-2025 Igor Pavlov Copyright (c) 2009 Tsuda Kageyu. All rights reserved. Copyright (C) 2009-2017 Tsuda Kageyu. All rights reserved. Copyright (C) 2025 MCPatch Indonesia Copyright © 2018 Copyright © 2019 Copyright © 2021 Copyright © 2024 Copyright © 2025 Copyright © 2026 Show More Fuck the copyright 🖕 Sizzy and MaTiD, Copyright © 2021 Steam006 © 2024 Tekkenscript Inc. All Rights Reserved. 歪歪加强版注入器
Legal Trademarks	Tsuda Kageyu
Original Filename	7z.sfx.exe 64Inject.exe ACELoader.exe AotForms.dll audioses.dll brXRhSJwWN6ZGrfsn2yB2FVxUpkFjj461apqbQYpgRh1hRJnwMamFYByQjyCKm02CTA3eIpqMubxuOGOXZxjebqpBR1yTemffItwv40bhdFIvTxkljCx89tdIDqR5yUmVm888fPW7RahpzY42TLkq.dll Bypass.exe ConnectorLib.dll DLL-Injector.exe DLLInjector.exe Show More DLLInjectorApp.exe EraLauncher.exe ESPLINEDLLINJECTOR.exe F9 Inject.dll FNModLauncher.exe Injector.dll JN Inject.dll Launcher.exe LinkNeverDie.Com_Lib.dll LopApp.ClientApp.dll Mars Executor.exe Memory.dll Meta.Core.dll MisterModzZ Injector.dll Nebula launcher.dll Nucleus.Inject.exe PG3DInjector.dll REPX.dll SBMultiLoader.exe SelfBot.exe SkyCoop.dll SUPREME DLL PANEL.exe TekkenScript.exe TJprojMain.exe version.dll VixEector.dll winmm.dll wpf.exe zMW3.exe
Product Name	7-Zip 64Inject ACELoader AotForms brXRhSJwWN6ZGrfsn2yB2FVxUpkFjj461apqbQYpgRh1hRJnwMamFYByQjyCKm02CTA3eIpqMubxuOGOXZxjebqpBR1yTemffItwv40bhdFIvTxkljCx89tdIDqR5yUmVm888fPW7RahpzY42TLkq Bypass ConnectorLib DLL-Injector DLLInjector DLLInjectorApp Show More EraLauncher ESPLINEDLLINJECTOR F9 Inject FNModLauncher Injector JN Inject Koaloader Launcher LinkNeverDie.Com_Lib LopApp.ClientApp Mars Executor Memory.dll Meta.Core MinHook DLL MisterModzZ Injector Nebula launcher Nucleus.Inject PG3DInjector Project1 REPX SBMultiLoader SelfBot SkyCoop SUPREME DLL PANEL TekkenScript VixEector wpf zMW3 歪歪加强版注入器
Product Version	2025.1126.1521.42+65e71c6fe67c94313f3c1ef58882229f469d03e1 25.01 11.0.0.0 10.5.0.0 3.0.4 3.0.3 3.0.0.0 1.3.4.0 1.3.3.0 1.2.2.0 Show More 1.1.5.6 1.1.5.4 1.00 1.0.0.7 1.0.0.0 1.0.0+efbd74d75f2b562fdc70558a58a451f5370f6814 1.0.0+a8e09bbdb80c0073b8e143ff4d6fb323a3480b60 1.0.0+3b3794387be5a7c0c155fa310717ade6bf406c97 1.0.0 0.12.2

Digital Signatures

Signer	Root	Status
Tencent Technology (Shenzhen) Company Limited	DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1	Self Signed
Shenzhen Aidapu Network Technology Co.,Ltd.	GlobalSign	Root Not Trusted
Goat Systems Interactive	Goat Systems Interactive	Self Signed

File Traits

.NET
00 section
2+ executable sections
Agile.net
big overlay
CreateThread
dll
Fody
fptable
GetConsoleWindow

HighEntropy
imgui
Installer Manifest
JMC
No Version Info
ntdll
packed
themida
themida section variant
VirtualQueryEx
WriteProcessMemory
x64
x86

Block Information

Total Blocks:	12,927
Potentially Malicious Blocks:	1,359
Whitelisted Blocks:	11,512
Unknown Blocks:	56

Visual Map

x ? x ? x 0 0 0 0 x 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 x x x x ? 0 ? x ? x 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 x x x x x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x 0 0 0 0 0 0 0 0 0 ? ? ? 0 0 ? ? 0 0 0 0 x x x x x x x x x 0 0 0 0 0 0 0 0 0 x 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x 0 0 0 0 0 ? 0 ? 0 ? 0 x x 0 x x 0 x x ? x x 0 x x ? x x ? 0 0 0 0 0 0 0 0 0 0 ? ? ? x x 0 ? x 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 ? 0 0 0 ? 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 ? ? ? 0 ? ? ? 0 ? x 0 0 0 0 0 0 0 0 0 x x x x 0 0 0 0 x 0 0 0 0 0 ? ? 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 1 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 x x ? 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 x 0 0 0 0 x x 0 0 0 0 0 1 0 0 x 0 0 0 x x 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 x 0 x 0 0 0 0 0 0 0 0 0 0 x 0 0 x 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 0 1 0 0 0 0 0 0 0 x 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 x x 1 x x x ? x 0 0 0 x 0 0 0 0 0 0 0 0 x x 0 x x 0 ? 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x 0 0 1 0 0 1 0 0 1 0 0 0 0 0 0 0 ? 0 0 0 0 x 0 0 0 0 x 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 0 x 0 x x 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 x 0 0 0 0 x 0 x x x 0 0 0 0 0 0 0 0 x 0 x x x x x x x x 0 0 x x x x 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x 0 0 0 x x x ? 0 x 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 x 0 x x x x x x 0 0 0 0 0 0 0 0 0 0 0 0 x x x 0 0 0 x x x x 0 0 0 x 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 x x 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x 0 0 0 0 0 x 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 x 0 0 x 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 x 0 x x 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 x x x 0 x 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x x 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 x x 0 x x 0 0 0 0 x 0 x 0 0 0 0 x x 0 0 0 0 x 0 x x 0 0 0 0 0 0 x 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x 0 x x 0 0 0 x 0 0 0 0 0 0 0 x 0 0 0 0 0 x 0 x x 0 0 0 x 0 0 0 x 0 x 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 x 0 0 0 x x 0 0 0 0 0 0 0 1 0 x x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0

... Data truncated

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

Agent.FGGF
Agent.KFF
Agent.KFG
Agent.KFRA
Agent.LPV

Blocker.J
Brute.DW
ComHijacking.A
CsgoInjector.Q
Dinwod.E
DllInject.GS
Downloader.Agent.LH
Exploit.X
Gamehack.GACB
Gamehack.GACC
Gamehack.GDDI
Gamehack.GSG
Injector.GFDC
Injector.LIA
KGBSpy.A
Kryptik.BBNB
Kryptik.DTGC
Kryptik.GHDI
MSIL.DllInject.XC
MSIL.Downloader.Agent.BIC
MSIL.Downloader.Agent.BIF
MSIL.Stealer.FGB
MSIL.Tiny.ABA
MSIL.Tiny.AN
MSIL.Tiny.AO
Metasploit.Gen.D
ReverseShell.XE
ReverseShell.XG
RobloxHack.HI
Rozena.UJ
Rozena.XV
ShellcodeRunner.TU
ShellcodeRunner.XF
Spoofer.L
Spy.Agent.ND
Spy.Agent.NDA
Spy.Agent.NDC
Spy.Agent.NDD
Spy.Agent.NDF
Spy.KeyLogger.AUA
Trojan.Agent.Gen.ABC
Trojan.Agent.Gen.AQG
Trojan.Agent.Gen.BGF
Trojan.Agent.Gen.DB
Trojan.Agent.Gen.EL
Trojan.Agent.Gen.HS
Trojan.Kryptik.Gen.BFV
Trojan.Kryptik.Gen.DQV
Trojan.Kryptik.Gen.DUH
Trojan.Kryptik.Gen.FA
Trojan.Kryptik.Gen.JF
Trojan.Kryptik.Gen.MR
Trojan.ReverseShell.Gen.J
Trojan.ShellcodeRunner.Gen.AM
Xtreme.B

Files Modified

File	Attributes
\device\namedpipe	Generic Read,Write Attributes
\device\namedpipe	Generic Write,Read Attributes
\device\namedpipe\dav rpc service	Generic Read,Write Data,Write Attributes,Write extended,Append data
\device\namedpipe\gmdasllogger	Generic Write,Read Attributes
\device\namedpipe\pshost.134121920958727830.7152.defaultappdomain.powershell	Generic Read,Write Data,Write Attributes,Write extended,Append data,LEFT 524288
\device\namedpipe\wkssvc	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\__psscriptpolicytest_ol52yg5f.qfm.psm1	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\__psscriptpolicytest_uwrd5jha.hbx.ps1	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\ci0-temp\logo.bmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\ci0-temp\logo.bmp	Synchronize,Write Attributes

c:\users\user\appdata\local\temp\ci0-temp\rs somnífero.set	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\ci0-temp\rs somnífero.set	Synchronize,Write Attributes
c:\users\user\appdata\local\temp\gert0.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\sys00002e43	Synchronize,Write Attributes
c:\users\user\appdata\local\temp\sys00002e43\msvcr120.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\sys00002e43\msvcr120.dll	Synchronize,Write Attributes
c:\users\user\appdata\local\temp\temp_script.bat	Generic Write,Read Attributes
c:\users\user\appdata\roaming\minecraft bedrock\mods\patcherconf.json	Generic Write,Read Attributes
c:\windows\hdn.dll	Generic Write,Read Attributes
c:\windows\system32\log.txt	Generic Write,Read Attributes
c:\windows\windivert.dll	Generic Write,Read Attributes
c:\windows\windivert64.sys	Generic Write,Read Attributes

Registry Modifications

Key::Value	Data	API Name
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\cmd.exe	ꅛ᳞ܕǜ	RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\cmd.exe	。꾹ँǜ	RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\cmd.exe	憉鍼ሢǜ	RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\cmd.exe	韃溜✑ǜ	RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe	ꌰ戓僶ǜ	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\cmd.exe	瑐쌾懠ǜ	RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe	Ꮏ版框ǜ	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey

HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\cmd.exe		RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe	飑僪盵ǜ	RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\cmd.exe	ㄌ充盵ǜ	RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe	뜃㻤瘫ǜ	RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\content::cacheprefix		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\cookies::cacheprefix	Cookie:	RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\history::cacheprefix	Visited:	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\cmd.exe	룺傁箬ǜ	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKCU\software\microsoft\edge\blbeacon::failed_count		RegNtPreCreateKey
HKCU\software\microsoft\edge\blbeacon::state		RegNtPreCreateKey
HKCU\software\microsoft\edge\thirdparty::statuscodes	(NULL)	RegNtPreCreateKey
HKCU\software\microsoft\edge\thirdparty::statuscodes		RegNtPreCreateKey
HKCU\software\microsoft\edge\elfbeacon::version	143.0.3650.96	RegNtPreCreateKey
HKCU\software\microsoft\edge\blbeacon::failed_count		RegNtPreCreateKey
HKCU\software\microsoft\edge\blbeacon::state		RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe	渆竨ǜ	RegNtPreCreateKey
HKCU\software\coin::data	true	RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\cmd.exe	⭠⼏缭ǜ	RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe	蹫⼑缭ǜ	RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\cmd.exe	ꟶ민覻ǜ	RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe		RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe	公헱雃ǜ	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKCU\software\microsoft\edge\elfbeacon::version	143.0.3650.80	RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe	흧㔳ꌹǜ	RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\cmd.exe	ꢍ맔ǜ	RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe	鸻擒앂ǜ	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey

Windows API Usage

Category	API
Anti Debug	CheckRemoteDebuggerPresent IsDebuggerPresent NtQuerySystemInformation OutputDebugString
User Data Access	GetComputerNameEx GetUserDefaultLocaleName GetUserName GetUserNameEx GetUserObjectInformation
Syscall Use	ntdll.dll!NtAccessCheck ntdll.dll!NtAccessCheckByType ntdll.dll!NtAddAtomEx ntdll.dll!NtAlertThreadByThreadId ntdll.dll!NtAllocateLocallyUniqueId ntdll.dll!NtAllocateReserveObject ntdll.dll!NtAlpcAcceptConnectPort ntdll.dll!NtAlpcConnectPort ntdll.dll!NtAlpcConnectPortEx ntdll.dll!NtAlpcCreatePort Show More ntdll.dll!NtAlpcCreatePortSection ntdll.dll!NtAlpcCreateResourceReserve ntdll.dll!NtAlpcCreateSectionView ntdll.dll!NtAlpcCreateSecurityContext ntdll.dll!NtAlpcDeleteSecurityContext ntdll.dll!NtAlpcQueryInformation ntdll.dll!NtAlpcQueryInformationMessage ntdll.dll!NtAlpcSendWaitReceivePort ntdll.dll!NtAlpcSetInformation ntdll.dll!NtApphelpCacheControl ntdll.dll!NtAssociateWaitCompletionPacket ntdll.dll!NtCancelTimer2 ntdll.dll!NtCancelWaitCompletionPacket ntdll.dll!NtClearEvent ntdll.dll!NtClose ntdll.dll!NtCompareSigningLevels ntdll.dll!NtConnectPort ntdll.dll!NtCreateEvent ntdll.dll!NtCreateFile ntdll.dll!NtCreateIoCompletion ntdll.dll!NtCreateKey ntdll.dll!NtCreateMutant ntdll.dll!NtCreatePrivateNamespace ntdll.dll!NtCreateSection ntdll.dll!NtCreateSemaphore ntdll.dll!NtCreateThreadEx ntdll.dll!NtCreateTimer ntdll.dll!NtCreateTimer2 ntdll.dll!NtCreateUserProcess ntdll.dll!NtCreateWaitCompletionPacket ntdll.dll!NtCreateWorkerFactory ntdll.dll!NtDelayExecution ntdll.dll!NtDeleteValueKey ntdll.dll!NtDeviceIoControlFile ntdll.dll!NtDuplicateObject ntdll.dll!NtDuplicateToken ntdll.dll!NtEnumerateKey ntdll.dll!NtEnumerateValueKey ntdll.dll!NtFlushProcessWriteBuffers ntdll.dll!NtFreeVirtualMemory ntdll.dll!NtFsControlFile ntdll.dll!NtGetCachedSigningLevel ntdll.dll!NtImpersonateAnonymousToken ntdll.dll!NtMapViewOfSection ntdll.dll!NtNotifyChangeKey ntdll.dll!NtOpenDirectoryObject ntdll.dll!NtOpenEvent ntdll.dll!NtOpenFile ntdll.dll!NtOpenKey ntdll.dll!NtOpenKeyEx ntdll.dll!NtOpenMutant ntdll.dll!NtOpenProcess ntdll.dll!NtOpenProcessToken ntdll.dll!NtOpenProcessTokenEx ntdll.dll!NtOpenSection ntdll.dll!NtOpenSemaphore ntdll.dll!NtOpenSymbolicLinkObject ntdll.dll!NtOpenThread ntdll.dll!NtOpenThreadToken ntdll.dll!NtOpenThreadTokenEx ntdll.dll!NtPowerInformation ntdll.dll!NtProtectVirtualMemory ntdll.dll!NtQueryAttributesFile ntdll.dll!NtQueryDebugFilterState ntdll.dll!NtQueryDefaultLocale ntdll.dll!NtQueryDirectoryFileEx ntdll.dll!NtQueryEvent ntdll.dll!NtQueryFullAttributesFile ntdll.dll!NtQueryInformationFile ntdll.dll!NtQueryInformationJobObject ntdll.dll!NtQueryInformationProcess ntdll.dll!NtQueryInformationThread ntdll.dll!NtQueryInformationToken ntdll.dll!NtQueryKey ntdll.dll!NtQueryLicenseValue ntdll.dll!NtQueryObject ntdll.dll!NtQueryPerformanceCounter ntdll.dll!NtQuerySecurityAttributesToken ntdll.dll!NtQuerySecurityObject ntdll.dll!NtQuerySymbolicLinkObject ntdll.dll!NtQuerySystemInformation ntdll.dll!NtQuerySystemInformationEx ntdll.dll!NtQueryValueKey ntdll.dll!NtQueryVirtualMemory ntdll.dll!NtQueryVolumeInformationFile ntdll.dll!NtQueryWnfStateData ntdll.dll!NtQueryWnfStateNameInformation ntdll.dll!NtQueueApcThreadEx2 ntdll.dll!NtReadFile ntdll.dll!NtReadRequestData 152 additional items are not displayed above.
Encryption Used	BCryptOpenAlgorithmProvider CryptAcquireContext
Other Suspicious	AdjustTokenPrivileges SetWindowsHookEx
Process Shell Execute	CreateProcess ShellExecute
Network Urlomon	URLDownloadToFile
Process Terminate	TerminateProcess
Process Manipulation Evasion	NtUnmapViewOfSection ReadProcessMemory
Keyboard Access	GetKeyState
Network Wininet	InternetOpen
Network Winhttp	WinHttpConnect WinHttpOpen WinHttpOpenRequest WinHttpReceiveResponse WinHttpSendRequest

Shell Command Execution


							C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\e156937e56b067cc1d03511bd01ccba6d238f8e4_0004709392.,LiQMAxHB


							C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\bf1eaeecd842a11cebe7698f13949eed60619ab1_0008062480.,LiQMAxHB


							C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\baae7c87920708b79ffb88ae1b45bd1636c8190f_0000038248.,LiQMAxHB


							C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\cmd.exe /c Color 04


							C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\cmd.exe /c cls


									C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\82d5914ab676dfdc1df3188d94d58f93f91a01e2_0000025600.,LiQMAxHB


									open https://getprivatenigger


									"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --edge-skip-compat-layer-relaunch --single-argument https://getprivatenigger/


									C:\Users\Mfifusxq\AppData\Local\Temp\temp_script.bat


									C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe powershell  -Command "Add-MpPreference -ExclusionProcess 'C:\\*'"


									C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\cmd.exe /c pause


									"java" -version


									C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\967b2f5cdfdc6a840795730146bacf8c9dd28a79_0003517968.,LiQMAxHB


									open https://discord.gg/GUBPNyGe29


									"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --edge-skip-compat-layer-relaunch --single-argument https://discord.gg/GUBPNyGe29


									C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\6e5d9d31a97fb1788bbfe05f56c6dafde6f7df4d_0000146944.,LiQMAxHB


									C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\ce908c093ee198e033aebc6d0b2cf90932581dc2_0006425088.,LiQMAxHB


									C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\99312c823ec3cca48c521501827cb0c805d2ae74_0000040960.,LiQMAxHB


									C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\b650235d2683587fdb7678d39fceb72160468dd6_0004977152.,LiQMAxHB

Virus.DelfInject.gen!AU

Threat Scorecard

EnigmaSoft Threat Scorecard

Aliases

SpyHunter Detects & Remove Virus.DelfInject.gen!AU

File System Details

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Icons

File Icons

Windows PE Version Information

Windows PE Version Information

Digital Signatures

Digital Signatures

File Traits

Block Information

Block Information

Visual Map

Similar Families

Similar Families

Files Modified

Files Modified

Registry Modifications

Registry Modifications

Windows API Usage

Windows API Usage

Shell Command Execution

Shell Command Execution

Submit Comment

Trending

Most Viewed