| Name | 8afdf3d2c0fd2370_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1043\LocalizedData.xml |
| Size | 85.4KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | e939717e7eaf1b7f53c4b752e62a22e7 |
| SHA1 | ca5a66c452ec6ca8bc04de95eac1616cf3980992 |
| SHA256 | 8afdf3d2c0fd2370889e3fd96bc2742831cdc6041af0a407123c27f8d76d68a6 |
| CRC32 | CC4AC23E |
| ssdeep | 384:4YroNVxJ4i/5Qbkkk5vWPD66KUtycsyUja9FQvFzyDZAZIudv7YGoDq1RYktgNVX:GvREQIudjuqGhHtP0tJJ8Z |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 0e931904c4c9bede_eula.rtf |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1045\eula.rtf |
| Size | 7.4KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | Rich Text Format data, version 1, ANSI |
| MD5 | a5a99b184adea12986b1283d7e6b5365 |
| SHA1 | d477ffba3c9199a0c74dc688aa41cc4d06530829 |
| SHA256 | 0e931904c4c9bede08bee5985a5912351efb927787941e33e174ec9373f81476 |
| CRC32 | AF17FFA6 |
| ssdeep | 192:h4IX0BvJz1fsz7OCevVH58uNgwsX3uDNPDEPH0Yx9Fa2:4zum38u82sUya2 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 458ffd757b9f8bf2_dd_ndp48-web_decompression_log.txt |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\dd_ndp48-web_decompression_log.txt |
| Size | 1.1KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | 819c009fcae0cc90daf9051e046a6491 |
| SHA1 | d088dbdeb4c46c273d4ffea867d9c625c8d1fcfd |
| SHA256 | 458ffd757b9f8bf2c99e94806a1a3ae7dd85d3147e98089b10852517d8fb2b58 |
| CRC32 | 488476A7 |
| ssdeep | 24:PhtceqpB0fkjHOjzisvdeLK4FqnCjHIWt0pjH1cZIPQMV:Phtc4SHO3NvJ4C+IWyNyEQMV |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e139af8858fe9012_DHtmlHeader.html |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\DHtmlHeader.html |
| Size | 15.7KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | HTML document, Little-endian UTF-16 Unicode text, with CRLF, CR line terminators |
| MD5 | cd131d41791a543cc6f6ed1ea5bd257c |
| SHA1 | f42a2708a0b42a13530d26515274d1fcdbfe8490 |
| SHA256 | e139af8858fe90127095ac1c4685bcd849437ef0df7c416033554703f5d864bb |
| CRC32 | 57454BB9 |
| ssdeep | 192:7Ddx3KOTczFQ21Kp4n5DTx1iDecPeLHLHQFJFjZWblWUxFzJzcKHjT:fdsOT01KcBUFJFEWUxFzvHH |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 93e519e8cc173a3f_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\2052\LocalizedData.xml |
| Size | 69.2KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF, CR line terminators |
| MD5 | 6cc370b95c9f3e3d28315759b496e977 |
| SHA1 | 09e4aad0a389f0f876d21e132123dbbd83dc1314 |
| SHA256 | 93e519e8cc173a3f1aa8dd8113ad4a1be0b5b8d40e1d0a1563dba2054b50433a |
| CRC32 | 8D2CF369 |
| ssdeep | 384:4YqL8FNhaVwV/VLVWPD66KUtycONAk9xkZtmqaDCWehZtTfVxzR/8XMHRd4LOPcW:tkZtmqaCpmXw4LOPjAJN6 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | f2508d347bbc1178_eula.rtf |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\2052\eula.rtf |
| Size | 9.4KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | Rich Text Format data, version 1, ANSI |
| MD5 | f05b0d04cd20864ffcfecdee13949d58 |
| SHA1 | b65a5ccbf46a9e078b175ef82bd978defce8dee3 |
| SHA256 | f2508d347bbc11784ad33c9fae913c243198f9517cc9743be56c74f28587b9a9 |
| CRC32 | CFB796FF |
| ssdeep | 192:dXpyqkFt7t2fPreF/XAaz+t1ei+tomLAio7WyfoBkfynOgLo5hbBiYH1TuY7GCfA:FpfnlNMFhI2 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | d86286c5fe73a46f_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1045\SetupResources.dll |
| Size | 25.4KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 59708860cd9fb256669a9d9e2e0d72cd |
| SHA1 | 7ad8568ccd88d311173ea4477876be8581bb76ad |
| SHA256 | d86286c5fe73a46f1240a6177e7f9144757e0ea97060344f6c3609322c96b568 |
| CRC32 | 189AC9D9 |
| ssdeep | 384:o+V05/Q+CNfvaRr2CWeeWcWveW7D/HRN7SFDhl2By:obqV6Z7DvSFx |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | d80ffeb020927f04_Print.ico |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\Graphics\Print.ico |
| Size | 123.2KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | MS Windows icon resource - 19 icons, 256x256, 16 colors withPNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 4 bits/pixel, 48x48, 16 colors, 4 bits/pixel |
| MD5 | d39bad9dda7b91613cb29b6bd55f0901 |
| SHA1 | 6d079df41e31fbc836922c19c5be1a7fc38ac54e |
| SHA256 | d80ffeb020927f047c11fc4d9f34f985e0c7e5dfea9fb23f2bc134874070e4e6 |
| CRC32 | 0C64934B |
| ssdeep | 192:ly3ul6MeeS80xxb11yXXVzzzzzlzTTTbt/Pu:lj6MeeSXxxb11yXXVzzzzzlzTTTbt/Pu |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 803c4739d74b27a7_eula.rtf |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\2070\eula.rtf |
| Size | 6.1KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | Rich Text Format data, version 1, ANSI |
| MD5 | d611f7f4978f3960627e889316c4addf |
| SHA1 | a4fb1ea1fb64bfdf2b850947f4b7254be2e01d31 |
| SHA256 | 803c4739d74b27a72754607ad69c41a4c311cfdbada1a6bfe8fa47b31a9e74c6 |
| CRC32 | 0AF0520A |
| ssdeep | 192:GnIKgPqA2ezJpbFODr5dDXuTEGMXv3BosgW2:fCA2el/iyTkXuW2 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 048d51885874d629_sqmapi.dll |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\sqmapi.dll |
| Size | 223.4KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 0c0e41efeec8e4e78b43d7812857269a |
| SHA1 | 846033946013f959e29cd27ff3f0eaa17cb9e33f |
| SHA256 | 048d51885874d62952e150d69489bcfb643a5131ce8b70a49f10dfb34832702c |
| CRC32 | 7081F63A |
| ssdeep | 3072:dl5e8m9Z5G6ZUMIiaQVedGGEc6SYm8X/UvHFupHIjNNlMi/fbtcICcu0b9+x0o/N:WG6ZUon6GVSYmnGHEvlMMac59+xfbZ |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | b092668e0825f7f4_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1025\LocalizedData.xml |
| Size | 80.5KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | d8165beb3b8433921d0d5611b85bfa35 |
| SHA1 | bef57e3511e18170ebbc9ae3aefd73ce3f50f8f4 |
| SHA256 | b092668e0825f7f498acdc1bf10e1d2cb6ca99497389142cf9af815f25a4b712 |
| CRC32 | 1507C035 |
| ssdeep | 384:4YPMFNhaVwV/VLVWPD66KUtycONAkwtj7l/XeqyEnmM7cBp9stCctFnDRydTJleD:XlxcdGUTJleYi |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 7ed80f565427eeb1_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1031\SetupResources.dll |
| Size | 25.9KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 62431931c0e7aef5a55f831fd897c193 |
| SHA1 | 8e76ba228bb72ded1f6d04ce9ba7634a0567bd33 |
| SHA256 | 7ed80f565427eeb1a0db93ee5d2691d4bc7ea6daeae881fcaba21423510866ca |
| CRC32 | BA66E325 |
| ssdeep | 384:JdqQkKrhmsfWrpdkKQNSlvYVAtWtieWZWCieWHD/HRN7WLImlGJilAi:JjhmEcdXlvYVAVUHDvAT |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 40a437a3b225ee79_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1037\SetupResources.dll |
| Size | 23.4KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | b5dc9bdf9bc1ec4a3eca070fab6a3b68 |
| SHA1 | 22dc867d4c6175b78a3f389eb0b16b57f13bf397 |
| SHA256 | 40a437a3b225ee79a82bc36304cfdab4e7cd7455b3a15aea6bad1bd7e87aae9b |
| CRC32 | E9E7281C |
| ssdeep | 384:+9SQYURokAHfWueWkWneW+D/HRN7W5lAtXOCt:+OUYtZ+DvXt |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 4c51e6b8fe8e473a_NDP48-x86-x64-AllOS-KOR.exe |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\NDP48-x86-x64-AllOS-KOR.exe |
| Size | 5.5MB |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 2faaf4e60419fbb57dcc3a5b3ce49fc8 |
| SHA1 | 8490f5172cfbad35e88b2124d08712241819fc4e |
| SHA256 | 4c51e6b8fe8e473a2312fc5977e79b41961df59d2477ffd5e5bcd061b65c28cb |
| CRC32 | 61C595FB |
| ssdeep | 98304:8L3sINh4HYN5xHcP6Yy/QMHxkdAP2xgMtVx1T6legkDqH27aoGliAsrU7g/MViU:88Izw85xH2GEAP2OWVx1T6B+qcXUU/w |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | c9ca53f83a5cc10f_SysReqMet.ico |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\Graphics\SysReqMet.ico |
| Size | 133.1KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | MS Windows icon resource - 19 icons, 256x256, 16 colors withPNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 4 bits/pixel, 48x48, 16 colors, 4 bits/pixel |
| MD5 | 889472312e724195d7b946eecaea20c1 |
| SHA1 | d099c44b794f7d0414cda5ba9a6df432347ff513 |
| SHA256 | c9ca53f83a5cc10f726248d47ff82981b584b3ff62ee591229a8237c11340991 |
| CRC32 | 78ED23DF |
| ssdeep | 768:ZVbWxNMz9t/g2FQyvy90J0FUvvCI1873m8WjLvGMB2vrcpWSrem1b06EXsnS5O+I:rb3z9tY2uwSuvWSma |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 4bb9ea033f4e93db_warn.ico |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\Graphics\warn.ico |
| Size | 194.7KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | MS Windows icon resource - 36 icons, 256x256, 16 colors withPNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 4 bits/pixel, 128x128, 16 colors, 4 bits/pixel |
| MD5 | c8824ea3ce0a54ff1e89f8a296b4e64b |
| SHA1 | 333feb78e9bb088650ce90dea0f0ccc57d54a803 |
| SHA256 | 4bb9ea033f4e93dbf42fc74e6faf94fe8b777a34836f7d537436cbe409fd743f |
| CRC32 | A4EEDFCA |
| ssdeep | 1536:cpUNHIL4Oj0qwL2IupGF8yJtJFFhxGgX/3/HRVq:8mHILxnDIiGFxG4s |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 62090e639b315d62_c0018bb1b5834735bfa60cd063b31956 |
|---|---|
| Filepath | C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C0018BB1B5834735BFA60CD063B31956 |
| Size | 1.1KB |
| Processes | 3016 (Setup.exe) |
| Type | data |
| MD5 | 0c67159dcbaf45a72caaa0657ec5847f |
| SHA1 | de05b45f2e7ab56b0f6885dc0f3aad307245657a |
| SHA256 | 62090e639b315d621bdc006820955b51cc44d571e1c914cc1c825a82de03223f |
| CRC32 | A9ADCA0D |
| ssdeep | 24:qDuDEiZ3W//wvt1SW/uYZFKBwXgEB+iixLb1haJOdc4RCz3i8:qDuDEs3m/wv6W/uYZFvXZ+F+JOdcsKy8 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b0f7c215c7a88973_f90f18257cbb4d84216ac1e1f3bb2c76 |
|---|---|
| Filepath | C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F90F18257CBB4D84216AC1E1F3BB2C76 |
| Size | 252.0B |
| Processes | 3016 (Setup.exe) |
| Type | data |
| MD5 | 1b3aca28faa58441f5687d7d2157b2b8 |
| SHA1 | e3c47438a13b7a9bb16c5228fa343a5bc86831a3 |
| SHA256 | b0f7c215c7a889731fb21b25771ad54fdf06af3459f58b96e09a2230245f9cd7 |
| CRC32 | D926CC7A |
| ssdeep | 3:kkFkl1YYQkyIbjHllOs5lal/D8yEllglR82ClRRly+MlMJXcXl+B5lRkKloWcNy8:kKKQkyInDEVkOB7WJM1+ffyWcKi9j |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 9fd4639955338928_SetupUi.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\SetupUi.dll |
| Size | 336.4KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 6f51e9b469f95edb9156c74b4b0f4e1b |
| SHA1 | 5224c3de0fa4895297898f76ed5647ef40d924f8 |
| SHA256 | 9fd4639955338928731a8ab6e131175949a179931b8c9d4fcadd2367d749b826 |
| CRC32 | 9167A658 |
| ssdeep | 6144:VTjfyZYXoH/6pPjW8CXunm+BgS1m/0yB8L:VuYLPK8m+BN1UPB8L |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 1ce28fd9898191bd_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1028\SetupResources.dll |
| Size | 20.9KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 751efb8a557ec3df620a1d3d91fc7e8e |
| SHA1 | 4a82263312fc2343a55dbdb9935798ba8e31562e |
| SHA256 | 1ce28fd9898191bd6b0dabba472fbea5e679f588f4deb9ddd1755198f2919666 |
| CRC32 | 95BA11C5 |
| ssdeep | 384:U+YQxeOUkzS6cDn+8sRzWMEWDWNEWAD/HRN7Mjhl2H:UkeaW6FH3c+DvR |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 4db6d43c560ccc02_eula.rtf |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1028\eula.rtf |
| Size | 11.8KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | Rich Text Format data, version 1, ANSI |
| MD5 | 4fe2bd1c6ab9896db6fec42a00b6bb67 |
| SHA1 | 7b3278a6b0bf6961230399ea94dda7fb1cc3d596 |
| SHA256 | 4db6d43c560ccc02d0adb570d4675223286d7b1949fac1c5a16ffd1c8835a814 |
| CRC32 | C7B69485 |
| ssdeep | 192:gINwQt7s0nc3eUIE/xR8j3uUZzWhgqwNmPD84okslotkOo0olQcpPzcXokPw1sdu:YQt7vc1Xy2ZJsiEBs52 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 18226b9d56d2b1c0_Rotate1.ico |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\Graphics\Rotate1.ico |
| Size | 140.5KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | MS Windows icon resource - 19 icons, 256x256, 16 colors withPNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 4 bits/pixel, 48x48, 16 colors, 4 bits/pixel |
| MD5 | 9b70c7fa81dca6d3b992037d0c251d92 |
| SHA1 | 83a11f4b7a5020616257fef143a7c32164d3927c |
| SHA256 | 18226b9d56d2b1c070a2c606428892773cb00b5b4b95397e79d01de26685ccd4 |
| CRC32 | 9561B8C6 |
| ssdeep | 1536:NR6EoU1Gq8cXWK8Q3aTQgAFPNG6D4ZH7iEfPF1Ir:NR6dcXWs3a0JPNG6D0H7iEfPF0 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | ce98922719450764_eula.rtf |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1035\eula.rtf |
| Size | 6.4KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | Rich Text Format data, version 1, ANSI |
| MD5 | 42a6665773e6f9f5e9f6ae725c73565d |
| SHA1 | cc9d27aec7ff248aa470646f43cda329a836d598 |
| SHA256 | ce98922719450764d7b2d8778db5a267bf244b39599bb9699e9c15742e15baa2 |
| CRC32 | 46A63B95 |
| ssdeep | 192:GhZAXGy57Uh3loxqOsUcCEQmuUGsZes3+Db2:b57pqxVefb2 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e4ec814ecb215c2f_LocalizedData.xml |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\1033\LocalizedData.xml |
| Size | 80.8KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | ffd712ff1645648321ed91117f981017 |
| SHA1 | bf53f8ce3a4750b7fc4b6569fc5ef7ea20494450 |
| SHA256 | e4ec814ecb215c2f83ab2d6da5ae80d6ebdc015da2ea8f028657f35e632c4540 |
| CRC32 | BBC48CF4 |
| ssdeep | 384:4go89tJKVQVfVjV2vjaCS8etgcsFTeyfg8NqJpR+enRROu5aeJInO/yJakC65qWA:2eyfJqyJiT |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | ee387d9642df93e4_Rotate6.ico |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\Graphics\Rotate6.ico |
| Size | 140.5KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | MS Windows icon resource - 19 icons, 256x256, 16 colors withPNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 4 bits/pixel, 48x48, 16 colors, 4 bits/pixel |
| MD5 | 5ac2b8e1a766c204f996d9ce33fb3db4 |
| SHA1 | 09cbabdd17a5a0215ad5d5af509ea9ec315373b6 |
| SHA256 | ee387d9642df93e4240361077af6051c1b7e643c3cf110f43da42e0efe29a375 |
| CRC32 | 2C41E830 |
| ssdeep | 1536:t7JrB+BXJwqLQRLcYah14KPsrFK3QrPa8KGL73:t7wgAYs2KC5rPa8fL73 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 53742293b25149b1_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1028\LocalizedData.xml |
| Size | 69.3KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF, CR line terminators |
| MD5 | f3a4fd6968658a18882cf300553f2f89 |
| SHA1 | b75ccaeff41bf9c8586bca612550cb9dca6b09ea |
| SHA256 | 53742293b25149b19d8677b15f6424fc71e308014b1bcf883e6949d1dab3961c |
| CRC32 | F19203B8 |
| ssdeep | 384:4YggFNhaVwV/VLV33zqjKUtycONAkrNsc2XcbacaQJETJ9bCHwx+DR+USWV/K1ND:+X7UysBSWV/K1+gwJg5H |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | fde052efe70c27d8_Rotate8.ico |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\Graphics\Rotate8.ico |
| Size | 140.5KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | MS Windows icon resource - 19 icons, 256x256, 16 colors withPNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 4 bits/pixel, 48x48, 16 colors, 4 bits/pixel |
| MD5 | e7a252c763ce259f800183fd9dd1f512 |
| SHA1 | 4601c87f90e1c0061a7137370358ae11a4d83a23 |
| SHA256 | fde052efe70c27d8023065f0859627fc88bf86e166016e9cb00185c21de52742 |
| CRC32 | 7DE1232B |
| ssdeep | 768:1Va5Ab1+DYEeloJH1iE6DtzC1QY0kaazdkgEZmape4XQ2EZjK9DNn:na5A4YnoJH0jmuY0kaMdkgEVzQ3j8 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 50795b027e2bc566_696f3de637e6de85b458996d49d759ad |
|---|---|
| Filepath | C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\696F3DE637E6DE85B458996D49D759AD |
| Size | 767.0B |
| Processes | 3016 (Setup.exe) |
| Type | data |
| MD5 | 6872fae8288db34207d9e7ee350157f4 |
| SHA1 | c05cf707d6390289b5f03afedbe8fa8c54c22a53 |
| SHA256 | 50795b027e2bc566d3b7acb89913f8efd23b70615c9db9bf5b23323ad3132a7d |
| CRC32 | E6E8CF19 |
| ssdeep | 12:qtcoAJeL+//EGirnsvC+SAXydqHQdmKT4UJemlOHZqq7APHQ:qtcoAJe0/EGiLUAqw4GJeDVEY |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | f67666f3d80918ce_netfx_FullLP.mzz |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\netfx_FullLP.mzz |
| Size | 36.9MB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | Microsoft Cabinet archive data, 38687540 bytes, 588 files |
| MD5 | c5cae0691e24259e48743f0b18597307 |
| SHA1 | 22b59f55f7899c9959d1e37455377ba94108550a |
| SHA256 | f67666f3d80918ceb31fe9a64e3e51c1d241391f194c4fa80821bcc822d513d7 |
| CRC32 | A414A12F |
| ssdeep | 196608:4+bQhLWeiXjYu76ujAktungzkgARAg4BLvUaaEA:4+bLXku2ujARgzkgARAbQ |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 65ebebe480072acb_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\3082\SetupResources.dll |
| Size | 25.4KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 328ebd40c9dabf91a88d883e3a38186b |
| SHA1 | e5a1ba4f20db499ffbb192bbccf41331dbb13baf |
| SHA256 | 65ebebe480072acbe8b9d5e9d129472301638244c96793b2c815a12f5b9333ae |
| CRC32 | 99D4B27E |
| ssdeep | 384:NJSQSmzBbYOqMpje8mWHeWI8mW2eWTD/HRN7WRImlGJC:N0mJHFyCI7TDvS |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 47d5fdfbd54dd077_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1049\SetupResources.dll |
| Size | 25.4KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 4f22e1307e1efc6ab3908f768bc6ec3a |
| SHA1 | b440f5ebe429b3d3b872dfae021c15675dd7d7b5 |
| SHA256 | 47d5fdfbd54dd07718dfe9a8c2eb25997d77e67697db3938bc616c1b552f4d24 |
| CRC32 | 7101A348 |
| ssdeep | 384:Rkt0p4rRVjRc9nko6eWeeW4D/HRN7W6L2slAtXK:8Je4Dv6I |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 7f353408e9f60b1d_unins000.exe |
|---|---|
| Filepath | c:\users\test22\appdata\roaming\smartbridge\unins000.exe |
| Size | 3.1MB |
| Processes | 2640 (5a5ad5743da1c888bf3b54ccc3e34ff5_SmartbridgeLauncherInstaller_7.tmp) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 4b2f84fcb82b5910f889f8b159196646 |
| SHA1 | 7f6d60b602640d5a05d1a8c3412111d48740b0d1 |
| SHA256 | 7f353408e9f60b1d847a4b04f8e853739f226b375c988df9b84f97d702a76db2 |
| CRC32 | DBF0CB40 |
| ssdeep | 49152:iEA9P+bz2cHPcUb6HSb4SOEMkBeH7nQckO6bAGx7jXTV+333TYu:i92bz2Eb6pd7B6bAGx7s333T/ |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 2f0beba8a56cccad_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1045\LocalizedData.xml |
| Size | 87.7KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | c3a238ffbf2dbb9f758e5c5b33948971 |
| SHA1 | 56ceb241f3780dc4a9814332f44369188ded3e77 |
| SHA256 | 2f0beba8a56cccaddfe6e0ecc3130d0efafb7f84cc0fa4e8db9d85c840e24241 |
| CRC32 | A0952413 |
| ssdeep | 768:9QUuGp9Vi0iG0XE2Uq4DplOe6lsQjPLJbOzdH:/CjJyZ |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 2170d0b2b105ee36_LocalizedData.xml |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\1042\LocalizedData.xml |
| Size | 71.1KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | 0effd74805f8050186b054074ab1f790 |
| SHA1 | dd96bf56ea378c20e89a582922f1a3d6a2e85540 |
| SHA256 | 2170d0b2b105ee367e4ac1c0d51a3109983c92b4e4c28ec94b872a4e5e95ab66 |
| CRC32 | 7E111292 |
| ssdeep | 384:4YnyFFhyV4VnVLV//rCjKUONAkbETFU9WgflznfYbzqRjXU2ggRZVDhYAS+KwJSM:7bgflUb+xJr |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 5ed152a56e2e0fef_eula.rtf |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\3082\eula.rtf |
| Size | 6.0KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | Rich Text Format data, version 1, ANSI |
| MD5 | 078313b7397ca95ef02b96a79ee53fa5 |
| SHA1 | dd52c2b72569cde270a2153c616f90e45e290bb6 |
| SHA256 | 5ed152a56e2e0fef7827864d5b7998cf95ccc5492250e419b0d29027b8af512c |
| CRC32 | 89ADCE72 |
| ssdeep | 96:MMGaZ0pDeXex2HBHUB78dnY+cIvmwYvfmzPUJI+OXlH/iE0AsYyBOGqUCS9i1VTw:NGfcU1EWI1tw9JfTXK2CUjDW2 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | da4151c2a7da521f_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1036\SetupResources.dll |
| Size | 25.9KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | ebf7672bfe808ca0602d25fb6a5fa115 |
| SHA1 | 8a3f92679b87d919260c3b74c27e790a301bb25b |
| SHA256 | da4151c2a7da521f5cdbce42f3c03a2de90a49e0aee82df5f75211310c3743ae |
| CRC32 | C5AA474C |
| ssdeep | 384:QgmUQFGlMcGyXyGidxkbVWp1eWOWpIeWkD/HRN7tHhl2r:QgKGlVXodiKCkDvE |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 93fef896b0465001_eula.rtf |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1036\eula.rtf |
| Size | 6.7KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | Rich Text Format data, version 1, ANSI |
| MD5 | 291bc09e4e69cd56426b4e63848bd967 |
| SHA1 | 5123736a141ae3df1acba60a3f4c613debe7a3db |
| SHA256 | 93fef896b04650014f4a869d853e030ee3b00ced642fed928141f29123ae8140 |
| CRC32 | EB3A2383 |
| ssdeep | 192:GbPZMFJgktbR9fpILE2DFZjG9bGCwOE+f7JtZhR/hjlx22:6ufr9feE2Jc8OfJHhjlx22 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 0bba3094588c4bfe_ndp48-web.exe |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\is-8JDV0.tmp\ndp48-web.exe |
| Size | 1.4MB |
| Processes | 2640 (5a5ad5743da1c888bf3b54ccc3e34ff5_SmartbridgeLauncherInstaller_7.tmp) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 34a5c76979563918b953e66e0d39c7ef |
| SHA1 | 4181398aa1fd5190155ac3a388434e5f7ea0b667 |
| SHA256 | 0bba3094588c4bfec301939985222a20b340bf03431563dec8b2b4478b06fffa |
| CRC32 | 99B1D055 |
| ssdeep | 24576:xGHL3siy910NSmtLvUDSRbm4Jah1rVx8MjoGO8W6cbZtgd6AmpITsz0+lLF7cy:mL3s7K8eTUDBzrVx8MjoGO8W6cbs8NpT |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 6c5a6e11a85c9e17_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1032\LocalizedData.xml |
| Size | 90.4KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | 71bdb323a746a4adab9ce42498e937bc |
| SHA1 | 8e58d4ba5623a50610bd99e82df135708a9f130e |
| SHA256 | 6c5a6e11a85c9e172e7748a9a9f19f8598870a63a103a7ac18cbbd0cdf026475 |
| CRC32 | 1F531260 |
| ssdeep | 384:4Y7yvnT86nzWPD66KUtycONAkY+LoYRONOVA8HTiVEsmXadUkec00CfMMHlRcyvN:MqPQyZ0J7 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | c7dde8a297642727_netfx_FullLP_x64.msi |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\netfx_FullLP_x64.msi |
| Size | 836.0KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.3, MSI Installer, Code page: 1252, Title: Installation Database, Subject: Microsoft .NET Framework 4.8(), Author: Microsoft Corporation, Keywords: Install,MSI,Framework, Comments: Microsoft .NET Framework 4.8(); Copyright (C) Microsoft Corporation, All rights reserved., Template: x64;1042, Revision Number: {5218928F-8D6E-4F4C-BB83-1C1742B9BD9D}, Create Time/Date: Thu Mar 28 10:28:44 2019, Last Saved Time/Date: Thu Mar 28 10:28:44 2019, Number of Pages: 300, Name of Creating Application: Windows Installer XML Toolset (3.11.1.2318), Security: 0, Number of Words: 0 |
| MD5 | 0d617595999d088c4bf34b77317005a7 |
| SHA1 | 15c30c0ecbe7ffb43117a0e5c61aad2425324b7e |
| SHA256 | c7dde8a29764272713fb00fa3327eadd4f660d73484fae49f663f7e0502b6b0d |
| CRC32 | C046C210 |
| ssdeep | 24576:C56X25FrhIFOrqoabMSrcxSd5qkvJxeoE:C56X25FrIOrqRbMScSdd |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | b19f80a5970542f7_f90f18257cbb4d84216ac1e1f3bb2c76 |
|---|---|
| Filepath | C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F90F18257CBB4D84216AC1E1F3BB2C76 |
| Size | 519.0B |
| Processes | 3016 (Setup.exe) |
| Type | data |
| MD5 | e95af9b03513d729d28fd890cff4ebe9 |
| SHA1 | a4e20037f4ea1a1ccd8efd09bd381b1565eca1d2 |
| SHA256 | b19f80a5970542f71e1728cdeee5d4534598329ba22fabf5bbd2280ebd6ba629 |
| CRC32 | 9EA27757 |
| ssdeep | 12:0iJrXuBFad81Qpyyf32CZxU9twJmHzdTVbJL0o2hlUDZanR:zDuDaKwyGmGU9JxpJKlUDcR |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 62415bbca2f3789f_TMP31DE.tmp.exe |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\TMP31DE.tmp.exe |
| Size | 47.0MB |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 0e24a3f3f1b2c1dfdb5bc88d0ec8fbf0 |
| SHA1 | 147dfbc6dcc3f1b5807823d5a031287507d4e9c2 |
| SHA256 | 62415bbca2f3789f028806b820ed7d7a3a30f6db36fcc4c3ab9ca175a5f6c21c |
| CRC32 | BB634738 |
| ssdeep | 786432:YGjsd83OPMXOgFD+Sk+rSjnXo4jZHgFPIhVhvCW/cNxw6dn9OkikD1PWVQzseAAT:YEs+ePM+gFD+Sk6KX9ZsIfhvhcw6zOkV |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 1ea50fa040f7fe2e_eula.rtf |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1049\eula.rtf |
| Size | 17.5KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | Rich Text Format data, version 1, ANSI |
| MD5 | c0a21ed9322dfa67ab5d71cc576982a0 |
| SHA1 | 74896f49dce77069854f5b320c0c8d412be676d6 |
| SHA256 | 1ea50fa040f7fe2e420039646c1a3f6f99756d7b1159ce1002a148c639761650 |
| CRC32 | 673B1E52 |
| ssdeep | 192:3sSfSUdEnAoagO35YaK8IaK2AXhvepPqh1Wh9+WOv35rBfCviD/bNizD0Z1yDJeZ:vCngnd40E35tO0MJUEh2F+7fDyrC+U2 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4c6661e3abb56a78_a583e2a51bfbdc1e492a57b7c8325850 |
|---|---|
| Filepath | C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A583E2A51BFBDC1E492A57B7C8325850 |
| Size | 824.0B |
| Processes | 3016 (Setup.exe) |
| Type | data |
| MD5 | d89dbfbbce2724982cf219298b0b0c65 |
| SHA1 | 34b42797ea7f7d7c9d8cdfd6b92637e9379ad7db |
| SHA256 | 4c6661e3abb56a78a6a0eb17772653790c7665b26b53e7284472f78ca63ac0d0 |
| CRC32 | 38AA669B |
| ssdeep | 24:ZDuDD0mlR7cvz6WRWMk0hg7uM3Cz38Zgs77OFmE:ZDuDD0mlGvGsz38ZTWFt |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 6c2fc68b9fc5c0c6_7396c420a8e1bc1da97f1af0d10bad21 |
|---|---|
| Filepath | C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7396C420A8E1BC1DA97F1AF0D10BAD21 |
| Size | 256.0B |
| Processes | 3016 (Setup.exe) |
| Type | data |
| MD5 | 4aa05df1a9a286b558e69a971c74bbfc |
| SHA1 | e2f7446877ab2c3ffbea2fa603b035996b7b18c9 |
| SHA256 | 6c2fc68b9fc5c0c6ede99054a759e0dd33831b2945dc25bca8e87605e0d626d1 |
| CRC32 | 11A3CA9F |
| ssdeep | 3:kkFklJldgRat/PlE/gEltflR82ClRRly+MlMJXcXl+B5lRkKloWc8QblQ8a6P2il:kKH815M1B7WJM1+ffyWc8Qlxui/UrMj |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 6e8b50bb4f2df7fb_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\2070\SetupResources.dll |
| Size | 25.4KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | cd5adc3856f5e244983f884add4b0974 |
| SHA1 | 38acffa5637059ea03bc66b210e75dd349e03589 |
| SHA256 | 6e8b50bb4f2df7fb6c104fde197253250bef65459c897224a2284dad223313e4 |
| CRC32 | F4533C49 |
| ssdeep | 384:ez0W2Z7TShQkObTqUvWpKeWQWpDeWeD/HRN7Mqhl2h:PBShQVb5DeDvMP |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 874e5d7e45603ad7_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1053\LocalizedData.xml |
| Size | 83.6KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | cb2e2edf7d7fefde9b3894923407f8c0 |
| SHA1 | 541ec570f26bb30f4be35f1a87d4ccf6bc660f67 |
| SHA256 | 874e5d7e45603ad70ca353e8dc6bf42944594f911d17c79be8966dc01d27eb73 |
| CRC32 | 6B54614E |
| ssdeep | 384:4Y/w+WCXVVV6VOVWPD66KUtycONAkK2JuWf59pW7fx1uOuos98LSGcgqBV6kMQjc:yvV7fxAnIXrJJpoc |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e1cf3d22aa1dc94e_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1025\SetupResources.dll |
| Size | 23.9KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 51ad58df739f0c0d005fe36b1350a6a3 |
| SHA1 | 25069b754778651e70e1fb1bcebe04575361104f |
| SHA256 | e1cf3d22aa1dc94e58dd946d319d9d8afc8b6bba80ef3ca7575185b8f3ce435a |
| CRC32 | A236D498 |
| ssdeep | 384:VOyQGB2GQlfJnpSwBWoeWJWNeW1D/HRN7WtImlGJS:VRbQHhc1Dv6 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 1e67855301254af0_c0018bb1b5834735bfa60cd063b31956 |
|---|---|
| Filepath | C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C0018BB1B5834735BFA60CD063B31956 |
| Size | 252.0B |
| Processes | 3016 (Setup.exe) |
| Type | data |
| MD5 | 7c5b9b23b1c54b45ada4b20bbf0b2f5e |
| SHA1 | d3790a6551f039a0dc660290cc9af2b953119c3b |
| SHA256 | 1e67855301254af03c387e70424f973aa41e766181585b0d46b2d62067ff5813 |
| CRC32 | 05D043B5 |
| ssdeep | 3:kkFklFdUCsrkxpj8U/lorF+ll/cH/P1jdClRRly+MlMTlP8QblQ8aXPL7lPPldDY:kKF/r4uUIFa+fTB7WTl8QlAJil1j |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 605ac363fa1ea76b_netfx_Full_x64.msi |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\netfx_Full_x64.msi |
| Size | 1.7MB |
| Type | Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.3, MSI Installer, Code page: 1252, Title: Installation Database, Subject: Microsoft .NET Framework 4.8, Author: Microsoft Corporation, Keywords: Install,MSI,Framework, Comments: Microsoft .NET Framework 4.8; Copyright (C) Microsoft Corporation, All rights reserved., Template: x64;0, Revision Number: {A3B8C0BC-2CD0-44D5-ABCA-606B07FB0E21}, Create Time/Date: Thu Mar 28 10:18:04 2019, Last Saved Time/Date: Thu Mar 28 10:18:04 2019, Number of Pages: 300, Name of Creating Application: Windows Installer XML Toolset (3.11.1.2318), Security: 0, Number of Words: 0 |
| MD5 | ae21a58bf369355a47e410d4c12f8268 |
| SHA1 | 82ee9f591bf02003c9d3402c14017f0e50e58d32 |
| SHA256 | 605ac363fa1ea76b2a7fe6148c6fdeb3c524570a143771ba0e3edc78f32c8e08 |
| CRC32 | D3658108 |
| ssdeep | 49152:T56X25FrIOrqRbMSkSdD58xQs9tbGOEW5cv+4:Ty6C1DRsr |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | ee901a7f6229a7d1_microsoft .net framework 4.8 (kor) setup_20230705_231421250.html |
|---|---|
| Filepath | c:\users\test22\appdata\local\temp\microsoft .net framework 4.8 (kor) setup_20230705_231421250.html |
| Size | 417.1KB |
| Processes | 1616 (Setup.exe) |
| Type | HTML document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF line terminators |
| MD5 | 30186f0ec8aab534a7562c4525eb94f4 |
| SHA1 | 8c876fb05f38a60f9c295c9e91f8eea99331f3b3 |
| SHA256 | ee901a7f6229a7d16fc0d94a8cc73baeb2d77fc672d1fd5057485dacaa3d8a4b |
| CRC32 | 80938359 |
| ssdeep | 768:fdsOTLyUFJFEWUxFzvHrQHIXArs4RWAcpldm6df:fdsWyUr+WUxpvLQoXArs4RWsgf |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | aa885980eabcae6a_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1041\SetupResources.dll |
| Size | 21.9KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 2191bd92abaf3d2094ad58ea59793c56 |
| SHA1 | c55969bcd8309a9dc36650068f5652efcf813db0 |
| SHA256 | aa885980eabcae6a41849e4c6e670a482f2b58ca94586aef1f7edcd899e8edb3 |
| CRC32 | 08F239CC |
| ssdeep | 384:RSoG4kGkjAQIid0W5REWiW5cEWRD/HRN7Wm6ImlGJz9:E4kGkjF3YXDvb |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | d15a6f1eefefe4f9_Rotate2.ico |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\Graphics\Rotate2.ico |
| Size | 140.7KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | MS Windows icon resource - 19 icons, 256x256, 16 colors withPNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 4 bits/pixel, 48x48, 16 colors, 4 bits/pixel |
| MD5 | f824905e5501603e6720b784add71bdd |
| SHA1 | d71b15e1168306c1e698250edc5f99f624c73e6f |
| SHA256 | d15a6f1eefefe4f9cd51b7b22e9c7b07c7acad72fd53e5f277e6d4e0976036c3 |
| CRC32 | 2B1B3684 |
| ssdeep | 768:OhncLqco0HEHkK69kCer0lDFLaFbLNrc9V9WvALsFobzqFeeFYwfot082:2nVSHEEll+0aF3Nrc9V0vQjbuFnFYwfj |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | a0c7b4b17a69775e_Setup.ico |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\Graphics\Setup.ico |
| Size | 123.3KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | MS Windows icon resource - 19 icons, 256x256, 16 colors withPNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 4 bits/pixel, 48x48, 16 colors, 4 bits/pixel |
| MD5 | 6125f32aa97772afdff2649bd403419b |
| SHA1 | d84da82373b599aed496e0d18901e3affb6cfaca |
| SHA256 | a0c7b4b17a69775e1d94123dfceec824744901d55b463ba9dca9301088f12ea5 |
| CRC32 | 6FC2E278 |
| ssdeep | 192:+7yhu1uz//TAAA555AAAAAr99899AubBqj:oX1uz//TAAA555AAAAAr998991bBy |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | a2bec4e2afd57342_ParameterInfo.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\ParameterInfo.xml |
| Size | 2.7MB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF line terminators |
| MD5 | 8e8c25b11ffe1d7bc70e2a31600eda7a |
| SHA1 | 1452b55ef634e4e5b002ce302702d0c50487ff6c |
| SHA256 | a2bec4e2afd573422045c8c2f461166508535e67abd32942d4d6fbed77b9faf8 |
| CRC32 | B8A8076B |
| ssdeep | 3072:4cveZOvedveoOveMve8OveeveHOvecygL+MscIl:mygL+MsJ |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 05fc9352b918a710_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1033\LocalizedData.xml |
| Size | 83.2KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | 47703bed025228689a1032edae56b4c4 |
| SHA1 | a2aba33c7e8915025251574c81fe2e5ac6bc0893 |
| SHA256 | 05fc9352b918a710d51f68873fc522528265455b77014e8b0cd66c5e7aa71dc3 |
| CRC32 | 201DBCD7 |
| ssdeep | 384:4gS89tJKVQVfVjV2vjaCS89aEetgcsFTeyfg8NqJpR+enRROu5aeJInO/yJakC62:YeyfJqyJiT |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 879337c0a6a94f89_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1044\SetupResources.dll |
| Size | 24.4KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | d681e1d3708566488a2c68af355c58af |
| SHA1 | 4dcdc8730df86829a066720ec49d7abf54e90cbc |
| SHA256 | 879337c0a6a94f8961064d5e286c140d9ff57382147a0e2cb622322261a9a123 |
| CRC32 | 9BA49467 |
| ssdeep | 384:8GWm2GWm2GWm2Lpf3QkxtYkxIwcSMN5/sWIeWsWVeWbD/HRN7EnejlGshd:A/xtYkqBD5/uPbDvYbQ |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 8ba40ac178882bb1_unins000.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Smartbridge\unins000.dat |
| Size | 9.5KB |
| Processes | 2640 (5a5ad5743da1c888bf3b54ccc3e34ff5_SmartbridgeLauncherInstaller_7.tmp) |
| Type | data |
| MD5 | c4cbe3d432faabbd9f666547f0dd41df |
| SHA1 | 140395b87eaf41a7c1fbfa9e2f4eef7d8ab26ce5 |
| SHA256 | 8ba40ac178882bb172cd6fc20d69d6e83aef8fecc164025f6ce9813357e3a6f9 |
| CRC32 | D81E07DB |
| ssdeep | 96:U61tOI43v64cYnnXeBCV1RH+1uucIVWaTvggD193W4MT4QIBCIg+ghsnAjPA+TwS:U61tZCvhbnuEelH13l7b1pghcClTwHxU |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name |
e3b0c44298fc1c14_HFI1102.tmp
Empty file or file not found
|
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\HFI1102.tmp |
| Size | 0.0B |
| Type | empty |
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| CRC32 | 00000000 |
| ssdeep | 3:: |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 961efe11e9e3e553_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1031\LocalizedData.xml |
| Size | 88.2KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | afb4b1d7103ddca43ea723acbcdd31fd |
| SHA1 | c4d95dfd4869df636091e979c8b3bd7684004a48 |
| SHA256 | 961efe11e9e3e553269cb14dc1b942e9ac68b86740d59aa35e4ff6e5913532dd |
| CRC32 | 31382C70 |
| ssdeep | 384:4Yw+ld52odZWPD66KUtycONAkXWc16MsyBABwPlPHCUBjp4RbcNU8oO0GAJGntzI:ga6UBABwPlPxY6VC7u3pg010Jsz/ziX |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 366d2b368530a78c_SetupEngine.dll |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\SetupEngine.dll |
| Size | 893.4KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 62ca87700c9d97e47cfcba830b4489db |
| SHA1 | fb6889fc35ec5273b7f1ef08b518bfcd9420a85a |
| SHA256 | 366d2b368530a78c30526ac4892fee988f6fe6889f6d253e3edb7ab4a4f4104c |
| CRC32 | C7EF62A6 |
| ssdeep | 24576:mG2ynlYANtzSXWnTNPO5I4IHm7ONx3ZFaJ/zQvUnh:mG2ynlYADzc3I4IHm7OjyJ/MvUnh |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | c81043c4bfe11474_Windows6.1-KB4019990-x64.cab |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\Windows6.1-KB4019990-x64.cab |
| Size | 2.6MB |
| Type | Microsoft Cabinet archive data, 2682101 bytes, 14 files |
| MD5 | c9cdca447a3f2108f2a131ca32412131 |
| SHA1 | bcc5a1d0e9afec8c01c745f7b88f511a3269bc21 |
| SHA256 | c81043c4bfe114743111e743f3c2dea548bbfd31375508f9509e2abe12a84ee9 |
| CRC32 | F97B320C |
| ssdeep | 49152:/+BzHvFLhuXPkShbzTXCXquFY+Ux8hAJ/6Rsyu+d3rmO:mBTvFtMkSlKXFzc8G5qBSO |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 824c88479ff2a887_eula.rtf |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\1042\eula.rtf |
| Size | 16.8KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | Rich Text Format data, version 1, ANSI |
| MD5 | a404be4f47fa7db29df4023e2f75034e |
| SHA1 | 9141a326f0d421cdc913e2dd9839398fb8f8480b |
| SHA256 | 824c88479ff2a887e23838a03bd41c5c6f5c20f9cd3031ff2b2897529a1f39f6 |
| CRC32 | 66AA1030 |
| ssdeep | 384:Xmo3HPb4mMhFehM9JSbty8PNXg/h7Q6PXJxt2aEnCJ0gG+Sy4NjvJRExEA5oMFr2:gFeh6JSbty8VXQh7JPJxcaECJ0gDSFNR |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | ab3d5571b57b7bb7_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1036\LocalizedData.xml |
| Size | 87.8KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | 2c77cbaaf9c3ed0c4410c4b8c3c29c30 |
| SHA1 | 110775ca1c6e252b4e8c8bf39b593dfb4d66206c |
| SHA256 | ab3d5571b57b7bb705bffe13f37bd73894b0d12d09cc1fb1b438493a863c324c |
| CRC32 | 52AF06F4 |
| ssdeep | 384:4YgEF9xWQ9RWPD66KUtycsmIPKCoEVDpFqpRatkxOGv1Gj8VjfRiLYcRryQMuvtR:V+skau8tbxhJNP/J |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 5a901c5e00643d79_37c951188967c8eb88d99893d9d191fe |
|---|---|
| Filepath | C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\37C951188967C8EB88D99893D9D191FE |
| Size | 1.1KB |
| Processes | 3016 (Setup.exe) |
| Type | data |
| MD5 | 5e61c65b50394ecce1c2418ac2d2a2eb |
| SHA1 | 9a0911c7c902ace35382d84631c737a06e0fa97b |
| SHA256 | 5a901c5e00643d79f90bdea6d169746d8d5bf14c383b1c66afbd5e2c038cf7e3 |
| CRC32 | AF6A7ECB |
| ssdeep | 24:L5DuDD0qltLNUbhmuAD56jZ2oTQBi5CAxuXNhYqVw22kV+kzfcbmWpGm:lDuDD0qlfUbhmnD5KpcBiFehVw2+bmA |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 0203c7d678464641_Rotate9.ico |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\Graphics\Rotate9.ico |
| Size | 140.7KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | MS Windows icon resource - 19 icons, 256x256, 16 colors withPNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 4 bits/pixel, 48x48, 16 colors, 4 bits/pixel |
| MD5 | 8853da1f831cae28e59d45f5e51885ac |
| SHA1 | 496eefcfa68de25abb899addf39498d8420bfa3d |
| SHA256 | 0203c7d678464641c016dc3d658aba0a68f20b9a141d6e3ee1820c5b8b6401db |
| CRC32 | 33288200 |
| ssdeep | 1536:nbtXI1SFXgmf17HEUoatyEqmTfHsNG3jiXZdK4A:btiMp7k56RTHs03jiXZdK4A |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | b74ad253b9b8f9fc_DisplayIcon.ico |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\DisplayIcon.ico |
| Size | 86.5KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | MS Windows icon resource - 13 icons, 16x16, 16 colors, 4 bits/pixel, 16x16, 8 bits/pixel |
| MD5 | f9657d290048e169ffabbbb9c7412be0 |
| SHA1 | e45531d559c38825fbde6f25a82a638184130754 |
| SHA256 | b74ad253b9b8f9fcade725336509143828ee739cc2b24782be3ecff26f229160 |
| CRC32 | 97517A92 |
| ssdeep | 1536:xWayqxMQP8ZOs0JOG58d8vo2zYOvvHAj/4/aXj/Nhhg73BVp5vEdb:e/gB4H8vo2no0/aX7C7Dct |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 35ae5cc953df1069_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1038\SetupResources.dll |
| Size | 25.9KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 150ad95506943e5720f82f21c332fa5c |
| SHA1 | b02f177051570d3bfecc608317efdd0ed6022e98 |
| SHA256 | 35ae5cc953df1069beab0f0fd2a000c6f07f0361d9c7b7a20fd34c456d136b5e |
| CRC32 | 8FDDFF77 |
| ssdeep | 768:ZmC9zOH4wHCbfqkmV6EMCCJEVqZi0MC4lqsDv:R9vwHUfFmV6aCJEVn0MC4lqWv |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | c2f6faa18b16f728_Rotate3.ico |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\Graphics\Rotate3.ico |
| Size | 140.8KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | MS Windows icon resource - 19 icons, 256x256, 16 colors withPNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 4 bits/pixel, 48x48, 16 colors, 4 bits/pixel |
| MD5 | 0ade6be0df29400e5534aa71abfa03f6 |
| SHA1 | 6dde6e571b2fa45ab2cacf565e488ecace01db56 |
| SHA256 | c2f6faa18b16f728ae5536d5992cc76a4b83530a1ea74b9d11bebdf871cf3b4e |
| CRC32 | 9B943700 |
| ssdeep | 1536:A6lW3a5tctzX68cuJJx41on58wGWJNHw01Rh5acFS:bVs+j6Jx41on58SJNHhR3acFS |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 83d0876b44402760_eula.rtf |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1032\eula.rtf |
| Size | 16.4KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | Rich Text Format data, version 1, ANSI |
| MD5 | e9a32e66af5386f4ec50d6f822e57145 |
| SHA1 | 1798f05f60d087cae4871d3f0df99b2f121014f7 |
| SHA256 | 83d0876b44402760c3d31e58022ac84376cb9364f7e73984c8cadc9f18ba725c |
| CRC32 | 283A7EC7 |
| ssdeep | 192:b2VVYIKIE5CC2c6UKfKWcNrjXX+EUtrlAUD55C+DEE6Wvhubi5pY92:q6UE5CC2/VYhir6q8p92 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 8a59ccadd9f98f30_dd_ndp48-x86-x64-allos-kor_decompression_log.txt |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\dd_NDP48-x86-x64-AllOS-KOR_decompression_log.txt |
| Size | 1.3KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | 10fd05e94389ca61dcfb0f7512d84f38 |
| SHA1 | 381f286900716e29747a1c3297acec28be588ad2 |
| SHA256 | 8a59ccadd9f98f301f8c4e5079a567b0dd0d6d57c63e6bed494bd978bb624088 |
| CRC32 | 27AC2EEB |
| ssdeep | 24:ttgRKo0TXB0jkjXOjLi4vdyLK4Fqn6jHIWtrjHBrIpn33mLiyzR:ttgRKo0QSXOflv14CGIWNEnHCiyzR |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | aaf8cb1a9af89d25_SetupUi.xsd |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\SetupUi.xsd |
| Size | 31.8KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators |
| MD5 | a9f6a028e93f3f6822eb900ec3fda7ad |
| SHA1 | 8ff2e8f36d690a687233dbd2e72d98e16e7ef249 |
| SHA256 | aaf8cb1a9af89d250cbc0893a172e2c406043b1f81a211cb93604f165b051848 |
| CRC32 | 4B8796B7 |
| ssdeep | 768:hlzLm8eYhsLP8s05GFaAMET/chT+cxcW8G2P4oeTMC:lwchT+cxcDm |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 1ee75f1740261f97_dism.log |
|---|---|
| Filepath | C:\Windows\Logs\DISM\dism.log |
| Size | 84.6KB |
| Processes | 2144 (Dism.exe) 1364 (DismHost.exe) |
| Type | UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators |
| MD5 | cabd34a41271a1b09224700b421cdfa2 |
| SHA1 | 8bd75715914b3a2ab5cfa5916c2bfbc911a1d73b |
| SHA256 | 1ee75f1740261f976a7ce376a577a8bde185806669a695b838f4da18d316a871 |
| CRC32 | 3C1169F5 |
| ssdeep | 768:5nFMnpiFcgSePe6eF3/P/PpjitjAZZj2AsZnXPxynKHCu4uVaIudR9Rv17id74JS:cn/nFxsS39LGOOyE |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | fcd13d65b8cfbe20_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1053\SetupResources.dll |
| Size | 24.9KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | b776d2eb2e66bb1de5fc737704173460 |
| SHA1 | 5d66c04a49d4d3291de33f7b945328025804e297 |
| SHA256 | fcd13d65b8cfbe2035cc63d10bb5c7f2558967e61ce605fb88f413819303077b |
| CRC32 | 3C08025A |
| ssdeep | 384:rWPdQMxbmoI8WE7M/oZVQZWpjeW+WpqeWzD/HRN75hl2q:rwxbm96xVTQzDvx |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 3be9621f43687487_eula.rtf |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1041\eula.rtf |
| Size | 17.6KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | Rich Text Format data, version 1, ANSI |
| MD5 | 878c601a8ee79d8bc27dada595f406a5 |
| SHA1 | e9165c7745d9801d868b799b2d6212169a640573 |
| SHA256 | 3be9621f436874877d799a19ea638955616ef2b5b20a121c3e2105a82569d83c |
| CRC32 | 41DC4B3C |
| ssdeep | 192:X6XxHC3q0InM4PsOQOSquHlEiKoXfZX4pvW6qgkLhcg976bmFK3ZcdwKGK3m0kso:0+aIXCv9TV4v2 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 193090f4472f1a1c_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\2070\LocalizedData.xml |
| Size | 86.3KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | 5b73409a0f1cbb707cd62a7956bc2f92 |
| SHA1 | 1ce52fd3746c5bee7a3c3ef5aa8958e44b8761e3 |
| SHA256 | 193090f4472f1a1c5ed10ab97fa4bf77bd4ff3f172f380ef4a53fef39989159a |
| CRC32 | 34F1AD38 |
| ssdeep | 384:4Y+lFNhaVwV/VLVWPD66KUtycONAkkIxHIbcwl8TQYOdxIL1FskOYNigvR/nikku:45u6kzX0JZ5OW |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 3da7daf10fd85606_dd_setuputility.txt |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\dd_SetupUtility.txt |
| Size | 3.0KB |
| Processes | 1484 (SetupUtility.exe) 2256 (SetupUtility.exe) 1928 (SetupUtility.exe) 2180 (SetupUtility.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | 36b4683b18a15307009f1b7f971f971c |
| SHA1 | a6de1c01a793b5e1c52ea78f47e26c42b7ebfbb2 |
| SHA256 | 3da7daf10fd856068a087a19e1758f37b250c3221497a29182e43fbdad40d839 |
| CRC32 | 49849739 |
| ssdeep | 48:k+KhCHePDz1elWpF8jSvWeq8nscz3nej/ndX1swRmnT5WfK:JKE+PDz1+WpFu+q87GAXf |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 18ceecd264ff1aeb_microsoft .net framework 4.8 setup_20230705_231132921.html |
|---|---|
| Filepath | c:\users\test22\appdata\local\temp\microsoft .net framework 4.8 setup_20230705_231132921.html |
| Size | 1.2MB |
| Processes | 3016 (Setup.exe) |
| Type | HTML document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF line terminators |
| MD5 | 0c28dffe1c92c5c234dae1ce90fe38d0 |
| SHA1 | 38f4730db9b11815dbd80bf7ba3f7401d1d2833c |
| SHA256 | 18ceecd264ff1aeb50fe6a30ef531f23a16deb0b5b1222ba02d9a619addc0012 |
| CRC32 | 1DFC6F20 |
| ssdeep | 1536:fdsWyUr+WUxpvAhuQPPSox3qsfXWit672Z:fdsWTr+WUxpvAhuQNXWit42Z |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | cbfa71077e590cd7_SetupUi.dll |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\SetupUi.dll |
| Size | 336.4KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 2def489d24fafea0233d51e7d12a0bd6 |
| SHA1 | 3285e374681babcecb8c3d8a0c4027dd77b035c3 |
| SHA256 | cbfa71077e590cd72f50e46d8d93a885873f0ef0323f748dd20a1e7d521a2f21 |
| CRC32 | 8BF85ECC |
| ssdeep | 6144:bTjfyZYXoH/6pPjW8CXunm+BgS1mp0yB8Ud:buYLPK8m+BN1KPB8U |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | ce2afc0aa52b3d45_Rotate5.ico |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\Graphics\Rotate5.ico |
| Size | 140.5KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | MS Windows icon resource - 19 icons, 256x256, 16 colors withPNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 4 bits/pixel, 48x48, 16 colors, 4 bits/pixel |
| MD5 | 25f0d572761cb610bdad6dd980c46cc7 |
| SHA1 | 6270ee0684700c5a4d01cd964dc05b82719b0370 |
| SHA256 | ce2afc0aa52b3d459d6d8d7c551f7b8fbf323e2260326908c37a13f21fee423e |
| CRC32 | 0C782D92 |
| ssdeep | 1536:d8eXVC4CJa6lUvS/gzDJeI6jvquEGEhoyGce:d8ErzFeI6jAhoyO |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 22629c2bc84ee599_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1029\SetupResources.dll |
| Size | 25.4KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 0324fbf9214800146690eeedde905c30 |
| SHA1 | 81d204d02da04854884e47a99c8b8d468afa154b |
| SHA256 | 22629c2bc84ee599c827825f84e47819bed1157bcedea11dde0a854a4de68dd1 |
| CRC32 | A6C308E2 |
| ssdeep | 384:RY/pQUP8UtF/eQHHsUpfhxPh1KurWpAeWtWpdeWFD/HRN7RsjlGshKH:RDUxRqFDvR9 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 59884541554376a2_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1030\LocalizedData.xml |
| Size | 83.6KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | 03b1e582ec5454b2fa3599e788569dfa |
| SHA1 | 75845acdd04fb17011218b06fd7c28830641f021 |
| SHA256 | 59884541554376a26143b105fa924b9f9961254d22db8dedf7de7f3495d7a1dd |
| CRC32 | D74E486C |
| ssdeep | 384:4Y4UFNhaVwV/VLVWPD66KUtycONAk9iqz3b4VYgkZAEbZfURtzBSmRLAgRQJYR2X:fgkZptSvJcR |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | cfc1ac54d49cbcc4_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1030\SetupResources.dll |
| Size | 24.9KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 69ce7a41e23625a55819ad9bbcd45336 |
| SHA1 | 86e9766e606d8dfeda61a4100517cdc16f1084f0 |
| SHA256 | cfc1ac54d49cbcc43045484b6fc775e6fa3b063da5d9b2a96606990309780384 |
| CRC32 | DD8F8875 |
| ssdeep | 384:t+5QCj/McAp5IOOWpSfeWRWpFfeW9D/HRN7WVFImlGJH:tSj1Na9Dvt |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | f24c7d743680a233_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1042\SetupResources.dll |
| Size | 21.9KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 62916fb4601ec606faf0af963e11b621 |
| SHA1 | 5c711ed1eb16a8fa76efdf5e7bec2e1ee8aa9aa1 |
| SHA256 | f24c7d743680a233c4a97578e08d2384ccac16cb29aa550d3f33d6d80e9fadfc |
| CRC32 | 16B575C9 |
| ssdeep | 384:5zDG2GRc9zWpBeWkWpceW8D/HRN7W+hdImlGJgID:tsg8DvF2D |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | b879f9bc5b79349f_UiInfo.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\UiInfo.xml |
| Size | 63.9KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators |
| MD5 | c99059acb88a8b651d7ab25e4047a52d |
| SHA1 | 45114125699fa472d54bc4c45c881667c117e5d4 |
| SHA256 | b879f9bc5b79349fa7b0bdbe63167be399c5278454c96773885bd70fbfe7c81d |
| CRC32 | 8C0B7877 |
| ssdeep | 1536:24UR0d5vud5vcZ2QYQLIN/N7pfMGgrX8FPirziPfwws36z7y/HoQilwJwowJwXZR:24UR0d5vud5vcZ2QYQLIN/N7pfMGgrX5 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 75425580b148d21d_yhlog.dll |
|---|---|
| Filepath | c:\users\test22\appdata\roaming\smartbridge\yhlog.dll |
| Size | 9.5KB |
| Processes | 2640 (5a5ad5743da1c888bf3b54ccc3e34ff5_SmartbridgeLauncherInstaller_7.tmp) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | f96cad0dd23fec153693c2f07d86031c |
| SHA1 | ccc3e604f83d0a1c8db7a5fc0d2e669a8160c9b9 |
| SHA256 | 75425580b148d21db04bc3f23856749195febc8e94c262aa4cfe091154b88f15 |
| CRC32 | 20B70DB8 |
| ssdeep | 192:H8aSYugTcLs89vf+0dGtaorGwOkM3O1rMQF6qOYppXKHth:FqLssdG4GGpf3OV5wqjrXKHH |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 8b72e9678f64e076_netfx_Full_x64.msi |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\NetFx45\netfx_Full_x64.msi |
| Size | 1.5MB |
| Type | Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.3, MSI Installer, Code page: 1252, Title: Installation Database, Subject: Microsoft .NET Framework 4.6.2, Author: Microsoft Corporation, Keywords: Install,MSI,Framework, Comments: Microsoft .NET Framework 4.6.2; Copyright (C) Microsoft Corporation, All rights reserved., Template: x64;0, Revision Number: {73CC697D-94EA-4D58-A1D4-816EA14FD845}, Create Time/Date: Thu Jul 14 22:30:04 2016, Last Saved Time/Date: Thu Jul 14 22:30:04 2016, Number of Pages: 300, Name of Creating Application: Windows Installer XML (3.7.3228.0), Security: 0, Number of Words: 0 |
| MD5 | 2111d19d873d3791c5d4643fca513fd7 |
| SHA1 | 42c4e15048c893667dd33d05ac0b65afe47c8257 |
| SHA256 | 8b72e9678f64e076987149da207e46e9e629a4ffd798b3962d57426e17e113f4 |
| CRC32 | C9A7899A |
| ssdeep | 24576:tN88PVH6Wn6s8xEFE1gw9X1PUd6R0TeCf7674fV:796+6ZnDPUu0T17o4 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 91e308893f396c63_netfx_fullcab.msi |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\TMP31DE.tmp.exe.tmp\netfx_fullcab.msi |
| Size | 40.0KB |
| Processes | 2476 (TMP31DE.tmp.exe) 3016 (Setup.exe) |
| Type | Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation Database, Subject: Full Compressed Cab, Author: Microsoft, Keywords: Installer, Comments: This installer database contains the logic and data required to install Full Compressed Cab., Template: Intel;0, Revision Number: {18A04FE6-3FC2-4AC3-A552-25E308E30AC3}, Create Time/Date: Thu Mar 28 10:28:58 2019, Last Saved Time/Date: Thu Mar 28 10:28:58 2019, Number of Pages: 100, Number of Words: 0, Name of Creating Application: Windows Installer XML Toolset (3.11.1.2318), Security: 2 |
| MD5 | c02107e3b188b5845fc46acba69573e2 |
| SHA1 | b7dc845f3deb0149d90bd83efdbe0a2a5f4ed902 |
| SHA256 | 91e308893f396c639a362e41417639f1fc8f625ae88781df7feac286eb02c1c4 |
| CRC32 | 170DB6C4 |
| ssdeep | 384:JEIomCh888880C88882XH5Cv45ICqtg5Pey3M5ICqPiFt8bJcIpBj0HRN7Z:bD0fNmCZeWMmCnUjWZ |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 7e7c335f6dc54cd5_SetupUtility.exe |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\SetupUtility.exe |
| Size | 303.1KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | ed7651cb99dded6afeebee3a4bc93743 |
| SHA1 | 5ac45cd82401a64438290302e3892cfe93d801f1 |
| SHA256 | 7e7c335f6dc54cd54d17cc532119c746981e136841a223a8245357c04185b445 |
| CRC32 | 49DDF266 |
| ssdeep | 3072:WX7UkkkAg0FuAxZornLFujuw54qAYghp05vxMnW6FlZz3LUlimXBzmQHkyQUyKmW:6AOVnLFujhGp05g9z3uioNsH7oqk1 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | c920e7cd21db8ff2_eula.rtf |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1053\eula.rtf |
| Size | 5.6KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | Rich Text Format data, version 1, ANSI |
| MD5 | ff3f5628b4b3e988d1ee082cd4f514a7 |
| SHA1 | 6c40fae2124c630d05d0eb6f1b5a7f4901d05d0e |
| SHA256 | c920e7cd21db8ff2822048023b6530815ca4537b5557b1482e8b8ca4a7798a70 |
| CRC32 | C7076445 |
| ssdeep | 96:MFPN/T0DK/t2JznY9CFKBUF985AYJ/vNXYGMvWSGZbYLnziYXi3YY7ZEpc2FnoP3:G10JznWCI+rlcFvSGxYLbXQpeop6X6HV |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 60dd7d10b3f88f1b_Setup.exe |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\Setup.exe |
| Size | 119.9KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 057ce4fb9c8e829af369afbc5c4dfd41 |
| SHA1 | 094f9d5f107939250f03253cf6bb3a93ae5b2a10 |
| SHA256 | 60dd7d10b3f88f1b17e39464bb2d7ca77c9267b846d90cf5728a518a117bd21b |
| CRC32 | E49A16EA |
| ssdeep | 1536:jC5s1sWfcdmUtZ4e8ZXUSbeQCtyXWPQqOkAzoIt01WZnqxMQP8ZOs0JzoK9CeAUY:jKLmAgUSSQC4XeDOkeoNQ/gBFoWCnU |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 303989b692a57fe3_Rotate4.ico |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\Graphics\Rotate4.ico |
| Size | 140.7KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | MS Windows icon resource - 19 icons, 256x256, 16 colors withPNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 4 bits/pixel, 48x48, 16 colors, 4 bits/pixel |
| MD5 | 267b198fef022d3b1d44cca7fe589373 |
| SHA1 | f48215df0f855328509a47c441a14e3578a20195 |
| SHA256 | 303989b692a57fe34b47bb2f926b91ac605f288ae6c9479b33eaf15a14eb33ac |
| CRC32 | 8081E6B8 |
| ssdeep | 3072:WaSx7OtXuTIEDZy6aeDxyDQkVXJspRlWaqVzic:GtN6JspRlW7V9 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | d6547d3047f7b606_eula.rtf |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1043\eula.rtf |
| Size | 5.8KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | Rich Text Format data, version 1, ANSI |
| MD5 | 26b16f6395f6469da2cce621ba66c7f3 |
| SHA1 | e0a4a64b018a8a4fa07b92e6277534efb7a6840e |
| SHA256 | d6547d3047f7b606cf84ccbed44c5047c0e3f6feecfeb7f0a87ee451fc2ff7a7 |
| CRC32 | 4BD600C2 |
| ssdeep | 96:MFStTSD7RPxNNcHEywBHSX8LYiUEvaYaBcUMkVla15AM1YgnWnwKx0mfZCuP7MpY:GVPxuEywxg4EEyXNseGGZ34F/slW2 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | cbb0da2d1efa7de6_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1029\LocalizedData.xml |
| Size | 86.0KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | d6801174849373cde3f1d214d80fe834 |
| SHA1 | 50caf47aa60b999ca7b43d3ceb75d0dbffd2278a |
| SHA256 | cbb0da2d1efa7de6736e67c978848d53acf8b502bf3daf43ce40b05076145a7c |
| CRC32 | 37906517 |
| ssdeep | 384:4YQWbTP0qTvLSGf6KUtycONAkkMo+snsMsBTKTuTyTfQjkj/svHov+yJKe3dJTZT:x2LTwiJUQ |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 1b2b264d213f90de_smartbridgelauncher.exe |
|---|---|
| Filepath | c:\users\test22\appdata\roaming\smartbridge\smartbridgelauncher.exe |
| Size | 64.9KB |
| Processes | 2640 (5a5ad5743da1c888bf3b54ccc3e34ff5_SmartbridgeLauncherInstaller_7.tmp) |
| Type | PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | ff4f13a624a938a1ffde0caa4d88ab82 |
| SHA1 | faea94f70ed3391203a957bd57dcb1f37c563225 |
| SHA256 | 1b2b264d213f90deb382cdb1a01944a46d2782bbe4887165e826e371d7fd4380 |
| CRC32 | B64C9958 |
| ssdeep | 1536:BTyBv6fqTKbG3J5dMVnfBZ5FZxom6WS8DlOzjom6WS8DlG0L01:RyBv6fqTKbnfBZ5FjBX7DqBX7DkQ01 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 5d0aef595c1d4b3d_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1035\SetupResources.dll |
| Size | 25.4KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | daec777035b964e1c36e5c54420e7153 |
| SHA1 | 1d0ad100d2dab9929251c3cdfccfd822968259bb |
| SHA256 | 5d0aef595c1d4b3dc658c809f8f0540dc7f689cd03fcbfc566737ea2bf360e47 |
| CRC32 | AE1DFA28 |
| ssdeep | 384:gWTQf1iZlLX8TIgAWMxeW8WM8eW7D/HRN7W5lAtXY:gl1clb8cj37DvI |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | da776c14c28b674a_ParameterInfo.xml |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\ParameterInfo.xml |
| Size | 1.1MB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF line terminators |
| MD5 | 232ffd25722a85eb1fd4f87fb71aec80 |
| SHA1 | d98181eeab43fe027a053908ddaa6597a89a19ba |
| SHA256 | da776c14c28b674aec9d7774fc908f196c9a8470250dc79c92993e2f4f974894 |
| CRC32 | E2299B21 |
| ssdeep | 1536:3+yvhRDIytTZyHycsZyzZyHCcsZyMZyHTcsZyOIl:3DIl |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | eebd04c1272661e1_7396c420a8e1bc1da97f1af0d10bad21 |
|---|---|
| Filepath | C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7396C420A8E1BC1DA97F1AF0D10BAD21 |
| Size | 564.0B |
| Processes | 3016 (Setup.exe) |
| Type | data |
| MD5 | e07178901a4eaac2816bb238ec3a80db |
| SHA1 | 6c09924c365cb4c5f3e37403b8a768dca047e7e3 |
| SHA256 | eebd04c1272661e1091084108083ce44f7c961013791892d866b2f92ee3deda8 |
| CRC32 | 728C1DE0 |
| ssdeep | 12:nmJrXuBF74BBnctKwJ1LInMXfar3yNjc9LKNLty7HAMn:gDuD743nc8wJFXPo9LagsMn |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 8ce790eca06bae1b_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1055\LocalizedData.xml |
| Size | 83.6KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | f020b0e38f1295924f1833e77859fc9a |
| SHA1 | 17467f2ebb8cbca89119d30b3ba7ae30691921e1 |
| SHA256 | 8ce790eca06bae1b01f40f732580adea86d4c22b28d1e701e033c6c9983500c2 |
| CRC32 | 0F01D4A3 |
| ssdeep | 1536:67gos8tlQm/wobG+PKarUdTvJ4rtRevbS6bh:67gos8tlQm/wobG+PKarUdTvJ4rtRezd |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e4261c9b8c779d58_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1038\LocalizedData.xml |
| Size | 86.9KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | 28e8a2833f3d5302a1f5c2a84fa8990a |
| SHA1 | 08977251eb62c6df447c6754b2ec27a73d9071f1 |
| SHA256 | e4261c9b8c779d58883820a531a19594d238f0ca9ecac399505c569b0cccdbc7 |
| CRC32 | 85B2D3DA |
| ssdeep | 1536:QZa/alahI0IwCIu4F70S9BIzEERIJH0rji3kC4ILiv:QZayIexCXF70S9BIzEERIJH0rji3kCle |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 8ae48390c8fd6573_netfx_FullLP_x86.msi |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\netfx_FullLP_x86.msi |
| Size | 456.0KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.3, MSI Installer, Code page: 1252, Title: Installation Database, Subject: Microsoft .NET Framework 4.8(), Author: Microsoft Corporation, Keywords: Install,MSI,Framework, Comments: Microsoft .NET Framework 4.8(); Copyright (C) Microsoft Corporation, All rights reserved., Template: Intel;1042, Revision Number: {23B20764-B0C1-40F7-AAA3-DDA504375A57}, Create Time/Date: Thu Mar 28 10:28:32 2019, Last Saved Time/Date: Thu Mar 28 10:28:32 2019, Number of Pages: 300, Name of Creating Application: Windows Installer XML Toolset (3.11.1.2318), Security: 0, Number of Words: 0 |
| MD5 | 997a98ec3f121ae826984c7e7019a524 |
| SHA1 | 5bea039df40ba727a9e7e8542bcc1aa39a37c79b |
| SHA256 | 8ae48390c8fd65732c7d55a94e55bac84f6452b744c7e5cf28e78b7f3d7723fd |
| CRC32 | BFE295ED |
| ssdeep | 6144:GSxnT/JRSd5qlZ1l+5C8d1thG0VAcHZaPpuD0jIj:j/Sd5ql7ggC1vG0RHghuV |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 03e8ede8a900d1e2_eula.rtf |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1029\eula.rtf |
| Size | 7.7KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | Rich Text Format data, version 1, ANSI |
| MD5 | e0eec490f52fe2ab10b75e354abffc87 |
| SHA1 | cdcea1632d1b42a08ce15919f0492cb35ba749ed |
| SHA256 | 03e8ede8a900d1e25414a5767980f8c2715b53d29cbfc40ce1b42075b175b0e1 |
| CRC32 | 288B1CEA |
| ssdeep | 192:h4SuzEDL7OFCPmypzj2MujquNs6t2fdCq8fy97OspIRgCOGzlQlmaZwZ4hgtE2:Fuzs7PGRt1UNWlAlWHtE2 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 50a534d5b14c6be2_eula.rtf |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1038\eula.rtf |
| Size | 7.3KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | Rich Text Format data, version 1, ANSI |
| MD5 | d1169d1dc40442766f68165855a3a1d2 |
| SHA1 | a1a817e8dddae958d944102a6076e07e3f326152 |
| SHA256 | 50a534d5b14c6be2c9ab6d538c7bd201a82504d34fca379d7c52c49cd127efc6 |
| CRC32 | FBCC3D82 |
| ssdeep | 192:h4gyZnFZRS9jLSyOxGmWmuzd0XHLvJMG7auy2:sZoh8WmuiSGOuy2 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 6e72ea01f8b3fbd1_netfx_Patch_x64.msp |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\netfx_Patch_x64.msp |
| Size | 34.2MB |
| Type | Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, Code page: 1252, Title: KB4503575, Subject: Update for Microsoft .NET Framework 4.8 (KB4503575), Author: Microsoft, Comments: KB4503575, Template: {16735AF7-1D8D-3681-94A5-C578A61EC832}, Last Saved By: :RTM48.1;:#RTM48.1, Revision Number: {40693D44-00D7-310D-8395-72393035A3A8}, Create Time/Date: Fri Dec 13 23:15:26 2019, Last Saved Time/Date: Fri Dec 13 23:15:26 2019, Number of Words: 5, Name of Creating Application: Windows Installer XML Toolset (3.14.0.2812), Security: 4 |
| MD5 | eb38ce2ee3f2bb520916f0517e799c11 |
| SHA1 | 632a62beaad2af87192cfef0ef21a59124910491 |
| SHA256 | 6e72ea01f8b3fbd1c1623cb5f812460d63df44503ee3ef2ae593c04bc70875d5 |
| CRC32 | 41094C61 |
| ssdeep | 786432:RIkA/YrYtdLljzuH27pS5V8TSd9/uKpovcTMRZ2MIjiN:8/t1FuH278VASDLOcT223i |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 9e224a5f7a5c83df_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\3082\LocalizedData.xml |
| Size | 85.6KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | e2fc9d2a4fc56b64e3981dd7e0b076d5 |
| SHA1 | 1660468ac360a0a52f1a84887a9bb9c6ca3c9d8d |
| SHA256 | 9e224a5f7a5c83df1ab31743520a05252c3cdcc9e97526264da716166d2b29f9 |
| CRC32 | 32DA732B |
| ssdeep | 384:4YI0PfH7g2HbWPD66KUtycsJ7ULMYIex7UM/I9aXdoBchU7aF/6JD1NDoAjJuL4y:IAMVgZN08Jtikin |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 91d3d81f8e066320_eula.rtf |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1044\eula.rtf |
| Size | 5.5KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | Rich Text Format data, version 1, ANSI |
| MD5 | 3c9f4b239ddc64151765eddf658e788f |
| SHA1 | 9be17903a7b604ca4a91ab1417207cc73ff2effa |
| SHA256 | 91d3d81f8e0663200d4a6fa6689cc6936c50db001514fe803a638b861196997a |
| CRC32 | D1DF4893 |
| ssdeep | 96:MFxITVDRr7F4SCwVwTclq54aMeBESUw80kvYGfqBI5PvfYJD0ARldNrgxUeiWN7t:Gk/F4SCwVwclq54aMeqSUwvkvbCBWnao |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 3c309a5509d42e64_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1044\LocalizedData.xml |
| Size | 84.9KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | b0d9e4dac3935bb596bb83b7d8474f8f |
| SHA1 | 29ce971b1a3ccf6f09eced6bff8e778df13f3d35 |
| SHA256 | 3c309a5509d42e6485e9123bc6af5ec43cf2faa8afead5062676e85ab7f96add |
| CRC32 | 684C71B4 |
| ssdeep | 384:4YX7lskoDBkIWPD66KUtycONAkhdkmgJljMFwrbDbGBklKn9COrtQ2GCJYkTQQv:UkBU9Ct2GCJYu9 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 50c95114d6340431_eula.rtf |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1055\eula.rtf |
| Size | 7.9KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | Rich Text Format data, version 1, ANSI |
| MD5 | 1604be6036737ce1701330a4f54917ec |
| SHA1 | 02e9ed8ffcd35b22db9ada931ffafebef9b967e6 |
| SHA256 | 50c95114d6340431fac2f752844b9e5c08024a88e464b1d4afde460545a3a3cf |
| CRC32 | CB77FAB5 |
| ssdeep | 192:93kB8xWbjs++3y+irO1a3Aq+zT8/fdBziV+XPXZpP37h2:Gq++8waekfD2V+XbN2 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 9bea3169e69bddbb_5a5ad5743da1c888bf3b54ccc3e34ff5_SmartbridgeLauncherInstaller_7.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\is-TCEFR.tmp\5a5ad5743da1c888bf3b54ccc3e34ff5_SmartbridgeLauncherInstaller_7.tmp |
| Size | 3.0MB |
| Processes | 2564 (5a5ad5743da1c888bf3b54ccc3e34ff5_SmartbridgeLauncherInstaller_7.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 6b2962cd0be2bdabba1e12264936298c |
| SHA1 | ef346fb4669701c405619c156ea09d0ee007c6e2 |
| SHA256 | 9bea3169e69bddbbaccc54e80be85e7fd438c7e3c9bbdf80ac0aba58f8916efe |
| CRC32 | 507BEC59 |
| ssdeep | 49152:qEA9P+bz2cHPcUb6HSb4SOEMkBeH7nQckO6bAGx7jXTV+333TY:692bz2Eb6pd7B6bAGx7s333T |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | d7b173d8f9467cfc_microsoft .net framework 4.8 (kor) setup_20230705_231421250-msi_netfx_fulllp_x64.msi.txt |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Microsoft .NET Framework 4.8 (KOR) Setup_20230705_231421250-MSI_netfx_FullLP_x64.msi.txt |
| Size | 5.3MB |
| Processes | 1616 (Setup.exe) |
| Type | Little-endian UTF-16 Unicode text, with very long lines, with CRLF line terminators |
| MD5 | 7705d16a2e2b7a308716eec620c148d6 |
| SHA1 | f8b226140d1d190c240ae6c8a8cdb9a43a85ca4d |
| SHA256 | d7b173d8f9467cfc49f97d5f0b6a5a529cdeee8d49e0f9e0abe57034c3073809 |
| CRC32 | 6800C8B8 |
| ssdeep | 6144:NjFM2eEjoBfHbEvMfypUBndCTi0b6jEDDUEM1NGJ4ouJNUpjg:t6dOIyS |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 289e23983692bdbd_SetupUtility.exe |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\SetupUtility.exe |
| Size | 304.1KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 2a20ff4988db90ae0632d898916950ca |
| SHA1 | f822b12f4efb31a99ec4df9a4d9c9806c55648fa |
| SHA256 | 289e23983692bdbd58ab0cb3b1668b5158d90a9937721185a75247a44d0c3243 |
| CRC32 | 659F450C |
| ssdeep | 3072:xX7UkkkAg0FuAxZIrnnFujuw54qAYghp05vxMnW6FlZz3LUlimXBzmQHkyQUNKm/:1AORnnFujhGp05g9z3uioNPHioqkpf |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 3ee9b5d92b1befd7_dd_tmp31de.tmp_decompression_log.txt |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\dd_TMP31DE.tmp_decompression_log.txt |
| Size | 611.0B |
| Processes | 2476 (TMP31DE.tmp.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | df8c7d1d2be72e59de80ea840a2b1f48 |
| SHA1 | 32ca2835a2e39fda29cdfc61d619737188da6e32 |
| SHA256 | 3ee9b5d92b1befd75ae3ee624d33fa719c42154b432931784819f9f237afcb01 |
| CRC32 | 2AECF871 |
| ssdeep | 12:Ibfntt9mlbfyQdjLwXbfeBZKQbfxdjLAPEjH0ZrbfVQdjLAXbfBx8bfBPbfB0dK:mtfi3waB0k3AcjHGc3AXw |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b05141dbc71669a7_SplashScreen.bmp |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\SplashScreen.bmp |
| Size | 117.2KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | PC bitmap, Windows 3.x format, 200 x 200 x 24 |
| MD5 | bc32088bfaa1c76ba4b56639a2dec592 |
| SHA1 | 84b47aa37bda0f4cd196bd5f4bd6926a594c5f82 |
| SHA256 | b05141dbc71669a7872a8e735e5e43a7f9713d4363b7a97543e1e05dcd7470a7 |
| CRC32 | 898845DC |
| ssdeep | 384:pu66qlxe0UqtcSiS2gLsd5xfAg+zqFv4t:LP |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | e9733a3fe748058d_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\2052\SetupResources.dll |
| Size | 20.4KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | f67d13820be86a0bdf9d6dde2fa400a1 |
| SHA1 | f9b2ffa3f1ee870e49b494a585c49b212ce907cc |
| SHA256 | e9733a3fe748058d474923b9de7fe1a6f4baafd0b592d72d05d0a6a69b3ca574 |
| CRC32 | 7EA9942D |
| ssdeep | 384:gkSEQw+3xH4G0XVW1eWuW8eWBD/HRN7Wa7lAtXKqt:gkRuZsBDvyt |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 1372c7f132595dda_Save.ico |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\Graphics\Save.ico |
| Size | 123.6KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | MS Windows icon resource - 19 icons, 256x256, 16 colors withPNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 4 bits/pixel, 48x48, 16 colors, 4 bits/pixel |
| MD5 | c66bbe8f84496ef85f7af6bed5212cec |
| SHA1 | 1e4eab9cc728916a8b1c508f5ac8ae38bb4e7bf1 |
| SHA256 | 1372c7f132595ddad210c617e44fedff7a990a9e8974cc534ca80d897dd15abd |
| CRC32 | 460DC0D6 |
| ssdeep | 192:cICfR9iBLLLLLLiii1dkx2Xwi+XI7b6ZZZZZZZZZZGGGGys7v5Z7vvvvvvvvvvwF:H2R9iJJi56ZZZZZZZZZZGGGGyHIIIhh0 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | f008e0a673ebd471_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1055\SetupResources.dll |
| Size | 24.9KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | c9dfda8948680ecc97a8bbe2f97114cb |
| SHA1 | 130b97562c2a45a3a87784e6b3a6818755a09c83 |
| SHA256 | f008e0a673ebd471af052c4f8259bfbfb9f028c203e96b18d53a179bf5017703 |
| CRC32 | 043B82BA |
| ssdeep | 384:TMYQAynHUSBQJvIE97ZIMQMtXd2XbtRSwWxeWeWMeWfD/HRN7wyAhl2Yn:TDynHUSKJvI8I5MXd2XbtR8MfDvwyC |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 3c61d7c6de9a02ee_SetupResources.dll |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\1042\SetupResources.dll |
| Size | 21.9KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | e33f51b027bdbb0a74db01443bb6a142 |
| SHA1 | 3c8221fa85d7036b0ebd8d62c1a4e1ffe9e73a97 |
| SHA256 | 3c61d7c6de9a02eec8538eab9b599a9456e4778099785d3e006c916b173daabc |
| CRC32 | BA88578F |
| ssdeep | 384:ZzDG2GRc9MWpzeW7WpceWHD/HRN7B6qslGsA3:N7FHDvBXJ |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 8374535e147ab71b_eula.rtf |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1040\eula.rtf |
| Size | 6.2KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | Rich Text Format data, version 1, ANSI |
| MD5 | 2fba51e419f1a5272244dca1bb6fa8d1 |
| SHA1 | a43aded44a95078b8ffa74085d8424caecc327ce |
| SHA256 | 8374535e147ab71b9f149e74e77fccf3282ffa9257565cd4af6db471c47e9231 |
| CRC32 | 53481342 |
| ssdeep | 96:MF5XTpDwXwx3ZZhoBv489Y2HW3UvrYh32w9z0Jr7dQlQQciyY8mhKWEMHP7/Xj4K:G3ZDa94gBDcIRm7cpPkjjdBqmJk7jsk2 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | d097e65640c3fc70_Setup.exe |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\Setup.exe |
| Size | 119.9KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | cde58a8957c817340671ccb08cd2c8fc |
| SHA1 | b27e53e8e3baa6f5b1e5f70b05e5e3c03653b1df |
| SHA256 | d097e65640c3fc706cbec97512290afd86fef51352e2614665322e9108d7ade5 |
| CRC32 | 2475DC68 |
| ssdeep | 1536:BC5s1sWfcdmUtZ4e8ZXUSbeQCtyXWPQqOkAzoIt02WZnqxMQP8ZOs0JhNK9beAU8:BKLmAgUSSQC4XeDOkeoN//gB3NWbnU8 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | e86656ef2092c0e6_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1042\LocalizedData.xml |
| Size | 73.5KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | 47f8082069c52d2f7db1fc6aac2886df |
| SHA1 | 4b5c371e9006c10685f2c59ca9a7ebfb4a597a0a |
| SHA256 | e86656ef2092c0e6caf5b8b0bca2d6ce5def273609c22187ae91236605d2e273 |
| CRC32 | 78CB7BF1 |
| ssdeep | 384:4YFyFFhyV4VnVLV//rCjKUtycONAkbETFU9WiucznfYbzqRjXU2ggRZVDhYAS+KY:1biucUb+xJr |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | ef9d89d9fb91b280_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1043\SetupResources.dll |
| Size | 26.4KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 6b5da66d58cbb93ab58508e39762dacf |
| SHA1 | 01f052c63b33eb77c7ca6e3bb7f85d748e90c4b7 |
| SHA256 | ef9d89d9fb91b28006d88a7314b25334ec9484b045c1ef1e360d190e57411271 |
| CRC32 | 1D4EF951 |
| ssdeep | 384:TP0c+uc0WYDxYv0hvOUjs1tWWiLeWUW9LeWMD/HRN7Psjhl2NM:R+ucq9rMDvPs7 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 2a7a44fb25476886_Strings.xml |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\Strings.xml |
| Size | 13.8KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF, CR line terminators |
| MD5 | 8a28b474f4849bee7354ba4c74087cea |
| SHA1 | c17514dfc33dd14f57ff8660eb7b75af9b2b37b0 |
| SHA256 | 2a7a44fb25476886617a1ec294a20a37552fd0824907f5284fade3e496ed609b |
| CRC32 | 9D8748B5 |
| ssdeep | 384:VqZo71GHY3vqaqMnYfHHVXIHjfBHwnwXCa+F:VqB |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 24db097f9b1a2337_microsoft .net framework 4.8 setup_20230705_231132921-msi_netfx_full_x64.msi.txt |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Microsoft .NET Framework 4.8 Setup_20230705_231132921-MSI_netfx_Full_x64.msi.txt |
| Size | 16.9MB |
| Processes | 3016 (Setup.exe) |
| Type | Little-endian UTF-16 Unicode text, with very long lines, with CRLF, LF line terminators |
| MD5 | 5a7d451c8d46c3a46efde9fe9f2caf1a |
| SHA1 | cce362e37c6c4dba44b1f8b528d0303caa19f1e2 |
| SHA256 | 24db097f9b1a233745926e7ecd337d831bb933822717246680c2c78c037044bb |
| CRC32 | A0C85D6F |
| ssdeep | 6144:05KUeNjTwJW+OVE1f1sz7PwvjkHTn2XLk/ETV5ZGowKJfVAJdI4AdA4udg/HqFE/:GenHTnkAJdO/HqCJxNo2XYl0UZvC4IVn |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | ab1d462944fdcb4a_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1033\SetupResources.dll |
| Size | 23.9KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 3f975e8bb4cd4adb9b5d21b2da436ab6 |
| SHA1 | e017dd66cbd964228b3b9b84b14c892709fe3915 |
| SHA256 | ab1d462944fdcb4ad2e6a4d37257f2fe2063744bb4e3de55b4126dfb65d383fc |
| CRC32 | FB7CC3C6 |
| ssdeep | 384:zt+QGZnU+9E2/yV/k6WpBeW9WpceWSD/HRN7EJhl2Z:z0Znvl/GejSDv9 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 758945516c03315e_4c7f163ed126d5c3cb9457f68ec64e9e |
|---|---|
| Filepath | C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4C7F163ED126D5C3CB9457F68EC64E9E |
| Size | 555.0B |
| Processes | 3016 (Setup.exe) |
| Type | data |
| MD5 | 0e5202fa385907a96430ec7f57e79f1f |
| SHA1 | fafa2251a82c99ccfc1b13d28e1ffcf548bd9a81 |
| SHA256 | 758945516c03315e16f9cd72d04ac155b63bc1faf8cb4c7a0328dc432b86bdc3 |
| CRC32 | FE39D12D |
| ssdeep | 12:owJrXuBFg+dcqlXEDRi1tyqi1Xo0ffFcq8vPsCvTfn:oqDuDf9lXARc30ffFc37n |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b67bc7e8532ac429_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1046\SetupResources.dll |
| Size | 25.4KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 157da28c4dec27279322a99d90a27dfa |
| SHA1 | 8e9928bae175e16ca21a5f3d101dabe9c8bd7f32 |
| SHA256 | b67bc7e8532ac429152877f368cab07ce7d78bf49b144a2e188792c05d47aa38 |
| CRC32 | D26F6166 |
| ssdeep | 384:eFiQP70DnTB1Hcpm1WYeWfWVeWzWD/HRN7MjlGshe:exQ3B18saCDvd |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 9ad08b8781fde309_a583e2a51bfbdc1e492a57b7c8325850 |
|---|---|
| Filepath | C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A583E2A51BFBDC1E492A57B7C8325850 |
| Size | 256.0B |
| Processes | 3016 (Setup.exe) |
| Type | data |
| MD5 | c8ae48b8f96c158e8501cdd0101db90d |
| SHA1 | 0bda6b519d41f7456da0a86704e8413612cd1334 |
| SHA256 | 9ad08b8781fde3093f604c26cfd8f6dd38a49e405ddb25114c3a20f8c238950a |
| CRC32 | 94E82E71 |
| ssdeep | 6:kK7ckNHa6st9t6zB7WJM1+ffyWcaQnK+j:jckN639sqM1+ffylFn1j |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 8f7847cfc9ec70b6_UiInfo.xml |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\UiInfo.xml |
| Size | 35.7KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators |
| MD5 | 8ace169bf65675c089e0327d5b1f7437 |
| SHA1 | 43646e29c878f58ac4b5d7c192d11b3becd9e9f6 |
| SHA256 | 8f7847cfc9ec70b6758f6fbe9b98809ca7bf8ecb25bf9b3a8e7e052b83dfa94b |
| CRC32 | 357E1AA7 |
| ssdeep | 768:24URHd5vESguJQvFQXvDINJh6FmhPsrVsG8t+p3879km2VG9GMGNGTDKvefkfub:24URHd5vEQYQLIN/6FmhPsrVsG8t+p3+ |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | a787b2f493c32489_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1049\LocalizedData.xml |
| Size | 86.4KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | d46f34e95e94fbfa4cb4a8dcc7ba3211 |
| SHA1 | 3e2150c9dd44c4b3416051534ccf84968f2737cd |
| SHA256 | a787b2f493c3248991877f61e210bb0231d357d06aa2671917d2ad4e528c9f67 |
| CRC32 | 29FA131D |
| ssdeep | 384:4kbCNVxJ4i/5Qbkkk5vWPD66KUtycONAkDS72HrkSVfGo/RGKVcng5/spnBthXlK:EfVUJi |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 255025a0d79ef2da_header.bmp |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\header.bmp |
| Size | 9.4KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | PC bitmap, Windows 3.x format, 49 x 49 x 32 |
| MD5 | 41c22efa84ca74f0ce7076eb9a482e38 |
| SHA1 | 8e4a371fd51a61244d11c4fc97d738905ce00fbb |
| SHA256 | 255025a0d79ef2dac04bd610363f966ef58328400bf31e1f8915e676478cd750 |
| CRC32 | 78E28235 |
| ssdeep | 12:0sUJX6qqfq+fk2CbCbCbB18e31331/V/SJ31jqAJ31DxJp1hQPJVsPP91bDUmJ35:0sUPHn2MMMQkEHDUx9Hk |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | bfb0332df9fa20de_stop.ico |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\Graphics\stop.ico |
| Size | 185.7KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | MS Windows icon resource - 36 icons, 256x256, 16 colors withPNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 4 bits/pixel, 128x128, 16 colors, 4 bits/pixel |
| MD5 | 7d1bccce4f2ee7c824c6304c4a2f9736 |
| SHA1 | 2c21bf8281ac211759b1d48c6b1217dd6ddfb870 |
| SHA256 | bfb0332df9fa20dea30f0db53ceaa389df2722fd1acf37f40af954237717532d |
| CRC32 | 3CF053C5 |
| ssdeep | 768:G6mPq2pmss03yYI8yghoENpqcVnPnn3zcrFTZqV:G6mPDalENpLFn3zcrtZqV |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | aabccc5b9e9fb2a2_eula.rtf |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1025\eula.rtf |
| Size | 13.1KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | Rich Text Format data, version 1, unknown character set |
| MD5 | 13431fd86b4023b8e11695360b22169c |
| SHA1 | af4f361de88d390b27e8b6169aef2c05fd6c2e00 |
| SHA256 | aabccc5b9e9fb2a2759c634cd94b8b5808bf9d32a46014c2f01e245405b84fea |
| CRC32 | 1B968410 |
| ssdeep | 384:U3dyzhC8tePMiBhBMU50ysaaLah+Ks+g2:2qCTBhS3ysaaVKs+n |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 995c9f4ea0d98c0c_Rotate7.ico |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\Graphics\Rotate7.ico |
| Size | 140.7KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | MS Windows icon resource - 19 icons, 256x256, 16 colors withPNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 4 bits/pixel, 48x48, 16 colors, 4 bits/pixel |
| MD5 | b4947d242ab4a902031fcd1ffd3a56cd |
| SHA1 | 4014a05642118a306c742f56878db1ea61e78b6b |
| SHA256 | 995c9f4ea0d98c0c4e5037ede43fc44a680d85cb1e37c782adab775915e975b8 |
| CRC32 | 7C9AFF3F |
| ssdeep | 1536:H36R8gfxxj979YnfXEtJ3mo4X78E+FhqYLGgWjj:H4VYEXmPXgE+FhqYLGgWv |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | f714f0963e1ce7c6_eula.rtf |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1046\eula.rtf |
| Size | 6.0KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | Rich Text Format data, version 1, ANSI |
| MD5 | 4f7e0cf0ab641752acf8168b7af115c2 |
| SHA1 | 99ac6551112c1f308b4c939f75c73a098e2ec7c3 |
| SHA256 | f714f0963e1ce7c6a73b27585eb6b197e29875e195b97885737817e51ded42ad |
| CRC32 | 93DCD0C1 |
| ssdeep | 96:MFklMuTyDyuCBhgerTSwp2BPVr84Y4nyoZveAY2vqpMETEGEZrHkB60037tY6Al5:GOzhge/lsZVr9TZt6qj5ZSRW+IcLW2 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 001b5d3fab8e366e_37c951188967c8eb88d99893d9d191fe |
|---|---|
| Filepath | C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\37C951188967C8EB88D99893D9D191FE |
| Size | 264.0B |
| Processes | 3016 (Setup.exe) |
| Type | data |
| MD5 | 4a0afa632819357590d0a54dbf0eb672 |
| SHA1 | 7ee14f2015513b0f509a245fcde929766d8d2f55 |
| SHA256 | 001b5d3fab8e366e774efacf5f31d1b9d119dffc6d79c5b01d69638e2d2cc40a |
| CRC32 | 29FB1D45 |
| ssdeep | 6:kKQNe+qU1RSPiJ6xB7WJM1+ffyWcaQbsKAl1j:INe+iJ3qM1+ffylF9A3j |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 3a31342ff49f39ce_4c7f163ed126d5c3cb9457f68ec64e9e |
|---|---|
| Filepath | C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4C7F163ED126D5C3CB9457F68EC64E9E |
| Size | 256.0B |
| Processes | 3016 (Setup.exe) |
| Type | data |
| MD5 | c03f3fcb621019acf63f685ef3982cfe |
| SHA1 | c104f8012f322ca7c68b77eaf807f05957df6d1b |
| SHA256 | 3a31342ff49f39ce1f41d578820229a07a79388c363aae416c7d2239596aff75 |
| CRC32 | 2C6292CD |
| ssdeep | 3:kkFklJlMvKHX3295klbCn1t/lJPRkUll/JIH/l/elR82ClRRly+MlMJXcXl+B5lt:kKxx5Efl/MB7WJM1+ffyWcTm+gcK9WIj |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 623eaacf9c741308_SetupResources.dll |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\1033\SetupResources.dll |
| Size | 23.9KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 03cedda77ff7c8b522edef202439bd2f |
| SHA1 | b6e1803084a762ac4a2ff2dae7abc0e9f4e8bfb5 |
| SHA256 | 623eaacf9c74130805d76235cab574d10ad629b62c84d1111743913df8720170 |
| CRC32 | E3425702 |
| ssdeep | 384:w1+QGZnU+9E2/yV/kVWpzeWyWpceWFD/HRN7y51wmEy4lGswz:wsZnvl/GlyFDvy5ky5 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 7eb4e80124f4ea88_696f3de637e6de85b458996d49d759ad |
|---|---|
| Filepath | C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\696F3DE637E6DE85B458996D49D759AD |
| Size | 244.0B |
| Processes | 3016 (Setup.exe) |
| Type | data |
| MD5 | 8e97c63dcc4f6d8b6c365a911515be52 |
| SHA1 | ac0d05d432e3fe29839071984ff45902f8c1bb22 |
| SHA256 | 7eb4e80124f4ea889731b39d0b607a81310ac7abce5d68020f42bef051d3dbd9 |
| CRC32 | 70C8A968 |
| ssdeep | 3:kkFkl1ll9kNvgRat/PlE/UYPkNRR82ClRRly+MlMJXcXl+B5lRkKlIiyClRNlJcF:kKC81fY8hB7WJM1+ffSiy7D1j |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 1e828840ae8728ac_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1035\LocalizedData.xml |
| Size | 84.1KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | ad67691b3b5474154f65400e53ddfef2 |
| SHA1 | dc8dc683bf9fee12a5ab7297789a5c087e98facc |
| SHA256 | 1e828840ae8728ac809624845597406d4025d6da7797b38f02946a30a48bfe7c |
| CRC32 | A3DE824C |
| ssdeep | 384:4Ys04sUwpVbVkV4VbiO/6KUtyc6BM47+QqOYeBzW/jzKdm4Ne4Bti4l59R8fOaJt:Fr/lOfOaJ+Q |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | ae28910c1ef16ce7_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1041\LocalizedData.xml |
| Size | 75.2KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | 32e4d6f895a69bb2c373ff4c688d6b27 |
| SHA1 | 57738235363c5f1a1c5651c65832396e3aef4414 |
| SHA256 | ae28910c1ef16ce70a5e97c5d02390ad8d64f80966e2be3c4a56db0c4038442d |
| CRC32 | FEDDE80B |
| ssdeep | 384:4YZUFNhaVwV/VLVWPD66KUtycONAk8mZX4++oMeRCcLsRDJDhFfv:edGJ/ |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 2ec36fb871853f60_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1040\LocalizedData.xml |
| Size | 85.8KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | e74a35a00e0228de37ee911f93411ed2 |
| SHA1 | c1c0901eb552c21ce2817b7edb94af611b571a49 |
| SHA256 | 2ec36fb871853f60085bc972e08156483384f8c1d6e000f5db1cc8cccad05f8c |
| CRC32 | D0C0DD83 |
| ssdeep | 384:4YmLGeyl/eSWPD66KUtycs9/wTBiG+Hg3XLCMa1eHzNZNs4fuD4RBJBo5U6sxuwv:C1aYtJGk |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 388a796580234efc__setup64.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\is-8JDV0.tmp\_isetup\_setup64.tmp |
| Size | 6.0KB |
| Processes | 2640 (5a5ad5743da1c888bf3b54ccc3e34ff5_SmartbridgeLauncherInstaller_7.tmp) |
| Type | PE32+ executable (console) x86-64, for MS Windows |
| MD5 | e4211d6d009757c078a9fac7ff4f03d4 |
| SHA1 | 019cd56ba687d39d12d4b13991c9a42ea6ba03da |
| SHA256 | 388a796580234efc95f3b1c70ad4cb44bfddc7ba0f9203bf4902b9929b136f95 |
| CRC32 | 2CDCC338 |
| ssdeep | 96:sfkcXegaJ/ZAYNzcld1xaX12p+gt1sONA0:sfJEVYlvxaX12C6A0 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | deba0a7a6e2ca99d_SysReqNotMet.ico |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\Graphics\SysReqNotMet.ico |
| Size | 140.6KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | MS Windows icon resource - 19 icons, 256x256, 16 colors withPNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 4 bits/pixel, 48x48, 16 colors, 4 bits/pixel |
| MD5 | eca24331ce0850d188bd2eb5c22de684 |
| SHA1 | 53e910c03aa6bc423717c5b175670517f26f00a4 |
| SHA256 | deba0a7a6e2ca99d3380d35ae33f8d266806fdbcbf75fb06b5718be5873258f6 |
| CRC32 | 6C2FCD51 |
| ssdeep | 768:RB/Nn07yYIG+Tl6iaYO+xQNM11AdKgw3w:Rh+7+Tl6iawyEAdKgw3w |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 236bf2b5cf6014b8_SetupEngine.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\SetupEngine.dll |
| Size | 893.4KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | f9618535477ddfef9fe8b531a44be1a3 |
| SHA1 | c137a4c7994032a6410ef0a7e6f0f3c5acb68e03 |
| SHA256 | 236bf2b5cf6014b8ee22484afe172ace512cc99dba85080b082d47e9e189ea5c |
| CRC32 | F9894663 |
| ssdeep | 24576:ZG2ynlYANtzSXWnTNPO5I4IHm7ONx3ZFaJ/KGvUnh:ZG2ynlYADzc3I4IHm7OjyJ/nvUnh |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | b94e68c711b3b06d_Rotate10.ico |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\Graphics\Rotate10.ico |
| Size | 140.6KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | MS Windows icon resource - 19 icons, 256x256, 16 colors withPNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 4 bits/pixel, 48x48, 16 colors, 4 bits/pixel |
| MD5 | 0cca04a3468575fdcefee9957e32f904 |
| SHA1 | ae5a03b47df97f5f1b14dca3539a1c4b0f407f15 |
| SHA256 | b94e68c711b3b06d9a63c80ad013c7c7bbdb5f8e82cbc866b246ff22d99b03fe |
| CRC32 | C34B3C7D |
| ssdeep | 768:qZvaGyae28qOtnAjW6HvC2TpjTUmhIKosFE607deph1z:SyaeNqOtnYxpjTUmhSf607MpD |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 2f15225d2430c547_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1040\SetupResources.dll |
| Size | 25.4KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 002b3cdf42b65a6fc508fda46c82502f |
| SHA1 | a2858216ee2ead168ef2a279e855ade7787ab2be |
| SHA256 | 2f15225d2430c54788ea9a34ddc06ae609f25436b7bdb151c95316a09d3ce251 |
| CRC32 | 520E94AD |
| ssdeep | 384:SRiQ3gzAmbFxPcRJksWo5mWueW7WPeWvD/HRN7skOhl2:SHmbFx1SGYvDvs |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | a90eb5e94f3a7ca6_eula.rtf |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1037\eula.rtf |
| Size | 12.5KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | Rich Text Format data, version 1, unknown character set |
| MD5 | 1aa6e136caeae287eff59d64281451fc |
| SHA1 | 57c5384003360e539cad84f1b242a636ce399895 |
| SHA256 | a90eb5e94f3a7ca6d30f849c47dd6c35b0599fe66af50a29c029520b81b2b434 |
| CRC32 | 62BA51E7 |
| ssdeep | 192:S/vZcyZvTnDZV/4qqoIVleXyfK3V7RkZqV0vPVMVo+VfwWknBUR1VFdrVxV5VRV1:czVz4CNY+W2 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | d3dbea64652620e7_SetupResources.dll |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1032\SetupResources.dll |
| Size | 26.4KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | d30b31e0c9c97061a8e07dcb56b4c199 |
| SHA1 | b48b248757c869c1186f6bf4ea3470a1e06c2222 |
| SHA256 | d3dbea64652620e74b73a67a63be36085bfca863a991b3022e322b6ac4d2347c |
| CRC32 | 8F04CB45 |
| ssdeep | 384:8TnQJphGfM2piLLsFXrEqRr1t5UZ4/s3JRDW+BeWxWrBeW5D/HRN7WRImlGJid:8YXGk2pDZ64kL7A5Dv8 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 992280eea0cb8cd6_eula.rtf |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1031\eula.rtf |
| Size | 6.2KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | Rich Text Format data, version 1, ANSI |
| MD5 | 940967914ea121aaf09b119e37206a38 |
| SHA1 | 7ab2b55ebe42c242dbbe8f1821c138f52843793e |
| SHA256 | 992280eea0cb8cd63878356a350801632a63ca669c1720f361ff2922243e701a |
| CRC32 | C1A8880E |
| ssdeep | 96:MtAqBQTZDyiRcm6KFaZxb4QFUdXHDjAZmOr3IRjPQPtSzb+5XpXGEJs4LQ9my2WW:+AIWoKFaZFLFUFHDjwmRIQHm1ZWeWH2 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e9a20e972c7d2a19_netfx_Full.mzz |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\netfx_Full.mzz |
| Size | 128.0MB |
| Processes | 2476 (TMP31DE.tmp.exe) 3016 (Setup.exe) 2956 (ndp48-web.exe) |
| Type | Microsoft Cabinet archive data, 228089084 bytes, 1643 files |
| MD5 | 0d24ef5a9ba4ee04696bccfe5c746eee |
| SHA1 | eee240396169df89d1f877afe5d636c27d1b4290 |
| SHA256 | bbc78522b6d971d36bdc6abb2e9ffb8b4a9f51172e9a59beeff4211092704589 |
| CRC32 | CDB5A334 |
| ssdeep | 3145728:MMFjN/NtmSWB2mvfYKTXcSn83SDmpXP0u:Hjpm/B2mYKTXfn83SDW |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | e9877973bef23498_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1037\LocalizedData.xml |
| Size | 78.7KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | 631011d665ad08220fe248d9f8a103ba |
| SHA1 | 652c56998d0e8bf0c43f136fd90c69728bb0e111 |
| SHA256 | e9877973bef23498b586a9cf03230fc45a9ea8a3f75decfa062b03bd31974b06 |
| CRC32 | 43F49898 |
| ssdeep | 384:4YsEJquUMovngPMIzVK6ptI6AmtycsOlrAyA/AUkkzmhygwREQ0mFfGQdJjwvSJf:9V0tJjw5o |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | aadbd1df74fc82a4_LocalizedData.xml |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1046\LocalizedData.xml |
| Size | 84.7KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | 4a892aa3fedbfe5991b6ff46c00af55c |
| SHA1 | 421fe8f80432c56d022ff2911c4a5708093184c3 |
| SHA256 | aadbd1df74fc82a43f86f1f40d5065a802b2db71652525a78d258fda3197a743 |
| CRC32 | 19DFC84C |
| ssdeep | 384:4Yjbb8UAjJUgYN5s6KUtycONAkIuroXIGSPchHL4lzSv3kOY8vg2m/qKdxEcyJ2w:qUbcyJzyN7K |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | ab18374b3aab10e5_watermark.bmp |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\watermark.bmp |
| Size | 101.6KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | PC bitmap, Windows 3.x format, 164 x 628 x 8 |
| MD5 | b0075cee80173d764c0237e840ba5879 |
| SHA1 | b4cf45cd5bb036f4f210dfcba6ac16665a7c56a8 |
| SHA256 | ab18374b3aab10e5979e080d0410579f9771db888ba1b80a5d81ba8896e2d33a |
| CRC32 | 2DD7A0D5 |
| ssdeep | 768:QKUpOeBmAj72KbvEvffvCv7cTIMUHuRzHA8X9H51T9ho4xw7CgB1:QKULmAfbvEv47cIHzE9vo4SuU1 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 4399b24e28becfb3_eula.rtf |
|---|---|
| Filepath | C:\544756739cb65cb612c2d6c6e1\1033\eula.rtf |
| Size | 4.8KB |
| Processes | 2852 (NDP48-x86-x64-AllOS-KOR.exe) |
| Type | Rich Text Format data, version 1, ANSI |
| MD5 | 47c47a12e6830b793150494d35d51637 |
| SHA1 | 87a11fece572f2a57982270533d6906daf7da218 |
| SHA256 | 4399b24e28becfb3bb2820daa09965860001492145fd7e2466da7b740c31855d |
| CRC32 | 2458398B |
| ssdeep | 96:MC7BLEcTk6NDZSftJpn0WfoW6USPRl0D6R2jdmNt1Oc/fTp3hk0ifCmIbOEQCcQr:F+j6ToLp0WfkUSPRl0D42jITTpxOIbOu |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 271152060662ccce_eula.rtf |
|---|---|
| Filepath | C:\8e051fc3d4265a89f50407ff5a05bb\1030\eula.rtf |
| Size | 5.7KB |
| Processes | 2956 (ndp48-web.exe) |
| Type | Rich Text Format data, version 1, ANSI |
| MD5 | dcd287a517a6dd7a011b584fd5660811 |
| SHA1 | 249318666d6a3d0903f00c954dd1309aa6a59859 |
| SHA256 | 271152060662ccceb3d2f6edcaeaa9e003391975aadc6dd6b26648b8a084dbe1 |
| CRC32 | FFD2CA3F |
| ssdeep | 96:MFutTWDeTJBPLzWTcuC56hPt7ye6BY4fj80xYnNvbYv5YRcnFGmNWIOpxFEibrmi:GSFBPLzWTcuC56hV7ye6HjvxCu5dG4ar |
| Yara | None matched |
| VirusTotal | Search for analysis |