Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
01.18 04:01
svc.exe
01.18 04:01
RemittanceForms.exe
01.18 04:01
Aristois-Free.jar
01.18 10:01
setup641.msi
01.18 10:01
Needle_Setup.exe
01.18 10:01
8734_5737.exe
01.18 10:01
CondoGenerator.exe
01.18 10:01
QGFQTHIU.exe
01.18 10:01
4909_7122.exe
01.18 10:01
Updater.exe

Latest News
01.19 07:01
Star Blizzard: Russisc...
01.19 07:01
Ingenieur baut KI-Waff...
01.19 07:01
Apple Intelligence: Ei...
01.19 06:01
Decoding the flag by m...
01.19 06:01
Investigating USB-to-E...
01.19 05:01
Perplexity Submits Bid...
01.19 05:01
Javice Says Ex-Colleag...
01.19 03:01
Putting Cheap Motorcyc...
01.19 03:01
Trump Will ‘Most Likel...
01.19 01:01
DOJ confirms arrested ...

Dropped Files | ZeroBOX

Name	1b8c3add009028eb_cs.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\cs.pak
Size	393.7KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`ff919631102a3a9ec635b3080b63e305`
SHA1	`e43b117ad5b2d5b373321ab0ae63dd4bc1352a89`
SHA256	`1b8c3add009028eb567b0094759daff29b7861e11d5a9d864071012200e9735a`
CRC32	`1499AB6F`
ssdeep	`6144:qEHFUi7lAZYhg7FlAKRM55Z8+U1KN0g588QM:qCVpAahgxxM55Z8+UoN0gb`
Yara	None matched
VirusTotal	Search for analysis

Name	fa5b80bef2d5b6d4_sr.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\sr.pak
Size	596.0KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`be885598fb69054c4beb3b7648349bc6`
SHA1	`6e6fc256801963a9f2f0baed77d5936f0f08d91b`
SHA256	`fa5b80bef2d5b6d4ba372dcee7704b77c667bdf31cc79f2980be0ad355c52489`
CRC32	`600C0897`
ssdeep	`12288:SoRuo7GvX1RIScE1F/eQ0Asr6E5eaxLvRWr37vXDt/k/t:Sw1MFMaE5nx71`
Yara	None matched
VirusTotal	Search for analysis

Name	5339b8ca52500bd0_fi.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\fi.pak
Size	351.9KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`fa7dbd2ee35587ff31fde3c7107e4603`
SHA1	`baaa093dcb7eccf77ce599c8ff09df203e434b60`
SHA256	`5339b8ca52500bd0082e0ba5a5f440c5f04733803da47963280479760c7fff2c`
CRC32	`2FA2BA46`
ssdeep	`6144:TNqgL9T4VbhCY4bsz/aOE/caYMvLXV5tljSHIEJ18GWU/WnBR7X1w72:RHxTLVcaH5tl+HIEJ18GWU/92`
Yara	None matched
VirusTotal	Search for analysis

Name	ea5b1dd171588840_de.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\de.pak
Size	382.0KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`8e9521d0f561813f73b0517b3e394227`
SHA1	`10d011e77894b10d52c71479bb669fe938170274`
SHA256	`ea5b1dd1715888409f8a3b146f364d2f470931e8ee08c5579f53e4784dc4d096`
CRC32	`BAD5C6EF`
ssdeep	`6144:ZIrFmJcux+raRKcUCVV3dfZqzhq7mp5/g6nBIRgql:aFluoraf7fZqV5ZyRgql`
Yara	None matched
VirusTotal	Search for analysis

Name	fc4a59ea60d04b22_bg.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\bg.pak
Size	632.0KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`9dc95c3b9b47cc9fe5a34b2aab2d4d01`
SHA1	`bc19494d160e4af6abd0a10c5adbc8114d50a714`
SHA256	`fc4a59ea60d04b224765be4916090e97ed8ddda6b136a92a3827ed0fcc64bb0e`
CRC32	`3BD6939D`
ssdeep	`12288:mEJqOwccalYrdAs1alUx42aVVwslyLKmF/RY3YKN3R5ObDGIV+Jfu64KyzEfSZpR:vqAZlYrdAs1alUmys8lY3YKT6q2Qu6pu`
Yara	None matched
VirusTotal	Search for analysis

Name	9f79f46ca911543e_chrome_100_percent.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\chrome_100_percent.pak
Size	126.6KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`d31f3439e2a3f7bee4ddd26f46a2b83f`
SHA1	`c5a26f86eb119ae364c5bf707bebed7e871fc214`
SHA256	`9f79f46ca911543ead096a5ee28a34bf1fbe56ec9ba956032a6a2892b254857e`
CRC32	`9FA4EC44`
ssdeep	`3072:5KzwqCT4waJL2myFhPNL2o418Gb0+VRLf0ld0GY3cQ39Vm2I:5Kzwt4LwmU3K18Gb0OV8ld0GecQ3f2`
Yara	None matched
VirusTotal	Search for analysis

Name	dd7c2e4672255078_hu.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\hu.pak
Size	411.2KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`510cf6418d140f6abaac4c1636fcf205`
SHA1	`16eee8842e0accab21bbb71832d0a5140959d641`
SHA256	`dd7c2e467225507850cd807727eac591a7c4d9b1210ec075a35f619726d4a908`
CRC32	`DAC8896E`
ssdeep	`6144:C6H2WocSSfXeV5z8bZfGRaqY6FEISam7EhOwKX5gRbGGatG2UnvydpECk3ICf:Cg9QV5z8BuA7FwKX5QNnp`
Yara	None matched
VirusTotal	Search for analysis

Name	a3a778856ac00368_es.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\es.pak
Size	380.3KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`3a65945ae23e21f2fe0204e4743e577d`
SHA1	`709fcd8e923dfe9532a41ebf5d8db29de2f9aacf`
SHA256	`a3a778856ac003688bae0c19541b9c643678645a21cc84d519deee565813e037`
CRC32	`ADA14608`
ssdeep	`6144://hJOlJ4+GXUzqqWgf/xTpaN+45OwjX5Or97bzm2nE6PZmy://XL+G7gpTpe+cdjX5OrZmksy`
Yara	Admin_Tool_IN_Zero - Admin Tool Sysinternals
VirusTotal	Search for analysis

Name	bb3974f9274714f3_id.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\id.pak
Size	336.4KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`b37ef29e05afde3dd0058996ee1535c8`
SHA1	`ecb7bbe9969b8eaf4b854b3c6abca9eda54ecec1`
SHA256	`bb3974f9274714f3d27b5df7ba93424aeef15ef9cecd30c0da01b106b0136392`
CRC32	`308490BE`
ssdeep	`6144:0LP18Ukxzk5LgoBRfjDVnjHF0FmP21Afw5/yhhvtMnSRsEaM:0CUOuLJVVnjHFUm+1sw5/yhd`
Yara	None matched
VirusTotal	Search for analysis

Name	d4caab8ba7c39c32_ffmpeg.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\ffmpeg.dll
Size	2.6MB
Processes	2644 (BonitSetup.exe)
Type	PE32+ executable (DLL) (console) x86-64, for MS Windows
MD5	`0b003a4518c24a426554920171f7a842`
SHA1	`d64f248f642373c899011a6f0e125335b067a56f`
SHA256	`d4caab8ba7c39c32d88408b96622c065c31b7c5578a3d58c591b0dba609c4535`
CRC32	`29AEF07A`
ssdeep	`49152:dqMAAYNDEmcTfAZMHkwfPYX6Edxhi1uGaVrFY7Q9b5hpN3lzl3hHLNoJ1:dGDfRMHR8rFYU5hNA`
Yara	Malicious_Library_Zero - Malicious_Library UPX_Zero - UPX packed file PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) anti_vm_detect - Possibly employs anti-virtualization techniques OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	1247e47e0e28edcf_fil.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\fil.pak
Size	394.7KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`50215f75b544a0fd22eab7205891fb75`
SHA1	`4832d05fc797dc3d9904d9b41e745311c87c0f5f`
SHA256	`1247e47e0e28edcf8b3b5a02109c06049bd828de7e3cbc560b5709966b5cc042`
CRC32	`D3CD7486`
ssdeep	`6144:3vDKTlHgaVyEDQXwhNwj6LxephGEZ30mi5agm+HmAxD78:/DgKsWjA4i5Xmx`
Yara	None matched
VirusTotal	Search for analysis

Name	b393f05e8ff919ef_nsis7z.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\nsoFA9D.tmp\nsis7z.dll
Size	424.0KB
Processes	2644 (BonitSetup.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`80e44ce4895304c6a3a831310fbf8cd0`
SHA1	`36bd49ae21c460be5753a904b4501f1abca53508`
SHA256	`b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592`
CRC32	`DB6CC985`
ssdeep	`6144:aUWQQ5O3fz0NG3ucDaEUTWfk+ZA0NrCL/k+uyoyBOX1okfW7w+Pfzqibckl:an5QEG39fPAkrE4yrBOXDfaNbck`
Yara	Malicious_Library_Zero - Malicious_Library UPX_Zero - UPX packed file PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description) OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	35aa28dd033ff2cf_ro.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\ro.pak
Size	387.5KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`c3cfac8bb282ef66d29a1a1b48cdaf61`
SHA1	`ef0a2218ed4ba49cb57e4ab7b89e95c2244d457e`
SHA256	`35aa28dd033ff2cfcfb624b12ae4bdea6a2118f98ebb25c59c5e7ccc46c2edc6`
CRC32	`7E5F6A75`
ssdeep	`6144:GjLFrTzaObFnyEFGw6mf/E1B5Z/loFs2s/BuoTr:8LFX7cEFGw6mf81B5Zdoa/rr`
Yara	Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	61a372f170de0a22_ml.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\ml.pak
Size	948.4KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`00292b0801e0dd0a74091bf53f1574c9`
SHA1	`63a002e7a8796bc4b4459a19c95ce426fbd1ec7f`
SHA256	`61a372f170de0a22712be980c3c78b22035ebf40ce79332fab75cdcc4208c9e6`
CRC32	`55616105`
ssdeep	`12288:0uZPZlsLnAkQx7/bmXXrwMmWDcZubSA5WNPT43e6hD5b/7dS1u3SE:dRlrkfIt43eI5b/7Cu3B`
Yara	None matched
VirusTotal	Search for analysis

Name	0b5b09eaa7846217_hi.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\hi.pak
Size	821.8KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`4440c6790e759783a5b993f0174795ae`
SHA1	`f9bbe5c5c212cc0e135c36a35a4c5d756de68553`
SHA256	`0b5b09eaa7846217805c2442642cfc2af70278ebcfaadb057c5d9ec2d8272aec`
CRC32	`5E990E0E`
ssdeep	`3072:T0/1n9gPC9841Le66uhtD3dkhSvf4QAEm5dmGrsXt4GR3doI1NldYbOqGPtv83YL:TE1n9gPSJn6u7tU5B5MQud`
Yara	None matched
VirusTotal	Search for analysis

Name	7a912c7a7cf0a7d6_app.asar Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\resources\app.asar
Size	28.0MB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`93f6f7378eefa6c9f42324e0661907b3`
SHA1	`a51957e2ba8f5fe281348d0c92df96a3a73ce1cf`
SHA256	`7a912c7a7cf0a7d6dc66b470eaee266b006313df82fd7e12a0756002c738e072`
CRC32	`DBC93F1A`
ssdeep	`98304:Q1KLgD3Xtos6oStP6/FmBOcgyDcBWN6eVVgbA48IUFDIoZGGF3JnaW27CZTj9QX8:3gOtP6JzJ7SzcCRbtJhll`
Yara	Malicious_Library_Zero - Malicious_Library Javascript_Blob - use blob(Binary Large Objec) javascript OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	18437c020fc37011_libegl.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\libEGL.dll
Size	473.0KB
Processes	2644 (BonitSetup.exe)
Type	PE32+ executable (DLL) (console) x86-64, for MS Windows
MD5	`234a6b1f55ff509b67798fc035c0d630`
SHA1	`4d7bc13a6c496a055aeb3575435a539362041fb8`
SHA256	`18437c020fc37011e276a9780d8941482195632489a6afca47302132e2cb66c4`
CRC32	`7009541D`
ssdeep	`6144:wTv0fq4dz9B4x4w/jvtGW9ZST3BypG48yOnb4pgsHVlAYn5eZRO8:wTN4dNw/jvtGW9c3BypaagYnyRO`
Yara	Malicious_Library_Zero - Malicious_Library UPX_Zero - UPX packed file PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) Malicious_Packer_Zero - Malicious Packer OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	be1abb47aa45ab64_lt.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\lt.pak
Size	412.4KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`cb02b607a4d4eb2bad80d82d9918688c`
SHA1	`d287dea642f87f36b4ab1717e30099295751eaa8`
SHA256	`be1abb47aa45ab6444e1a8b4a5f05c563fd32f02a7296c509645cc07399e6d0a`
CRC32	`A50F31AE`
ssdeep	`6144:RvrvZ8MmnpX4um4GhTnyIpoOScfi78S5bzzv+4yaNAlN2ICP2IF6SB:RvWWbp/poOL5S5nzv+fN2Jt6SB`
Yara	Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	c105f2dee35d8afc_nl.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\nl.pak
Size	356.4KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`5ecb94404eb067c8db3cfc408a542bd5`
SHA1	`0050d412bc1604379f8b93b96c5f5df9b1852b4b`
SHA256	`c105f2dee35d8afc69b0122ca4108c3f8b097a31116970253720fcf25308a274`
CRC32	`FC1E9B99`
ssdeep	`6144:QYhSs7gDbu5rVgHLpaN93D+qnkM1D5e/xiGpVx9jPW:p8MgDbu5rV3RkID5e/xiGpVx5PW`
Yara	None matched
VirusTotal	Search for analysis

Name	d3ed8b39792b8ee8_ru.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\ru.pak
Size	634.3KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`a6bfb031c776c4ca95cc16cb79a05e92`
SHA1	`3b4a8b3731ad226293fb5d52420bfdd3fdaac605`
SHA256	`d3ed8b39792b8ee808a2f589748ac9f996f3b04c4ed02c3ef4239497485329c0`
CRC32	`9F24A75E`
ssdeep	`12288:y9w1bY5eXN2hHO3j/jHDzvMBJT5kFDe8P/X1f0awGLdUwC0WzWCfG1UMZ22bqGYq:0usg5g6oe`
Yara	None matched
VirusTotal	Search for analysis

Name	e5a865e0316d465b_zh-cn.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\zh-CN.pak
Size	319.7KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`074af8866c19203df49caecdb5f3cb70`
SHA1	`48b93704a60aa52bbb10c41c99979cfb6df790ec`
SHA256	`e5a865e0316d465b62f1fb5ba1aab6750715618b500d69251dfa1f3c986e48c2`
CRC32	`E3CE56FE`
ssdeep	`6144:1n8P/nrAzab7lnZKHtRU/0k5UNzRPOxyl1:1n8nn4OnZKNR/k5UNzRPP`
Yara	None matched
VirusTotal	Search for analysis

Name	bccf15d2e0f67563_ca.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\ca.pak
Size	384.9KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`69dc1c6d4641472ee94714a0d698eb99`
SHA1	`03a4e37f6c0826e9e28bc0701417668027364094`
SHA256	`bccf15d2e0f6756339183d71366a53df146797889b8a11d1d9973c90e5e6825a`
CRC32	`176E47CC`
ssdeep	`12288:22ikuJrijIs3cejEYBCqol3nbhj+YbHQluSwWwXiMjdLbpuQRBtryBTGIle3neij:tikuQm+azFMNSGhrKU5qrEK`
Yara	None matched
VirusTotal	Search for analysis

Name	bb165eaa51456b52_en-us.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\en-US.pak
Size	313.6KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`3f6f4b2c2f24e3893882cdaa1ccfe1a3`
SHA1	`b021cca30e774e0b91ee21b5beb030fea646098f`
SHA256	`bb165eaa51456b52fcbdf7639ee727280e335a1f6b4cfb91afc45222895b564f`
CRC32	`85B5A110`
ssdeep	`6144:SssphRVKuQ+KVMP9elsY4ZfaYe7RqIZ5HS5xswS:JsIvVMNY467Rv5HSPswS`
Yara	None matched
VirusTotal	Search for analysis

Name	e42aeaea80dabe82_el.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\el.pak
Size	691.1KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`8025eb8756d4bf3126d83c9078935520`
SHA1	`78895218a90680fe223af0b003c195da84902e1f`
SHA256	`e42aeaea80dabe82657983a462e4cd3ec74f71d4f08a689f5825f55fc02f3141`
CRC32	`0333430A`
ssdeep	`12288:TfSaqquNw2202pgtZqK4qILjJCaP5A3HRnkOY63Teg6sDPfFnxPuUWTT9rk2B0pU:GaqquNw2202pgtI/quJCaRA3HRnrY63G`
Yara	None matched
VirusTotal	Search for analysis

Name	7467360f9addd4d8_lv.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\lv.pak
Size	410.4KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`cccbd7f8a0c34c7094ce4d7b8e7e0588`
SHA1	`1a08401e2dc8c59200c4ecaa1886b43b6faa6979`
SHA256	`7467360f9addd4d8694e1508a6ab3a3e00dce57e5897d5376ad27d8e651b23d4`
CRC32	`1E2BDCEA`
ssdeep	`6144:3aJdahLmmNItVFq7mvly4Gh1VWtpaRd5tNm0YME19AWranpWBAFTDVs1C:+dUrog4GRWAd5PEJ18s1C`
Yara	Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	e795edcbe49ef9db_v8_context_snapshot.bin Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\v8_context_snapshot.bin
Size	471.9KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`0e92bb66ea722338663d6d2d891b5d35`
SHA1	`b73c8560c974dc9b17488a7b50895dc03f43bc6f`
SHA256	`e795edcbe49ef9dbe4ad88c4fce19076fafc13f56353753a39e35a3355c3d2d1`
CRC32	`1DB7889F`
ssdeep	`6144:YjKA3pW4TRwsLj3EpK0P8iWhyFUaxw/5h56N:g0mQf8i2yy/5h58`
Yara	OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	690a83bbefe1e97d_sv.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\sv.pak
Size	347.2KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`14ecf7684d7987950a9655258d3a72be`
SHA1	`b1506b3b4be332081dde72bf54a197b1ee0bde66`
SHA256	`690a83bbefe1e97de5d2c1c0791707e8ddc3414a12cf30b79329fa5d21840d6e`
CRC32	`4C983E8D`
ssdeep	`6144:szFhLgYoAjMwfTo+BpxzakZ45LX1uZSO8DE/xUDSSXo5Oi55gb1:szvlfJBlR5/5M`
Yara	None matched
VirusTotal	Search for analysis

Name	3eb38ae99653a7db_system.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\nsoFA9D.tmp\System.dll
Size	12.0KB
Processes	2644 (BonitSetup.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`0d7ad4f45dc6f5aa87f606d0331c6901`
SHA1	`48df0911f0484cbe2a8cdd5362140b63c41ee457`
SHA256	`3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca`
CRC32	`D50C2CEF`
ssdeep	`192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	872647d271093445_app-64.7z Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\nsoFA9D.tmp\app-64.7z
Size	63.1MB
Processes	2644 (BonitSetup.exe)
Type	7-zip archive data, version 0.4
MD5	`3df415640181a22a7de7115868cfea2e`
SHA1	`2865177809d59c9e4efbc0059d1705e928f54ca7`
SHA256	`872647d2710934450b67728be70df1df816199568a7f335fbd8a668671ed6a1b`
CRC32	`32315F59`
ssdeep	`1572864:r2syXKJyoidBRGQ53ffLogxfj3K3PPAzrvmarBpo4vZ:r2syXFv9UOm3AXSU`
Yara	ftp_command - ftp command
VirusTotal	Search for analysis

Name	f8fdb381ff5ac0bb_ta.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\ta.pak
Size	936.9KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`4e3fa5f8dda10540f8368834e7b40364`
SHA1	`f756a23bfa13aa89e6a938e27116b24b947d24a0`
SHA256	`f8fdb381ff5ac0bb5351487572ac81f31ced22a473a1c4900e984d555677029a`
CRC32	`0ACEC702`
ssdeep	`3072:A/GNy5zaiiLR0wQ2iNWwwY/q5pG7zctR1cA2F:A/GYW0l2iZwY/q5uzctR1cA2F`
Yara	None matched
VirusTotal	Search for analysis

Name	d6cb7c1e7b88d0dd_vi.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\vi.pak
Size	439.4KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`8f44e2de3a00a8ae33f09d94663fd783`
SHA1	`13216a1ef50137876161f499f01200c2fe3cddd8`
SHA256	`d6cb7c1e7b88d0ddc7543737b9244a2f08c055074926205914586c7c2ed5eb12`
CRC32	`2CA534E0`
ssdeep	`12288:06ScMLf4Bnzm05w1wSw72J6RlV5qhWzim+UHNJziVyYH:0ncMLwBnzm05EwSS2SX5uEim+UtliVyW`
Yara	None matched
VirusTotal	Search for analysis

Name	d63222c4a20fa974_af.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\af.pak
Size	340.2KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`198092a7a82efced4d59715bd3e41703`
SHA1	`ac3cdfba133330fce825816b2f9579ac240dc176`
SHA256	`d63222c4a20fa9741f5262634cf9751f22fbb4fcd9d3138d7c8d49e0efb57fba`
CRC32	`99EA69FC`
ssdeep	`6144:ptbDrUln/WiOvz9P5D4uEmv0XPjC6nAcbaK6pgwwexhsVxS42K6tA3pU5tpwDw44:ptfOOiOvzg/mCPjC6nAcbipgwwePSS4C`
Yara	None matched
VirusTotal	Search for analysis

Name	24695fdd2c8ead71_am.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\am.pak
Size	551.6KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`046575c1e77e3f150d05c0ec6e2d7cc1`
SHA1	`52f6343ec13a5251285be4ca0a4d6977079c5384`
SHA256	`24695fdd2c8ead71ed154d9c3184a37dc0e0c0a6b6338b210eae62f0c4c2e2b0`
CRC32	`415FDA3A`
ssdeep	`12288:hEfwmuPPo8xJTgWHsEaoM5k9iaAVmXuUPQfx30jH8+I:Q0o8xOWHbaoM5k9iaAVmvPQ7`
Yara	None matched
VirusTotal	Search for analysis

Name	d4297566631f6add_resources.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\resources.pak
Size	5.1MB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`bd17bd87b4a2f1fc2ba31e6f58b19a32`
SHA1	`838294ed3d4d0cb11ea14ff6c200f33e75156e22`
SHA256	`d4297566631f6addf3492559462ece0c2e9b42f29faf873ebd01fc424f9f8e6f`
CRC32	`C9E3B5B7`
ssdeep	`98304:0efgvj+t7INBib8PzGL7DNyh1rI0Z0rwreQVnHbwJwKgoHksnR:0eIvy7Iz3+30h2i0kreS45JR`
Yara	ftp_command - ftp command
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nsjFA7D.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nsjFA7D.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	9761d3764da9b883_fa.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\fa.pak
Size	557.4KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`e1750ffa155694a5e9b2344e6a6608af`
SHA1	`2c7fcb08b953c5627066951093c1172608b41158`
SHA256	`9761d3764da9b883585fbe8007c345b7125737c043d89268203ef4ad84589cdf`
CRC32	`03BBC4A0`
ssdeep	`12288:1kpX9nuyaXTfwI/wNUaGSEfStQvjy1PeZwMTAKzIxRAQiHedNu3htodxWetlClY2:1kruyaXTfwgwNUaGSEfStQvjy1PeZwMB`
Yara	None matched
VirusTotal	Search for analysis

Name	c8b719ab0a5e86f8_pt-pt.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\pt-PT.pak
Size	376.8KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`df9f8edff83cd165b6f5a9e255ee19dd`
SHA1	`1bbfa53aaf4eac980969c06c55e572b5612b9d14`
SHA256	`c8b719ab0a5e86f8484d14dec9df5d33d1610f72d6a9a74985c7b1634c78acb2`
CRC32	`7CD1AC8B`
ssdeep	`6144:l4nMz/a44xieJVJJxhO0aJjQPJ8a5RKE6B:l4MzlZ07aa5RKP`
Yara	None matched
VirusTotal	Search for analysis

Name	e1c793e08e062043_hr.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\hr.pak
Size	381.4KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`7dbd4a9de6e30de028c97a7d39f8038a`
SHA1	`18d68f37b3c5eea3a2fe42c4ab1694a439a189c0`
SHA256	`e1c793e08e062043cc65271718d9b21d5742729dfa2e076ab012e8a008d06c04`
CRC32	`E1883ED2`
ssdeep	`3072:jB07VTqdnhoDlyAbCgVRTJfOSFmZ0uPfuG4dQ6WI6DkYAiKbeM/PXbnjajLw/W0G:WVahsyAbdZkFK5A37gBZW`
Yara	Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	1ef9f9b2fe267e64_te.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\te.pak
Size	868.8KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`f3df00abd22e713448785aa0b5cf9589`
SHA1	`86138c297a71c6f8f325577a3b37a04fe0000bd5`
SHA256	`1ef9f9b2fe267e643c0545a97954d1b293351359622cdb29dfe89a842a0caf09`
CRC32	`13896293`
ssdeep	`12288:6PN6IBe3p1F9YKiTlbxYgQNFOwdrU8f4GWQamkC28+5HX0Dkq9GyAEcAkdSduM3W:I3sX5vMcw`
Yara	None matched
VirusTotal	Search for analysis

Name	2d7367f745704458_libglesv2.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\libGLESv2.dll
Size	7.2MB
Processes	2644 (BonitSetup.exe)
Type	PE32+ executable (DLL) (console) x86-64, for MS Windows
MD5	`7a846681e19d07fd1b77ef5ddf4c1249`
SHA1	`c38a8dbc51d1ee6a7826e70e4f1da1b6e9bb795e`
SHA256	`2d7367f7457044588826d19887edbc2070368cb9754c4b638c93b4ad19ea5ce7`
CRC32	`A022733C`
ssdeep	`98304:jB7j4/0BuPMTUDUaG2u/hHkr7f7gsOMuY:p48KPBGzkr7fcsF`
Yara	Malicious_Library_Zero - Malicious_Library UPX_Zero - UPX packed file PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) anti_vm_detect - Possibly employs anti-virtualization techniques Malicious_Packer_Zero - Malicious Packer OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	ae4e003458f1a8bd_kn.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\kn.pak
Size	910.6KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`01e8dc084d07743fbda50d54d86ee3bd`
SHA1	`e0709217e1a6785706b7d14037b1478ee2a3a59d`
SHA256	`ae4e003458f1a8bd3652e61241e11ff91bd887f6b95c1fe2700e76a117ba2119`
CRC32	`3A5B8B00`
ssdeep	`6144:NAd9emdhFrCEb7y2vGvGK2Ij/u7sBwjJith0VlkcVwV/ttrmVLHMj0kEjciYRpyA:2d9edS7y+1DVqxyZKe7Z53YUS+4l+99S`
Yara	None matched
VirusTotal	Search for analysis

Name	1408387e87cb5308_chrome_200_percent.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\chrome_200_percent.pak
Size	175.7KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`5604b67e3f03ab2741f910a250c91137`
SHA1	`a4bb15ac7914c22575f1051a29c448f215fe027f`
SHA256	`1408387e87cb5308530def6ce57bdc4e0abbbaa9e70f687fd6c3a02a56a0536c`
CRC32	`03133357`
ssdeep	`3072:+DQYaEQN6AJPRJL2myFhPNafR54x5GMR+F44ffbdZnYw9p4AbIVGYoDd+HxNK/r4:+DQYaNN68RwmU0gx5GMRejnbdZnVE6YR`
Yara	None matched
VirusTotal	Search for analysis

Name	448b0fc472611821_ar.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\ar.pak
Size	602.1KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`99fe87d1ff12430fe3916755fce3650a`
SHA1	`1efba40dbd1135e7189629812ae1f90d676fa811`
SHA256	`448b0fc4726118212c6c7db4099441c22d2c9ce3fcbeabab4abf20ecaec4274f`
CRC32	`511A1799`
ssdeep	`12288:R2AjCMtqtWx8QvYUjBLo6kXBz5ANbT+NTgTcMMgSEN7o:R2AjCBI2H15o+f`
Yara	None matched
VirusTotal	Search for analysis

Name	9b1fbf0c11c520ae_elevate.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\resources\elevate.exe
Size	105.0KB
Processes	2644 (BonitSetup.exe)
Type	PE32 executable (console) Intel 80386, for MS Windows
MD5	`792b92c8ad13c46f27c7ced0810694df`
SHA1	`d8d449b92de20a57df722df46435ba4553ecc802`
SHA256	`9b1fbf0c11c520ae714af8aa9af12cfd48503eedecd7398d8992ee94d1b4dc37`
CRC32	`C908A44F`
ssdeep	`3072:1bLnrwQoRDtdMMgSXiFJWcIgUVCfRjV/GrWl:1PrwRhte1XsE1l`
Yara	Malicious_Library_Zero - Malicious_Library UPX_Zero - UPX packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	7870b92c64f7776c_th.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\th.pak
Size	731.1KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`d34a2993eaf0ee6bf65c3729baee426d`
SHA1	`d796911e57c89b11a603c645dd0e32aad7819d75`
SHA256	`7870b92c64f7776c469b4d19be8881ce30a5263cc8287c3d7de573aed43c7dba`
CRC32	`4E85D94D`
ssdeep	`12288:Wvw2jFdeNP31Mkgs3s5UvfcLRfl1Xj83v6DoTGjyeuLAD57Kle9dwn7j9Fv3o095:WndyqP05h5N`
Yara	None matched
VirusTotal	Search for analysis

Name	fb4eac1b20dc2616_nb.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\nb.pak
Size	344.9KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`51b59686edcc0ea6a0592a70b2fcca48`
SHA1	`494299652c59c17a2f660c568d7d4fa92dce0183`
SHA256	`fb4eac1b20dc2616a2b3afba7ee0fd1e8695a3a587ce446a62e5359d5174b904`
CRC32	`7F712AB6`
ssdeep	`6144:7UL5GLIh/cMi6qOp7fX0agtmy07pGzEW5Fx4MQ3Ohuf:7ULQUcMi6qOp7fX0Ipa15Fx4ihuf`
Yara	None matched
VirusTotal	Search for analysis

Name	32d83ff113fef532_vk_swiftshader_icd.json Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\vk_swiftshader_icd.json
Size	106.0B
Processes	2644 (BonitSetup.exe)
Type	ASCII text, with no line terminators
MD5	`8642dd3a87e2de6e991fae08458e302b`
SHA1	`9c06735c31cec00600fd763a92f8112d085bd12a`
SHA256	`32d83ff113fef532a9f97e0d2831f8656628ab1c99e9060f0332b1532839afd9`
CRC32	`596B3D49`
ssdeep	`3:YD96WyV18tzsmyXLVi1rTVWSCwW2TJHzeZ18rY:Y8WyV18tAZLVmCwXFiZ18rY`
Yara	None matched
VirusTotal	Search for analysis

Name	dee5ef4f4b36fc5f_gu.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\gu.pak
Size	787.4KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`3268b8d9b4d4db87ec627b09f1c55a6d`
SHA1	`683ba367e40abb2fefd4548805e845fc1b452855`
SHA256	`dee5ef4f4b36fc5fe0f3b5e10c7cc3a7edc14bf948317b31a3287a95bfe0afa4`
CRC32	`FDE09996`
ssdeep	`3072:xJeMsBhDwgnu1JjzkVgITsKMaWZKerbtsMhmksd4Mqz2sQmE51jvHsWnI4AfZw/+:xJeMsB5Hnu1Jjz1OHesX5cEhkiyj`
Yara	None matched
VirusTotal	Search for analysis

Name	50f76b101bc91fcb_ko.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\ko.pak
Size	383.6KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`899e153776db3120dc44ade2e1f356d0`
SHA1	`eda634ae5c1cb6a577384a9e4da97948a9ae3097`
SHA256	`50f76b101bc91fcb5691cacfc0b9d3c587897a88a5f8b6bb9d8b772a3d8e53ab`
CRC32	`CE851993`
ssdeep	`6144:IMP9VJq/uIYJFs1QdfVKZqfXRZqiq7vqLZyyi9kYv1Jtt8OhWJrM/3Cqt5I7Fi9O:IMP9bq/WJFgK9xgJtt8OhWJrMvCqt5IR`
Yara	None matched
VirusTotal	Search for analysis

Name	d254647b423c1520_tr.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\tr.pak
Size	371.2KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`a9e8f50b35243a6d6107920bc1f76a7a`
SHA1	`316ff7ba2dcb85e619c37076e932b3adf4842f30`
SHA256	`d254647b423c15205648785b2bc1400b4b93768fe9e74c7596ec4a6e23e6a96c`
CRC32	`EAC2EE33`
ssdeep	`6144:1PORq8vYG2Bx9DFrKWSIuTu7A27W5geL5J/D+6Mi1SBvEBVwiBNJm7:ARq8j239xr1R7q5J/0`
Yara	Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	79712543096b366e_sk.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\sk.pak
Size	399.7KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`0b8165d01ea963e4144ef8bad3c31de9`
SHA1	`9ed1e3068dc496c8a5c80fd488e7afdb82101dac`
SHA256	`79712543096b366e66fe21fb04dd39fb5e9f01c3bda79a8c106155526acb87f7`
CRC32	`79146B88`
ssdeep	`6144:qlL17t/FveyMigJ90585Wh4LTaQrBGLxGf:qlR7zWyMim0m5Wh4LTaQrBGL6`
Yara	Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	7e7ebc791752f51f_es-419.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\es-419.pak
Size	380.2KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`4d74821fccad7be183e7ee29480ba857`
SHA1	`b71fa69492bc9b55dc5a39ca6430792b5f2dffec`
SHA256	`7e7ebc791752f51f8e61e198da63c67cf82b5df98bbd2e2df928a5e893f2c7df`
CRC32	`873878E5`
ssdeep	`3072:4BRcEao32kHS3c6i9WjjrNy/yuOd8phPgV0UwwTOG55NlTfGLF+QVlBnG6:yuEaQ2Ji96sBpCHt5uLF+QVlFG6`
Yara	None matched
VirusTotal	Search for analysis

Name	1ffdf22fc38e47b6_ms.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\ms.pak
Size	351.6KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`88afef66c97e49ca9075b683a81f7508`
SHA1	`f4c1ed1323ec84224dddae2ff611c3eba9a8271c`
SHA256	`1ffdf22fc38e47b6912318c9c448d34ab9d0f54086fd32dd94e0891a6eab619d`
CRC32	`2D23523C`
ssdeep	`6144:ngSoLvyr54pzrIxF1cdyRul9SQq/8dQU5sNNsAMMg8/1:ngDLv6Kwxzwl9ZM8/5ssTM1`
Yara	None matched
VirusTotal	Search for analysis

Name	5653bc7b0e270156_d3dcompiler_47.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\d3dcompiler_47.dll
Size	4.7MB
Processes	2644 (BonitSetup.exe)
Type	PE32+ executable (DLL) (console) x86-64, for MS Windows
MD5	`cb9807f6cf55ad799e920b7e0f97df99`
SHA1	`bb76012ded5acd103adad49436612d073d159b29`
SHA256	`5653bc7b0e2701561464ef36602ff6171c96bffe96e4c3597359cd7addcba88a`
CRC32	`D12CC069`
ssdeep	`49152:IuhjwXkKcimPVqB4faGCMhGNYYpQVTxx6k/ftO4w6FXKpOD21pLeXvZCoFwI8ccA:oy904wYbZCoOI85oyI`
Yara	Malicious_Library_Zero - Malicious_Library UPX_Zero - UPX packed file PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) anti_vm_detect - Possibly employs anti-virtualization techniques Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	b72e9013a6204e9f_stdutils.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\nsoFA9D.tmp\StdUtils.dll
Size	100.0KB
Processes	2644 (BonitSetup.exe)
Type	PE32 executable (DLL) (console) Intel 80386, for MS Windows
MD5	`c6a6e03f77c313b267498515488c5740`
SHA1	`3d49fc2784b9450962ed6b82b46e9c3c957d7c15`
SHA256	`b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e`
CRC32	`9B0322B4`
ssdeep	`3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v`
Yara	Malicious_Library_Zero - Malicious_Library UPX_Zero - UPX packed file PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	34f2b687b1fa9f4a_it.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\it.pak
Size	373.5KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`d21224ff8015d69031afa0bce9e2c420`
SHA1	`70c0267136219266bab421ed8d83b7597119bf05`
SHA256	`34f2b687b1fa9f4a57cf07b5cbcc11d5f5b06a7512a6e73e672c6d5c13933ea6`
CRC32	`884B324D`
ssdeep	`6144:PwDYn8z4ctIgSrqRrhsO1MGT9TeOAGB3nlWgYzPwkkWgYiZ8HryYuxNBAjXMS5Ll:PaAsZeo8+6tHSSA53soo`
Yara	None matched
VirusTotal	Search for analysis

Name	463af7da8418d7fb_en-gb.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\en-GB.pak
Size	310.9KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`502260e74b65b96cd93f5e7bf0391157`
SHA1	`b66d72b02ff46b89ee8245c4dd9c5b319fc2abf7`
SHA256	`463af7da8418d7fb374ebf690e2aa79ee7cb2acc11c28a67f3ba837cf7a0937b`
CRC32	`A77B1732`
ssdeep	`6144:5QbJ7L0535IBMP9ecDl9bfaYENPQLP56Sbuo:5wseBMZl9qNPA56Syo`
Yara	None matched
VirusTotal	Search for analysis

Name	f5084ed2f440e19e_uk.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\uk.pak
Size	634.0KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`ae6a323ac9aeaf36d40a465890e71350`
SHA1	`8d1cb290aee14062ff0aeb3af9885bd0a97d9dc5`
SHA256	`f5084ed2f440e19e18bf733e71720257c98bda04828c7a7f601b6c672e64dc7f`
CRC32	`8151CE1C`
ssdeep	`12288:93WCAqpniyv1mNLtN1nBxs5fB3IjXtE07kLNiXEFqS/V2:93WnkiC5oEi`
Yara	None matched
VirusTotal	Search for analysis

Name	a9d23b6c3cd9c364_sl.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\sl.pak
Size	385.3KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`44a93965dc241d54d2ea3095dfa4897c`
SHA1	`86b941129d547b965c5ab34fda2459f12407fdfd`
SHA256	`a9d23b6c3cd9c364c0d5a7fba450100ef03f7c0542e3accd793ef833ff628fef`
CRC32	`C93FED89`
ssdeep	`6144:8T6Cpx+hmiPBnnbANjbn+42m4ocyxPbPDTNuu+roftjQLz/54dF4cmg6EI1i/fzy:8WStJD0/5IKcIE+i/fzZiqg`
Yara	Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	690027c4a31c4aea_sw.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\sw.pak
Size	365.1KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`9632dd7d883fa4deb3963ea663e0ffd4`
SHA1	`0db135be4b3a7c54c39e9df5034d5576b68ea92e`
SHA256	`690027c4a31c4aea00b7d1b32ec6cd3fa50b1eac412ae273ab15e72eb485dd6e`
CRC32	`EABFCCB3`
ssdeep	`6144:gtvDyRFVwZHZATwBqkN6vesxnCIfujNXDLLKvh8K/5ESaDN+C5C7ChfpnHwQ0/:wDgV4HZBgnENb+WK/5f6C2hq`
Yara	None matched
VirusTotal	Search for analysis

Name	7c172d56ce3501ea_snapshot_blob.bin Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\snapshot_blob.bin
Size	168.0KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`21870387e32fa2b68df4f051d736eb95`
SHA1	`b39f927fd5554939347a953e241a1462e9524a97`
SHA256	`7c172d56ce3501ead8cf4acedcec5fd6452f8d85563a154803c5a3eac1af9ba8`
CRC32	`3AB1213F`
ssdeep	`1536:wcdXkSCh6cYvaSvdoaApIVzFD41OM4p6kpP3dUSh9BgyLCIx/3o4kjK78HdS9ObV:J7FogD41O3p6krnCIF+ql+PAO`
Yara	None matched
VirusTotal	Search for analysis

Name	481faf7dd66cf10a_mr.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\mr.pak
Size	772.9KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`b9a2aa88c69c42ebcc41fef00c980a38`
SHA1	`9e373dfa11f95c31ffdca70bd83d2f66e1ddcef8`
SHA256	`481faf7dd66cf10a476d8b156fb4ea452f920322d8007f7e25d41b2837bdbc09`
CRC32	`C35A9F1F`
ssdeep	`3072:fP4KgyOUcME3Z2D8FXspvicDVFTMEy3R+f3XD5lx14+o4WmHwMaGwt4RLfNJZIFC:fPpNiZs82wVjbIv0/Am5KeCHF`
Yara	None matched
VirusTotal	Search for analysis

Name	85452b19a9732507_bonitsetup.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\BonitSetup.exe
Size	128.0MB
Processes	2644 (BonitSetup.exe)
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`4e27c7adde7dc19106bd9bc520c6f709`
SHA1	`10f132261d9098e290885bb091daf73c91c567fd`
SHA256	`4ccaa013fdd4f424840f754d5b4f1a28778a5867215c874fa1301022ee8970b0`
CRC32	`56D3EFEE`
ssdeep	`1572864:uAxkPD4ezzcl6eJNld4wLU68msVn49zWa4NkJ/cJ0e3mB3DbSYvuicwP/OlHCWuJ:TecrG2D7/h`
Yara	UPX_Zero - UPX packed file PE_Header_Zero - PE File Signature IsPE64 - (no description) anti_vm_detect - Possibly employs anti-virtualization techniques RedLine_Stealer_b_Zero - RedLine stealer Obsidium_Zero - Obsidium protector file Malicious_Packer_Zero - Malicious Packer OS_Processor_Check_Zero - OS Processor Check Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	06f70ac98e03d973_pl.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\pl.pak
Size	396.6KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`7a01f79d16406804c616b0b812142247`
SHA1	`af542b4ace3cd04a80a45d096e07095ac218d715`
SHA256	`06f70ac98e03d973309429ea88e890dc0632530a8e28d71fc77c7d0299b1482b`
CRC32	`ACC8A846`
ssdeep	`12288:EOBxROujSoN/AmiW2bOvPeCUdUUEZwmNF1QhtmB5Wv4M5X:EWDOC5ZD1QhU5wX`
Yara	None matched
VirusTotal	Search for analysis

Name	ae2fae873a593b37_da.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\da.pak
Size	356.2KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`4409d52d9d68d84cbdba7f00f77fb859`
SHA1	`10f47a72970acca90416b7925671d7ccb7268b47`
SHA256	`ae2fae873a593b372ca1a40cefcb4a2e1e27fb7ea7fd7e67cf2def696845b946`
CRC32	`80569374`
ssdeep	`6144:4XCOU8b0Q4XwltFDJwRXmN3OOr5xYrUGzOZiY4TWwd:vOFILtm/5er3TF`
Yara	None matched
VirusTotal	Search for analysis

Name	d0d2b31ce602fac1_pt-br.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\pt-BR.pak
Size	374.8KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`4ef353f9b45e90bc525a7c8ad505e9eb`
SHA1	`8075d71060d88a7966d5180e2596aa8382465f4f`
SHA256	`d0d2b31ce602fac1d744cd9d0274bd392ec69a88bfb5841753f91e043a2dc39b`
CRC32	`6D903A23`
ssdeep	`6144:fn06nonNBXBLaKO3tx8yLk5nsJmv1p9oX:/h/W5sJkJ4`
Yara	None matched
VirusTotal	Search for analysis

Name	5154e165bd6c2cc0_license.electron.txt Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\LICENSE.electron.txt
Size	1.1KB
Processes	2644 (BonitSetup.exe)
Type	ASCII text
MD5	`4d42118d35941e0f664dddbd83f633c5`
SHA1	`2b21ec5f20fe961d15f2b58efb1368e66d202e5c`
SHA256	`5154e165bd6c2cc0cfbcd8916498c7abab0497923bafcd5cb07673fe8480087d`
CRC32	`3958EFAA`
ssdeep	`24:36DiJHxRHuyPP3GtIHw1Gg9QH+sUW8Ok4F+d1o36qjFD:36DiJzfPvGt7ICQH+sfIte36AFD`
Yara	None matched
VirusTotal	Search for analysis

Name	88ccc0b3221e46fe_vk_swiftshader.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\vk_swiftshader.dll
Size	4.9MB
Processes	2644 (BonitSetup.exe)
Type	PE32+ executable (DLL) (console) x86-64, for MS Windows
MD5	`bc275a1ce7b513901b58851ec5786819`
SHA1	`37d71b37e7293c0159c4efdc4e7a20733c9e5c7a`
SHA256	`88ccc0b3221e46fe13055839e5c5623ee219894b947e2e01e83a0fd12e7a34f7`
CRC32	`7D3267A7`
ssdeep	`49152:8GrnxGr9pGmj8pGtA/bVVku6KZlxsMOtVKOkc4FjHjAW3vZ1B93k1RE7SrLop8cJ:PnxY9NURayzxX61u0Lflb0wrD`
Yara	Malicious_Library_Zero - Malicious_Library UPX_Zero - UPX packed file PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) Malicious_Packer_Zero - Malicious Packer OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	5c54b12bc3f18653_zh-tw.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\zh-TW.pak
Size	316.8KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`6aabb645302148bb650e936f88765bd9`
SHA1	`2fdbfdbc07d3affa68ce24cbbd4162f58c5e7e84`
SHA256	`5c54b12bc3f18653e9c7f79a5e5ec40eb8ecc29fcc0273c819a0fdc1cd3ff472`
CRC32	`26C45117`
ssdeep	`6144:pyMIS0Gwqykx9yg2IIuhv2oo4a85Duz5h49/9y3Tl:TISIqy2Ln2oo4a85DuzTU/u`
Yara	None matched
VirusTotal	Search for analysis

Name	a49330e0999344fa_licenses.chromium.html Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\LICENSES.chromium.html
Size	6.5MB
Processes	2644 (BonitSetup.exe)
Type	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
MD5	`bf40c645ad5c911d2b38ab8116879ea5`
SHA1	`57097c913154a4a1b28fb8ba7336e0346405c16a`
SHA256	`a49330e0999344fa963fb301ae87a44416cc33a54584f95a5d5c2edba744e5c6`
CRC32	`414F5E85`
ssdeep	`24576:kP5T5WfWSJbJjQlaCmf2P6e666A6o69/kHnZQBpuO:vugF`
Yara	None matched
VirusTotal	Search for analysis

Name	71f99a67bb310fab_bn.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\bn.pak
Size	812.8KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`fac2c752c57175a4b1f4630e3667123e`
SHA1	`a2dbcf1dd7b3cac499b9f782c7393ab438039584`
SHA256	`71f99a67bb310fab8068eeed7ce24ea7624a66051ba4e719d051cc7e67e78001`
CRC32	`AB899373`
ssdeep	`3072:3V/m0JEVzjcnmbVrH4kSBbdXWSM5QwXlFE:3w0a5rHEBbd+5tle`
Yara	None matched
VirusTotal	Search for analysis

Name	53e3979053e7f86c_fr.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\fr.pak
Size	410.3KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`6bf3cf3e1decabef81147bad5791859a`
SHA1	`ce53c9f621147625e628d01a87b415a36afa8295`
SHA256	`53e3979053e7f86c374c2e2cb02a4acfb6b9fb001e44fb361912d86460ab6738`
CRC32	`516E72EB`
ssdeep	`12288:xKhQft6QuagV1SzHU+Z7MYnYA1mdBn5axlXEWWCMkFT1lEMQ5FC6KaJto7PBiIJ3:oVkM15iF`
Yara	Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	b3a2abf2591c6e89_ja.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\ja.pak
Size	456.8KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`02e838cc508d71396dc561a34c5123e5`
SHA1	`d44c7eae4c18d74ca375ffad64cd900972011100`
SHA256	`b3a2abf2591c6e8970718c5c23305466d2ccfa29553094805e9736c05256063c`
CRC32	`05CF6DF5`
ssdeep	`3072:Xbkb3ny+SLYoxoMG+Mr04OUEypZC2hMANlLQPkw0I+0mUNH7nbeCry5FtgF9bFCJ:XIry+E51yjEypZC2vL++55ZCxVg`
Yara	None matched
VirusTotal	Search for analysis

Name	97b978a19edd4746_icudtl.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\icudtl.dat
Size	10.0MB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`76bef9b8bb32e1e54fe1054c97b84a10`
SHA1	`05dfea2a3afeda799ab01bb7fbce628cacd596f4`
SHA256	`97b978a19edd4746e9a44d9a44bb4bc519e127a203c247837ec0922f573449e3`
CRC32	`BBBB1B13`
ssdeep	`196608:p5zwSv9AAyse6liXUxCGZHa93Whlw6ZCXU0:pyKlysTliXUxCGZHa93Whlw6ZCX1`
Yara	None matched
VirusTotal	Search for analysis

Name	d0c8ae8f4f60f04d_ur.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\ur.pak
Size	552.5KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`6733dba4f3f0afeffc40bd87300b9d6e`
SHA1	`610aab026d25f2cec6c636fbaee922c099d26ef2`
SHA256	`d0c8ae8f4f60f04d4eee8cc639ee3b52ad073f5c9ee6fb84c774eb855fd51e9c`
CRC32	`BFC26173`
ssdeep	`12288:DptcBCB5/8PzMVEOyMKdAMBa5UUEA2Wb9YQYrtu+co/9NjjFpvJ1:V1HD5gWQ`
Yara	None matched
VirusTotal	Search for analysis

Name	e2d38131a5ef4b0e_et.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\et.pak
Size	342.6KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`74eda453b23793ced4480ea7a595fe44`
SHA1	`76964af9c8024bd84fa1d89f60784e7ee6569350`
SHA256	`e2d38131a5ef4b0e8438f45e8c74c56bcf666760d4682120c8071c9220230555`
CRC32	`04ACD0B1`
ssdeep	`6144:55Q8+18XTAO++nG1Z3y0DLdyjvQJbT/RPiiEZ55Uj04375LBjPQu:5bk/wG/u8u55Ujt`
Yara	None matched
VirusTotal	Search for analysis

Name	6d5831a446c36bf1_he.pak Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\locales\he.pak
Size	488.5KB
Processes	2644 (BonitSetup.exe)
Type	data
MD5	`6e7332c58b4a0d431f2b25c989831a9c`
SHA1	`887d5f45d6dbfbac1ab810663e317689cbfed478`
SHA256	`6d5831a446c36bf10e4f0e63bb4bdcdb7d44e7e3c3225924c668aa2cdf585bab`
CRC32	`7BA0788C`
ssdeep	`12288:vvxnH4BrrOpJ4LV2QeZN6w160SAXeMi5n0oaHM705glmVrDnwLYQgo:XxnEx50oN`
Yara	None matched
VirusTotal	Search for analysis

Name	54e6de3b228c5e26_vulkan-1.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\2LYzSptpSPtrBCmBqiIbdI6Gjc7\vulkan-1.dll
Size	894.0KB
Processes	2644 (BonitSetup.exe)
Type	PE32+ executable (DLL) (console) x86-64, for MS Windows
MD5	`7855fc788b036bb11f98ca53bd7d23d3`
SHA1	`abb06e806e9ef55440a6499636c134dfd9dcaa04`
SHA256	`54e6de3b228c5e265498f4c21663cf51a113d53eac9c08f621f7213b0d57a378`
CRC32	`2499F663`
ssdeep	`12288:yP1VNNJPqXu9D8xeLoCzG4JsZGS5ld/YlmQAuYvyRnsBsoj85C29h:yPXJPq+9QeLpDpmQ/YJBseG9h`
Yara	Malicious_Library_Zero - Malicious_Library UPX_Zero - UPX packed file PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis