SecuriteInfo.com.Trojan.DownLoader28.22066.19106.30146.exe

Status: finished

Submission Time: 2023-02-07 19:43:38 +01:00

Suspicious

Comments

Details

Analysis ID:
800798
API (Web) ID:
1168011
Analysis Started:

2023-02-07 19:58:07 +01:00
Analysis Finished:

2023-02-07 20:10:56 +01:00
MD5:
97011b19f2683a918f1f07f7f4ec1998
SHA1:
4b486d0b67994fabe961787f5facdf9a0e3f6672
SHA256:
c1469167b9700aeca987573c023ec7f160dadf8309a7a4feb2cd1969ad66673e
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
		malicious
	Full Report Management Report IOC Report	suspicious Score: 32	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 13/68

malicious

Score: 9/39

IPs

IP	Country	Detection
162.55.0.134	United States
239.255.255.250	Reserved
203.16.214.120	Australia
Click to see the 3 hidden entries
216.58.209.45	United States
142.250.180.174	United States
142.250.180.132	United States

Domains

Name	IP	Detection
users.on.net	203.16.214.120
accounts.google.com	216.58.209.45
modsource.org	162.55.0.134
Click to see the 3 hidden entries
www.google.com	142.250.180.132
clients.l.google.com	142.250.180.174
clients2.google.com	0.0.0.0

URLs

Name	Detection
https://www.bplaced.net/datenschutz
http://nsis.sf.net/NSIS_Error
http://users.on.net/~anach/Files/SWG/ModSource_UI_Addon_Pack.verhttp://unguilded.traumschmiede.com/F
Click to see the 30 hidden entries
https://www.bplaced.net/favicon-16x16.png
http://www.modsource.org
http://www.modsource.orgopen
https://www.bplaced.net/safari-pinned-tab.svg
https://www.bplaced.net/impressum
https://www.bplaced.net/gfx/emblem_b_xs.png
http://unguilded.traumschmiede.com/Files/Mods/ModSource_UI_Addon_Pack.zip
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
https://www.bplaced.net/contact
https://www.bplaced.net/privacy
https://www.bplaced.net/favicon-32x32.png
https://www.bplaced.net/favicon.ico
http://modsource.org/Files/SWG/Mods/ModSource_UI_Addon_Pack.ziphttp://users.on.net/~anach/Files/SWG/
https://www.bplaced.net/
http://modsource.org
http://unguilded.traumschmiede.com/Files/Mods/ModSource_UI_Addon_Pack.ver
http://www.modsource.org/
https://www.bplaced.net/apple-touch-icon.png
http://modsource.org/Files/SWG/Mods/ModSource_UI_Addon_Pack.ver/TIMEOUT=30000download
http://www.modsource.orgw8
http://nsis.sf.net/NSIS_ErrorError
http://modsource.org/Files/SWG/Mods/ModSource_UI_Addon_Pack.zip
http://modsource.org/Files/SWG/Mods/ModSource_UI_Addon_Pack.ver
http://tassyp2p.optikal.net/viewtopic.php?f=45&t=837
http://users.on.net/~anach/Files/SWG/ModSource_UI_Addon_Pack.zip
http://users.on.net/~anach/Files/SWG/ModSource_UI_Addon_Pack.ver
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
http://www.modsource.org/DC:
file:///C:/Program%20Files/StarWarsGalaxies/Mods/ModSource%20UI%20Addon%20Pack/Documentation/Readme%20ModSource%20UI%20Addon%20Pack.html
http://modsource.org/Files/SWG/Mods/ModSource_UI_Addon_Pack.ver/TIMEOUT=30000downloadhttp://users.on

Dropped files

Name	File Type	Hashes
C:\Program Files\StarWarsGalaxies\Mods\ModSource UI Addon Pack\Uninstall the ModSource UI Addon Pack.exe	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive	#
C:\Program Files\StarWarsGalaxies\Mods\ModSource UI Addon Pack\Updater\ModSource UI Addon Pack Auto Updater Silent.exe	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive	#
C:\Program Files\StarWarsGalaxies\Mods\ModSource UI Addon Pack\Updater\ModSource UI Addon Pack Auto Updater.exe	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive	#
Click to see the 98 hidden entries
C:\Users\user\AppData\Local\Temp\ModSource UI Addon Pack\ModSource UI Addon Pack.exe	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive	#
C:\Users\user\AppData\Local\Temp\nsb13F9.tmp\NSISdl.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\nsk44DC.tmp\NSISdl.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\nsk44DC.tmp\StartMenu.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Program Files\StarWarsGalaxies\ModSource UI Addon Pack Uninstall.log	ASCII text, with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Mods\ModSource UI Addon Pack\Documentation\Changelog_PreNGE_UI.txt	ISO-8859 text, with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Mods\ModSource UI Addon Pack\Documentation\Readme ModSource UI Addon Pack.html	HTML document, ASCII text, with very long lines (542), with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Mods\ModSource UI Addon Pack\Documentation\Readme_Anachs_PreNGE_UI.txt	ISO-8859 text, with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Mods\ModSource UI Addon Pack\Documentation\readme_BattleBackground.txt	ASCII text, with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Mods\ModSource UI Addon Pack\Documentation\reticle_readme.txt	ASCII text, with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Mods\ModSource UI Addon Pack\Icons\Readme.ico	MS Windows icon resource - 4 icons, 32x32, 32 bits/pixel, 32x32, 8 bits/pixel	#
C:\Program Files\StarWarsGalaxies\Mods\ModSource UI Addon Pack\Icons\Uninstall.ico	MS Windows icon resource - 4 icons, 32x32, 32 bits/pixel, 32x32, 8 bits/pixel	#
C:\Program Files\StarWarsGalaxies\Mods\ModSource UI Addon Pack\Icons\Update.ico	MS Windows icon resource - 4 icons, 32x32, 32 bits/pixel, 32x32, 8 bits/pixel	#
C:\Program Files\StarWarsGalaxies\Mods\ModSource UI Addon Pack\Icons\Web.ico	MS Windows icon resource - 4 icons, 32x32, 32 bits/pixel, 32x32, 8 bits/pixel	#
C:\Program Files\StarWarsGalaxies\Sample\item_close_metal_can_cntner.wav	RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz	#
C:\Program Files\StarWarsGalaxies\Sample\item_fusioncutter_end.wav	RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz	#
C:\Program Files\StarWarsGalaxies\Sample\item_open_metal_can_cntner.wav	RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz	#
C:\Program Files\StarWarsGalaxies\Sample\ui_button_arrow_back.wav	RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz	#
C:\Program Files\StarWarsGalaxies\Sample\ui_button_arrow_forward.wav	RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz	#
C:\Program Files\StarWarsGalaxies\Sample\ui_button_confirm.wav	RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz	#
C:\Program Files\StarWarsGalaxies\Sample\ui_dialog_warning.wav	RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz	#
C:\Program Files\StarWarsGalaxies\Sample\ui_incoming_mail.wav	RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 22050 Hz	#
C:\Program Files\StarWarsGalaxies\Sample\ui_increment_big.wav	RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz	#
C:\Program Files\StarWarsGalaxies\Sample\ui_menu_close.wav	RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz	#
C:\Program Files\StarWarsGalaxies\Sample\ui_negative.wav	RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz	#
C:\Program Files\StarWarsGalaxies\Sample\ui_rollover.wav	RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz	#
C:\Program Files\StarWarsGalaxies\Sample\ui_select_info.wav	RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz	#
C:\Program Files\StarWarsGalaxies\Sample\ui_select_popup.wav	RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz	#
C:\Program Files\StarWarsGalaxies\Sample\ui_select_rotate.wav	RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz	#
C:\Program Files\StarWarsGalaxies\Sample\ui_toggle_mouse_mode.wav	RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz	#
C:\Program Files\StarWarsGalaxies\Sample\ui_use_toolbar.wav	RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz	#
C:\Program Files\StarWarsGalaxies\Texture\heavyweapons_reticule.dds	Microsoft DirectDraw Surface (DDS): 256 x 256, 256-bit color, compressed using DXT3	#
C:\Program Files\StarWarsGalaxies\Texture\ui_background_arrow.dds	Microsoft DirectDraw Surface (DDS): 1024 x 1024, compressed using DXT3	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_activate.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_attack.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_big.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_crafting.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_deactivate.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_death_blow.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_default.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_drag_bad.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_drag_scroll.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_drop.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_eat.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_equip.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_hourglass.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_intended_attack.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_mission_details.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_move.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_open.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_pickup.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_resize_hor.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_resize_se.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_resize_sw.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_resize_vert.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_stop_talk.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_talk.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_throw.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_trade_accepted.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_trade_start.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_unequip.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_cursor_use.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Texture\ui_target_inactive.dds	Microsoft DirectDraw Surface (DDS): 32 x 32, 32-bit color, ARGB8888	#
C:\Program Files\StarWarsGalaxies\Ui\ui_ground_hud.inc	ASCII text, with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Ui\ui_ground_hud_all_targets.inc	ASCII text, with CRLF, LF line terminators	#
C:\Program Files\StarWarsGalaxies\Ui\ui_ground_hud_buttonbar_skinned.inc	ASCII text, with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Ui\ui_ground_hud_chat_window_skinned.inc	ASCII text, with very long lines (908), with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Ui\ui_ground_hud_mfd_status_skinned.inc	ASCII text, with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Ui\ui_ground_hud_pet.inc	ASCII text, with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Ui\ui_ground_hud_radar_skinned.inc	ASCII text, with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Ui\ui_ground_hud_secondary_targets_skinned.inc	ASCII text, with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Ui\ui_ground_hud_sml_group_window.inc	ASCII text, with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Ui\ui_ground_hud_targets_skinned.inc	ASCII text, with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Ui\ui_ground_hud_toolbar_skinned.inc	ASCII text, with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Ui\ui_hud_space.inc	ASCII text	#
C:\Program Files\StarWarsGalaxies\Ui\ui_hud_space_buttonbar.inc	ASCII text, with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Ui\ui_hud_space_toolbar.inc	ASCII text, with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Ui\ui_palette_ground.inc	ASCII text, with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Ui\ui_palette_space.inc	ASCII text, with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Ui\ui_pda_collections.inc	ASCII text, with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Ui\ui_pda_exp_mon_skinned.inc	ASCII text	#
C:\Program Files\StarWarsGalaxies\Ui\ui_pda_location_display.inc	ASCII text, with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Ui\ui_pda_net_status.inc	ASCII text, with CRLF line terminators	#
C:\Program Files\StarWarsGalaxies\Ui\ui_styles.inc	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\ModSource UI Addon Pack.zip	Zip archive data, at least v2.0 to extract, compression method=deflate	#
C:\Users\user\AppData\Local\Temp\ModSource_UI_Addon_Pack.ver	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Temp\nsa449D.tmp	data	#
C:\Users\user\AppData\Local\Temp\nsb13F8.tmp	data	#
C:\Users\user\AppData\Local\Temp\nsb13F9.tmp\ZipDLL.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\nsk44DC.tmp\System.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\nsk44DC.tmp\modern-wizard.bmp	PC bitmap, Windows 3.x format, 164 x 314 x 4, image size 26376, resolution 2834 x 2834 px/m, cbSize 26494, bits offset 118	#
C:\Users\user\AppData\Local\Temp\nsk44DC.tmp\nsDialogs.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ModSource UI Addon Pack\Mod-Source - Your Source for SWG Modding Stuff.lnk	MS Windows shortcut, Item id list present, Has Working directory, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hide	#
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ModSource UI Addon Pack\ModSource UI Addon Pack Updater.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Icon number=0, Archive, ctime=Sat Aug 15 16:43:06 2009, mtime=Tue Feb 7 17:59:46 2023, atime=Sat Aug 15 16:43:06 2009, length=116184, (…)	#
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ModSource UI Addon Pack\Pre-NGE UI Changelog.lnk	MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hide	#
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ModSource UI Addon Pack\Readme ModSource UI Addon Pack.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Icon number=0, Archive, ctime=Sat Aug 15 16:19:08 2009, mtime=Tue Feb 7 17:59:46 2023, atime=Sat Aug 15 16:19:08 2009, length=24877, w (…)	#
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ModSource UI Addon Pack\Uninstall the ModSource UI Addon Pack.lnk	MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hide	#
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ModSource UI Addon Pack Silent Updater.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Icon number=0, Archive, ctime=Sat Aug 15 16:43:04 2009, mtime=Tue Feb 7 17:59:44 2023, atime=Sat Aug 15 16:43:04 2009, length=116158, (…)	#

SecuriteInfo.com.Trojan.DownLoader28.22066.19106.30146.exe

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

SecuriteInfo.com.Trojan.DownLoader28.22066.19106.30146.exe Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Search started

SecuriteInfo.com.Trojan.DownLoader28.22066.19106.30146.exe