Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe

Overview

General Information

Sample name:SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
Analysis ID:1430331
MD5:4f5f177604def1f099b2c6612cc919f2
SHA1:c96214d34e9e50703518e7ec501ca3921874349f
SHA256:49924087e1c13a0bdca2836c7ae899a6d51f0f3c7312f7c6da24b5b9838369a2
Tags:exe
Infos:

Detection

Score:25
Range:0 - 100
Whitelisted:false
Confidence:40%

Compliance

Score:32
Range:0 - 100

Signatures

Writes many files with high entropy
Drops PE files
Drops certificate files (DER)
Drops files with a non-matching file extension (content does not match file extension)
EXE planting / hijacking vulnerabilities found
Found dropped PE file which has not been started or loaded
PE file contains executable resources (Code or Archives)
PE file contains sections with non-standard names
PE file does not import any functions
Sample file is different than original file name gathered from version info
Uses 32bit PE files

Classification

Analysis Advice

Sample drops PE files which have not been started, submit dropped PE samples for a secondary analysis to Joe Sandbox
Sample searches for specific file, try point organization specific fake files to the analysis machine
Sample tries to load a library which is not present or installed on the analysis machine, adding the library might reveal more behavior

Process Tree

  • System is w10x64
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeEXE: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Setup.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeEXE: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Setup.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeEXE: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UNINSTAL.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeEXE: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data\cnwiicef.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeEXE: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\cnwgdicp.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeEXE: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data\cnwiidci.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeEXE: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Uninstal.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeEXE: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Setup.exeJump to behavior

Compliance

barindex
EXE planting / hijacking vulnerabilities found
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeEXE: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Setup.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeEXE: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Setup.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeEXE: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UNINSTAL.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeEXE: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data\cnwiicef.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeEXE: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\cnwgdicp.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeEXE: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data\cnwiidci.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeEXE: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Uninstal.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeEXE: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Setup.exeJump to behavior
Uses 32bit PE files
Source: SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
Creates license or readme file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_Chinese_Simplified.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_English.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_French.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_German.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_Italian.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_Japanese.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_Korean.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_Portuguese.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_Russian.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_Spanish.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_Chinese_Simplified.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_English.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_French.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_German.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_Italian.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_Japanese.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_Korean.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_Portuguese.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_Russian.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_Spanish.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_Chinese_Simplified.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_English.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_French.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_German.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_Italian.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_Japanese.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_Korean.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_Portuguese.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_Russian.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_Spanish.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAC.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAF.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAG.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAI.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAJ.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAO.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAP.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAR.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAS.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAU.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_C.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_E.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_F.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_G.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_I.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_J.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_K.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_P.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_R.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_S.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_Chinese_Simplified.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_English.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_French.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_German.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_Italian.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_Japanese.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_Korean.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_Portuguese.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_Russian.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_Spanish.txtJump to behavior
PE / OLE file has a valid certificate
Source: SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeStatic PE information: certificate valid
Binary contains paths to debug symbols
Source: Binary string: c:\source\drv\win\DriverInstaller\V4.91_[14_0528]BASE510_GARO490\InstWork\SetupExe\InstExec\Exec_Base\Release_32bit\Setup.pdb source: Setup.exe1.1.dr
Source: Binary string: C:\Users\canon\drv\win\OptimizedDriver\V1.12\DDK\2008\x86\Heidi\bin\i386\Release\cnwgdi9.pdb source: cnwgdi9.hdi.1.dr
Source: Binary string: c:\documents and settings\canon\desktop\workspace_perforce\drv\win\driverinstaller\v4.80_[10_0603]base510_garo460\instwork\uninstaller\uninstallressp\release_32bit\UninsUIS.pdb source: UninsUIS.dll.1.dr
Source: Binary string: C:\Users\canon\drv\win\OptimizedDriver\V1.12\DDK\2012\x86\Heidi\bin\i386\Release\cnwgdi10.pdb source: cnwgdi10.hdi1.1.dr
Source: Binary string: c:\source\drv\win\DriverInstaller\V4.91_[14_0528]BASE510_GARO490\InstWork\Uninstaller\UninstExec\Release_32bit\UNINSTALLER.pdb source: UNINSTAL.exe.1.dr
Source: Binary string: c:\documents and settings\canon\desktop\workspace_perforce\drv\win\driverinstaller\v4.80_[10_0603]base510_garo460\instwork\uninstaller\uninstallresru\release_32bit\UninsUIR.pdb source: UninsUIR.dll.1.dr
Source: Binary string: C:\Users\canon\drv\win\OptimizedDriver\V1.12\DDK\2009\x86\Heidi\bin\i386\Release\cnwgdi9.pdb source: cnwgdi9.hdi0.1.dr
Source: Binary string: C:\Users\canon\drv\win\OptimizedDriver\V1.12\DDK\2014\x86\Heidi\bin\i386\Release\cnwgdi11.pdb source: cnwgdi11.hdi0.1.dr
Source: Binary string: c:\documents and settings\canon\desktop\workspace_perforce\drv\win\driverinstaller\v4.80_[10_0603]base510_garo460\instwork\uninstaller\uninstallresus\release_32bit\UninsUIU.pdb source: UninsUIU.dll.1.dr
Source: Binary string: c:\documents and settings\canon\desktop\workspace_perforce\drv\win\driverinstaller\v4.80_[10_0603]base510_garo460\instwork\setupexe\setupressp\release_32bit\SetupUIS.pdb source: SetupUIS.dll.1.dr
Source: Binary string: C:\Users\canon\drv\win\OptimizedDriver\V1.12\DDK\2008\x86\Heidi\bin\i386\Release\cnwgdi9.pdbA source: cnwgdi9.hdi.1.dr
Source: Binary string: c:\documents and settings\canon\desktop\workspace_perforce\drv\win\driverinstaller\v4.80_[10_0603]base510_garo460\instwork\uninstaller\uninstallresit\release_32bit\UninsUII.pdb source: UninsUII.dll.1.dr
Source: Binary string: \canon_a_2006_p14137\uenishi_a-2006-p14137\drv\win\driverinstaller\v4.70_[10_0603]base510_garo460\instwork\setupexe\setupresjp\release_32bit\SetupUIJ.pdb source: SetupUIJ.dll.1.dr
Source: Binary string: c:\Documents and Settings\canon\Desktop\canon_a-2006-p14137\drv\win\DriverInstaller\V4.70_[10_0603]BASE510_GARO460\InstWork\SetupExe\SetupResCS\Release_32bit\SetupUIC.pdb source: SetupUIC.dll.1.dr
Source: Binary string: C:\Users\canon\drv\win\OptimizedDriver\V1.12\DDK\2014\x86\Heidi\bin\i386\Release\cnwgdi11.pdbP source: cnwgdi11.hdi0.1.dr
Source: Binary string: c:\source\drv\win\DriverInstaller\V4.91_[14_0528]BASE510_GARO490\InstWork\SetupExe\InstExec\Exec_Base\Release_32bit\Setup.pdb85bd source: Setup.exe1.1.dr
Source: Binary string: E:\DrvSrc\savesetting\FileSucceedPlus\Release\cnwiicef.pdb source: cnwiicef.exe.1.dr
Source: Binary string: c:\Documents and Settings\canon\Desktop\workspace_perforce\drv\win\DriverInstaller\V4.80_[10_0603]BASE510_GARO460\InstWork\SetupExe\SetupResPT\Release_32bit\SetupResPT.pdb source: SetupUIP.dll.1.dr
Source: Binary string: C:\Users\canon\drv\win\OptimizedDriver\V1.12\DDK\2009\x86\Heidi\bin\i386\Release\cnwgdi9.pdbA| source: cnwgdi9.hdi0.1.dr
Source: Binary string: C:\Users\canon\drv\win\OptimizedDriver\V1.12\DDK\2012\x86\Heidi\bin\i386\Release\cnwgdi10.pdbT source: cnwgdi10.hdi1.1.dr
Source: Binary string: c:\source\drv\win\OptimizedDriver\V1.13\_Installer\bin\win32\release\Setup.pdb source: Setup.exe0.1.dr
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile opened: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\Jump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile opened: C:\Users\user\Desktop\Jump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile opened: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Jump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile opened: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\Jump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile opened: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\STRING\Jump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile opened: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Jump to behavior
Source: SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1421556789.0000000003084000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1419467757.0000000004A2A000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1421603538.0000000003084000.00000004.00000020.00020000.00000000.sdmp, Setup.exe0.1.dr, Setup.exe1.1.dr, UNINSTAL.exe.1.dr, cnwiicef.exe.1.drString found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0
Source: SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1421556789.0000000003084000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1419467757.0000000004A2A000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1421603538.0000000003084000.00000004.00000020.00020000.00000000.sdmp, Setup.exe0.1.dr, Setup.exe1.1.dr, UNINSTAL.exe.1.dr, cnwiicef.exe.1.drString found in binary or memory: http://ocsp.thawte.com0
Source: SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1421556789.0000000003084000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1419467757.0000000004A2A000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1421603538.0000000003084000.00000004.00000020.00020000.00000000.sdmp, Setup.exe0.1.dr, Setup.exe1.1.dr, UNINSTAL.exe.1.dr, cnwiicef.exe.1.drString found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
Source: SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1421556789.0000000003084000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1419467757.0000000004A2A000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1421603538.0000000003084000.00000004.00000020.00020000.00000000.sdmp, Setup.exe0.1.dr, Setup.exe1.1.dr, UNINSTAL.exe.1.dr, cnwiicef.exe.1.drString found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
Source: SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1421556789.0000000003084000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1419467757.0000000004A2A000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1421603538.0000000003084000.00000004.00000020.00020000.00000000.sdmp, Setup.exe0.1.dr, Setup.exe1.1.dr, UNINSTAL.exe.1.dr, cnwiicef.exe.1.drString found in binary or memory: http://ts-ocsp.ws.symantec.com07
Source: 2WW77JM.INF.1.drString found in binary or memory: http://www.canon.com/
Source: SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeString found in binary or memory: http://www.winzip.com
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\2WW77JM.catJump to dropped file

Spam, unwanted Advertisements and Ransom Demands

barindex
Writes many files with high entropy
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data1.cab entropy: 7.99898791615Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data2.cab entropy: 7.9984126627Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cn_ipf770_series_satinphotopaper170gsm.ic_ entropy: 7.99661565766Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cn_ipf770_series_semi-glossyphotopaperhg170.ic_ entropy: 7.99730308238Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cn_ipf770_series_semi-glossyphotopaperhg255.ic_ entropy: 7.99628257576Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnw407.dl_ entropy: 7.99922915959Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnw409.dl_ entropy: 7.9992325901Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnw40a.dl_ entropy: 7.99920077777Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnw40c.dl_ entropy: 7.99922424229Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnw410.dl_ entropy: 7.9993062281Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnw411.dl_ entropy: 7.99909118806Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnw412.dl_ entropy: 7.9992514384Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\aussdrv.dl_ entropy: 7.99579648386Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cn_ipf770_series_glossyphotopaper170gsm.ic_ entropy: 7.99696080557Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cn_ipf770_series_glossyphotopaperhg170.ic_ entropy: 7.99750379964Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cn_ipf770_series_glossyphotopaperhg255.ic_ entropy: 7.99631361308Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cn_ipf770_series_photopaperplussemi-gloss.ic_ entropy: 7.99655226464Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cn_ipf770_series_premiumglossypaper2-280.ic_ entropy: 7.99675445331Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cn_ipf770_series_premiumsemiglossypaper2-280.ic_ entropy: 7.99654459165Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnw416.dl_ entropy: 7.99914969582Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnw419.dl_ entropy: 7.99936386754Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnw804.dl_ entropy: 7.99924980407Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwa15ac.ch_ entropy: 7.99905966223Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwa15af.ch_ entropy: 7.99898735292Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwa15ag.ch_ entropy: 7.99892123794Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwa15ai.ch_ entropy: 7.99880867066Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwa15aj.ch_ entropy: 7.99896393661Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwa15ao.ch_ entropy: 7.99859875631Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwa15ap.ch_ entropy: 7.99888599007Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwa15ar.ch_ entropy: 7.99893916265Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwa15as.ch_ entropy: 7.99880078106Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwa15au.ch_ entropy: 7.99888576809Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwfcgco.dl_ entropy: 7.99894945879Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwfdpkj.dl_ entropy: 7.99292243382Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwfdpkk.dl_ entropy: 7.99292021064Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwiosif.dl_ entropy: 7.9929455418Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwiwebi.dl_ entropy: 7.99401734475Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwm.dl_ entropy: 7.99949090904Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\DDI\CAB1.CAB entropy: 7.99762462343Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwmui.dl_ entropy: 7.99890767576Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwp0rsw.dl_ entropy: 7.99860580628Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwp0rsx.dl_ entropy: 7.99725814889Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwvprev.ex_ entropy: 7.99872123548Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwvr407.dl_ entropy: 7.99412143724Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwvr409.dl_ entropy: 7.99299784995Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwvr40a.dl_ entropy: 7.99381711537Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwvr40c.dl_ entropy: 7.99407923623Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwvr410.dl_ entropy: 7.99362085734Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwvr411.dl_ entropy: 7.99341760079Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwvr412.dl_ entropy: 7.99382397339Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwvr416.dl_ entropy: 7.99485451015Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwvr419.dl_ entropy: 7.99333128735Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwvr804.dl_ entropy: 7.9939176795Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnww77jm.ci_ entropy: 7.99738783352Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc10dw1.ex_ entropy: 7.99882424278Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc10ew1.dl_ entropy: 7.99899187399Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc10qw1.ex_ entropy: 7.99922297001Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc10sw1.dl_ entropy: 7.99612105952Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc10vw1.ex_ entropy: 7.99874352262Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1csw1.ch_ entropy: 7.99113453055Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1csw1.dl_ entropy: 7.99392929791Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1dew1.dl_ entropy: 7.99388734601Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1esw1.dl_ entropy: 7.99318493668Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1frw1.dl_ entropy: 7.99418596704Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1itw1.dl_ entropy: 7.99363122128Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1jpw1.ch_ entropy: 7.99083568923Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1jpw1.dl_ entropy: 7.99391148715Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1krw1.dl_ entropy: 7.9924551554Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1ruw1.ch_ entropy: 7.99000288079Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1ruw1.dl_ entropy: 7.9932407923Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1usw1.dl_ entropy: 7.99346552348Jump to dropped file
Source: SetupUIG.dll.1.drStatic PE information: Resource name: RT_STRING type: 370 XA sysV pure executable not stripped
Source: MUI.dll.1.drStatic PE information: No import functions for PE file found
Source: SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1421556789.0000000003084000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameSetup.exe\ vs SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
Source: SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1419467757.0000000004A2A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameSetup.exe\ vs SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
Source: SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1421603538.0000000003084000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameSetup.exe\ vs SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
Source: SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
Source: classification engineClassification label: sus25.rans.winEXE@1/223@0/0
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491Jump to behavior
Source: SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile read: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeSection loaded: aclayers.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeSection loaded: mpr.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeSection loaded: sfc.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeSection loaded: sfc_os.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile written: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data\UninstFiles.iniJump to behavior
Source: SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeStatic PE information: certificate valid
Source: SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeStatic file information: File size 45428392 > 1048576
Source: SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeStatic PE information: Raw size of _winzip_ is bigger than: 0x100000 < 0x2b2e000
Source: Binary string: c:\source\drv\win\DriverInstaller\V4.91_[14_0528]BASE510_GARO490\InstWork\SetupExe\InstExec\Exec_Base\Release_32bit\Setup.pdb source: Setup.exe1.1.dr
Source: Binary string: C:\Users\canon\drv\win\OptimizedDriver\V1.12\DDK\2008\x86\Heidi\bin\i386\Release\cnwgdi9.pdb source: cnwgdi9.hdi.1.dr
Source: Binary string: c:\documents and settings\canon\desktop\workspace_perforce\drv\win\driverinstaller\v4.80_[10_0603]base510_garo460\instwork\uninstaller\uninstallressp\release_32bit\UninsUIS.pdb source: UninsUIS.dll.1.dr
Source: Binary string: C:\Users\canon\drv\win\OptimizedDriver\V1.12\DDK\2012\x86\Heidi\bin\i386\Release\cnwgdi10.pdb source: cnwgdi10.hdi1.1.dr
Source: Binary string: c:\source\drv\win\DriverInstaller\V4.91_[14_0528]BASE510_GARO490\InstWork\Uninstaller\UninstExec\Release_32bit\UNINSTALLER.pdb source: UNINSTAL.exe.1.dr
Source: Binary string: c:\documents and settings\canon\desktop\workspace_perforce\drv\win\driverinstaller\v4.80_[10_0603]base510_garo460\instwork\uninstaller\uninstallresru\release_32bit\UninsUIR.pdb source: UninsUIR.dll.1.dr
Source: Binary string: C:\Users\canon\drv\win\OptimizedDriver\V1.12\DDK\2009\x86\Heidi\bin\i386\Release\cnwgdi9.pdb source: cnwgdi9.hdi0.1.dr
Source: Binary string: C:\Users\canon\drv\win\OptimizedDriver\V1.12\DDK\2014\x86\Heidi\bin\i386\Release\cnwgdi11.pdb source: cnwgdi11.hdi0.1.dr
Source: Binary string: c:\documents and settings\canon\desktop\workspace_perforce\drv\win\driverinstaller\v4.80_[10_0603]base510_garo460\instwork\uninstaller\uninstallresus\release_32bit\UninsUIU.pdb source: UninsUIU.dll.1.dr
Source: Binary string: c:\documents and settings\canon\desktop\workspace_perforce\drv\win\driverinstaller\v4.80_[10_0603]base510_garo460\instwork\setupexe\setupressp\release_32bit\SetupUIS.pdb source: SetupUIS.dll.1.dr
Source: Binary string: C:\Users\canon\drv\win\OptimizedDriver\V1.12\DDK\2008\x86\Heidi\bin\i386\Release\cnwgdi9.pdbA source: cnwgdi9.hdi.1.dr
Source: Binary string: c:\documents and settings\canon\desktop\workspace_perforce\drv\win\driverinstaller\v4.80_[10_0603]base510_garo460\instwork\uninstaller\uninstallresit\release_32bit\UninsUII.pdb source: UninsUII.dll.1.dr
Source: Binary string: \canon_a_2006_p14137\uenishi_a-2006-p14137\drv\win\driverinstaller\v4.70_[10_0603]base510_garo460\instwork\setupexe\setupresjp\release_32bit\SetupUIJ.pdb source: SetupUIJ.dll.1.dr
Source: Binary string: c:\Documents and Settings\canon\Desktop\canon_a-2006-p14137\drv\win\DriverInstaller\V4.70_[10_0603]BASE510_GARO460\InstWork\SetupExe\SetupResCS\Release_32bit\SetupUIC.pdb source: SetupUIC.dll.1.dr
Source: Binary string: C:\Users\canon\drv\win\OptimizedDriver\V1.12\DDK\2014\x86\Heidi\bin\i386\Release\cnwgdi11.pdbP source: cnwgdi11.hdi0.1.dr
Source: Binary string: c:\source\drv\win\DriverInstaller\V4.91_[14_0528]BASE510_GARO490\InstWork\SetupExe\InstExec\Exec_Base\Release_32bit\Setup.pdb85bd source: Setup.exe1.1.dr
Source: Binary string: E:\DrvSrc\savesetting\FileSucceedPlus\Release\cnwiicef.pdb source: cnwiicef.exe.1.dr
Source: Binary string: c:\Documents and Settings\canon\Desktop\workspace_perforce\drv\win\DriverInstaller\V4.80_[10_0603]BASE510_GARO460\InstWork\SetupExe\SetupResPT\Release_32bit\SetupResPT.pdb source: SetupUIP.dll.1.dr
Source: Binary string: C:\Users\canon\drv\win\OptimizedDriver\V1.12\DDK\2009\x86\Heidi\bin\i386\Release\cnwgdi9.pdbA| source: cnwgdi9.hdi0.1.dr
Source: Binary string: C:\Users\canon\drv\win\OptimizedDriver\V1.12\DDK\2012\x86\Heidi\bin\i386\Release\cnwgdi10.pdbT source: cnwgdi10.hdi1.1.dr
Source: Binary string: c:\source\drv\win\OptimizedDriver\V1.13\_Installer\bin\win32\release\Setup.pdb source: Setup.exe0.1.dr
Source: SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeStatic PE information: section name: _winzip_
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\DDI\cnwdsck6.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIO.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIO.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\91\cnwgdi9.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\DDI\CNWIDSCK.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\92\cnwgdi9.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Setup.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIF.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIJ.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\111\cnwgdi11.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data\instpack.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIP.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIU.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIU.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\120\cnwgdi12.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUII.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIC.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\InsCmn.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIR.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIC.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Setup.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIG.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UNINSTAL.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\cnwgdicp.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data\cnwiicef.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUII.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data\cnwiidci.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIS.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\110\cnwgdi11.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIP.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\100\cnwgdi10.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\101\cnwgdi10.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Uninstal.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIS.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIR.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIF.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\102\cnwgdi10.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIG.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Setup.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIJ.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\MUI.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\100\cnwgdi10.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\101\cnwgdi10.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\102\cnwgdi10.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\110\cnwgdi11.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\111\cnwgdi11.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\120\cnwgdi12.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\91\cnwgdi9.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\92\cnwgdi9.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_Chinese_Simplified.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_English.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_French.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_German.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_Italian.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_Japanese.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_Korean.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_Portuguese.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_Russian.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_Spanish.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_Chinese_Simplified.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_English.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_French.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_German.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_Italian.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_Japanese.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_Korean.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_Portuguese.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_Russian.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_Spanish.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_Chinese_Simplified.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_English.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_French.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_German.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_Italian.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_Japanese.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_Korean.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_Portuguese.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_Russian.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_Spanish.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAC.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAF.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAG.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAI.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAJ.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAO.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAP.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAR.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAS.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAU.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_C.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_E.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_F.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_G.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_I.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_J.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_K.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_P.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_R.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_S.RTFJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_Chinese_Simplified.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_English.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_French.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_German.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_Italian.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_Japanese.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_Korean.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_Portuguese.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_Russian.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile created: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_Spanish.txtJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\DDI\cnwdsck6.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIO.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIO.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\91\cnwgdi9.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\92\cnwgdi9.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\DDI\CNWIDSCK.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Setup.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIF.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIJ.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\111\cnwgdi11.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data\instpack.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIP.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIU.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIU.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\120\cnwgdi12.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUII.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIC.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIR.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\InsCmn.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIC.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Setup.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIG.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UNINSTAL.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\cnwgdicp.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data\cnwiicef.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data\cnwiidci.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUII.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\110\cnwgdi11.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIS.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIP.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\100\cnwgdi10.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\101\cnwgdi10.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Uninstal.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIS.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIR.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIF.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\102\cnwgdi10.hdiJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIG.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Setup.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIJ.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeDropped PE file which has not been started: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\MUI.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile opened: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\Jump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile opened: C:\Users\user\Desktop\Jump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile opened: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Jump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile opened: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\Jump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile opened: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\STRING\Jump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exeFile opened: C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Jump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
DLL Side-Loading		1
DLL Side-Loading		11
Masquerading		OS Credential Dumping2
File and Directory Discovery		Remote ServicesData from Local SystemData ObfuscationExfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job1
DLL Search Order Hijacking		1
DLL Search Order Hijacking		1
DLL Side-Loading		LSASS Memory1
System Information Discovery		Remote Desktop ProtocolData from Removable MediaJunk DataExfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
DLL Search Order Hijacking		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveSteganographyAutomated ExfiltrationData Encrypted for Impact

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe0%ReversingLabs

Dropped Files

SourceDetectionScannerLabelLink
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data\cnwiicef.exe0%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data\cnwiidci.exe0%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data\instpack.dll2%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\MUI.dll0%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Setup.exe0%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\DDI\CNWIDSCK.dll0%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\DDI\cnwdsck6.dll0%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\InsCmn.dll0%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIC.dll2%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIF.dll2%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIG.dll2%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUII.dll2%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIJ.dll2%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIO.dll2%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIP.dll2%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIR.dll0%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIS.dll2%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIU.dll2%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UNINSTAL.exe0%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIC.dll2%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIF.dll2%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIG.dll2%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUII.dll2%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIJ.dll2%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIO.dll2%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIP.dll2%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIR.dll2%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIS.dll2%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIU.dll2%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\100\cnwgdi10.hdi0%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\101\cnwgdi10.hdi0%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\102\cnwgdi10.hdi0%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\110\cnwgdi11.hdi0%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\111\cnwgdi11.hdi0%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\120\cnwgdi12.hdi3%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\91\cnwgdi9.hdi0%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\92\cnwgdi9.hdi0%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Setup.exe2%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Uninstal.exe2%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\cnwgdicp.exe0%ReversingLabs
C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Setup.exe0%ReversingLabs

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://ocsp.thawte.com00%URL Reputationsafe

Domains and IPs

Contacted Domains

No contacted domains info

URLs from Memory and Binaries

NameSourceMaliciousAntivirus DetectionReputation
http://www.winzip.comSecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exefalse
    		high
    http://crl.thawte.com/ThawteTimestampingCA.crl0SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1421556789.0000000003084000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1419467757.0000000004A2A000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1421603538.0000000003084000.00000004.00000020.00020000.00000000.sdmp, Setup.exe0.1.dr, Setup.exe1.1.dr, UNINSTAL.exe.1.dr, cnwiicef.exe.1.drfalse
      		high
      http://www.canon.com/2WW77JM.INF.1.drfalse
        		high
        http://ocsp.thawte.com0SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1421556789.0000000003084000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1419467757.0000000004A2A000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe, 00000001.00000003.1421603538.0000000003084000.00000004.00000020.00020000.00000000.sdmp, Setup.exe0.1.dr, Setup.exe1.1.dr, UNINSTAL.exe.1.dr, cnwiicef.exe.1.drfalse
        • URL Reputation: safe
        		unknown

        World Map of Contacted IPs

        No contacted IP infos

        General Information

        Joe Sandbox version:40.0.0 Tourmaline
        Analysis ID:1430331
        Start date and time:2024-04-23 14:39:19 +02:00
        Joe Sandbox product:CloudBasic
        Overall analysis duration:0h 6m 17s
        Hypervisor based Inspection enabled:false
        Report type:full
        Cookbook file name:default.jbs
        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
        Number of analysed new started processes analysed:10
        Number of new started drivers analysed:0
        Number of existing processes analysed:0
        Number of existing drivers analysed:0
        Number of injected processes analysed:0
        Technologies:
        • HCA enabled
        • EGA enabled
        • AMSI enabled
        Analysis Mode:default
        Analysis stop reason:Timeout
        Sample name:SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        Detection:SUS
        Classification:sus25.rans.winEXE@1/223@0/0
        EGA Information:Failed
        HCA Information:
        • Successful, ratio: 100%
        • Number of executed functions: 0
        • Number of non-executed functions: 0
        Cookbook Comments:
        • Found application associated with file extension: .exe

        Warnings

        • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
        • Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, time.windows.com, fe3cr.delivery.mp.microsoft.com
        • Not all processes where analyzed, report is missing behavior information
        • VT rate limit hit for: SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe

        Simulations

        Behavior and APIs

        No simulations

        Joe Sandbox View / Context

        IPs

        No context

        Domains

        No context

        ASNs

        No context

        JA3 Fingerprints

        No context

        Dropped Files

        No context

        Created / dropped Files

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\CHECKSUM

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):12874
        Entropy (8bit):5.284514916543641
        Encrypted:false
        SSDEEP:384:sSQZ+rrj0vDPBKjMJEbuocebcks5S6UhYv:rsfegkASZKv
        MD5:062A9BE7256B73903D779201BBCA0DCE
        SHA1:1291CCEDD83D0AB1C21C697030FA6F52E319EA7A
        SHA-256:AD23B9D984C7538349B7967D2EBE431473ABBA9FF277170A8505F9186B807A91
        SHA-512:3C579C7AD261596671B64823E5FFC70EA09C2814D591CE2C1FA4A27603C10753A8F591B0B4A8258456CC847177504D4E93D3AC40D966D96A7FE39F60BCCDC6EE
        Malicious:false
        Reputation:low
        Preview:CHECKSUM.--------------------------------..Driver/2WW77JM.INF.c04067f2c3a4da675a0cd44d099c3530..Driver/2WW77JM.cat.5f2c3a9f97dbc523e76dcf6cc06fe718..Driver/License_Chinese_Simplified.txt.84f1a3414fc5e59a01d1371b60762473..Driver/License_English.txt.21b4826b9a788654bd3e176c0ea03e79..Driver/License_French.txt.7068743bbc999414a3f49531d493b0fc..Driver/License_German.txt.24b0a301a2e3c0884beb4d29de7c73e5..Driver/License_Italian.txt.330adc5b9e5ea76442e580ae5ac6e513..Driver/License_Japanese.txt.6f37bcb885cb45b3514f2223928d425d..Driver/License_Korean.txt.3063f7e7ba5d993f5e7fdf53825c7e22..Driver/License_Portuguese.txt.f04fc57019b68468e9715f9dd05e8edd..Driver/License_Russian.txt.e2e0d0918d3cf3c97df5a29e0978b669..Driver/License_Spanish.txt.6f72b77e2faba49a63d77c62b3b6f339..Driver/ReadMe_Chinese_Simplified.txt.9da4c636ce5ace145bc20a2ccc1efe4a..Driver/ReadMe_English.txt.dd771d7f95883dd717cfe031a1a59ee5..Driver/ReadMe_French.txt.4926621a0a5cee8314f429e38b95eac9..Driver/ReadMe_German.txt.f10e8f3c93bed9

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\2WW77JM.INF

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Windows setup INFormation
        Category:dropped
        Size (bytes):6906
        Entropy (8bit):5.463718283458996
        Encrypted:false
        SSDEEP:192:0fPnAG4csGvs9c9UOfFcP+/6jhuQP3JsPEdpkzbU:kP0cHs9c9zfFcP+/6ljP3JxGbU
        MD5:C04067F2C3A4DA675A0CD44D099C3530
        SHA1:140CDCEE55CA6AA1C0314ED3295FCD5610AF3FB6
        SHA-256:795D41C331E8AEE290D1B1DBB81DFD0FC2ECB5CB8DCFBD4AC537E898061D22E9
        SHA-512:6EE878606ECADC173D91C4694EFCFC182DB58C28A4B0827B9A5D02E7989E371E3E5B6E54BC60FE0BC39F99116A1E028D2A780C3FA842E196AC3A9DD58D7B7FCC
        Malicious:false
        Reputation:low
        Preview:; Canon imagePROGRAF Printer Driver 2015 INF for Microsoft Windows (x86)....; Copyright CANON INC. 2000-2015..; 2WW77JM.INF (CD-ROM Release) for CCD3....[Version]..Signature="$Windows NT$"..Provider=%CANON%..ClassGUID={4D36E979-E325-11CE-BFC1-08002BE10318}..Class=Printer..DriverVer=09/16/2014,4.91.0.0..CatalogFile=2WW77JM.CAT....[Manufacturer]..%CANON%=Canon,NTx86.5.1,NTx86.6.0....;..; for Windows 2000..;..[Canon].."Canon iPF770" = iPF770,USBPRINT\CanoniPF7701D5F,CanoniPF770...."Canon iPF771" = iPF771,USBPRINT\CanoniPF771DD9E,CanoniPF771....;..; for Windows XP..;..[Canon.NTx86.5.1].."Canon iPF770" = iPF770,USBPRINT\CanoniPF7701D5F,CanoniPF770...."Canon iPF771" = iPF771,USBPRINT\CanoniPF771DD9E,CanoniPF771....;..; for Windows Vista..;..[Canon.NTx86.6.0].."Canon iPF770" = iPF770,USBPRINT\CanoniPF7701D5F,CanoniPF770...."Canon iPF771" = iPF771,USBPRINT\CanoniPF771DD9E,CanoniPF771...."Canon iPF770" = iPF770,WSDPRINT\CanoniPF7701D5F,CanoniPF770...."Canon iPF771" = iPF771,WSDPRINT\CanoniPF771

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\2WW77JM.cat

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:data
        Category:dropped
        Size (bytes):42801
        Entropy (8bit):5.542930643771061
        Encrypted:false
        SSDEEP:384:fQdad6onABXlIZsUeTsvgk8SD4IFoOIMYtfeTKXM+3Ef5dpBjhIm7:oX2ZsgKdgKXT3SzIy
        MD5:5F2C3A9F97DBC523E76DCF6CC06FE718
        SHA1:BFF03913D6BB1966D8ECD7B15AF0594698082FFD
        SHA-256:C77F3BE1DFFBD8292C46CDF6D01FC2F41F955507D0E82CD013274F80F5B4F003
        SHA-512:19B24C42ABF30D78D45AE200A317B84B7DB72116D09CEFD38FB183A9AD0FAD98D390F883807EDE2D9D364C94971767E2F4C3FAD26CD46427ADB7B152C68C2894
        Malicious:false
        Reputation:low
        Preview:0..-..*.H..........0......1.0...+......0.....+.....7......0...0...+.....7.....'#....VI.....S.t..140929075823Z0...+.....7.....0...0....R0.4.4.0.E.9.4.D.D.F.7.8.A.8.F.B.2.7.E.6.7.0.D.C.4.D.C.B.3.6.5.A.1.F.5.F.C.8.F.1...1..K0<..+.....7...1.0,...F.i.l.e........c.n.w.k.k.4.1.9...d.l.l...0M..+.....7...1?0=0...+.....7...0...........0!0...+.........@.M.x..'.p.M.6Z._..0X..+.....7...1J0H...O.S.A.t.t.r.......22.:.5...0.0.,.2.:.5...1.,.2.:.6...0.,.2.:.6...1...0b..+.....7...1T0R.L.{.C.6.8.9.A.A.B.8.-.8.E.7.8.-.1.1.D.0.-.8.C.4.7.-.0.0.C.0.4.F.C.2.9.5.E.E.}....0....R0.4.C.E.9.D.D.0.6.3.2.3.8.8.3.4.D.5.3.0.F.1.D.3.8.A.8.C.8.6.1.7.A.B.0.2.4.1.D.F...1..C0<..+.....7...1.0,...F.i.l.e........c.n.w.a.1.5.a.s...c.h.m...0E..+.....7...17050...+.....7.......0!0...+...........c#.4.0.......A.0X..+.....7...1J0H...O.S.A.t.t.r.......22.:.5...0.0.,.2.:.5...1.,.2.:.6...0.,.2.:.6...1...0b..+.....7...1T0R.L.{.D.E.3.5.1.A.4.2.-.8.E.5.9.-.1.1.D.0.-.8.C.4.7.-.0.0.C.0.4.F.C.2.9.5.E.E.}....0....R0.F.0.D.6.C.5.8.1.B.B.7.9.7

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_Chinese_Simplified.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:ISO-8859 text, with very long lines (556), with CRLF line terminators
        Category:dropped
        Size (bytes):3859
        Entropy (8bit):6.542476018506035
        Encrypted:false
        SSDEEP:96:4C05TMCfK3bogUDhs0yuQna1fF8yCXy0Oxc5a2MgT8mqRVO4DcwX:gTMgK30gAe0yuQcfCXFNqP5vX
        MD5:84F1A3414FC5E59A01D1371B60762473
        SHA1:ABC50BB4BDD4F73243B8DEE900BA29547AA44115
        SHA-256:7D6E59098345CE6DEDB10C9AE587E238BE5C8FFB79F5FB73A2B5A8FE69B6E759
        SHA-512:1AB04DC9809A25FB19C17D674893F4B5C4665D3695321F2DE113CDB4BA3BB846C4FA29D850DF5CFCE1F199110D32DE1E1D426DAB63A66D32E893797F37E0A209
        Malicious:false
        Reputation:low
        Preview:..................................................................................................................................................................................................................................................................................................1. .........................................................................................................................................LAN......................................................................................................LAN...................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_English.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:ASCII text, with very long lines (993), with CRLF line terminators
        Category:dropped
        Size (bytes):6484
        Entropy (8bit):5.142001411707478
        Encrypted:false
        SSDEEP:192:zhNzPMpOBwZLZ3fUbz9Sff/WdfbC9SDCyNqP0qHMcm:tdk+WOM/WdCyIMcm
        MD5:21B4826B9A788654BD3E176C0EA03E79
        SHA1:444E221C3363AC9EE4CF6F055B8734677BFAB40A
        SHA-256:A8F4168AC82D20208ACF0E438E4F8BE699C917B80F16569AFF88FDD463D12CE0
        SHA-512:7A182A11CF04EBD83426742D943AAC7E4014558DF1924DA0E23454EF77DEB8E99EEA3AAAF80E11E9F66B4A8D385F6864FDEFE239F1BF3B8F6887827726EEE3FA
        Malicious:false
        Reputation:low
        Preview:CANON SOFTWARE LICENSE AGREEMENT....IMPORTANT-READ THIS AGREEMENT BEFORE INSTALLING THE SOFTWARE!....This legal document is a license agreement between you and Canon Inc. ("Canon") governing your use of the software and the online or electric manual (collectively, the "SOFTWARE"). BY INSTALLING THE SOFTWARE, YOU ARE DEEMED TO HAVE AGREED TO BE BOUND BY THE TERMS OF THIS AGREEMENT. IF YOU DO NOT AGREE TO THE TERMS OF THIS AGREEMENT, PROMPTLY CLOSE THIS INSTALLATION PROGRAM AND DO NOT INSTALL THE SOFTWARE.....In consideration of the right to use the SOFTWARE, you agree to abide by the terms and conditions of this Agreement.....1. GRANT OF LICENSE AND RESTRICTIONS: You may use ("use" shall mean storing, loading, installing, executing, or displaying) the SOFTWARE on your computer solely for the use with Canon's inkjet printer ("PRINTER")...You may allow other users of other computers connected by way of a network to the PRINTER in a multiple computer arrangement (the "LAN Users") to use th

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_French.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Non-ISO extended-ASCII text, with very long lines (1165), with CRLF line terminators
        Category:dropped
        Size (bytes):7633
        Entropy (8bit):5.093263497659427
        Encrypted:false
        SSDEEP:192:qwHYRl67SMYN+/ngTtmWh8DB+WaYNqPix3o:xHFlnGtmN+WaYNx3o
        MD5:7068743BBC999414A3F49531D493B0FC
        SHA1:A27387EB27DDEAED59ACE6814D69E28201C13A7B
        SHA-256:46D37C4535B316B69A524CC7ED68F78193F921799D7248CC64B9F4C679048EAD
        SHA-512:97FA0AFB0BA97FF1C0C89DA331C9430D768D9EC15FE5E108419C1A4075B12AC9BC5A5A1B019A8D252C693DEF43B7B92840DDB22AA3058BEB9F9B968F1CAB760E
        Malicious:false
        Reputation:low
        Preview:CONTRAT DE LICENCE DE LOGICIEL DE CANON....IMPORTANT - NE PAS OUBLIER DE LIRE CE CONTRAT AVANT D'INSTALLER LE LOGICIEL!....Ce document juridique est un contrat de licence .tabli entre vous et la firme Canon Inc. (d.sign.e par "Canon") r.gissant votre utilisation du logiciel et du manuel en ligne ou .lectrique (collectivement d.sign. par le "LOGICIEL"). EN INSTALLANT LE LOGICIEL, IL EST CONSID.R. QUE VOUS ACCEPTEZ D'.TRE LI. PAR LES CONDITIONS DE CE CONTRAT. EN CAS DE D.SACCORD AVEC LES CONDITIONS DE CE CONTRAT, FERMER SANS ATTENDRE CE PROGRAMME D'INSTALLATION ET NE PAS INSTALLER LE LOGICIEL.....En consid.ration des droits d'utilisation du LOGICIEL, vous acceptez de respecter les modalit.s et les conditions de ce Contrat.....1. CONCESSION DE LICENCE ET RESTRICTIONS: Vous pouvez utiliser (le terme "utiliser" signifiera stocker, charger, installer, ex.cuter ou afficher) le LOGICIEL sur votre ordinateur uniquement . des fins d'usage avec une imprimante . jet d'encre Canon ("IMPRIMANTE")...

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_German.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:ISO-8859 text, with very long lines (1154), with CRLF line terminators
        Category:dropped
        Size (bytes):7359
        Entropy (8bit):5.190750765780741
        Encrypted:false
        SSDEEP:96:7bY7gWJSRdQllh3dC3dn4QX+lj3SNLOUGlsFvl3gwPb4rjDUqsnwFGMgT8mqRVew:25J+e23zX+lj3eLO5lsFvlwQaGNqPII
        MD5:24B0A301A2E3C0884BEB4D29DE7C73E5
        SHA1:83A69FAB2D1BF97FE56F5D933D2D5DE80EF4E566
        SHA-256:BDBF04A18A4888746C15466093FAFCA9915CDCEC9CCDF39DB3A3EF45577CC246
        SHA-512:72B9BED22CDE9C2C5196275B75E1C9A2D9A1F027F1A75D938FFF40BB37BBB88376878D3C2DADB2903F0C1B1086273DE7622880581F7859C4D4D09D190CA2D664
        Malicious:false
        Reputation:low
        Preview:CANON SOFTWARE-LIZENZVEREINBARUNG....WICHTIG - LESEN SIE DIESE VEREINBARUNG VOR DER INSTALLATION DER SOFTWARE!....Dieses juristische Dokument ist eine Lizenzvereinbarung zwischen Ihnen und Canon Inc. ("Canon") bez.glich Ihrer Verwendung der Software und der in elektronischer Form vorhandenen Anleitungen (hier gemeinsam als "SOFTWARE" bezeichnet). MIT DER INSTALLATION DER SOFTWARE STIMMEN SIE DEN BEDINGUNGEN DIESER VEREINBARUNG ZU UND SIND AN DIESE GEBUNDEN. WENN SIE DEN BEDINGUNGEN DIESER VEREINBARUNG NICHT ZUSTIMMEN, BEENDEN SIE DAS INSTALLATIONSPROGRAMM SOFORT UND INSTALLIEREN SIE DIESE SOFTWARE NICHT.....Im Rahmen des Rechts zur Verwendung der SOFTWARE verpflichten Sie sich, die Bedingungen und Konditionen dieser Vereinbarung zu befolgen.....1. ERTEILUNG DER LIZENZ UND RESTRIKTIONEN: Wie k.nnen die SOFTWARE auf Ihrem Computer nur zur Verwendung mit dem Canon-Tintenstrahldrucker (im Folgenden "DRUCKER" genannt) benutzen (mit "benutzen" ist hier das Speichern, Laden, Installieren, Aus

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_Italian.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Non-ISO extended-ASCII text, with very long lines (1028), with CRLF line terminators
        Category:dropped
        Size (bytes):7140
        Entropy (8bit):5.0602238198316964
        Encrypted:false
        SSDEEP:96:abzvkcOELZ4pOtGmILkOucjUSzEng8eqxQPJeqReT83cQCGpuFvycJjMgT8mqRVw:aMlE8OdZOuTSWe3PJeKsWuFVFNqPSKVS
        MD5:330ADC5B9E5EA76442E580AE5AC6E513
        SHA1:9DF46F24FBEF8F4E65E1AF0DDADAE9A2253A3375
        SHA-256:05196C4D38C4AAF9C78A48D4C48F2F31FBFF3D29B9BD046B59D8CEB5AD895DE2
        SHA-512:FEC3E86D03EF3FB1A68C23C181002B554FAAE887A370E95CB3CE37E5F5E67D31FF8EAAABD32BC135C1B9496DD547154EBF74D9C9F5D22CFF594C9A7687DBF054
        Malicious:false
        Reputation:low
        Preview:CONTRATTO DI LICENZA DEL SOFTWARE CANON....IMPORTANTE-LEGGERE IL PRESENTE CONTRATTO PRIMA DI INSTALLARE IL SOFTWARE!....Il presente documento legale costituisce un contratto di licenza tra l.utente e la Canon Inc. ("Canon") regolante l.utilizzo del software e del manuale online o elettronico (nel loro insieme, il "SOFTWARE"). INSTALLANDO IL SOFTWARE, L.UTENTE ACCETTA DI ESSERE VINCOLATO DALLE CONDIZIONI DEL PRESENTE CONTRATTO. QUALORA L.UTENTE NON ACCETTI LE CONDIZIONI DEL PRESENTE CONTRATTO, DEVE IMMEDIATAMENTE TERMINARE IL PROGRAMMA D.INSTALLAZIONE E NON INSTALLARE IL SOFTWARE.....In considerazione del diritto di utilizzo del SOFTWARE, l.utente si impegna a rispettare i termini e le condizioni del presente Contratto. ....1. CONCESSIONE DELLA LICENZA E RESTRIZIONI: L.utente pu. utilizzare (il termine "utilizzare" include memorizzare, caricare, installare, eseguire o visualizzare) il SOFTWARE sul proprio computer esclusivamente per l.utilizzo con la stampante inkjet Canon ("STAMPANTE")

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_Japanese.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Non-ISO extended-ASCII text, with very long lines (518), with CRLF, NEL line terminators
        Category:dropped
        Size (bytes):4920
        Entropy (8bit):6.081092070443856
        Encrypted:false
        SSDEEP:96:PR90kLMLRucvzXof0YSFrFbuql6CNJ+EqLMjMwbqfyolLjMgTMmMRVzC/:k1LRuIXoIRF3l6iJ+EqLMjZqLVMPzC/
        MD5:6F37BCB885CB45B3514F2223928D425D
        SHA1:75ACD8492ED79D0A7CC99321F8B8DFE8AB3E2593
        SHA-256:B8F1865A7F6AC2D63ADB7858D30C8C71FE5CEC2163F57B8FB8C92B624E08724F
        SHA-512:62B85B8EB24595FE7120012E0DCCA44F5B821254EA3E0BF33F23DDBC58C58E22331E1CC77534E21556CC74B4685C88F12D14D30A29218F192B8CE045FB5B2B6F
        Malicious:false
        Reputation:low
        Preview: .\.t.g.E.F.A.g.p....._.......{.\.t.g.E.F.A.....g.p....O..A........................B......_...A...q.l..A.L...m.........i....L...m...........j....._.....B...L...m....A...q.l.....A.{._..............\.t.g.E.F.A.i.e.}.j...A.......A..............u.{.\.t.g.E.F.A.v.........j.....I.g.p.......L................A...q.l.....L............................B.....q.l..A.u.{.\.t.g.E.F.A.v..C...X.g.[..........A...._...................B.....q.l......_................A...g.p.E.C...X.g.[.......A......u.{.\.t.g.E.F.A.v..j............B.....P.D.g.p........(1) ...q.l..A.u.{.\.t.g.E.F.A.v...A.L...m....C...N.W.F.b.g.v.....^.i.....v.....^..........j.........l.b.g...[.N................R...s...[.^.............g.p.i.u.g.p.v...A.u.....\.t.g.E.F.A.v...R...s...[.^..L...}....C...X.g.[........A.....R...s...[.^.......\........A.A.N.Z.X......A...o......A..........s.....

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_Korean.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:ISO-8859 text, with very long lines (530), with CRLF line terminators
        Category:dropped
        Size (bytes):5469
        Entropy (8bit):5.924335864080618
        Encrypted:false
        SSDEEP:96:5W8eAXGYlIyOLaL5EJstTHQg+4Ed92MUfuXJrOeqlaPCj8MMgT8mqRVAsDK2pA:3jKJat/7hg5FuvNqPTpA
        MD5:3063F7E7BA5D993F5E7FDF53825C7E22
        SHA1:C272289AC23876E76DC4D9BA79C6C6FF91C8E22D
        SHA-256:2311CFE6E11A4BFD25ED02A03A29076BED4416B870B732AC118973097F67591C
        SHA-512:6BBB715D46D598862B8A05290E60F373B5ED41496FA7E5B52F4C8D94D4E828D8EE70E58646B63F6A7883D4ED6A04D563117B75E9704C445568FB24C54051930B
        Malicious:false
        Reputation:low
        Preview:CANON ......... ....... .......... - ......... ...... .... .. ..... ...... ........!...... .... ...... .......... ..... ... .... ..... (... "........." ... ....) .. ... .... ...... Canon Inc. ("Canon" .... ....) ...... ....... ........ ......... ...... .. ..... ... ..... ....... ...... ......... .. ..... ..... ........ ...... ... ... ........ ... ......... ....... .................... ... ..... ..... ...... .. ..... ..... ..... ....... ...... .............1. ....... .... .. .. .... ....: ...... Canon ..... ......("......" ... ....) ..... ... .... ..... .......... ......... ... ("..." ... ...., ..., ..., .... ... ... .... .....).. .. ............... .... ...... ...... ...... ...... ........ .... ....... ..... ... ....... ... ..... ("LAN ....." ... ....) .. .. ......... ........ .... .. ....... .. ...... ... LAN ...... .. ..... ...... ......, ......

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_Portuguese.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:ISO-8859 text, with very long lines (996), with CRLF line terminators
        Category:dropped
        Size (bytes):6709
        Entropy (8bit):5.17818728858314
        Encrypted:false
        SSDEEP:192:76MCx1dO9Pz/ZKusjDEbFMUGem6AIyVsPiluzsS:eMc1duPz/9bqUbm1Iy7S
        MD5:F04FC57019B68468E9715F9DD05E8EDD
        SHA1:0E49CD41477E229DA83AEF50700C2B3F7612F85A
        SHA-256:02BF92B1BB0780C4B8BD427F111DA94E752DCE31DB33364EDCD219AD50167B92
        SHA-512:07D6F00A5B4BE14306669A5CCE61B2296510B8D2860FC7F4C75E8A2CC599E425C688FC5B76CE1F603D216AD9A51D2B6181A24E3A153273EC3DEBECE5D6449D60
        Malicious:false
        Reputation:low
        Preview:CONTRATO DE LICEN.A DO SOFTWARE CANON....IMPORTANTE-LEIA ESTE CONTRATO ANTES DE INSTALAR O SOFTWARE! ....Este documento legal . um contrato de licen.a entre voc. e a Canon Inc. ("Canon") que rege sua utiliza..o do software e o manual online ou eletr.nico (coletivamente o "SOFTWARE"). AO INSTALAR O SOFTWARE, CONSIDERAMOS QUE VOC. CONCORDOU EM SEGUIR OS TERMOS DESTE CONTRATO. SE N.O CONCORDAR COM OS TERMOS DESTE CONTRATO, FECHE IMEDIATAMENTE ESTE PROGRAMA DE INSTALA..O E N.O INSTALE O SOFTWARE.....Em considera..o ao direito de usar o SOFTWARE, voc. concorda em cumprir os termos e condi..es deste Contrato.....1. CONCESS.O DE LICEN.A E RESTRI..ES: Voc. pode utilizar ("utilizar" significa armazenar, carregar, instalar, executar ou exibir) o SOFTWARE em seu computador somente para utiliza..o com a impressora jato de tinta da Canon ("IMPRESSORA")...Voc. pode permitir que outros usu.rios de outros computadores conectados . IMPRESSORA por meio de uma rede em um local com v.rios computadores

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_Russian.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:ISO-8859 text, with very long lines (1182), with CRLF line terminators
        Category:dropped
        Size (bytes):7798
        Entropy (8bit):5.687989292227232
        Encrypted:false
        SSDEEP:192:UrpQ42CnyAZmuJxnkbkM+IebBk1WYhvV5DjCfzCfVsP9s5lbe:b6hMlAILfi
        MD5:E2E0D0918D3CF3C97DF5A29E0978B669
        SHA1:9D2C3D4EB62606E101536D6100992DF2DCB06902
        SHA-256:48CE910355DC327EA22B4E01A023B82AE6922EAB0021824C7D36486EF1820B4E
        SHA-512:09098A8182B8412493628C038A8AC3FB81212CCEADBB01C2E660A6CEC48A215FD93BFB43DBED2AEB6214172E62E9DCEC996EF6E705BCA7E4D0C1116B7FDAC55F
        Malicious:false
        Reputation:low
        Preview:........ .. ........... ........... CANON.........: ........ ... .......... ..... .......... ............ ...........!........ ........ ........ ........ ............ ........... ..... .... . ........... Canon Inc. ("Canon"), ............ ............. .... ..... ............ ..........., . ..... ............. . ........... .......... (......... .......... "........... ............"). .............., ..., ............ ... ........... ..........., .. ............. .... ........ .... ......... ......... ..... ........... .... .. .. ........ . ......... .......... .........., ..... ........ ... ......... ......... . .. .............. ... ........... ........................ ....... ............ ... ........... ..........., .. ............ . .............. ......... ......... . ....... ....... ...............1. ......... ........ . ...........: .. ...... ............ (... ........ "............" ..........: ...... .. ...., ........, ........., .......... ... ...........) ... ........... ..

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\License_Spanish.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:ISO-8859 text, with very long lines (1087), with CRLF line terminators
        Category:dropped
        Size (bytes):7037
        Entropy (8bit):5.091026381663389
        Encrypted:false
        SSDEEP:192:PnrkGE/IlvyagS3MRpxVBFO9QINqPNjL1:PHvyagmMRvV7wy
        MD5:6F72B77E2FABA49A63D77C62B3B6F339
        SHA1:E99A4B0EE191B2E3AD932BF250E2A8F1FF003EE8
        SHA-256:2A4DC0F2FCAC7C59A0516B0729B41D94997B666C4AA46E0E982D50582ABC8E59
        SHA-512:68CA78BB6F620DE4051A39A140819E3D91AE03DAB0354D1E5883A140A01D039B5049EBC38B85C212A7D8D86ADECEDDF04EF18554F69E8CFE47E44106DE558832
        Malicious:false
        Reputation:low
        Preview:ACUERDO DE LICENCIA DEL SOFTWARE DE CANON....IMPORTANTE - .LEA ESTE ACUERDO ANTES DE INSTALAR EL SOFTWARE!....Este documento legal es un acuerdo de licencia entre usted y Canon Inc. ("Canon") que establece el uso del software y del manual en l.nea o el.ctrico (colectivamente, el "SOFTWARE"). CON LA INSTALACI.N DEL SOFTWARE, SE CONSIDERA QUE USTED EST. DE ACUERDO CON LA OBLIGACI.N DE RESPETAR LOS T.RMINOS DE ESTE ACUERDO. SI USTED NO ACEPTA LOS T.RMINOS DE ESTE ACUERDO, CIERRE INMEDIATAMENTE ESTE PROGRAMA DE INSTALACI.N Y NO INSTALE EL SOFTWARE.....En consideraci.n al derecho de uso del SOFTWARE, usted acepta cumplir con los t.rminos y las condiciones de este Acuerdo.....1. OTORGAMIENTO DE LA LICENCIA Y RESTRICCIONES: Usted podr. usar ("usar" significar. almacenar, cargar, instalar, ejecutar, o presentar en pantalla) el SOFTWARE en su computadora s.lo para el uso con la impresora de chorro de tinta Canon ("IMPRESORA")...Usted podr. permitir el uso del SOFTWARE a otros usuarios de otras

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_Chinese_Simplified.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
        Category:dropped
        Size (bytes):12955
        Entropy (8bit):6.147197290861855
        Encrypted:false
        SSDEEP:192:FVl746eOwUAeYW3qvNj3Uo/79Acfmck3yZKiLroghISe9NrFEVfBRoY:FVq6eOjYW0rUYScucDA4IBJY
        MD5:9DA4C636CE5ACE145BC20A2CCC1EFE4A
        SHA1:D0158CA8BFA7281EF4CA87BB67D9581B74ED333D
        SHA-256:F585A132179EA855943E87887F60F7A608A35353853C92C2AB7DCEB31E45AED6
        SHA-512:D3D360DEA9D3791A484441355EFEE32B912C636836A41376BA8F01F2651F8E3B34019EC097C28C04268B025F8D62296B39BEF931CFC63F9C9669E61C174C27EC
        Malicious:false
        Reputation:low
        Preview:._______________________________________________________________________________.... Canon imagePROGRAF ......... 4.91 ... *** CANON ...... 2015 ***.._______________________________________________________________________________.......... 1. .... 2. ...... 3. .................1... ------------------------------------------------------------------------.......... Windows ..................<..>..Canon.Canon ...imagePROGRAF ................Microsoft.Microsoft Corporation........Windows.Microsoft Corporation..../...../.............Windows Vista.Microsoft Corporation..../...../.................- ...........:..=============================

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_English.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
        Category:dropped
        Size (bytes):14593
        Entropy (8bit):4.639459907376187
        Encrypted:false
        SSDEEP:384:JzOzItZGFpN7l5qMXD893n8IJePse9zpLONyd8ZLyUW:JNZepN7lkrdFJePse9zAPm
        MD5:DD771D7F95883DD717CFE031A1A59EE5
        SHA1:928EAE01941ABFCA357B7680B4C06529ADD1B709
        SHA-256:7CBCC11C2590B5FF2A1B962740D31192EB3E468D1E2BD6638DDD570FDA11AA3A
        SHA-512:4E53044BCA22EF779820AD9E49D902E86A108103D4C4D901AC6F06D0C6228C09FD58591A0D6235CCB086B2673DCEAE5DFC83B96163075B756E668708712D2680
        Malicious:false
        Reputation:low
        Preview:._______________________________________________________________________________.... Canon imagePROGRAF Printer Driver.. Version 4.91.. *** Copyright CANON INC. 2015 ***.._______________________________________________________________________________....Contents.... 1. Introduction.. 2. System Requirements.. 3. Cautions, Limitations and Restrictions......1. Introduction ---------------------------------------------------------------....Follow this procedure to install the printer driver for Windows software ..applications.....<Trademarks>..Canon, the Canon logo, and imagePROGRAF are trademarks or registered trademarks ..of CANON INC...Microsoft is a registered trademark of Microsoft Corporation...Windows is a trademark or registered trademark of Microsoft Corporation in the ..U.S. and/or other countries...Windows Vista is a trademark or registered trademark of Microsoft Corporation ..in the U.S. and/or

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_French.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
        Category:dropped
        Size (bytes):17836
        Entropy (8bit):4.690012564282519
        Encrypted:false
        SSDEEP:384:okBn1bkVX89bPg54UM5bDBHnSGoxgnGDEa3jEUaLbCe9H0AMJZzmGMsjs9K80H:oK1bkVmb4GbDhSGoxgnGDlT9gbfXJs
        MD5:4926621A0A5CEE8314F429E38B95EAC9
        SHA1:E7ED39F39CD3DCD462C8F26858665C209B700930
        SHA-256:D9D33D5E114459BEF7196EF557E62FAABEFF855797338AC6DFAA87B31D4CF98F
        SHA-512:07085743D0FBA7285E7B60408775D96C2433E2D871C820C39FBFFCC4C014230ECFEF23B87D29B2B77D6A67AF5C33F498B752FF9BE3E94EC92A75BE5E178D6A1D
        Malicious:false
        Reputation:low
        Preview:._______________________________________________________________________________.... Pilote d'imprimante Canon imagePROGRAF.. Version 4.91.. *** Copyright CANON INC. 2015 ***.._______________________________________________________________________________....Sommaire.... 1. Introduction.. 2. Configuration requise.. 3. Pr.cautions, limitations et restrictions......1.Introduction ----------------------------------------------------------------....Suivez cette proc.dure pour installer le pilote d'imprimante pour les ..logiciels Windows.....<Marques de commerce>..Canon, le logo Canon et imagePROGRAF sont des marques commerciales et des marques ..d.pos.es de CANON INC...Microsoft est une marque d.pos.e de Microsoft Corporation...Windows est une marque ou une marque d.pos.e de Microsoft Corporation aux ...tats-Unis et/ou dans d'autres pays...Windows Vista est une marque ou une marque d.pos.e de Micr

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_German.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
        Category:dropped
        Size (bytes):17049
        Entropy (8bit):4.783814733940091
        Encrypted:false
        SSDEEP:384:f3S65L/bUoWVv6vwN49BTpZLEeLCAQJcpZT0j:f3SezbGVv6vwN21pZLEgCAd3Qj
        MD5:F10E8F3C93BED928171BA6048BFB976B
        SHA1:92A688C7F95CA90DF4E98CFC762B6ABC691C354E
        SHA-256:3EB16FB3309F241C99FDFF087FC232137CA83812C490273050D9397CC7EDD12E
        SHA-512:42D4DB86AE5927C27814FD3FFDBF010BD01BE7BD2E58AC996CB1EC5B3B9BEAA840A64A51D9C7868ECB86771FEB90F09961612478613BA24E6BA18A1780372EAD
        Malicious:false
        Preview:._______________________________________________________________________________.... Canon imagePROGRAF Druckertreiber.. Version 4.91.. *** Copyright CANON INC. 2015 ***.._______________________________________________________________________________....Inhalt.... 1. Einf.hrung.. 2. Systemanforderungen.. 3. Vorsichtshinweise, Begrenzungen und Beschr.nkungen......1. Einf.hrung -----------------------------------------------------------------....F.hren Sie dieses Verfahren durch, um den Druckertreiber f.r ..Windows-Software-Anwendungen zu installieren.....<Warenzeichen>..Canon, das Canon-Logo und imagePROGRAF sind Warenzeichen oder eingetragene ..Warenzeichen von CANON INC...Microsoft ist eine eingetragene Marke der Microsoft Corporation...Windows ist eine Marke oder eine eingetragene Marke der Microsoft ..Corporation in den USA und/oder anderen L.ndern...Windows Vista ist eine Marke oder eine einge

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_Italian.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
        Category:dropped
        Size (bytes):17364
        Entropy (8bit):4.549315792612031
        Encrypted:false
        SSDEEP:384:I1QnH8hFQZgWL2vuhSGZjqqPuoLAP/UJEHGYhq4PH:I1kyQm3vuhSGZjqqPucAPR7hH
        MD5:3DCACB08FF52AB9BCE6C534D688B796F
        SHA1:E9550391EF94296F5776B2E1A43B5B6A2825FF9C
        SHA-256:D748F270D8A7BB402E04AED18FF9AD98AE241294AB3ED7FF0A3FDCBCDCB0CA77
        SHA-512:49CDD3B859CF59994E758A7683CE17850D25DE8F941E744A510D7639C2201D0A1FBE0D592548DC381D244942F9967044FE0A2AE6C43A889549695558CA12ABDD
        Malicious:false
        Preview:._______________________________________________________________________________.... Canon imagePROGRAF Driver di stampa.. Versione 4.91.. *** Copyright CANON INC. 2015 ***.._______________________________________________________________________________....Sommario.... 1. Introduzione.. 2. Requisiti di sistema.. 3. Avvertenze, limiti e restrizioni......1. Introduzione ---------------------------------------------------------------....Per installare il driver di stampa per software applicativi in ambiente ..Windows, osservare la procedura che segue.....<Marchi commerciali>..Canon, il logo Canon, e imagePROGRAF sono marchi di fabbrica o marchi di ..fabbrica registrati della CANON INC...Microsoft . un marchio registrato di Microsoft Corporation...Windows . un marchio commerciale o marchio registrato di Microsoft Corporation, ..registrato negli Stati Uniti e/o in altri Paesi...Windows Vista . un marchio c

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_Japanese.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
        Category:dropped
        Size (bytes):18749
        Entropy (8bit):5.315248994148185
        Encrypted:false
        SSDEEP:192:peKaLprJR/mZyzP05iEWl71jnmhas5L+OFUZBhG0yUacFaLVa8QnALHkoUMPF7Yx:pox02laTUnI0yUac4kjALdUUw
        MD5:76E68420C3FF65BDBFD033EDF62EA3C2
        SHA1:979F7005ACA0479DD841C8E0FDBF4CA5E2C6EFF5
        SHA-256:A92C2508228203DBD98E1740A5D2C202AAFE967BA713E1D79F8E2A70E850983A
        SHA-512:2D57BA56CEE9FB800CD0ECB30D495691224FC0BCEDF108F8FC10AF62118D044B62B267FB0271EA7BACDE5E3B54981C12240FD25AE355DCC2EACF9E59BF60F85F
        Malicious:false
        Preview:._______________________________________________________________________________.... Canon imagePROGRAF .......... Version 4.91.. *** Copyright CANON INC. 2015 ***.._______________________________________________________________________________........... 1. ...... 2. ...... 3. ............1. .... -------------------------------------------------------------------.............................Windows.............................Canon.Canon ...imagePROGRAF .........................Microsoft..Microsoft Corporation ..........Windows....Microsoft Corporation...............................Windows Vista....Microsoft Corpo

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_Korean.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
        Category:dropped
        Size (bytes):17328
        Entropy (8bit):5.543796484382746
        Encrypted:false
        SSDEEP:384:7onTvXnD6gml/rRyiVIylvrD+GVBTLDvodOVR1QebvWXNnKaO2c:7GnG3lLeylvrD+CBTnkOVR1WXNnKaOf
        MD5:9AAFD5F894FE4B235B0BED3F12E90087
        SHA1:8F6BB47A78278E4C9B287A2A33F1726BD9C2E043
        SHA-256:D63AF7DFE4FC4CFE351E23B43F9AAFA1C54A889B3DC0A1EE2725CF5A054E9932
        SHA-512:DF51E6A62E8823278BC184BFA785C45F1B2D260E4EB7F9CE8C82545E8814C94F563E99E24479AA28B19B056A44255C455FDA2967E7C6074337EB66AB62F55B68
        Malicious:false
        Preview:._______________________________________________________________________________.... Canon imagePROGRAF ... ...... .. 4.91.. *** ... CANON INC. 2015 ***.._______________________________________________________________________________.......... 1. ...... 2. ... ...... 3. .., .. ... ........1. .... -------------------------------------------------------------------....Windows ..... ....... ... ..... ...... .. ... .............<..>..Canon, Canon .. . imagePROGRAF . CANON INC.. .. .. .. ........Microsoft. Microsoft Corporation. .. ........Windows. .. ./.. .. .... Microsoft Corporation. .. .. .. ..........Windows Vista. .. ./.. .. .... Mi

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_Portuguese.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
        Category:dropped
        Size (bytes):16118
        Entropy (8bit):4.700031419185541
        Encrypted:false
        SSDEEP:384:1hYqB7Rd6MJxG9utHy6Rt9IuS8iDvlDu5tQZQS+uyusBbgGCp3X3Cl2OGYu2evtm:1hbdTJxG9utHy6n9IuS/blDu5tQZQS+5
        MD5:2E12FCC6D5B515D32EE52CB4E3E56D4D
        SHA1:1C337260690B89C57BDD4522852240807C77E69B
        SHA-256:9EFF15909BD01E92CFF9497CBE65A378E46B99601E38CE562489676D71A57EAB
        SHA-512:CDD04784D8D6C52AF40B2FE2821B5B7DA86C6CE2360E750F67CE6A37247C4AD099E284EAB3E00A07599A1D6B3EDAAFE3B1301CFFB847A92259A32507DF9CFFE7
        Malicious:false
        Preview:._______________________________________________________________________________.... Driver da impressora Canon imagePROGRAF.. Vers.o 4.91.. *** Copyright CANON INC. 2015 ***.._______________________________________________________________________________....Conte.do.... 1. Introdu..o.. 2. Requisitos do sistema.. 3. Cuidados, limita..es e restri..es......1. Introdu..o ---------------------------------------------------------------....Siga estes procedimentos para instalar o driver da impressora para aplicativos..de software para Windows.....<Marcas comerciais>..Canon, o logotipo da Canon e imagePROGRAF s.o marcas comerciais ou..registradas da CANON INC...Microsoft . uma marca registrada da Microsoft Corporation...Windows . uma marca comercial ou marca registrada da Microsoft Corporation nos ..EUA e/ou em outros pa.ses...Windows Vista . uma marca comercial ou marca registrada da Microsoft C

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_Russian.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
        Category:dropped
        Size (bytes):26605
        Entropy (8bit):4.401165028176226
        Encrypted:false
        SSDEEP:768:t1ufRFTwW/VIXmWZ7KgMb5bT0Nf4uE654IzOXYaTr5F1lDDBXelkmLzNiV0yK:t1ufTTwYVIXmO7s5T0V4uE654IzOXYak
        MD5:7CF23C33D04A7598E872EB10AD27701A
        SHA1:2558749A25BE3D9D24276C87B03899C1A4350CA6
        SHA-256:CF2DD729B993E4735E90B11D1119DB9D04208F67AF5A37EC7D9C10726A3C6602
        SHA-512:CAF45A9B2B0ED33C854E3A0A323E51CB13FCE747F5116682D182D02B5BA5F07274F9974C02069DE8BE12B8EEC7A257BF404A72427C31BED5BEB99CA1A244853F
        Malicious:false
        Preview:._______________________________________________________________________________.... ....... ........ Canon imagePROGRAF.. ...... 4.91.. *** Copyright CANON INC. 2015 ***.._______________________________________________________________________________.................. 1. .......... 2. ......... ............ 3. ..............., ........... . .............1. ........ -------------------------------------------------------------------............. ... ......... ... ......... ........ ........ ... ............. .......... Windows.....<........ .....>..Canon, ....... Canon . ........... imagePROGRAF ........ ......... ....... ..... ................... .....

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\ReadMe_Spanish.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
        Category:dropped
        Size (bytes):17266
        Entropy (8bit):4.60958244142983
        Encrypted:false
        SSDEEP:384:zFDND2KKWFZQ54FXfxp1xmRW5IZPyiJtU74sJycBGKXwNtdMgZeJa1iC6:znVf1i+IZ/EyNt+0sac
        MD5:C4AB2B977975619A6413B96A3AD9F428
        SHA1:A704A2862FDC6822FDA99B37AA2BEBCB2019F695
        SHA-256:9FAE191272F7F35BE82F111D06F732CB2DBA9D3E06F0C91B1F86F2475F907FF6
        SHA-512:24336C8C8ADB66E92AD2BA14C56F3D41D72FC85A029CCC7E1D8BA216342E82376FA9D933C9B55BD120ACD00A2B42C695C509C26CAB50E0C98A16F01C53D8D3DD
        Malicious:false
        Preview:._______________________________________________________________________________.... Canon imagePROGRAF Controlador de Impresora.. versi.n 4.91.. *** Copyright CANON INC. 2015 ***.._______________________________________________________________________________.....ndice.... 1. Introducci.n.. 2. Requisitos del sistema.. 3. Precauciones, limitaciones y restricciones......1. Introducci.n ---------------------------------------------------------------....Siga este procedimiento para instalar el controlador de impresora para ..aplicaciones de software Windows.....<Marcas registradas>..Canon, el logotipo de Canon e imagePROGRAF son marcas comerciales o marcas ..registradas de CANON INC...Microsoft es una marca comercial registrada de Microsoft Corporation...Windows es una marca comercial o marca comercial registrada de ..Microsoft Corporation, registrada en EE.UU. y/o en otros pa.ses...Windows Vista es una ma

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\aussdrv.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 59528 bytes, 1 file, at 0x2c +A "aussdrv.dll", number 1, 5 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):59528
        Entropy (8bit):7.995796483857241
        Encrypted:true
        SSDEEP:1536:PTW+gF8/3RBIwto3gFAYrXO7x3XlDBJvdSydEA:PThFAiX4tBFdJ
        MD5:EF626A9732CD1149B6447AB9A8C3E6DF
        SHA1:48FE0BC32AAE22B0359C31DDDE635705D72907E5
        SHA-256:09C0B436F4B6BBC81BB0862FB2AE7069B0CAE6195F3228489E206A1A735E2BA8
        SHA-512:761874A4DEBE7195711A4957B12AB23A2E5A0CBE878E3EC0C20DE02ABAD797798390F7368DF52BF9FA0F94D82BF6C41939D330CC36FDAEC7769A5CE56A6EC26B
        Malicious:true
        Preview:MSCF............,...................H........P.........-.. .aussdrv.dll.Y3...,..[......[.."B.4........[....r.lM..)..t..N.Z....1.W.J.......p...r...w.q......E&....7d.....#f....LD........#...{w..y;.....3&e..wH.........&.)..PZ..e5Fw....ui.|.u....t*.r........u..r.\ A..4%DE.`.`.~....{..}...U.Rn).5H...'y."...' ....A..h...\....V..&.^..^u.H.A..y.[.s+..:..q...\.1.....S.....z.h}...'. ..8q*...B.w.?BB....o...Q........>......GYd.E.!:...4...;.5VGY..O.G......m.o....H.;....}P..k...3.'.....>..+.....<....C/..a.....0W..7a...../.......VT...f.i.m......v....l.KE.!....HU6...z.......V.N...........(..L5.a.o...R.M....N?,..o.r(]q..T.j.v`...".<......]...p.....w...]..p..Q..Y.......r...Xg.J.,t.Q..t.cVZ.....R.JQ.".@.%p.L.9).D...f&.C%..x...*...Q4.)E.K....,6Sh....\O......@..1)..m.,.$2..r.......b.[.I.t....n....o.j...B79.W.oN.,.O.{..vY~.G. ..Yx...K"...,,z...J...J.K3.'..Rb..(.&.9.:V,~..q.....n..,f.{j.......T79.~v.*..+..K.Q=......b....g.'\....M'....._...VE.Y.b.t.).N<....b=.C&...x.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cn_ipf770_series_glossyphotopaper170gsm.ic_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 582358 bytes, 1 file, at 0x2c +A "cn_ipf770_series_glossyphotopaper170gsm.icc", number 1, 21 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):582358
        Entropy (8bit):7.996960805569354
        Encrypted:true
        SSDEEP:12288:hJ8r5xh2e3+CgJoGMi6aCl15Wdt+gxTnSpodk/g5J2OuPRQXKCPz:hJ4nX3NgJoc6aCLIdtHSpzY5NuyXKCPz
        MD5:171632A3EFDDC8037D4679F4E05C24C7
        SHA1:6AE73B7880854862E9A3B9C0D7AD7114F8F73EAB
        SHA-256:866034D1030AA16E31AA36E8FCFC1750C4AAAAD9EF7D4605E739539F80879223
        SHA-512:C599AB2170D5B28E3B1600A6BDCD51C04B6A3BF7C8ED897326CD342334A931C80550E2E4ADF59ABB9E5D426D2935073A6A15959806217C6DB2602925753CA4E8
        Malicious:true
        Preview:MSCF............,...................h........;.........D.. .cn_ipf770_series_glossyphotopaper170gsm.icc.|....g..[.... .JU].P.....U..q?..;...Zk..k..Z..Zk..K.%.SR*)m...mR.-.2...U.X.....?R.g..Pz.HE..%.|........gQ'(;i/.....@{Q..4(L......O....-@.......PA..'.tB......%!..;....%.%.....!..a.........a?..B'.....mmOP......U7OD......G.."....A3.t.......2..Q...1C..]....b*..C.......q3..@X.s....`FHB..q.s....E..D.L.?(...h.8...r..c..I9h....O..\.......V.....~$&.K....;........?...@..).$...P&R.F.fF.f.......'.G'gG.g.......(.H(hH.h.......).I)iI.i.......*.J*jJ.j.WeUue.u...................................................tsutvuwvxwyxzy{z|{}|~}.~....................1.QQ..2.66::>>BB.GJB.ORbVVZZ^^bbffjjnnrrvvzz~~.............................E....,.l,.l.-.4[K.].........M....5/....N.U.....n...]....60....e....L....m..........u.....}............/N.......'O....o.7......G......N.W......g.......w............./O.......OL.O......\.o_....................,.?[C?.C..>|

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cn_ipf770_series_glossyphotopaperhg170.ic_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 581177 bytes, 1 file, at 0x2c +A "cn_ipf770_series_glossyphotopaperhg170.icc", number 1, 21 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):581177
        Entropy (8bit):7.997503799643727
        Encrypted:true
        SSDEEP:12288:UEIVc3t5jinKpgR0z6ZJlQOnIo7AxlzCCqj4QxIgy6o93VyS31NX:UEIS3LiKWKz6SOnIo4zDqcQ2P93Vy+1V
        MD5:5DBEB5B8254CE4D463A7B1165FFC0AE3
        SHA1:F174AD3F1E58CF807732E51A061E299739102D4A
        SHA-256:ED009A718960965CDB9ED1FD93EFD57C0DAA11F924A8512CFF96F0027CDE4D4C
        SHA-512:B23DA5B2927DFCD4156CF26A7D06F12B161C6404A1F7A005C45BC6ACDF1ED495250E73C2C068FA237F8E08594558DDFF13542A9F361DBBCC3AAA01B0BE19B13F
        Malicious:true
        Preview:MSCF....9.......,...................g........;.........D.. .cn_ipf770_series_glossyphotopaperhg170.icc..ED..l..[.... .UU....#..0...!.+]...vZk..k..Z..ZkQ.QE..h.J..R).PJ...H............'i.;.....!..w..%.qQ.}J....E.. ....I...I9M.eZ#T....4-......j...B..^]...4..yK...w.p..4Iy.ifgc.....P...-.-..yXOy5..<L...nNkK.j...Y.=..O.GU.A...!..d.......M.s..N.....o.X(...O...b..&.3~p.h.....L=.fP......:9r........D..M.J....I.D...e.Y......L.T.L..d.'.e.b.&..u..H...l.T......O....w.......@.".PP.P.......b1..4..p.."..Dd"..T*b...D.ED2E.df...t:..ddtt....................%%55.O.......................................................:...........................................~E..E.O.......?.$...J,.JK..KL..LM..MN..NO..OP..PQ..QR..RS..ST..TU..UV..VW..WX..XY..YZ..Z[.th.6..-..........{G.{_.__..t6mO..``uj.:.V.W`...uv._..vl-;..ga.ma.v.mo..wn.;..wo.w......xp.<...q.x7n....yr.</W.s.yw.?..zt.=O..u.z.n._..{v.=o..w.{.....|x/>....y.|7o...}z.>.W..{..}v......bb.bc..c~..99.Y9yY.y..

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cn_ipf770_series_glossyphotopaperhg255.ic_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 580011 bytes, 1 file, at 0x2c +A "cn_ipf770_series_glossyphotopaperhg255.icc", number 1, 21 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):580011
        Entropy (8bit):7.996313613081114
        Encrypted:true
        SSDEEP:12288:8TCVtGCH8nqAPEMS1/oTL9OmTh6OB6Zo7Ri0GsUtmWTmKaEe1:8+VtGCH8nqAodoTAmtEZoATmZKad1
        MD5:ED9240BD74654F54DDDF63092E6E6444
        SHA1:98BA3A3F198909A8ECB900A0982BC787BF274049
        SHA-256:8F2F500F9EC20B0D0DA800E00ACE0D23E588ED255E106840940FDD13C2F638B2
        SHA-512:0BE54E5916761DD9C80EFAB9C75B54EC66EFC02ABCEFD3BC62AEC7A1A5D8BE920EAA775DD33CE26F29036C8F230F136947BADC335DD0087FAF3FF9A422FE8A4B
        Malicious:true
        Preview:MSCF............,...................g........;.........D.. .cn_ipf770_series_glossyphotopaperhg255.icc.....lj..[.... ..uU.P..#..D..{ ..].r....Zk..k..Z...k.TD..ZJ..R)..@..X+..D$UTp`...7x.7...T.A. .7.M......r'....E.=A`............S...F..X.d....".......j.....:x......M.......3.....juCe.oC.........$..4.....3..#..............N....C.....(..b*......g..T.X.....#!... M?..D._4..RT.?O.9...|.OUL..[*...;...*_B..._{.5.'/...dp.....t.xy.x.qq.E...M..J.rN2V.*.]...2.c.2......2.......{....t..?..N...0..h.....2.....D(..P.R..`0...........F8..q..............!.%!)%-)1-5195=9A=EAIEOI............[.\[]\^]_^`_a`bacbdcedfegfhgihjikjlkmlnmonpoqpN.9...::..;;..<<..==..>>..??..@@..AA..BB..CC_...11._\.ddlltt||r.2.._.$%%ee....&&ff....''gg....((hh....))ii....**jj....++tk*Z.........I........-m.4[kk[>m.Q.....u.Z.^.Y...u~.a....v.+[....i...v.mq..w.[..y...w.....x..\......x?n....y.\/_....y..?..z..]O.....z.n._..{..]o.....{......|./^.........|?o...}..^._....oo.o.....................#.'#+'/+3/73.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cn_ipf770_series_photopaperplussemi-gloss.ic_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 587774 bytes, 1 file, at 0x2c +A "cn_ipf770_series_photopaperplussemi-gloss.icc", number 1, 21 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):587774
        Entropy (8bit):7.9965522646368505
        Encrypted:true
        SSDEEP:12288:Jq3kDb6VghvhGMbKBhdjCT3sQzYR+WdwB2fIpqlSPVa/OHJPfVdzn:Jq3kDIgdxKL9CT3U8WDfI4sVaG1z
        MD5:4D20A17C7CD21891B36305ED6876CB56
        SHA1:C13CCE646480C5541C76BE46748762D02E887962
        SHA-256:5662C5300B4DFE5F11C71BA8EB5081B84A35B31DF877ABC0DD346B9E2C3BE837
        SHA-512:2AB55A355B32BB4A0707524E7313C838A47FC50FBB26D93783344B17A94A6896928EDE0AE80E25BAA70A92D387D8513511DDB512F6E8E0BAD5244152D97C1316
        Malicious:true
        Preview:MSCF............,...................j........;.........D.. .cn_ipf770_series_photopaperplussemi-gloss.icc.;.<.m..[.... E.uU.P.....@...-.t...;.......................m.m4f.0.*0.......9...w'$.)!..%.w.9(..(..=j/s..(_..u ..{.?.&.1.L&.JSG...IU.E........5.C...'..J./.o......\nlfm.H?.........W....v@;..O>=DF.....-..3.3$(?.O.c..i....?mX.........;.KZI[....2...._..G.h..w....-..........1i..'.fMA..W........|.8,...n4.....U6B.'}..?.'........a.}}..o..+.H.."vJ&.....4...1:.9.Z.RJ.o.....?B......y...k....m...X....1...h0...@ ...........D(..P.R.....M..M...N..N...O..O...P..P...Q..Q.......iI.i.....-...%.5%E5UEeUue.u.................&.6&F6VFfV}f..................'.7'G7WGgWwg.w.................``....!!aaP.............................................................................................................................11qq....72........u.........7.}7.........../N.......'O....o.7......G......N.W......g.......w............./O........O;;......o..................M..G.KG.K

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cn_ipf770_series_premiumglossypaper2-280.ic_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 584569 bytes, 1 file, at 0x2c +A "cn_ipf770_series_premiumglossypaper2-280.icc", number 1, 21 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):584569
        Entropy (8bit):7.996754453306316
        Encrypted:true
        SSDEEP:12288:t31O5jcq8sJDTuRqBLzYqtaihJkRRcqL2eapXzHaHp:l1OdcqPJDyR6WRRRLhapXe
        MD5:79123C884B7D8078C48DACFE819D04C7
        SHA1:A734E596D0BC31CD7B6BF591A9F5AA8BBA61B5D5
        SHA-256:E51984E3D54C3356D6E7A7393B661070BF44F5B7886ACFF864BF07F732394366
        SHA-512:00C2EBCCDF0F4AE68AE619A2BD977B59012C582D6EDA330BE62ED24BD63225F6ACDF8823F36B2E732D7067F8A0DF947E007D6F71BBA8F2DFA512F17CDB9ED375
        Malicious:true
        Preview:MSCF....y.......,...................i........;.........D.. .cn_ipf770_series_premiumglossypaper2-280.icc...0.l..[.... ..U].P..#..0.../.....j..Zk..k..Z..Zk.."....h..4J).R"..Ej......n...N...L.J.....1......n/9.;A.I.E.(.b..R.n.M>...JTk.Z......P30T.#..+.....h....;... .I?.y...w..8q. <....D.ME.K........yy.\...]..Y..P.._.?....(Z.Z..Uk......,......b%D..[..I.........._.C.7.3..y9....y...#&%...'..z._n`....N&...=....h..$./.O..-}A/!3...6..;....R.:....H....{........A. . .@D...FQq...P(R...0..`F......O..O...P..P...Q..Q...R..R...S..S...T..T...U..U....+.K+kK.k...}u.}..........................................:.............................................#cccs.|...................................%%--55==EEMMUU]]eemmuu}}................E.qqssuu.4.w..w...]..-...M......ja.5N.U..5...n.].....6..e..6.]...m...7...u..7....}...8......8.^..../....9O..+..9..;o....:...K..:.^.[.....;..k..;..{.....<.....<._../.....=O....=...o.....>..66?>.......>.Y.yY.y.......~.o..

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cn_ipf770_series_premiumsemiglossypaper2-280.ic_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 584241 bytes, 1 file, at 0x2c +A "cn_ipf770_series_premiumsemiglossypaper2-280.icc", number 1, 21 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):584241
        Entropy (8bit):7.996544591651677
        Encrypted:true
        SSDEEP:12288:VL2V+9YEoHZDpx78VsGdYDZ4oEl2rzMA1Vt7yzxo:IV/HhT7EsGdY1E2rzntOzC
        MD5:3328D246FD3343BA718DC894DF95E8C2
        SHA1:F129D2E3C885627E4476891434951B0851B8A1DE
        SHA-256:D41E931A0058B125936E13CE2E57FA32D044F2A8FDC90CE9064F1FFE80419E21
        SHA-512:24CD0822728564D0AF13C3BB0F6865DEA3DC2F368F39778A5EA2140A3C37F69AE67F7F5584A23063D3D4EE3FF4BD2D527454C501B79648451F918F27F0379533
        Malicious:true
        Preview:MSCF....1.......,...................m........;.........D.. .cn_ipf770_series_premiumsemiglossypaper2-280.icc.6....k..[.... .U].P..#..0.../.....ek..Z..Zk..k..Z....4...@iR...@)..\.&..........I...;D(.B"JT..9..E.A.Es.&(9.(.zP.=...&.4#....Z..............N(.5^....|E..O.n.a...MLMN7=$.D:$..........&cn-...~.m...........z...........HA.:.....g.gu8.....-+..\#.~.R.F~......+ ....R.Y.9...s.@..;+..8_.......O.{....7..;........c+......b^j.>FqB.#.....f.d.........1.@......w..A. . .@D...FQq...P(R...0..`F...O..M>>??@@AABBCCDDEEFFGGHHIIJJKKLLMMNNOOPPQQRRSSTTUUVVWW.X,?-..-..../.-.....&.6&F6VFfVvf.v.................'.7'G7WGoW.........................$.,$4,<4D<LDTL\Tg\..........22RRrr.........33SSss..........44TTtt..........55UUuu..........66VVvv..................C..^^.^_.._...xM..&.....K..i...F.S...j.z.f.[k.....c...lM{..km......s...n.{..{o..........pN|.&./.q...G..'...r.|7g.s......G...tN}W..u.....g...v.}w..w.........xO~.'..y...G.....z.~.g..{.....66?>......d..YyO_^.f^nf.i._

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cn_ipf770_series_satinphotopaper170gsm.ic_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 582113 bytes, 1 file, at 0x2c +A "cn_ipf770_series_satinphotopaper170gsm.icc", number 1, 21 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):582113
        Entropy (8bit):7.996615657655328
        Encrypted:true
        SSDEEP:12288:XFViuLlWRZQSrFJ41edrkpoZQwwuokA+DRa5/PkdRBC+C2vVn:Xric+Q4JJdrk6wY5k5/MPBrvB
        MD5:26B4570C54E6F0E13529182CBC06E612
        SHA1:468CA7C197740DCB5448C80939FC0780EC48BE0A
        SHA-256:E3DEC3B29723D6E98EDDC7B905FBF008DA08C56C0376DA82FF9D3C51690ACCA1
        SHA-512:FB3430E99EE88ACA61790777A1F7B63B2422D53FD86700DA41D42FD660AB8A46DB5A733340BA706DA5CF1B0DC25A49BA26DAA001D8AABAF21C84D41AF37DA29B
        Malicious:true
        Preview:MSCF............,...................g........;.........D.. .cn_ipf770_series_satinphotopaper170gsm.icc.%.1?.j..[.... ..U].P.....U..w/.w.............34..v].]..l.......V.VDpv......7......|.....]...".Qnhw(..&e......u@.i..6..I.)m.8b.)..'3A.(@.......PA..'.tB.............c...#.dY\O...O .... #....?J..0W...L....t...(.."..u.A....}.. .(...|....xCY.........._{.....$.>y._b....!..eZ?.R..!D.:....&.....h.i9.8.....g%....,.-3..A>..e._.........1...g.....6.&..)..................+....0.a`..4..h.. ..DE"...^(`^b`dbfdhfjhljnlpnrptrvtxvzx|z~|.~............................................W.XWYXZY[Z\[]\^]_^`_a`bacbdcedfegfhgihjikjlkml..onpoqprqsrtsutvuwvxwyxzy{z|{}|~}.~..................""&&**..M3..........))99IIYYiiyy....................**::JJZZjjzz....................-+.V..........W..k.n..uv._..6l.;...g....m.6.]o..7n.;..wo.7.......8p.<...q.8.[7....9r.<+W.s.9w.;..:t.=K..u.:.^.[..;v.=k..w../....{..<x.>....y.<7_...=z.>.W..{..=w....>|.?.........}..0..._........................*

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cn_ipf770_series_semi-glossyphotopaperhg170.ic_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 581294 bytes, 1 file, at 0x2c +A "cn_ipf770_series_semi-glossyphotopaperhg170.icc", number 1, 21 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):581294
        Entropy (8bit):7.997303082375696
        Encrypted:true
        SSDEEP:12288:F9+5p+/839bDR2Af6xMJBWwa+aY2Ltud8tAW260rmgTkO6XOe9/o:FGy8tbgO6+aY2LXtADVmTBX7w
        MD5:590929C72EC69E386474F45DFF23A570
        SHA1:315DD4773CB9BB90163A4A58980F7C64FD52528D
        SHA-256:2ABEE508AAF92E4FD7CB71DFC23EB20D481465CD7DB7590E2A54FB008F265826
        SHA-512:24C25BC2E4EBA94ACA3C842FE27F829F7E469EB1F1C7E086738A0AE4CDAFA35DEB07653E844B10F9317BD57B11C20F78F76A86689F47BF95B23BD94E71FDA122
        Malicious:true
        Preview:MSCF............,...................l........;.........D.. .cn_ipf770_series_semi-glossyphotopaperhg170.icc..C.Z.l..[.... ..UU....#..0...!.+]...vZk..k..Z..ZkQ.QE..h.J..R).PJ...H.....2....~..D.n.DD.2!Q..{.[q...{Q/..%E.....}q...........#..-.. ......*.....z..W.w......./Y.]....}.%.%....BC.h.......P..xj....\.....3s.{r..........C.......QsU....?>...U3.....2..Qvs}...L.g<......S.....zU....e..l.s....1#...7..........N.&".^/.........y3.S.3..........;.....&.#u.....S1......=.....(...@..@....AABBCC(.B.0...0..h.. ..@D...P(R...0..a....F...p8........RR......SS......TT.....?........++_K.................##++33;;CCKKSS[[cckkss{{....t.................................$$,,44<<.G.......>.FG..GH..H....).++--//1133557799;;==??AACCEEGGIIKKMMOOQQSSUUWWYY[[]]__aacceeggiikkmm...\.h7WW7wW.w=.....}I.}.....>}Q......Z.^.Y.....~.a....=[..i......}q....[..y...........>\......?~.#...\3_.......C...>]S......~.c....]s............?^.......?......^._.....~x.............d..de..ef.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cn_ipf770_series_semi-glossyphotopaperhg255.ic_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 580024 bytes, 1 file, at 0x2c +A "cn_ipf770_series_semi-glossyphotopaperhg255.icc", number 1, 21 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):580024
        Entropy (8bit):7.996282575761241
        Encrypted:true
        SSDEEP:12288:0GvRTCVtGCH8nqAPEMS1/oTL9OmTh6OB6Zo7Ri0GsUtmW1XsNX:0CR+VtGCH8nqAodoTAmtEZoATmqst
        MD5:0B8A0B1B4CFC13E0D11AF3484607E111
        SHA1:06DA72D34648386CF830A685C43521811B256100
        SHA-256:09941CDAFAC3EDC70B15E5B15BE1D6CBA022FBED101538F1C6B00CF28DC61FAC
        SHA-512:C9EDCA5E8B182EA730DDBFA88AA7001725EEA2F4047BEB2449B8D4BC7398ABCB8AFC516CCC311AB26DE75FF0B1223DDFDF2FE0F8FA90E663A92561B649F8619A
        Malicious:true
        Preview:MSCF............,...................l........;.........D.. .cn_ipf770_series_semi-glossyphotopaperhg255.icc..7Nnj..[.... ..uU.P..#..D..{ ..].r....Zk..k..Z...k.TD..ZJ..R)..@..X+..D$UTp`...7x.7...T.A. .7.M......r'....E.=A`............S...F..X.d....".......j.....:x......M......3.....juCe.oC.........$..4.....3..#..............N....C.....(..b*......g..T.X.....#!... M?..D._4..RT.?O.9...|.OUL..[*...;...*_B..._{.5.'/...dp.....t.x........^D.....d%."c......!.8.(..+.!.....Ap...'....C...... .......x8..@ .A$..H.2..X,s.....<.=<>=?>4?.h....P..P...Q..Q...R..R...S..S...T..T.........+..9.............&.6&F6VFfVvf.v...................................................$.,$4,?4......>...FF..GG..!g%#b.RNVRZV^Zb^fbjfnjrnvrzv~z.~..........................E..........K...++=;....M..............N.U......n.]........e.....M...m.....u.......}............N../.....O..'.....7o........G....N.W........g.....w.............</O../......O........o..........0.p0.p.1.q1.q.2.r2.r

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnw407.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 912177 bytes, 1 file, at 0x2c +A "cnw407.dll", number 1, 142 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):912177
        Entropy (8bit):7.9992291595913
        Encrypted:true
        SSDEEP:24576:LJNoMqbLFwbbc4186546q3y0MtaF1497hEE3iyAukF:MM6wbYQD54jy0Wan497SESyA/F
        MD5:361537DD787BADD366CB6DC8161C9F15
        SHA1:733520EB8D272155962B514FDC0CA82242C94158
        SHA-256:346F97413E2230186ED6E5D6F5EEB4EBD596529BAB4AF7B02F93818EA1A7E959
        SHA-512:77FA0BCADC64B41A6FEF6A3062E5D0011EBAD5888DD8397BEA9869948C1CB92624D9A2E3B2A40ABBE6C5550033E352B86CD3CCB0DB838727D8265776326D93A9
        Malicious:true
        Preview:MSCF....1.......,...................G.........F.......!E.x .cnw407.dll...aV...[...B gj...`..E......om....~.=.../..fx.w.{...]p...nl<%t.....#OK...%.GT...T...T-R=X:..F..h.......K...}.u.;..H.H6..4.j.+q...K6...Er.s..|...l..!4...A.;.m@..;....~..A..Cd.j..l;.V...V.sCS...#....d............g.......iww>.{O.{w.uy..x=...M.C......u..i#..!.U.b....4H.`.Bp8.%...~.F.?.A..}!.i.*[m..W...sB.].e.#.f$Y....w..).&|...~.n..v`>....k..j....ak..|d...u[N...y.k..0.....|.....NkV.......KM.[..s....C.[|>..U.I.}.*......g......".\{js....._.o..5....\....=~./....C.}..o>.n..C?....T^.{...A..i..U:......2..Z ..!.r..%".e....D..l$v.,s..(.u{...V.b..XG.&w.Mn..O>..7..R%...$_.=..nW......;.8..n......=."[....7...)!6.......e......L....e..d.H..j....;..1..Y.."...&..P.............Zl.5.p...]....K[...).lb.....M.i......o...F..w...{K,."w...."q.....d(t.N.Q.....{n*.d&t...h....y..#z..................M...xx.2...........?.mz,.........!=p>..J..".^3LoK%..LlP...L...%2.'......K..N.iJ........8Clr..r.z.e

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnw409.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 910159 bytes, 1 file, at 0x2c +A "cnw409.dll", number 1, 142 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):910159
        Entropy (8bit):7.999232590095795
        Encrypted:true
        SSDEEP:24576:e4LullO0MnNkcNAhIaeHPEPAC19VGIT6vevci0:1LuLTcHRPuAI9Vd0gcV
        MD5:3305BD24A956A08F77F61A8163948A02
        SHA1:F8C298366413D0C7A13019761DAEA2187DB5C3DE
        SHA-256:230B7E678A1C74D05DAF89DBAF6038259577FAA285E73617D75D89DCB9299428
        SHA-512:600A3D304F6D828F0C45245E235539EA40A67E2B6F531D7798D715527E9EF17D50C3607B1C6D31BBAC063CD140058D6104F8624E767BD7107B14C18265C08851
        Malicious:true
        Preview:MSCF....O.......,...................G.........F.......!E.x .cnw409.dll..S.%....[...A .O...`..E......o.R.P+~......=.8..JwU..+...1...=`s..l.c.6..=.c.1..<.f.e.0{K.....]......?.....~.../.....H..\...[vi..%.Ml..$.HgE..~(b...=$N...K.a..n{A8`.{.......bp.rDh......5..1......&........./..{.....<N..{..wwo.<7s...j...Y.m.v.g..:w1....J.@~B...5#.0%*H@."....~.....!Z.3PQ7.L...S..(U..TQ...}y#z.....G......Z[V.^ghi....M...M..;.;KC7W.Ft.v.U.O.q.v..0...M..Y.|...b.g...)....6Y...s..jlk#...(.....J.6...._i..X.Z..IT:...).+/._hW.Fj..\..K.>......nAw..]..+.../KTk.o.e..'.,h....a(j.it%.E.Q..G$..1&.42.3..P.....A...x..e.....l....m..C$..mnP..".y\./..D.J. bnI4...C..u.c...vF.).....P.Wc0KT.`...(....)TF.$xP.2,*.A..F.....,..i.pD.....;.`...|h.4,..at...,.....0...t..5,&.....a......."t..F6x....r.p<..x.!6.*...cd....)XD..Q...i.".;HP...><@..K"...D....4.p...q.....C1....a...s.s...c.......u..#...!....Q...y.....R.E5@...G.RT.G$.."..%......#.O?"$UFK\.AF#.V..2 ...eeL..........:0yz...@9\.x....

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnw40a.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 911673 bytes, 1 file, at 0x2c +A "cnw40a.dll", number 1, 142 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):911673
        Entropy (8bit):7.999200777772248
        Encrypted:true
        SSDEEP:24576:qcnpaNo0TI7PCezahQCF4lTm/Ghe5Mb6P/cMz0WwSYLYU4:naNzTILbTVTmOhQRP4LSdU4
        MD5:4065BD4CFC6A6EA200420220D1A250CB
        SHA1:1BBA5C1A394B5C0CD21245E7D97C3C849A199BB2
        SHA-256:AA0FC65415BB3B6F86A57679ACD8DBE570B81D195C0585B9C94FBEF53F0E09FF
        SHA-512:34E18B47C058615EB93AC6FE0930E7664CDDF140DE23D5064C0B027AA1048A254EB84B84EDC2E5F45125E7FAB32BF8EDB7F432B0CCD599EC3E217A4A52C038C4
        Malicious:true
        Preview:MSCF....9.......,...................G.........F.......!E.x .cnw40a.dll..tP...[...C g"...`r.E......o....3...a{#..^G0g.o.....g.g.f.H.&...,J:.iQ....(.K.U.j...G.dHCT32.w......{1....}f?... ...Z......u[.K..A..;..X|.(....@4p.*&...M^B.IH.u..%.....9..;. .&.......9.3\.h.................._...s.{l.wuyw..kr...i.sn.c]V.[..F....@.*...$ T.@.2J..R.H.d."." .ZDd...H.}h.l.*.ml.S/^....B.s........f.V...)...j..-...m.j.5.E.....j...n.lr..{J....jJ....c.|'.......E?.........&.MusF?A.Wz.l..o.3..-K....sV}.......?...RM....~...b..B...sIq...~....i....|.....m.].i....B...vK.MI-... S..yi.....|.../.n`P>......#..e|.em.+......;B4..w.!.@..wm....C....K.p.. .......I'q...]Q..B....1n....<.s.%... ..HWTf.N.Y..^.N(].9...M).4......4Bh..C.@..Z..f.R....."u.\M..L.'T.M'.Tq;-t.e..bs.#Z"........N.!....K...&.]1.J.hS...-.....F.M.Q..s..(...;.H.mM,d..&.L......I'n...]Q.y.7w9....mB....K.....N..Bxx.r....c$)r.N2.......M>..z.x.E...S...!ezH.A}..).e`;..d..N0i.e>.....s.#0.......XL..p.....H........

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnw40c.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 912415 bytes, 1 file, at 0x2c +A "cnw40c.dll", number 1, 142 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):912415
        Entropy (8bit):7.9992242422914535
        Encrypted:true
        SSDEEP:24576:eVYu9DBlGkT4PXbYNN95MGVSuJMHx6clrYiSnOc1LtLr7es6cT:OBlGkTmLlGMuJnSYx15HT
        MD5:29E1DE93FA60F1850821E85E1305D32D
        SHA1:64448A1226FB664FEF80FB2C3E3F69E1D957FE82
        SHA-256:58C2CF219B16CE43905349230AA2C2F03D66217F9D406CBF41D9DB01875E172E
        SHA-512:64508C7BA592CE5E40575FEF19F627632C90A825E6E91E69F807BD648E1BFD31846F7D725173DBDFF4D91171BEB29BC3CC3F0A7D8060BAB0A6ACEBD34D630AC0
        Malicious:true
        Preview:MSCF............,...................G.........F.......!E.x .cnw40c.dll.r.hJ....[...B '....`r.E......o6..x..a{ ...G......$nc..8.<.6.G..HG.6JOE.QW.,.{R.U]j....!u."C!*...<.L.....U......~w{=t.d]..wds7.I...n.U,.7.{,'b..M<..#A.....x.3.rV.Y.;..u...>...u.0.z.h.V.....C.@fF.......|~..r.~J..W..l...w..9o../m....\.X4.%...d..fj......FeB.*%.H......."Y.1[@l.... .V...O..2...y..m..../......"7.f.Y...../...z.v.....q]..Uu..[.yX.n..5cSi.5.w..WL3!.e...:w..^.....vi..u-.iZk..V.~.?'....t.%.U_."....`V..........vY.m...u/:v....Y.i)Bz.>Q..s.o$.^..'..{.......n.9....KU}...]...-..J....J.=%..xo.......7......cB..lRB.t.."..'I..6....\..~G. :..Cs:..tc.(Q........J..d.>.<@8!.n..."..>.x...n....!..K.^...0.GXX.M.i..,..PByHZ.jH.C....15... T.. ....T..ZD3..W..%XXK...I.lDk...'qa.........c).l....G.v..&..rwm......$..!...f....\..M......C.....E..3...7...~..C2. ..B7.x..H.....F..<.)|.xx`B....M..bxx.E..M...a8..b......)=.......g.]QPe.......SI...L,y....'...3.|C..2f.=F)I......8......g#BC..

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnw410.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 910987 bytes, 1 file, at 0x2c +A "cnw410.dll", number 1, 142 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):910987
        Entropy (8bit):7.999306228100206
        Encrypted:true
        SSDEEP:24576:H5cQISXMon1DEzNZnddvqvVNFkaEYYitjok:ZdMgJcnddOV7uEok
        MD5:644B08360459B1D41D4937E11EE2A4B4
        SHA1:80F9F138694E6DB2DAB4A1E4AFADEE5CA9316458
        SHA-256:595526908DFB33137EB15CBA0F1C760C3AC5023D4D8A6CCDAE1D9EB3ABA5DA8D
        SHA-512:A34270B95018C92492E8DF42B732B5C9EBC7F3ABCC651F3706139876A6BC0A0A87E829C2D6350075F434F804BB91D3987E0469DCCFC43B5C2C662EF380EE068A
        Malicious:true
        Preview:MSCF............,...................G.........F.......!E.x .cnw410.dll...M*....[...B ...`..C.....o_..w.u.]..hV|WZ5~.-n..>&..>m...D..0..]..Q'>DBC..!I..H.@t$..: Z*..................w.w....#k[(....i..mp;?CX!....-.3.b......2.fS.0x.k.&......=%C..KR6Hn.V.q.....2....e.. 3#.E....|~..W.~..}..#=os}...n......6.mku.t.:.,.-.1..ZR.....*.d.L.B...J .PI.........-... ....i..5.H3.l..L..f.Q.t........i.lr.*.&c...hq.....{..Q.Y...z...gf.c*.a..._.S.Lr........zQ.....[..%.az{.....1..m.MS.Uz...Y}.<..(L._E._Q2..Z......j..).*0..g....s...%............mE.]y2.u..<z..<C...K7....t4...".]...Z.rr.1..v .....bX.R........u.OB..lCG...m...$..y.&Q.6n.X.?n=0.s..an.0..I.....uCC...p.G.sk...[^$..5.....E,`.2l...2f.D..D1......+.....E48..5.x..<p.p....1.....%#|MDD...,h0B.G...#..P..Iz .,kT..$5..`cc..a..#..".F$....J.AB.l\..;M.8@.6j............I>.L..K"..."(....F.a..<..m...C..Q.....:.d*1....Xa......D............qQ.~.."...G..........cc.......#.OF"$a.KV.A.#.b..3.. bffH.D......::0y{..!@9\.p.C

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnw411.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 907607 bytes, 1 file, at 0x2c +A "cnw411.dll", number 1, 141 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):907607
        Entropy (8bit):7.9990911880550675
        Encrypted:true
        SSDEEP:24576:9isQBftRnGG/NZX7BipC4T+byfalB8dYfAEgmj21OWR/:9Ncfnnj78pC4ffkBg+OL1OWR/
        MD5:6D8D4B2D060FE3DC29E33681D302DDFA
        SHA1:60646D0AD7252B64B188F31EDB897B3FA05EE30B
        SHA-256:815C0497B737EFC88824F6E68BB8288B93A60AEBB34B4DCE7CB3A8C8D84448D8
        SHA-512:743E4EF6B8893C661C3B8CBE5C51DAFDDABD31C1ABC2E7E683A84A2863632BBD030F81E60A11850F23CE9F0E5F13C1110D67ED7259B79570487D18638BAA882E
        Malicious:true
        Preview:MSCF....W.......,...................G.........F.......!E.x .cnw411.dll...1.....[...> .U.M.P..D..f..._...T......$M..M.].[.9IiV..-...hx.a.....9...q`.`.cp.7bp-.dH#2xFpp....L.....|f......b..K..f[......n...9.k....J..X...z..X..W-.m..z..Qt.v(.V...k.b@.r......\.B... 3#.epx.u....y......y.l.......mnn....k.#...U6-..-..af....X..J.!..z.P..H. ...I.%.eDtH.=.....BA]hn:2mM...G)....SBjJ7.'.OXe....K..j.J.,.V....U+H...Y..ZeZ......u>...rY_...{.eBz.Co.&{....iZ.:.wT.......|.o.....<..._.P.@..?Q*...E..;..N..P.....*......-.%.;)........|J......_....|.W.o...X.....e.TD.....,.....&.".S..H@.3.XL...(.u .m1M....Av6..P!y6 .`.l<L..%....&&.FC.....6,..C%.....Q.C...+...........R.<.-.QC.O....H...2t(!02d.\..X ..&.z.U......@....I.......C.#..D...e.b...qC$..!....bE%>.8.....!.r..d.Q....X.#..Y...%..........s.3..t0..k......1..(...K?. ...E(>]EH..6,.q..h.C..i....j..& ...3*...#(.F..H.*...%,....K...@..h..i..q0.........1.....a..&2.G...S..V......x..$.....%JLF..L....Ag.'...*GG#.,....t..

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnw412.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 909691 bytes, 1 file, at 0x2c +A "cnw412.dll", number 1, 141 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):909691
        Entropy (8bit):7.999251438395468
        Encrypted:true
        SSDEEP:12288:Ob0jdtUkpVRK/gkD3KgN+kdHWoQ+U813RykvVbceZe6qUfFfoJY7mVcjISJglnOJ:O2qAgFU2DJcec6rfFfgPSqoo+RB
        MD5:18C2FA7FB19893576609901FCBDF4AE0
        SHA1:5647BDBE9F2F77F762D7342E4835D586542FAB4A
        SHA-256:D2A543A980233819C3D4065B6ACDD1F96BCC283308523A27751E61818778B14F
        SHA-512:87812CDCDC7E0712B88252B87341D10BB5ADC27F9CD23B66EFFE173E1E4079A52A1B94ADBE4E9A8E5243C12E01D9C88D76B4DF8E0A1CA42D5F74C2B608D84862
        Malicious:true
        Preview:MSCF....{.......,...................G.........F.......!E.x .cnw412.dll.1 .E....[...> ...M.P..D.....w_...J..E.!Q.C4S..D\.3...8d.J...Z.w.l`.i,.,6b:2...`..v?7.9.-.."Cf4.w....9..9...;.{&|..5...I%.&...d.....d...oZL...vQ.H..]..E.u/w..,......+.."8....%A..yGq........."..%.X....2.?....'._.......x..;.U....;]..S.d..-.3s.a.D.U.$d@.,.......S..m......I..?..E...z..ze....G..T...-b.....U.s..4.IG..O..M..g.h.v...K.G=.S.~^....}.I.1.j.U.D.S.<.umy..r.M.#........K?$...^g..I`0....[_....)]#....F...,.L.w4)..0..L......h...o.L..T...\.Qwr.G..R.t=~.2..+_.^.|?),.p%T0E..i.%.Ft.4.....%.......=..%...1.I..L...Y.|...`.6j...m....x..F%..0..&...!...4......D....D....p..%...{....^...9.Y,b.Fl.12* .....C..ba..2qa,i.@>.Fj @4h..".8H..%..F..L (.rF$..Eh0.4$.......c...gA..%... c`... .kl4..D............`.@.(0..eg'...h.F..9.T..I.0D[......+..iPD..A..8.\..H;.`..J>......@7;.L7f.Q`7y. ..-...C..a.....G&.$.G.....5n.@9r.H. zr.T..r......g...P.+2h.Q`2F.....(c...)T..% V`..1.Sc.......$8:...L".

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnw416.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 912829 bytes, 1 file, at 0x2c +A "cnw416.dll", number 1, 142 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):912829
        Entropy (8bit):7.999149695823535
        Encrypted:true
        SSDEEP:24576:i9JDASr1i9Gb4YJOyf4vV4xMAAxGjY3ittrxG+n/e971abYo5Ok6Xbi:B0ad4xwxp3QtrpnG+Bxd
        MD5:03A288631750387B1D446CF3B63406E9
        SHA1:44C97D3F96CBF228A59370629F5DF74B03C7F158
        SHA-256:AC2DE12FACBA36D95345F7DA30B32117310F992C18FFE6C32F80668D81A545A3
        SHA-512:47372BEFB3C286C54E5930FC3D7141976137B66260E50A09CFD159E4C6F45AAF164DD4CCCD41D23002FDB911AC633F6D5D100FA1DB684100E0E619E79EF64CC7
        Malicious:true
        Preview:MSCF............,...................G.........F.......!E.x .cnw416.dll...jeV...[...C .....`r.E......o6..x.vl..3.;.w..M..%q..a.l..D....qSj-.W>.T]J..]....jK.=.q$..f..F............U......~..+H.xU.#.Ww.uy..&..b.(.#.9.8:..l.....L....q.........aa...d.nM....ZV...UV.3..B6..43.w.h.p7....~|.s.o...*.......v....l^..ZW$...[3T.n....Ta.%..RH..D.......A...A[..$..5..Ph.<.*.ml.S.]..w./.....,......7#..-."p.Z:-...j.4Q+u.d+/..M.j....`Ch.5.J.....+..X.y.}/..M.w.....g..}..4...d..........2...X...L.W.7q.....|...Q...y.=^..*.}.Q...q.....~.s.{...~..Z....[Y..Ej...S..+U.....~.cC.Zl..{.z.JyM.....HKUV.P..,n.N....eV..2E....%....7..A.!<x0!R...dm:..J...S....@...I%k.O.K."I.l..'\....O..k?L5.R.....^.bn.....K....B&2E.".W#..(D).L.f.?..C. H.4.!.....i:.E..L...f..r.4.,.........F.N....|....y.`%.l..cI.....L........(`...3J.bM...M...R6.!.IN...x."e...X..[3.....K3.&h..<.r19<m>.E...$...%...x.d.d..S......(Q"i.oF.C.v..A..7.`CD..gM'.........g.."3[.W*s.!#.....\J.Ot1r2.1Y.}..q........"8.)....28.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnw419.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 913143 bytes, 1 file, at 0x2c +A "cnw419.dll", number 1, 142 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):913143
        Entropy (8bit):7.999363867544341
        Encrypted:true
        SSDEEP:12288:sxAjoP5P3OuCGO1a42KIzcqiWmQxrMQYN+khyBghnx8fmfIPhDoIjEvIRqWSn4Mv:ixP1CFQzcqiKxmE48yI6mcI4Ww/X
        MD5:F2BFAC94B82F96951DEF3BA518961135
        SHA1:C230E68C8C9C5B019210A54F9342C4774B5DC053
        SHA-256:51010FEAA03B83E50432A4AEB8C6F81FF9B431356722D070D26E6F783CD6D484
        SHA-512:2394F6DFEF6736630783E01E2477FF2A52A2DBE149929144F3A8C5E100E62F7F6CAA25227EE47C9A41752313A6CCCB13CE3E4571DC9EE10543554B79C8DAA8CD
        Malicious:true
        Preview:MSCF............,...................G.........F.......!E.x .cnw419.dll.&..5....[...B .....`..E......o...B........~.R...Jx..N....J.1.+....0.....f...;.73.f.l..0{.:r.!...;....|.?_..f.|{7..w'%%..9.|....5..#I...&R.g..@<.9..\...8cU.,...Fz.E..9O..w.KRL\\.t.&...#Hw..;..@`F..f........<.....FV.y....7.....z..........rYq..n.V1.......L.~...1.`.H."0..E....\Dd...H.~3..<'.Lh...KF.{..Q.dT........X..W..D7...:...?...9..6iz.....i...sN.Z....M.BX....%.I...=.u......5.W..RP]3A......z.........n..aP'......s..%.Y2...'.a.A.._...,...gs...%......;.....o.R].A..W_.S....k]...Yd\.....S..J&..1i.=.DSJ..h....<..I....c..e.K../*.|... .<j..(.6p.a..gc#..h.cQ...z.j......AP........l..$...Z.O..1e2..wi.......3$.CR.a....&#...JN..$>...gX.!9a....3j...3g.<..7~.F$$...E%"...C.(.4h.1C#.q....FC.......J~`.-i..1.H...a....Z#....\.A.|..55,....D|...5....6p.1.-.......T".l....6..P.l;(..#....$6....J....?1p..3@t..D6.h...9x|..[..B..$.....K2.K...==j..@.=p.....;.H...I*Q.=bF(..C....".N......2e.@"Ae.......9.x...{8..

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnw804.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 906847 bytes, 1 file, at 0x2c +A "cnw804.dll", number 1, 140 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):906847
        Entropy (8bit):7.99924980407208
        Encrypted:true
        SSDEEP:24576:TvRvkLfIhvPBt+k2zUxYBX9zJFDCUfe4r:TvR8bSBtmUoXN3DC2Tr
        MD5:99C44E76FD27297A946623B0B221BCC5
        SHA1:4BAB38C4441A8F863750CAE75BCFEC232B349C90
        SHA-256:1A36A5E7AC7661B8D6460DD8DF441116D96A6F9B84663E1C15BF34B0375E3811
        SHA-512:31DBC2C15442AC5C36304B6C738A4ACFF10BEAE8CDED94EE65674EE44871AA749526CCA8CAC1C6557EB8E6FEAB28CFB3523371282E65C31D5F2FC9423B13DB3D
        Malicious:true
        Preview:MSCF...._.......,...................G.........E.......!E.x .cnw804.dll...L.....[...= .2.M.Pr.E......o6....9h{.;...3....{..9..|..6.G..}7..(=U..~.....|:P..wT]R=.n.ld..F.........L..3.{>..?{i(m{.g....4o.....{o=.oK.......`.i.>.a}D....tc>bF..>.t.`.....{...a..Bn8Hi:.s....!V........Ms|...X.Y..^uw.s...<[r..k.X...a.df6...`..[.@)...A..Z)..0..`$......l".F.....N.(cW.k..6...c_..._:.a...p..b!>.z.=Xw...D....5pVmv.6.....{..a.@-:..l..7....:.].D.a_..H...u..n...f\.ki5..i. n...M7.|F.XE.v*.U.Y.........C.5..lUe........G.s!..dZ....~?.7^.........Y...........p..=..N.-6.Y..WU. y...Yp........2/..~..Q.mI);+(.~J{.^*..#..{o0#$...f7D|....._...;.P.w.0.o..N.M.D....I(....Q......gYdoK3.z#]9.%.V. d"....N.q..0..(....69.T..nFL......D..P.'..._...jLA....%r...D.8..k....Q.R........f-.l...I....6.)..p..(J..P..T..nHL.....I"v..P>..|.7.A.......7Ah.N...7...E...C./}..;G-....w.dg.'~.N<EB."x..)e..sN*.D.4`rD..#g.".t.<......b...=)..2.C..`4.$f0..O@.ef...._j.Lz.[.oK ...9..2..*.#E'.(.J.R..b

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwa15ac.ch_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 323401 bytes, 1 file, at 0x2c +RA "cnwa15ac.chm", number 1, 11 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):323401
        Entropy (8bit):7.999059662233479
        Encrypted:true
        SSDEEP:6144:LUqNtK1P+sRhmxZKN86ucGTeq2LMAyNU8oko2Aul8oPEgVfMbt1o:YEQx+sR4Zs86uc+v2ohoko2xyFgV0bLo
        MD5:084C2B8EDA78DF0AA23978DF5557BD68
        SHA1:C2EFD1DF787792FFD00587E0D96AADD42F173E61
        SHA-256:5A596FFDE52DB7F27139F5D2995EB9802775F8D3FDC6D00D65DB1F76361F0504
        SHA-512:AE5B68CCF5EF00736532E293E6641F1BDDF08796983CC61624935A3B5DFD28EAA38EE41C2E0D75BC5A45EB11F174602AC327A4DA4B964FA5768F83B4E38A5B4F
        Malicious:true
        Preview:MSCF....I.......,...................I.......;)........#E.p!.cnwa15ac.chm..L..`F..[...............,..]...............]..\..\...".(.....s..[..{.VA....#....'.`2N......q.w.....>..e....\1.L.0P.....@.M.\.$...E......c4`S.3.?0n.>.$......V......EI........a.U..F.@.......;.XX........C.o..a..o.*..E.|....I......?;i}..R.|-.......@........ ...$.....a...u../..9..-.)O..??@....9..i.:2......g..9. ).....m(.(..#."G.....N...4...Yp?..j.:r.....]....W.....\..f....._.........$._.=.A.E.H...L.k..~.!.Y..I..P.?.......R.>c...j.-.,....i.._...?....9.........7`.....dw7.V/...?...).18.._.J.+....]./..c.=.(..'......v.................3..ff........4.........59....Q.,.\.]^w.L....(!.... ...9........fSd......W..N................j.E!~..A8.#....+x'H!~..@G.~........4.4.+.?..%[.Z'~/.:..T.Y.....Z.......t..n..1?.|..c.......2'..5.....=.{....O.X..!.....J.Ag.../. ..t..._...H.V.....aC(Gg.?.._.K!...g.^........B......'..T.*..i...+.f.............A....7.?....kH.W..._..r.P..[.......Q..?.....P*~..7k.}.......

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwa15af.ch_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 335995 bytes, 1 file, at 0x2c +RA "cnwa15af.chm", number 1, 11 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):335995
        Entropy (8bit):7.998987352916105
        Encrypted:true
        SSDEEP:6144:yyib1hSmpJANVAp7ztxrENVM6RXvqTJddLYaqgE9CrCwBhki:ezRkVAJrwNTlvqTJddLYt4Dh
        MD5:DCA19268DA94001789CBA9B0D343B45A
        SHA1:A6CAD14CEB7A713292E59C3C0FF3DC62F511D90C
        SHA-256:5A49457C24354D80C05A9A78BCAFABF9259F1B3A1DA4C772D39EF47BCD0F5972
        SHA-512:C84A7DC2FE3A50DED308A597F2A4E9CC3CFB1E280F6211D142F0F00ECAEB8C29EBF6A96D8E76597D8C7A2BEC6296B5258F806EBFE1290290738668C621F21AA3
        Malicious:true
        Preview:MSCF....{ ......,...................I........Y........#E.n!.cnwa15af.chm...k.^F..[.......................................".E$`V.......e.w3...m.6......'..).....'a`;;'...........1@.b,.........l......?..(........[ }..."t...0.|*.&coR..(.....{a....7{.tA..?}.^...s.g'.H...?..........._.d.k......W...l................. )..{.....O4k.H.-..ob...R.<S...R....."D...B......._............b....J*.....?..hX?........,z..|..MRGNQA..'..Q..PS.J..B.6.Sh../..J^.1._.......W5;....,(.....-..}..|.tZ..OH........Ic.1._.j.-.,....i.._...?....s.k..s....0 ....,..n.._..............}.BI.!. .....<:.H........+.#..?..........SC.B.f..f<.....'.@./e_...A........R.0/./.q[......[.....N./......X....c.+...?g.......}.......`..b...?....d...i.....~......o.......b...s.@.?A`..!.'./...T..24.....t.?....%.8?.|..e......35,v..t.....K.._CU.R...o.2.K(........>...."S.3.&...H.x#...B...C../E.z.C..?A................].tO.?...N.sa......2......;.l...o....U4...L.k....9.$...H.......?......:...._.?~.3.u.....-

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwa15ag.ch_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 337315 bytes, 1 file, at 0x2c +RA "cnwa15ag.chm", number 1, 11 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):337315
        Entropy (8bit):7.998921237943281
        Encrypted:true
        SSDEEP:6144:CvXGKl0MPibrPLOESIemdcwP57F+IuBOzG+RzcipVRH1KtJXc3xM:9Kl0MaHPjPemdcI4YzG+KkVqJEm
        MD5:FDF87ADE4BCD2152BCB1807FE5833DE5
        SHA1:C7921E6BD1CB008C205FEF2115D513324C607CF8
        SHA-256:C98EBA7CCC187964C3191DB1A9A49A4A3B41D8258ECDFAAF9E4DA2A268989F73
        SHA-512:458C7FD1106B9CA4A476088038A90638D21E278BF9EC7C26672ECFF19C37304ECDC1BC51AF910F53309A5268B7C77DE57314EE9B287D26C215B4E84B33B3255A
        Malicious:true
        Preview:MSCF.....%......,...................I........^........#E+o!.cnwa15ag.chm....9XF..[..... ...........w...............rw.wwww.w.."........}....!.........(.0l.................C..... ...3.g.S%..X @F..W."..h.......z.p.."..|3..}*....(J`..../.....?...@0......#.HX.....(..._._....._..}..............;.>........a..?.H.../i.o._.bm.xf%.....|..>._./.tT.o.l.....1..oq..i.:2........tr.@Rl.._..E)AI1.G.........U.....C.N.....S....#.Yt.w....S....:'0..JO....b.f..*..U.....?..%..#"8.%....5.E%z....F.@M.H.3....0.......~.......u+....C................?.2..K..{c......@.oRccm.0..-O....!.0..T...?Q....m....?...............3.R....4K.....[2.Dw........U....?.).......Y....I....?.........V....?..._....s...H.._..?.. `...^..).92..2.*..B."3.+.... 1......<.*o........B.c.?..n.J.1....?..q.j.....A.@..'...?...../C....[.s.3...:...!.....J!.......M.._./..l...W....H.%?...aET%.._.1@,.i...2..........mV..p..2[.?..@....?........\.o.g....y~........3dT0.c?M...(.I.......$........._Q:.......g...W.a........_

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwa15ai.ch_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 335675 bytes, 1 file, at 0x2c +RA "cnwa15ai.chm", number 1, 11 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):335675
        Entropy (8bit):7.998808670662929
        Encrypted:true
        SSDEEP:6144:p/sIHBe925ji0p5tHmSEJVfMv7B3HBj+i07b5OyY7txQ//eLuqbY+owZm0bdiK:VsIHBeMwJnnUd398dGtxi3+owZEK
        MD5:9132E1520E305F3249B82A086D890B1F
        SHA1:17E4DB9061933736BEE0EB077E8771094139742A
        SHA-256:7B282149B428EA202B8E4BF44E36BBCE0A4265F0500E0E58F13EC194A96CF16B
        SHA-512:19039F7B50ABF6D5A0012A42CA3978061A958B34176EB100ECB40398B8E8752D5CC8B6DDD5451836B9BC79680069E5E75C7BE8424D8587EECAB9A0552E5801FB
        Malicious:true
        Preview:MSCF....;.......,...................I........X........#E.o!.cnwa15ai.chm.#L..NF..[.....0.................].................$ .j.............y..EK..z..E.).j;j7..]..w~W.{....*[FT...".....3J..yV53)!..+ .....2.0.."......"..yW.;.T.M..$#...i..{.`....". ..=i^2.f...q'.H.y...q.Y......S..0...o........'..I...O.....C.......?......O.K.G4-...j..k..2...LOKG.H........../.I#WDDH.Q.~"...J._h......))........%.N.....LE.....?....P..w.l.,...E.....2m.).....Q.b.^..*......_......Y...?.|.7u ............L...!._e..d.....u..4F.....^O.=.....................Z.o...J..n.l/.....+.N.'....9...........%..8.g.rf..............33.0.....O,....)....^..........CL......Ow.H....b...3.<..2-...........A....w..8.0..._.XiP...Lp....1...g...<..~...#i.O.5..(...../t.....G.....x..i......1....3z5..aj.c#.._FAG.~.......{...3..O....g.f.._.8b...6.UZ..?.....b..........Q<~.O...$.<./.3../.n.@f...*h?h..G?f.............'^.L./...........w.&.q..?....I........@O....6..p.............UX.._.....#b........p.*O....

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwa15aj.ch_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 344943 bytes, 1 file, at 0x2c +RA "cnwa15aj.chm", number 1, 11 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):344943
        Entropy (8bit):7.99896393660871
        Encrypted:true
        SSDEEP:6144:L17QCUdmAcH5gvmpGLsGKjTbxt8GtncjImhZELYMlq/lQ1vwysXLDes6MGND:Z73AC5SUGLsGKDnBlq/K1jsXv6MGd
        MD5:118EA60F6B536AE5782F82BB92E5E5B2
        SHA1:6C09955A8B7C97053D1493E34F151F89D811541F
        SHA-256:883B065009771B869BA2977CEB057CA4EFBEF8962864C24DCECF4EBE1E5BFB26
        SHA-512:701ECDFC772CE35302885C91A4BD85D8B6F458A3C534793668B63C226D75D1928EED7FDF8A38E69A79997C6BB057CEDE1C26BE6FC8F7907E1CA7C16FA1EDEEBC
        Malicious:true
        Preview:MSCF....oC......,...................I........}........#EIm!.cnwa15aj.chm....5JF..[............... .................].......p..............wo..I{..6..DC.....-#.>.."...{....MQ.....(p...!.$..8.B....X ..".*...@.....Q...7..8x.._.s...T..J........e...?.....k......R..L....Mp..s..........?....]........w.^.........l..? ........K....?.,....?Xi./...K.%.-9)...?c ...[.|.....Y....@..m.o)I. ..m.r.RQGPEL.Q.OJ..&E]._...Xl ..A.5I.9...@.b....W.....u...........B......_...U...~.g..$.vD.7.df..R.p..0....P.?....)...b..OU..>....L._I........Z.sskcs......K...N,m...?...@.nRbb.....M.P../.......+...........................3._V.. .....Wd..2-..KYK.\..W......R./7....Y...}.e.L............&U$.._...g...$b......A...P...$u..~....i..~...3....c......_e.E.......-...O._...9......Cg..%......Y..?..c|..4%_le.P.a.N.......e..~...I.C..o..Xb..]?./....|.../C_...s..ka.<.g..N.P.....P...X.X.~.....f..4."-..g`$.. e....S...*.f.._<$..z:./Pg......Zc.4\O...UB.~.O...t..3It.?..kt..b.E.m.z..g..*...OP......

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwa15ao.ch_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 335721 bytes, 1 file, at 0x2c +RA "cnwa15ao.chm", number 1, 11 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):335721
        Entropy (8bit):7.99859875630728
        Encrypted:true
        SSDEEP:6144:73HV2OjtBQ1Fb6wmDrHxnSiShRd64pDHonbAme5OGr6a7ZSZUB/X6kGY:bHVDjXcb34bNTSDvDHmE5OGW/ZUMkGY
        MD5:ED5D7BBEA4F30CE7C93671CA66CDE5D1
        SHA1:6C4C0A4F3481B30ACB8D883BB7D6833811E7ED86
        SHA-256:64DC3E5D6A27CC1D54E96905B6FA804EBFCDDC4E2AABBAE6E29FC8247A86EA08
        SHA-512:D615FC5D5EC077E5FC80801D5B8E7C13D15DB104A3418A8F9CBD16D458D155F81270453A804FAEBDBBED14A2580D62AD3D4CD93A4B567F5C743F527151B56E20
        Malicious:true
        Preview:MSCF....i.......,...................I........X........#Eeq!.cnwa15ao.chm...M.`F..[.....p................................v.....4..4..0.r?.....n...._.w.>.#!..,.K^yO.f.y...`G"..6X.....B,`.%. .0.... .*.."..@X.......`.`.q}.....v...D.....$..)."...Y.........<..!...P#..8=.C....#W......cw6........p........I/..O.....C.....,.?......;Al.?.. Z..A.i./.O.2O.FLGK......c....vD\..........=.........m)..)&.).G...v......"..`.@..!.9M!=K.M.N./......_..G.M1.........X...[E..9..[..n.,..,...!..1.......Nv.....3...........V.@Vrrbn`h..du.Kj..r....i.-......o.....GJ&xdnvcqV.[....t.7OF..f.K..............E........f=4..3.....lA...I&......@.R2.@.....j......s1.;_c.....e.....v..[.....t.....y..K....o.*.....1.....<.~..@...Et...c.?....2.c.....f..[..$f...e:. &.._.a.nx2_.....f.^.~0.Y... i...,....5v;fi...qF~<j.j?.~..2..0=....$D%Jg...c...*.15....oQ7.........?L_..B...31q...C~.8f..?3..<f.._..2..e.f4.ay.............\....?......Y....Cf..Y...az0..YF........2.........z.a%...in.."5.......~%0.5....O.l.)\?..7....

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwa15ap.ch_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 313797 bytes, 1 file, at 0x2c +RA "cnwa15ap.chm", number 1, 11 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):313797
        Entropy (8bit):7.998885990067384
        Encrypted:true
        SSDEEP:6144:PJbFpO5Zl6OFr0pivioZdwxp9rG9urPJgOqvvl30rT:JFalXgxoYxfr0u1lH/
        MD5:9E83A7BA81E69C1EF84682AD701CFFDE
        SHA1:92C67EC4D25FA0D6956F10B2AF21D3C0BD5613A6
        SHA-256:B7A8A9AEB54CF4A1CCEF43C44DF6385A19C210134844C7420DF1C559C98F6D8D
        SHA-512:BC524A7CF5F50DA4AD188E72C542FCE20389AE3CEB7B2DC058B58DB90628B3C34B899BC94F764359089C7DB5B4AB32884773522301666D84253E79AA57E642F2
        Malicious:true
        Preview:MSCF............,...................I.......r.........#E.n!.cnwa15ap.chm.Kyp.dF..[...................w.wwrw.................D..F...............sC... 2.ah.<...f;..w%..b....j..._....T..."...o.Dt..."......."..h......z.....+.]A..S.4y...1=A...........X..".......#.@`..... ..._._......NP..-?.....7.......*...+.K.......`.........'.u......J...1(......>Q.h..b....T..B..U.P..S{_..................d.D..<.O.S.....$.GL......i......oQT..S...?\.\..O.E....'f0C.........?.nW...aY...3*..JW+^.5....C.g...?.?.I......Ojj.g...k....?L.?v...|...............A...dW..6..*.....07.........S.=......=...........zt8......e:.X.....d\.|.V..!..bW.-.pf..7..bPG......?..K......._.....?.y.........+....._...E...Uz?.....Y.si_._.;.#.....[...q..7..R..9...2...?../.]..3...~..n......./O@.....~.....@_.................Dw.e?f..o.E.g......8o.......?.....b\. .i..w...UV........m.`.2.....O.3.....e....V....."e..F..Bm-.......Q$.....?r..\.c.......C ......j.a...?...r...u.....................'.......(.......

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwa15ar.ch_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 329311 bytes, 1 file, at 0x2c +RA "cnwa15ar.chm", number 1, 11 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):329311
        Entropy (8bit):7.9989391626500375
        Encrypted:true
        SSDEEP:6144:cII+8U3BSRowhtf5B1m+RIN/hU7746TLaprr4hAGDh5faaUlN54wTKDXs:+h6Wo+D1mf8777KxmDG698
        MD5:5D8FC712D842449BE920533E9BED835A
        SHA1:EB41903BB0A34223FF3757222896553F924DD47B
        SHA-256:33F8BA6F11B90FEB4A92E655F48DCC569B11AFDDB53F7E7BB75DE75CB12AFA74
        SHA-512:C1B7E3938840B4DC600E2D2C79C701D285C44760C202E693D69656D5AE91C803B3D34B9BBD93C3A4473C5A157A3E29181EF4A3C57E69E5597AB22F29A92A0D91
        Malicious:true
        Preview:MSCF...._.......,...................I.......a@........#E.r!.cnwa15ar.chm..o.TF..[.....P...............wwwwwwwwwwqw.]......rwD..H.........c..!..NkC........d't...8.".....E.{..R.....D,....~...a.......... ...h........_........V.7.T4L..RGDQ....... ..S..........z.y....bN..D....j........H......?...P..t...T..........?..e../..b......D...a...._.....ZrR*.7......o10..:....2....<H..R:.@/..............?..u......`i......$....t.......Mm+A..v....M.../....Xc/......z.j..Qf..YP.i;".#Z:;..g.^h.B-.........?.?..1._.j...-.,...._i..?.|...Z..ssk.......7...n,....._......8).1..0_i7W(^.........W.....?w.]..p1PN.........~......33.0..r...y....S."<.Z.....:....G..yq.w..g.p......).c..h..........m.e..~._V..H.......B................I.Ha~.B.2....?.l.$......Q.........z_.......".......r.t.`^...z.G....g..?.8p....%...W.?.a..@:.O.4I.y..c6.a...........B..h.O......g..?..*...|C....r.2..._.M..~...+..6.w%..J./........./..s.v0.m.c..G.f@?...G....x.....4..a...~..?..?X./.....]"..4.........O......

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwa15as.ch_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 330539 bytes, 1 file, at 0x2c +RA "cnwa15as.chm", number 1, 11 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):330539
        Entropy (8bit):7.9988007810583515
        Encrypted:true
        SSDEEP:6144:X9Q3sn+HyjuK1pjSbbVr4sX+4oeYtqXol5AeqOY7/9mCWX3XeeVFihxslIq:mhyb1C8VA4vA1lRmCWXbiPslIq
        MD5:5C27D6E52F41C6743F554987CEA4F942
        SHA1:986BF7FB7D357AD131F0DB379AFEBF5CF33A11F9
        SHA-256:AB63F11AD9552B6CEC3D0446E50583E7E4C73E15D81AC6A2047A92D264CFDE95
        SHA-512:709D9E6F873C267C442A2A72F5D51BE2362FC18A5E830C0C129D632B97258D872A765BB65CAC89DD74204F5E637391DEA82409721AB84B60AB63564972007ED9
        Malicious:true
        Preview:MSCF....+.......,...................I........D........#EEo!.cnwa15as.chm..*.4pF..[..............................B.......]....pG5p........k.w..|_oK,.u.-..)=.;...W........3.~c.....w..{l.M..*.. .1..N.XD.&U"...................V(.....m.|'%1MQ..........n.......!...P#..8=.E....#S.........T..0......I..N.....=..T.p..?.....`}..{i....O...H5....b..oT.....&....$..............,."$.)y."o.../D..W...j.I..)`..0.vA...5..TT...q...z.J.... .E.0U93I9..?kSB3..z..g...X.O."...D...nX....dDg..F...^...+H....d.$.....Q..........{.K..*..g[....................A..[2.+{.'.u..b.....Y^..80..W.].O.."...,..).]...K4.....+4..T.4;.....L.....R.......`.2..........k?....?L....J....n....y...L...7..d9.h2..........:~.k.;=..1...~D.=..........O3l.(K./.f(.M..#......J..V.........l.).?._.g2.......o.S._.....i.<..S..3....`_X...~.`/....p..-./.3..ok>...q_......`1. ......4.&..........e.0.(....r...~...N....i.....-5.B.......#.'.w...x......C.....F.....%...m.....LDR......H....!{._a......:.f9.p..k.~[....?.m$..

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwa15au.ch_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 313797 bytes, 1 file, at 0x2c +RA "cnwa15au.chm", number 1, 11 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):313797
        Entropy (8bit):7.998885768087126
        Encrypted:true
        SSDEEP:6144:6JbFpO5Zl6OFr0pivioZdwxp9rG9urPJgOqvvl30rT:yFalXgxoYxfr0u1lH/
        MD5:E9B6253228B5980379720A983BF9C19C
        SHA1:B7436E1C7112F253436BAD0D16109BA68E30583D
        SHA-256:EDBEE0CD4B5BCC4F826B0C1373921DAAAD16097BACC5684D12ABD18B1B958685
        SHA-512:2E30F9C5E163E3D44B605B62631F8ED787A501D927771BA30771362CD837695601474045FA579FFB0BE155E10A84655C48C17EA634CC28AC5DFAE768DB94AB69
        Malicious:true
        Preview:MSCF............,...................I.......r.........#E.n!.cnwa15au.chm.Kyp.dF..[...................w.wwrw.................D..F...............sC... 2.ah.<...f;..w%..b....j..._....T..."...o.Dt..."......."..h......z.....+.]A..S.4y...1=A...........X..".......#.@`..... ..._._......NP..-?.....7.......*...+.K.......`.........'.u......J...1(......>Q.h..b....T..B..U.P..S{_..................d.D..<.O.S.....$.GL......i......oQT..S...?\.\..O.E....'f0C.........?.nW...aY...3*..JW+^.5....C.g...?.?.I......Ojj.g...k....?L.?v...|...............A...dW..6..*.....07.........S.=......=...........zt8......e:.X.....d\.|.V..!..bW.-.pf..7..bPG......?..K......._.....?.y.........+....._...E...Uz?.....Y.si_._.;.#.....[...q..7..R..9...2...?../.]..3...~..n......./O@.....~.....@_.................Dw.e?f..o.E.g......8o.......?.....b\. .i..w...UV........m.`.2.....O.3.....e....V....."e..F..Bm-.......Q$.....?r..\.c.......C ......j.a...?...r...u.....................'.......(.......

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwfcgco.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 293487 bytes, 1 file, at 0x2c +A "cnwfcgco.dll", number 1, 24 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):293487
        Entropy (8bit):7.99894945878602
        Encrypted:true
        SSDEEP:6144:JypPijzelzZCPDel9JNlrSPKHkKa+3Mp3uCOp/REH8cgnOyAs:JylZ8elbNoPnHi/aH8px
        MD5:A1E68F3E2AC37033D4955BBA7416F757
        SHA1:13188AA4E66DFBF2DD26EEB39EBF308059A970ED
        SHA-256:FB27123E647B21FAB286B784445D9EA4FF9A8822639D479B36F76E77FCA1BE70
        SHA-512:107938EFE0FECE51FB8F01EB31527767D79973B0E0BDB338F70994961FF5792BD5544DB6C0AF6D0BB5EC63A36CF6F858D15224BA827BAD4CBC76182BDFA76EA5
        Malicious:true
        Preview:MSCF....oz......,...................I.................;?;I .cnwfcgco.dll.O .>.%..[...C....."B`5.....m.k/...>d.;<e...Gv..+....Z.%...]..z_2`j..KH......~@....EZ.E... ..B:.UV...l..Fd.........._..J..{p..w...y.o.V}.I..90..-.B5...DmV.6......Z0..2..:r...Zj9...R5V....,8..`(8.@..Q.UY......;.s.....3..7o..Y3.....Vw..N-,..Nr.c95...EM$Dl...`.?...C"8.b.....~.!....0@.b.!..f.....Tr%.8]..PP.U.4....|..ur..u.{E.....m>....?z.RO.g'...._...;..RgT}..9...g...;...._U5../.....N...O9.M....u.A...=W...{...J..~.d.5\t>....5.w...o.e...n1..W.T/8F....#...U.T..+=.G...3lj..U....W..!?...K..t!.i.+O...k..ft.M.z=..0.G.{^(GN.....zj..:.xq-..P...WI'..X..L..TmH....~...?._.........]wwj...^.~....M~;.:....~.7]..4.....B..P..A>..|.. ...>..A...|..CP.^.%W.H\...{..]...R..8..z%$..Q;fm...EPd..)..:..).<28..4.....qR/v..n.h.}....jU.Z.DB......<T6}?.R.8../........|..9...s......H..2........u.V\.F"S.....Q.XO3p.>{..._.?..%.{6...*I....z....0.:4...=q.+>.]?%.....p.q.)..#.U5.R.e.uJ>n.+..+..E..r..n...!N

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwfdpkj.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 29773 bytes, 1 file, at 0x2c +A "cnwfdpkj.dll", number 1, 3 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):29773
        Entropy (8bit):7.992922433819514
        Encrypted:true
        SSDEEP:768:dyumKw8Cj7attQS/ZS45Rt03Gq6052Cuzt9GO4+v5z:dbmKw8I7att7tn+3C0DuZ9GuN
        MD5:1AE88EB66852799B053D72D6E2E4DFC0
        SHA1:E46CA3E86A2F469F6ADE94912B1865C826F28F11
        SHA-256:CECB73816FD6A75388B3D39C7A9CEA159E179C9AE88435B289E3B80B379B37EF
        SHA-512:08A95CD64D21FEF03CB0F2E52A4E02617F6918964D1BC95FB1DD74E12CF44B50FE4C87B19B1243BC56056F283E62528E836B683EB45DD63B874CC08FE06D417A
        Malicious:true
        Preview:MSCF....Mt......,...................I........F........5Bly .cnwfdpkj.dll...<A..[.....0..."S`$......^y.[.... @^......d...A.FY0.j...*..)o...6....&6....c...6...qP../..{[...h..9^...b......._.7.......c.........v...ZH|..z.F.'.......R..............P...'tX.2r...*.bH.....$..f.........7mw..4.............pG$..@h....}.b..XaG.Fl.........=....s...`.n.P..e.4.3.WE+.bY.W..k....&5.U...nk.(.\11....O.7.........vU.Q_.J=..[...Y...V~6.3;..81....?g..Y1.....>W.......).V/..k..b.Fw.wz.'.5Vb;.?.t...[~...GC...*..h.....g....N.g...n..J...U.....t.....O....a?.G....w.......Rc...........).C1..V>.vT._&....hdhi.....l.q.DUc....;.^.C.....g....s..l.`....+h..8t.y.T.0.@,..$..9.rp.X.0B......~......0%.*..|..................`.AS.G.....q...........|..s..v......W`RA..+..........</...W0 ....@=@-........#...*/U`...).d..-0. p.....D......<T`..x..*....=H.....W7........J.9..N.m...b..WJ.....7.y...U..7pX.........$...w......z]\.q+.....DW.............@W....m.`P... (..>`)m..:...s....%.YK.......

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwfdpkk.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 29773 bytes, 1 file, at 0x2c +A "cnwfdpkk.dll", number 1, 3 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):29773
        Entropy (8bit):7.992920210639304
        Encrypted:true
        SSDEEP:768:oyumKw8Cj7attQS/ZS45Rt03Gq6052Cuzt9GO4+v5z:obmKw8I7att7tn+3C0DuZ9GuN
        MD5:D68F8FE35CE998A92F1DC166195866A8
        SHA1:12F087EE6C89766B5260AC038C40A9A2651A5B78
        SHA-256:F71BA00E42F1F10BE0D475DCB3F51E95642D6C54AC30C6FAB76C49682FBB714A
        SHA-512:49E6E0E7A0A5A50E5ED51869782FD61907A9BCBD47D9A389F68CB48214ADF4C2510C4B3AAC94219331D7CFDDC724360BB822F7C5D4233755FBAC7D3946EA6CE2
        Malicious:true
        Preview:MSCF....Mt......,...................I........F........5Bly .cnwfdpkk.dll...<A..[.....0..."S`$......^y.[.... @^......d...A.FY0.j...*..)o...6....&6....c...6...qP../..{[...h..9^...b......._.7.......c.........v...ZH|..z.F.'.......R..............P...'tX.2r...*.bH.....$..f.........7mw..4.............pG$..@h....}.b..XaG.Fl.........=....s...`.n.P..e.4.3.WE+.bY.W..k....&5.U...nk.(.\11....O.7.........vU.Q_.J=..[...Y...V~6.3;..81....?g..Y1.....>W.......).V/..k..b.Fw.wz.'.5Vb;.?.t...[~...GC...*..h.....g....N.g...n..J...U.....t.....O....a?.G....w.......Rc...........).C1..V>.vT._&....hdhi.....l.q.DUc....;.^.C.....g....s..l.`....+h..8t.y.T.0.@,..$..9.rp.X.0B......~......0%.*..|..................`.AS.G.....q...........|..s..v......W`RA..+..........</...W0 ....@=@-........#...*/U`...).d..-0. p.....D......<T`..x..*....=H.....W7........J.9..N.m...b..WJ.....7.y...U..7pX.........$...w......z]\.q+.....DW.............@W....m.`P... (..>`)m..:...s....%.YK.......

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwilmnt.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 23127 bytes, 1 file, at 0x2c +A "cnwilmnt.dll", number 1, 2 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):23127
        Entropy (8bit):7.989582336870034
        Encrypted:false
        SSDEEP:384:msj0lbkaP6JybogYlwWwZQ6VosZcSUid6eLQupcBiaLIRfwEvRKFOrzc06:TYbdP6Jy09KWCQ6tZmiEezpcB1efwOl4
        MD5:1587587B3E5ECEA3A219FB693F340587
        SHA1:C6D2361BCE48A37C09C8F2CF7B7D263B4020F511
        SHA-256:A229AD8C422AE90377494FBFDC2122F4C7A90D0B15A787570B5E00CF5F0A4490
        SHA-512:B3C2611AD194AE9F344B4AC4D5F0E9938003A34F50891951AD8F98C1A40F59BA6B7307E140008CE39263B9E8883D6B9C68AEE4DA1B336A2E851F77004B30D8A0
        Malicious:false
        Preview:MSCF....WZ......,...................I.......o.........k3QS .cnwilmnt.dll......>..[.....x.p."S`$...............\*.r.*...L..4S..e.Y.$....u..'....cb...M>.|...3.P.=.S.....p>:@Y........\ ..#m.o...Hgt.5._J...kk.....|.....F.....>...].....6...d.[....b."E...jkZ@......6*.E............."*".......2.S.V.@.tA...A......X....d..`...D.2>....T..(.b...o.QjD....Y.,U....>.S>o..z=....QP?...b.MSy....j.OO.....sn.......{6...>.G...[xP......G./.....-...x..\.'.h....u.{..;...w.H..qi.zr.d).7..S....q:....1...2_.k...r.......`...d.A.....p.....^O.5.....%..21..~1eg....8.O.vV.......g.."..l..;.[....w[.AYH...j.do....1ml..Cn++./.!u........+A..w'.......C.l....................&F...K.%....?.hG.5.[.l.?y...q"z..=m.`.....O.+.k.......6.M^<c~..C...i.......c..=g?}#-..sp...L....+....'...f..6..#.+..BIn.v..?......C.#...3|.....N...X5.6..l....4..3bxU1..:..u.A..l.J/./x.X.......P.o:.Eo.as.x.Ak8.A.&.........}/.=A?)...P..*.....I.A.-..TFM..v.../.'G.Y.....9....H.'.i.r.H.....b"..l/...M.BW-.`......b.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwiosif.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 32001 bytes, 1 file, at 0x2c +A "cnwiosif.dll", number 1, 3 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):32001
        Entropy (8bit):7.992945541803935
        Encrypted:true
        SSDEEP:768:qTyvSwNiejjDU6JLHnB7Wlefy3MbghRoH31Lky64m/w:qln2jwmnB7ah7oHlLky64l
        MD5:A4C527C5966E356AA0A5643AF58EB946
        SHA1:93809657A1BCB0A9AF605704BFB882BCB955A124
        SHA-256:5DC3D610B755C9DC3FDFC7E46E59C7356721211E03BA73514301ECE27107F68B
        SHA-512:A625789F888385FED86943E773A0C1BAF812DE95760909C6720FAABE19B92903F4194FF6DD4E4DA635924A28F4382E66AC7395E65EAE600B03D0EC1C62E34CBB
        Malicious:true
        Preview:MSCF.....}......,...................I........P........T@.R .cnwiosif.dll......:..[........."S`$.......$dxd2..i..HG.P*..t.L.)..M.~jS.N..x.~...c..o...v......L.T..|.....a|t....P... ...>....S>....w^.r^..y..%Gbk.}#P.6.j.vIt..>..NR.>..9j..w.I.......k..I..Z..F1.Ik..Z.......}....3S5DU...v...18...1.s.c.$...5....._......8.....].~....c.5i..;....~w.\.....%..j....en....7...........L..~....=...........1ovkY.....=....~....t.....g.n..z..^..i..6....i+Mo*..M..Qb.,.+..2..o....d.k.C..#....>v[[Bq ..t...`L..a...R./..q........M....d]..^....:...;.J.C..+..E_ .}..|..Ky.64U;r.r..AcS.;.y...q..S...z.KY....R..7....g..3?.R-Z.>..g*!..lfe..c..x..6..F..d#.l..F6....+ZeXy.t.m.;P+..S.....cq...[<.L..0....2.f...w.4...X........9@.W$UNGe.$.uD.O.........!.?.8.D.7..a...)..*:e.S.i!`9)W-...#r...?.....c....Po3308..u_.....|..5..a+..q3.u....]....+....x..5R.t.8sa}.....(#.Pnj.....eH..=*.....6]...+rs..5.0p..+t.]:...y....t.!*...jC.|hc..,I5Q.a.O.3........&W.k..c..GP..h.........hT.........BP

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwiwebi.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 36557 bytes, 1 file, at 0x2c +A "cnwiwebi.dll", number 1, 3 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):36557
        Entropy (8bit):7.994017344752932
        Encrypted:true
        SSDEEP:768:mAebvCHuZCbFWGD9TSPoQFaugBkUHRJl4T0wOJdxGmdcB:Deb/dPxRgB9rfJdxxK
        MD5:C911410195FBB6634BEBC484A1DA54C5
        SHA1:D63EFCD05706A46C9B4EBFE63829BFB731C75CCE
        SHA-256:8EB436A0B176F35C1CC17B6A7FC46C7F879D41527FEA16099F1BFD14B63B4CF8
        SHA-512:A4E93D2F4704D8144154A35DE7CC07843F734E75BEA06159FFF9C82177FD42F3D8AD826402F08DE17A775356B6E7B7D157E13ABD6CE020283669A7C181CF435A
        Malicious:true
        Preview:MSCF...........,...................I........F........MB.q .cnwiwebi.dll..."..D..[......{.."Sp$..~.....R.FV.F....0O.J..0......#....Ss......>..6..yC..;..`...."6P..G...?G0...Q.......;.....^..0..4./y.%.7Xy..f%6....n.y...-:.....:.7..:u.....l.V.b. .dE.x.ll.m......X.V..%.... ..C3@FF.....%..H.i..L..[H.".-..]|..u0.m..c@qbF.......z..(O...xN.4..f\.l?.%U.v,.M...6S.m..n..N=..)d...7.~aX.TK...(......s.3*.<..7...Q.T^ij.g...r..IW....%.i..koeVie.c.9..Hq+D..^...u..P.aJ.....A...?..w..Zy"v.7<.Eo.%.K..5.>..e&....z...7.{ O....1.n.....}b...^]3:{.`{xU+?..W.l..0A.^..........d.m...i....Wu7r.\z9.s.1T.. ..TF..l......k..KY...X;HRO..............0L:...y.......b....umPTirL.9x.!.27.]o...A.H$.Bm..wg..NDb..Q%.1.#......bX.O.....%!....U*........jZ...q.p.J.@FH.?Q...X..lp..q..C.lz...$_I.z.H.....\[.......z+4.Q>z5"......<..Y..>......1...Seh$.7b.P..P...._d.-9...qW=C.}v;gU...?....<..X..[.*.=.6I.4.lP.6...pF..........&..J....L.d..........U..z..K6..:.J..pP.}.T...P. $...].@6..t..@....)..

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwm.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 534969 bytes, 1 file, at 0x2c +A "cnwm.dll", number 1, 43 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):534969
        Entropy (8bit):7.999490909042536
        Encrypted:true
        SSDEEP:12288:xRN42N5aLzLgmbPLN7mB99oC3aHNZDlimv:LNdmLndoBctZDlRv
        MD5:02C9F5B25F57A3AF2051F3CAC965CF48
        SHA1:F00F4E8DF60FD22FAD66D41E9A9F1E70DB3FE671
        SHA-256:0D4B2625DE17CC08046CB3E07D34215C9C9D494BCB93E8C51410D17E9A6AF3D3
        SHA-512:D05B6FAB3F70399870F5399A9EE3289F6EBF56B344EACDC3112B25614270FC701C6417EE51217BF9F38D561C3185723A2413A7704097BD010EA56E83965382A6
        Malicious:true
        Preview:MSCF.....)......,...................E...+....t........!E.x .cnwm.dll.....f)..[.... .=q..@B.3#.P..X_1...'"..`.2*..[........>[.H,.5[.5sM.....b.#"......C@i...... #....@T...S.6".w.........<...H...''}.]Y]@w. .l?..%.Wv...h.....|....G|V.=.,~W....4[..z.l.....l..%....*1"".+f(...}..Q;I2..VH..H..AA...../.;.='...K...YhJ...O.S..5.'W_i..^.>.r..s/-d.h@wR..4..x....y..Na.a.HR.f..HO.....I4...O.}UV.i.._...O.R..t.9..J.V.B.zn-.<f+...v.J....]...6p!....-Q4yIMLf/.sN..T8/Md<....2.q3.F.hu..Z....Y'*.3../.....?.Z...#5$[.'.....(.......[l\F..\.@..@c.Sg..H...G......S...o.i.\XW...^>e1yz.).....j....9.4..Hd..i.1|....:.F1.T:Ru?.uV........._.|]......gl..?+?.>.`*6.@..8(P.......0.D..{.p........5PT.SA...5.U...........{.p...M.LK.e....6.m.|....8`Q.*jPt...X..`..n(.h=07.o.....>..*.@`.....a...t..L.........np.........g..>(B}.h.{.7 m@....p8.......Y........._....w.H..:...#.-........&5.^....P..`.....j...j..>8(xw........`.Aj.......P>.(..`.8...`.h.x6({.nP......z....-...q...h.x6HW..A....!...poC.z..

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwmui.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 830305 bytes, 1 file, at 0x2c +A "cnwmui.dll", number 1, 81 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):830305
        Entropy (8bit):7.9989076757606625
        Encrypted:true
        SSDEEP:24576:iBiM5zfnh7GCcd6ee0NPfFinTgxEGhYH62:iMI8Cc0eRNnFiEeVH62
        MD5:A01DB86933CEA3A96D5A1DFDE1A1C29B
        SHA1:1A9FCAD35A7601825E1CB5B5AD95909F5FE3AEEF
        SHA-256:4AEB508029582B25A0E0049CC116569519B832D094783E5D0B7EE8B02D110C54
        SHA-512:33DF27A99C9B22E23DEE40339D3CF918A6B61DD226E2F8A9AFA65FAB81685D4BD1B3E70D5C64F4F152F63CF5196AD184BCD4E5A0CB27A1EFBD36B2C9AC0396F6
        Malicious:true
        Preview:MSCF....a.......,...................G...Q....H(.......!E.x .cnwmui.dll.]/...'..[... W.q..@..5..`...OH%.BNF....*.o[js...[E.5...m.\[...B.....!.B}D.....!.B..Ff1...?.._,..;...I.....{.K.;7a.y...5.......h...:l[..-94.P.R.$.aR.*..X.....!..**......T.....K.VR...3CED.e.V.w|....|....,&...%5".!bm..... E...../.0.*.H.......^.xE...3fuh.#...E..x....h....^.zu.K.g.....7.'.gz..S.ks..k...."%...@Y...Y...$.....j2+Wg:._...6.$w&*+=r<.k..!.v..$...I&....{.W..-n.3D...G...XZ.I+.y;...9k..-.I..`{.....N?.......z_._Hg. H\....X:.1sQ..>M..M..+.sX....e.`.T...}..&u].:.."%...1.n...+.)(...&...#t.~;.{...+3"..j.....R.W\;......#0laig.@..Q......Z..g.S.W........U...h|R.I......$.}DE5M..u.swN...#,..,.J.-H..EYW|X..j.OE#A.+l0....r...o.l.qb.Rx83&.*.Q.....uJ....t.f.a'Q.c.*r..`.(...,.....)QV>../.)......].K$j.#U.R.[....Z...TH..X..Y..hT.E81...PJz3.'.G.8._.n.f...O..n.~.J/da.S....*.ec.p....x...jh.".(&|Tb.:...#....y.a..?3......^.\..].....<4@.3.J.5...7...N.V..a..E.SL...=........n.e]....T{..$$..RE...

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwp0rsw.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 366459 bytes, 1 file, at 0x2c +A "cnwp0rsw.dll", number 1, 33 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):366459
        Entropy (8bit):7.998605806277512
        Encrypted:true
        SSDEEP:6144:evLwtKjDVQCZbuLLj/NEVXdWpOj4dqYJ2HEqbOi8LHG7VGOkc8SXNx6o5nR7nCfl:wwtKH1by2J7umObHG7VGOkcDxz5nRDCN
        MD5:D5051C078B76AE4191BD453D80832168
        SHA1:E17AB0A968105B2554AFCDD229B4350E1F15447F
        SHA-256:8A35D7326605DED72C7535602A03F4240BD9FE2043EAB94D139EB3D0E2C1EE6B
        SHA-512:876EA0D44D161F4E1F2F7233181AB1AC637B98D29F6000DDC015FDC8E216DB3402A4DF96127A0663D6FD3995DF3179AF20738E8D3EB2D6CC253A5AF593EA1166
        Malicious:true
        Preview:MSCF....{.......,...................I...!....b........tA.m .cnwp0rsw.dll..T.....[.... ..q..0..3".U...Ov...f.....cTE.X..2.x....l..j #^2FHd@ I"...*.T.@T.....z...D..@A..C.5#..`.......}+r.v.. .*.;[...N.0^...fC}.-..n....k.f.c.j..K..Y..^........t..q."'';.........(. ..}Kr...&..R4..f.`....W.t."[......*S$....}..wyY..<...U;v...X,....5....H.......pH$..0.\.........P3:.A...'...L.o....f...v.v.....~..k..Nr..Y........ly.E....5E....0!.MM......,...d....u..i..~.../Tdm.=...B).f.%oc-~.v.<.f...m..v...a>g.L6."....%.a..A...&....Nt?;c>..V5.H...N..omS..v..e3......6....,..?(..>..xr2.}..._...v..vI..=.......0d?.n=.~X{..(.1.......M...4.j;..pt...V....?.?.=0{..u.X2..^#.... ;.79..2..vIn.....i8...@.._...>.".u.H..........[.G@?...@7..+m{..3...]Ss.-uw.U.K;y..|z5.s......%J..D.m....:"..sP.O2N.^~q.Qg.h2..q;....i..5...2..aP8...g.....:.M1..7...,...t...*a/4..@.F.mD..d]|...~..y'Esu..(....".O!.....3.`...C.....C$1.M..|CX.2.'.K.Q.....j...;.+..B...u........f.S%...h....[....T%...u..QC..L.g ..d;

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwp0rsx.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 88555 bytes, 1 file, at 0x2c +A "cnwp0rsx.dll", number 1, 8 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):88555
        Entropy (8bit):7.997258148887372
        Encrypted:true
        SSDEEP:1536:AYlLwZSJ6j5VGMtNdJC02NvH//BSA22zUt5HGdXk1tM0Y+zg:AWA5Vh6V//ZSP1t5H00XM0Y+zg
        MD5:4045477A69CE205F12C699DE134347AC
        SHA1:35EDE5D4E51D9BA0A0CD6418E7446C72E3AFCCF2
        SHA-256:D4D997DA9ABC9BCBB1825FEAEA5331359E1D88DFF88EEAB7FCEAC2D17FCF335E
        SHA-512:02000D76618A32C1E21743054D2D2A03740677C0A6DFE3D84340A9296EB786C1E450E48A6D1E179C1E7ABB8A56C647B622DAFBFF01DC8620D15E868643305FA8
        Malicious:true
        Preview:MSCF.....Y......,...................I.................B2.N .cnwp0rsx.dll.. B+v;..[.../..a.."R`4..m...u[6...[....p.{`..4..im]...5.yHV"gR..4u&u...?...{...|.....m..]..P$...*....UdSe%#.p..........I.......K3.N57o/.9g...{K.:I.)."E....*.N.(...|P....l....-...%....V.....@c..&I.5.B$.T4WGW..~....w>7w7w.s.....9.d\...e......e...X..Tr..(..."..R1..E|.*"S...XC....z..;.0.......o-..U.M=..*...H'....XKv...$..Q....%n..o...bA.^.....xm..tq.6.M.k...>I............q..._.k[.....~......g.=.v.....M..`m...}d..*&....-8.......Z.PO.,,.....x..Ds..y0B.....I..Y..~.....o..k.I..W...m:.;....%..v.IMd/....?Z.-..........a..tH..-.b!.Io..}.........&T.=....(..Q.N.w@.i.Jkz./.y...v.^...E...`5.Z..1.}..P........ ..{.{ w.....P.1?...9t7.C...?.....U...h..J.....Jz..?A........g......l..v_M...~.[...\Ok...j....,cbKVr..F...mM.....oI...eq.}...\.....:....`.V. r....T.5..~\/zX......U..w.2....../\...3<X#..p0..........We..n.*.u....V..L.\y=f.m\......U...I."._...EkU7.#..kB,.BY.*.G....<Q.5........C...aO.&.6..a

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwvprev.ex_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 366693 bytes, 1 file, at 0x2c +A "cnwvprev.exe", number 1, 33 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):366693
        Entropy (8bit):7.998721235483907
        Encrypted:true
        SSDEEP:6144:Nn8lWmr8vkUKY+eHpD6qB57cI6l8SXBskssXrAImHSscnhp2prIm6lY2BUvxhO+A:NKWQ8v/Tpx6I63sbAfhABB6u2BUvxhxA
        MD5:F699523E9624142F0AC025F74848D24E
        SHA1:32C288D465B80B69BF56E8BEFC6D66A0C05CE049
        SHA-256:E22153A39962662EE21BCB13EB5CD3BE63E6FF201204818A9382683CCE94B925
        SHA-512:8B3007BD486F34F0DD1EAC1AC40A075DA0FEE981818FB6CF81D82D8632F4C8E7032FEFB91A4A366A8A5A80E1B7E300786B89AADA59F5B4F22D3FAC0AA932866E
        Malicious:true
        Preview:MSCF....e.......,...................I...!...8..........D.. .cnwvprev.exe.2.Y..4..[...4....."R`4..o...nu.O=.-...2K..)..Vm.V.......G.T..YO~nc...(O...=..x..A..f.4P.R...X.....T....X.........l'o.ys..zw:.y...f..>'.....w$KB..N:YY*%.<....R)..e..~.k.,d+K1b..e.[1.).[.T,.*..QBK..4$UE.V.V..{.w7.k..y7o.f.....J).%...*UX. -Z....Q"|>.........R.v..Q...2jj..PG ..=h..ZB....O4?&.|...;.Z...=..F=._R........~..E.Z.._..v...U>+.h..3...[r..S..{....G...q.F...PK?..'s".......^..{{...ukz.B=.=......+L..U.X.bu..5 0k....Jh......._~c"u......T.u.3..../.j..\".._..<.3.OO. ..'........^K%./.Jzt.e...Lr..7.k..>U.6..EzK.z.`...G.No.d...cU.H..[)u".'......*_..;Bd..}br>F.E..Z.%^...v.g7^.'...G........~....~........~..K.s`..h..P...`.%f.K.c.....j.#.........n..Te.a0.f.`...Zb..TmoVP.......OU?.}......:.*.X....a....e..s*...+)j.......n?M8.Y..Z.2......"..Z..V.B.....q..3.D....7..l.I..].<k......0.TM..o.....k.:]%.B.L......|Z@..!:..O.Dw+.w....G.D}..F.8M...A.M....!......,I..w....K]=..PC..B.R..z{.P.hx

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwvr407.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 209131 bytes, 1 file, at 0x2c +A "cnwvr407.dll", number 1, 70 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):209131
        Entropy (8bit):7.9941214372415335
        Encrypted:true
        SSDEEP:6144:99gj5fUfDg1wMaEzZJZxy4aqEeyB+xJKV:o5fqowMa0HdoVBWKV
        MD5:60E6E8F8FD2B563AE79697390F159573
        SHA1:6363784FC0E84E4F232697F2B9ECA73B0194F0E9
        SHA-256:D8D63402D32A24C6934D96E4B706E99240271C7331B554637EDD1276CDBFED98
        SHA-512:68CBE9A4F52A5B670687401C73DCE137343A30B7DE3A3BFA39AA56F39D8C2B85DA74C11D8F5AAC1FC659B9D1C7877D2D8928C90C913A625FF72909E27D3D2A36
        Malicious:true
        Preview:MSCF.....0......,...................I...F....."........D.. .cnwvr407.dll.kW..J<..[...%....."RP4.......n...t.l]V.+.].U..j...#..Xce._ZH.K..y.@<.(........RK....e.;!.=..f.f.Ce5".w......,?......9o....>...}.....y7..t.I.jImv8#.Mhj.6.M.V;mM.M......r.......4..3e !...j.eH...........*...}..;o....3w.z...ER..,[.ma..!. ._....(.....>....P........8H....;.W.....2.p.!.....M..C..6cY.Vn4..p.....u.w.`..YY=.[..r...s.U..j...b...M.....N]A..z...ku[..M.K...^.7k...v....R.K..O../G./.c..q..f.k[lR...R..r.0o~..(.%......[.7.'.).......G%...wf)..=.V.:..Fj.O.......xopo...V....=..f'.W.+....3.M..p....U..j.@.\...7...KT...*[...7._c.X...]l.\.r....'aZLJ...W2.d.....*.}2.d.!.s0k.ac.D;..................o...+.,..j.3....v.&.mb...A5...........A.-....i.75....lr.L.8sq....\S.v..ZT.h.b.$.XX.....^3i..V.....d.q....HM...._.*.(6.L>.)....,.C....Z.j>K.....a..[.I......yJ6.......g.R,.!.-A)..o)..5.....h5.o0d.7.>..L...`..A&...z.;?CJ..i...].vc....L8...C.%..."F.e.L..pf#1&.+.............c

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwvr409.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 208855 bytes, 1 file, at 0x2c +A "cnwvr409.dll", number 1, 70 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):208855
        Entropy (8bit):7.992997849951143
        Encrypted:true
        SSDEEP:6144:gjl0v3RF2uDm0lQfjsR+vxIcaNaAM9m7Q9LXPf:qG3R4+TKjsQxiN7KbX
        MD5:DC5E66288EBCE5CB681B340A793163CB
        SHA1:4679225C5F101C7C7E3CE7D2B7BD17E576C17954
        SHA-256:DCD6373F69B6494E495270DF363DAFE40A2E8F927CFCE42718E4C0D735912885
        SHA-512:A983761566F6CCE429A5DF69D968D0EBF92749789150431F945D5D005F838AFFC2AF3ABC37E9B86C704E9815DC1D2F29E108C7BDAD5CC5E445B7E54BBECAAE9B
        Malicious:true
        Preview:MSCF...../......,...................I...F....."........D.. .cnwvr409.dll.....X<..[...%.P..."SP$......k..$e`d.`$.(P..VN.i.eE.0......w..).~...6..`...m.....S0..........st..!.".....@.........7,.us.........~...y....ImU.t6@.......6z.....ik.lj..I*=..P.T.L.M.Zz...$..2-..YA.....r.T4VEG........;e...3.r9..p$O#.U*.JFU.1........".....A........r.6.@...#.....;.......4..A......j..]..9.pV.w..Mm....s...@%.Ya=.[..p;i.[.U......f.....v..m......r.......WQ.y..u...u....=.]Mz,..<D.....\ORwS......l.K!..f:......fr...<c".....oOO.)......Z.;.....\.wu|...t...{g...>...a..}Z...:.l...j:U.>..J?=.Z.;..6...jYY.}X........;X...'}m..........|..%....u.V U..l...m.u;!.Cv.h-`....V.Gw..T.Aw.".b.....FQ7..n.u...F.7.Q.H[...UR..j5.=.].].$.L.sb....y.D?..c2t...KD/sF`..<....&i..1....6..D.*.E....wL.{x.{..d.T1k&....L0.b..8.!k.j$O......j.(6.PN.)....,.C....J.kO....~.Jk.....J.-..H.....p..T.O.......Z...)..p-.W.1..._j..x>\..a...9B&...z.;?CJ..m.J.].v{.....8...3.5...F.e.L.d.f+A6.+..z.......

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwvr40a.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 209105 bytes, 1 file, at 0x2c +A "cnwvr40a.dll", number 1, 70 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):209105
        Entropy (8bit):7.9938171153685875
        Encrypted:true
        SSDEEP:3072:PRHU7nC/STrSoUXNSCSpnMOfHy57lghfO9BAi6RLNepD+ARKWf7cU:VU7nCIr+YthMOfHynYfO9uLNepFj
        MD5:E043FEF77D117898E65AF383C8B3F331
        SHA1:7AA136DFAE0A1A49114ABBDCE76416F05E907E93
        SHA-256:B35DE4C305D8A685ED4CFCD312E3CF156059DD19D2FEACC7BD94D324D3D6A48D
        SHA-512:0B85BBBFF003B4574531A952DC6DEE52A166A4F4312D7ABC180F224CE3CBF167BF5509FBE45ECCC7E656460A44B52B3B62DD781C4FABD32A2DDEFA8D8EA8C398
        Malicious:true
        Preview:MSCF.....0......,...................I...F....."........D.. .cnwvr40a.dll.....L<..[...%.P..."RP4.......nj..t.l]V.+.].U..j...#..X.e.....Q_.#....O).....(..........NXB.f..U.PY...]....y..O........{.......wR....m..L.*.0.@'.UO..!......TR.}H.TC..!.VI.5...Z...zZ...@...a.T......U.X.\..>...3...3w.z.......lcc.......".<).".....A...G.?.>...`#.....p...#p..p0..S...0K.6...>..n..5.j.fk.~;..m...W.[.U.U.!....EUX:.R........9.T:h....9.I...|.o.X]..w...f`..w..^..}W...R.c........z.......}a.8...7.........P.I....~..(.8.O.D.z/....3U..oW....Sv....n~....n.w.?V`3o...k).X.........N\...Q.I.......ZU@....7..K.y..S5k.M.-..[...[...6...8G...X...I....wV...N..U.qf.V.......h=..V.6.1..n.u..FQ7..n.u...F.[..H..Q..U5..ki.E.i.O6..b.1..k..~...\...~i...N..z.G....zm.9&{..8.Z)./.o.*T0-.K.v.c..S,A...Dq.`.YX..._p.B2.8$`bk`..lkAu..DiJ/.. B.p...y..!.>j.J..>O.a....uW[.I..x.&.yJ....g.R....,A!.-O).....5..9.ohd.7p...A..l..u.`...9.&..;.C..?eJ......c]=v......C.%y........e.K.B....r..f@=~..h.r.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwvr40c.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 209189 bytes, 1 file, at 0x2c +A "cnwvr40c.dll", number 1, 70 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):209189
        Entropy (8bit):7.994079236228132
        Encrypted:true
        SSDEEP:6144:xzIDMdw/prx7fiS0Ln7KtS3va5ea7Zb47xkucLZkWJ:xzHw/prxl0TV3va5eghOjmuWJ
        MD5:DB14138E65FE820904E805C609CBEBA7
        SHA1:8CE2392AAA3967D4FE0369DC9204C692C10B936C
        SHA-256:726F61428F86E711F98AC6C66CA6847E706595DE015549DD0BECAB7381CCE6C8
        SHA-512:70FE0182340589A8C0A27E6415E4D8B713400EF5F5D8C56DAFCD39738F1113C71C48E6AE96C90BC15273675038F045DC1CBBA827F14738D040C7841947A9180C
        Malicious:true
        Preview:MSCF....%1......,...................I...F....."........D.. .cnwvr40c.dll...%.L<..[...%....."RP4.......n...t.l]V.+.].U..j...#..X.e._ZP.K.....'.........E..0....NHB.f....P...b.......W.d7.....s.....gf.+..R..w...Mm*.i...R..N..&....I7YUO[.dS.>y$.P.sr....39vhV.g.@.R.Z.e.!8. T.@F..........{...{.]...U.7...Sd)JeQ...)..!.DXA"b..Q@@@..C9#.?.r.8..q.`.l....p...Cp..p0\.2......6>..>..n3e..jSE..[n.....nP.o%RIhVw..Vz0....U.5*.--[WP......^[=..]..M.u..k....K..O.3.......v.Q.K.../O...../.#.}fs.....[.Q........7.LG...~L......)......G........7..K.y.KtM.w..>o..;.A....Se.^...r...".|.rj~0..A?.iM.].....V..B...G.i.}^....Q...?...._.b....Ru.9..B..,.(mV%.h9.;u{e7...M.*.S....0!.s.k@a...;...................o...+j,/.R.z.v.&.l....b5..=.............Al-a.7....5d...j.9&{..8.Z).7.o.*T$-.K.v.c..S,I...8q..Y...Z_p.B2.8$\ek.6,......(%....!f8...<...M.5f.q...s0..........{.0%.....).TpO....w...A..Y..WT.G7.r..8...xj\..N.;-....\>.=..b!..0%E.B`.j......S..?.....Q.b."...%....J...r3...?c1p9i

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwvr410.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 208585 bytes, 1 file, at 0x2c +A "cnwvr410.dll", number 1, 70 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):208585
        Entropy (8bit):7.993620857336771
        Encrypted:true
        SSDEEP:3072:dS7s91sf8UwKE3i6lKqEA3IVc7KvVGlrzvRW+FK4lbYUHxVcNt4DfEtcTBV:IY9ifhwK4oqzIVc7KNGhg+dEu1XtV
        MD5:45C98AEDC3C53BBE99312884A375B225
        SHA1:F2E63B70E7A21170E34C76BE92BDF3F8BB24DB16
        SHA-256:9A18707C051B1454C573DDED4A49987259324CCB8615267CC6316D505C8AD5CE
        SHA-512:28BB66BFD581E4961A59D1B9DFAF5469C05588E8D66E2CC64B27A72FA26D7443A52C4A895DA7D69A0E0133F777FED054F3837AD30A9EB91EE60F7E7105CABC3B
        Malicious:true
        Preview:MSCF............,...................I...F....."........D.. .cnwvr410.dll..w..L<..[...%....."RP4.......[....l..-W.K..k.i+..5.Fj.........Q_. ....xOQ(...D9Y[K-K.+......kV.KU.........?....ef.....w......7....*..L.v..&......$...2H...z......!H......I.k8r.:50..j5jH..V..tP T.@F..........{g.~{..]._f.....~$O#.U*.J.T.1..!.bZ."@D@Q.@;..C.#.?.;:.0...a...Gp8.V..8..n.7.....X..kuG......].t;..v........*!.j..E......-U.&....z7.'..J.....{A.6......m=.6s.k5...}k/..J..J=,^.z@..<..]..RO........!l.G9..I...r..v<....c.%^.|...'J<..S..0..w.UP....g.{..tf.....7..}..p~.s...k.5...zD..OS..O%{t..gP........ZU@.....7..C....Sj.p.s[.?.....Kl..v...9G.S.W..s.6...4.......mc.&[..to. .L....ZP....F6nn..66nn..66nn..6m{Gd.[(a...KL........$q...5P..?x.D...c..D.cKZ/.F=.cM...=.....h8....k..J.L....].+.....1d&Q.k..&.z......".IW...i..-..]..M.b#B...N@. .b9D...,4..fn..[.^x...x.8..R..eb.x........."...r....A+_........?.z..S....].......h.7<C...3..h.(.`M.%a7........{^:.[,f.PV..B.c6.d...L../...\..

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwvr411.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 208889 bytes, 1 file, at 0x2c +A "cnwvr411.dll", number 1, 70 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):208889
        Entropy (8bit):7.993417600793722
        Encrypted:true
        SSDEEP:6144:cnt0aFmipyDmdEaidlCDd0i6BKutUuh1/kxB/gEo:cntVRpyDQDWXE0
        MD5:B06A86D47E83969DD21FFD90AD56330F
        SHA1:2DA3E55FCBE4683E1279B0695D647809044D944D
        SHA-256:10777592D23743C9C0DBA4475B1A88178554CBA62080BDF38874BB5535440672
        SHA-512:D24C5AB11A8229A43C52EF252C517D14CB0F6E7C6110BA86F78AAB845688ACB37AC78D111DBB8F02F52F40797951FA92A1D577ABCBD9783C1DA2CFDF6120DC5C
        Malicious:true
        Preview:MSCF...../......,...................I...F....."........D.. .cnwvr411.dll..j..D<..[...%.@..."RP4.......nj.:u.l]V.+.].U....Mm.Z.2._.HuT.%..........A...RK...e.'/.sX...EnTg#2.X........nX............~.Y...I..;..Ta......=..T$.....&Y..m$.]...#...*G.IS=.u.YR=Z....j..Z......4.ET.V.F....;....e...2\u)..hd.JeQ...0....L+RD.h(.....thvD......U[q..........w./...9a......j...S..NXXU.=.....+.nn..[.KQe.b......]c..qu.vM/_YR....3.].q./...6}..sZ[...O.+V.6....K..y......H?._`.._.O.^.~;..........Os5dlY.r.v<....c.Zo.E.S......).Q0..7..R.........&... 7....~.{..q9g..j....D..PG..O.}...0..di.....JU@.^..X.h.....k.z....[............9.....H.....W.o..x..j@d....].R....lw.....^...C{.................H...VQ.Hf5...mMO....72..X.P..........9.-..L.q..&...o..$.5.j.k..V:...W.-*K,v.c......g1...[3..d{.i..!k....a#S#]....h|T .S...0y...:..X...a..._..L.`...WYp.'_..eGT..Y... 58...K..............t..8;............e...Bk...P.s.M.l..9q..)+.#.IX.u..v.n.w\M._..{<:.[Vf.P..6Bfe..L....../....h..

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwvr412.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 208995 bytes, 1 file, at 0x2c +A "cnwvr412.dll", number 1, 70 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):208995
        Entropy (8bit):7.993823973394391
        Encrypted:true
        SSDEEP:6144:dAUl7X3Jskf0rKaWcbZYPWSwyuLiWCUUiB0:dVZf0rKaHEKiWTUiC
        MD5:10BAD47E7BC95D7F0EB12EC579711089
        SHA1:BA4B86E05A3D121D8EF4774AE3351060EDD5A32C
        SHA-256:2A3E9762207CEA075C15E99723D4D230A49C22EE6C492C122DE096E5B1CF0C14
        SHA-512:7F9634BC3C7004C8BEC21D1750226278341BBD66A962FC267193131353C2E30F6F5E8717FE09A3818BC6E54436C3A9ABD5D9A0B535166B3B1CA712D287247240
        Malicious:true
        Preview:MSCF....c0......,...................I...F....."........D.. .cnwvr412.dll....}^<..[...%....."SP$......k..$%`d.`$.(P..VN.i.eE.0......w..).~...6..`...m.....S0..............B.E.Tv#2.X........nX...l.........S.~k..7....ImU.t6@.......6z.....u#Ylj..I&T..9BNR.......HHj.eZ....jB...f..h.......3..._..Y....K.D.r.T..8....c.@.V$..=........D..b.......`.l....8P[p.P\.7..W...u..Sp..Z..4.}...W.n...nc....t.7.P5.ZU.....mt..s[j.].c.P1.W.....>]A..z.mku[..rU.K...Z.7k(.u.w.....=.]I..]^.._..h[........M.0.jr.b..39QXJ.1.=..[|.QW.)......\.+....[..e.wS.....w...l..`......b...'..j.z=..^'.W.'N.~..\.|..?-+..O......q.5....t..`OU..6...?......_.~....T.U..b..1....6>.~....v.K..U.nFv.....c._5..D...a7..n.v....7.a...oD.u.f...DD....N.-.....mc....4....$.)<...]..["{.5...V<.m...Zh....8..t. .Up-*K0v.c......!...\3..b~.g...k....Q#S#e.......QT.D...r.M' p.g.....s.._|...`....YnE']..UGT.i.....58..K...x.....>.....pI.qu.K........S.2.....F...4y'...r...S.O.V.&..\.E.`..s...!.-.3.(+cb!.1...W]n&.g...

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwvr416.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 208849 bytes, 1 file, at 0x2c +A "cnwvr416.dll", number 1, 70 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):208849
        Entropy (8bit):7.9948545101538135
        Encrypted:true
        SSDEEP:6144:amqA6n/FiwiX5kuypasqPzYUOsY+AGHKp:amc/FiwmGsH0
        MD5:19B02C9369D912296DB5FC7698CDF2CE
        SHA1:9D6EE2791A55C1BDE9A369A6B945902C0CAAD505
        SHA-256:B2E98B2174163DDD0CDC7FB58FC0BE6CBF01300A85E735431D5C288CE08CC719
        SHA-512:06C9EA182E0A247442083DAC84FB3CC9BB59EE9624D3ED0A3462AF74BD6E6FC1993EE9BEAEEE438B0D5F1DEFE0870ADF1ACB66D509E21AF2EFD1C17F47E44804
        Malicious:true
        Preview:MSCF...../......,...................I...F....."........D.. .cnwvr416.dll.';..F<..[...%.P..."R`4..n....[....lY..-..K..k.i+..?...s.5+..j#....#x...O).....A.k..&4.....NXB.....P...b.......S.a;.......}.....]>.Y....w&...O..TImz:#.IhU.66n....&.j..H4.....>I.396 i.g.@CRP-.2..T.........*...}..;o....3w.z...F]...mcb....?/.D.xR.D............}1.m...8 8R.q....B..a.3&...1....n.I..q7Y..j...:z..*....v.*.*...=lW..p.h.c.U...../a.V.M...&.>\B..z.-gq...rK.k...g.6....v....S.....P...m.sT..o.|d...(M.....`s..@e(y......<.H..&S<".P=ob....P..x...t.k.M>s...Z...{.....z.e.^...p..De*...mk0.c.,....`...._.........o.x.*n......9s./._..6-.g..`s.D}..W.a.gq*Ao..o.d..]...Vi...1...?C9..........mm....mm....mm....-\Ga..(K...L.u.....8.L.s".f..|.D?..a.....FD..FZ....<.3.u.y..1..Gm..bp...Q..iK^....`..aL.*F.dg......E..$.p#...F.)3;S8....<%....!l8...;...=?5d.......oz.ZZ+<."..9...T`.x~...;.-......r..I........-&..G.z..K......-....\C....B!..3...B_.j....z.....S.q.).(.oYy.CI......K3..s?.4.9brt.j.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwvr419.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 209479 bytes, 1 file, at 0x2c +A "cnwvr419.dll", number 1, 70 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):209479
        Entropy (8bit):7.99333128734549
        Encrypted:true
        SSDEEP:6144:8JcSie/0CRYNHTsfYgw7ouVjcmjhO3sF8:8ihe/9+RTswgw7ouVnf+
        MD5:3299437DD8A61BD67704D417ABA41F66
        SHA1:C135E970750B220E87A4E7E668FEBC2647986929
        SHA-256:826D11CE170B4C3E282B9FBEC02B952E6F5336E7DF37A139F7E72F61668A6993
        SHA-512:84CF0F0B6F44293B243848D286F10E4FB52504EB872A8C92FA08D64540A260D49FF2C15FBFE194E35C509B2C56316DEA43E21C8E9B3DEA257353D363EED207B6
        Malicious:true
        Preview:MSCF....G2......,...................I...F....."........D.. .cnwvr419.dll.{..X<..[...%....."RP4.......nj..t.l]V.+.].U..j...#..Yce._[HuT.%........{.(2...Z......V.)..\.V#7*3......~......d9...My....}W>.Y.y.I..9.ZTaN...Imv8#.Mhj...&Y..[.lR.~|$M..=9BOR.]lZ...Hlj.2-.LSA.....R.U4VEF............;].|.......TF....b...@4.4".0).D......"8C9M..g8..G....)..m..Cp..p0.)..........Y...9.e..Z..M...................FU.]....V3f....Ho.N.7Zw.....+n_..FV.m:]B......]C..S.zt...Xv%y.wy<j~....{76{_.b.b4={rS.....5......S+.E......t.`>.#........<...kyu...?..i....6...oq.......k.uZ...OD.._S....0...Y..d.E.U..j.@.\...7}.....wU..O.n.....Oo\.z...P.a..1.../..e.q...k.-Y.,I..Wn.e....5......w7.Q..n.u..FQ7..n.}..6.#0.e.%rZ.w&..mQ]W0.f..,....t}^....!.L.../.....:..v.#d...l.9&{..8.Z).G.o.*U4-.K.v.c..X....3..\..0.V.....d.p.....5.XkaU..EqJ...(B.q..Gx..!..k.R.....k{.:......@%.....).TpO..........Y.....G........@p<5.[k'..[`@....&z.;.C..?iJ......c]=v..7...K.5y.."...e..epL..&f+1.....

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnwvr804.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 208667 bytes, 1 file, at 0x2c +A "cnwvr804.dll", number 1, 70 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):208667
        Entropy (8bit):7.993917679502075
        Encrypted:true
        SSDEEP:6144:cNrCq+wsP55qP6X+xtsvM4HXrp/sDCDqit:O+wsP5Lyts06/MCDqit
        MD5:16BDC61FE7A01DA806CE2EAED1985A71
        SHA1:BE0AF4F58718D94F19512432DEB92234971C7762
        SHA-256:35C69732817176256AA9D0D8037E3260F48414C887E90236A95CA1C65D50D303
        SHA-512:F52E39D327E9F1E47AF7C646D079E06D60888EC02B343AAE221256AA153CB5CA84BF72F2CA516D321CAF63BD2B3F55EE59E643007AC91B6CE3FE3ABB73ACDF95
        Malicious:true
        Preview:MSCF...../......,...................I...F....."........D.. .cnwvr804.dll.c...b<..[...%....."S`$..n...k.. %`d.`$.(P..VN.i..CX.@..r..W..r..w..........l...1..0P8 ..G7 8d..aef"Cw5........7,.v=9...s.=}^..7.<......y.Z.a..T..[.NR...Ha....^...6..T..{...r.......H.j.eH...Zj....B..h........}..]..;.....J...j....U.5*.U...@...V....P. ....P....5.k....8H.......u...quM.|'.$.w.2.z}..%fLk..J...vV..o[...M.u.[.U!....G.....=V...5s..o.NL8....:...m..2_..:VC..].*S.........v.zX.)..vyygw.<.}..;.6{_'bc".=.r4.k.K...u5....-.[...=.<&R<..S?".I.e.I.X.x3.?....2....b..Ll.x.~...U.j....9U.>..J.+.|3..)S..Q.H)../......q...?n.2......j[p.s7.Oc.X.w...k.|.rXA~L....HMZ%...u......Y.UVI......F.eb.....w6.n..66nn..66nn..67nl.:"3.G."W.Xk.....t..6..a.1...WK...<$.)]..."..6...5.F.Vl.5.[....g8.....up *U4-.K.v.c.....!3..[..fb..k.....#.#I.T.m...T.Da...j.....X8.i....1K..>..a.......#...u*.-......).TpO..........Y..N)%.Wp1..._..xj\v.....a..9.&z.;.C..?mJJ.....].v.....LS.5.......F.e.L..... r..f`.~..

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnww77jm.ci_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 4171289 bytes, 1 file, at 0x2c +A "cnww77jm.cip", number 1, 150 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):4171289
        Entropy (8bit):7.99738783351954
        Encrypted:true
        SSDEEP:98304:+4Jt4a4WRuPu08mwkWXYK5tffWTJvaNmVRnvFZGnjFklrM:+4h1JowkWZtfeTJv/5vFEZt
        MD5:9BD211F50DBA6D46B66DC62B805BC5C7
        SHA1:9302049FEEE297B20C0EF8AAB7FAA6E1823061A4
        SHA-256:5E8A8A81FEA2644D865E223C54583F47392CBB127D9371D244163B4F4F1DC581
        SHA-512:14C0E8B6FAAF38EC6A9A8A13E491CFE24F4584994CC4BE996B7CCCF39A127EF8B486F803969C0E09674F504DFEC54156F04DBCC920CA7ED93AB781036E9964CA
        Malicious:true
        Preview:MSCF......?.....,...................I.........J........DK. .cnww77jm.cip...{0:...[...5 .4q......R.P..%<.P..Z....."-..i.h-..*....N)...k.ZG..Z.-.|..P..........+..o.j.;n@$. VX........./...rb...]aP.qC. .($?...C.. Q..e..Me.......:..6...0.B............m..X.@..4%.....k...v.}/..%..@........m@.......;....b...../......~@O......E.....hhH..hI((...}...$.%..?../F....zjB][.#QD....\.....I...U.{...........|......}_p.?.........-.'._...o.R$...U..LCU.........|........_aR...I.......x...F=6..^..-W....Wk..{.7....~A.....j.......w.G...........@..j......G.k..Q.......VKZ.].7q.....8...41q..._......n..~..........#.;..7...Y7S]..?._..?.i..7.n&.........|..M.....a.....=.....[|......Q.._.._..+N.....'?..dI-_...v..Z..............MJ....(..*..._.s...o......?~..p~./.V.!.=0.........x..W..........}}_...\...3..s....7.>:.W]..#....D..@........|..??]....G..N.p..3`......a...........r..F...6...^...r...........r.....1..5bBJ0....F.n.._........8.......@&..b..~X.._..W.hzQ.......?f...Yqcw...wO

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnww77jm.up_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 11717 bytes, 1 file, at 0x2c +A "cnww77jm.upd", number 1, 2 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):11717
        Entropy (8bit):7.976808619818729
        Encrypted:false
        SSDEEP:192:+c/ugdDwiyM5mo1hjQXOH/87UEb3CqcjFdb20WdxHFkHSKQazc3HYlfq:Hmg98MEOBHRQ4dvWH2HSKQAMwq
        MD5:8AB85539B876EC3351F1ED7A46DBE8EF
        SHA1:2EE9DD2610DE5365F959C2E36359E60F26CD95A4
        SHA-256:FEA8B43D0E37435011BD1A388A299E82C4AD2C2A490625C1D1A57C9E8D4F185B
        SHA-512:7C867545F6E4B43083557E4B185817CD32D8C695359447C893AA712EE20AEE23635D46A138AE6CEB2648B673B89A0BF5C51B64E9B109EE8E0E1BC88FE6D9C268
        Malicious:false
        Preview:MSCF.....-......,...................I.................!E.x .cnww77jm.upd.U[..."..[.........#b`%..O...U{U...qgln].:[T.7.VZ..6....rY..._U...:...........^...Eq.x...`...F....o..=..[....I...4...t..m..4....y..]@.......Ck.E.E...e56.&.....Y.Sk.....|.l...I.\d.&..a..2.3"*.......7/<o.V.ry.Q"%..( ................y.D...B..(..F.SF3S...}..J..X.......R.,M......E..z..+.Z...A,.A.}L...D.....^....../..nNo....W.=....k..=:r....6J...I..F.BG..2^..k..KOn6/.......<.C...........Z....1^.Y..7.Y.:J)h.n.ighl.e.....D;S.AGX.;m.F.GG..C=....l...].lz.x..s..D..F....P..+[..n$}E...5..P...:..p.avdYfe....9.o..%..]e..&fSeeAd.......r=..F...."..7..v.#..p.|W{...tV")...!..A...rc...V.<......[n./.U...._x.0...........x..y..B./..#.`....Uw.t.;..!....K..Y;...c$W=....h.....5L.heC`.K../.<.wr.=.dB.5...O1....C].ZZ..Z......M..N7..|....jD&e..q.kmhh....I....,k....:....w.+oI.e..Nn.on.r..8.k........v.D|..N..g\..jx...X....X.1..3L%.."L[6W..c\.......nf.f.{.).E.)|;..|.N..X;.W!7.>~.f..........)rU0

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnww77jm.xp_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 2175 bytes, 1 file, at 0x2c +A "cnww77jm.xpd", number 1, 1 datablock, 0xf03 compression
        Category:dropped
        Size (bytes):2175
        Entropy (8bit):7.860905998439953
        Encrypted:false
        SSDEEP:48:3Lcf/mt/v1X0/8DDCFL41IIbnfdAN7z/K0C3:n/dXvnGLsrDfa/K0Q
        MD5:8CCA7D66FEDBA4CF9B7C1226CB9ED042
        SHA1:2AC5DAAF9F2BF1BD7B6DB6AE4E3210A5837CEFAE
        SHA-256:784FDCB4005EC965CC71DB0CA49276ACA697BABEB409295AC4A701096E5D1681
        SHA-512:153BAB2B4F7A6F596C0BCD6517FD5A46F946B7CF0197CFF3B5BC853211CE4F2497D8ADED77B1C068365FF44DE733CBCA614D7EF6DBADE9D43F0FD70E1BFAFD20
        Malicious:false
        Preview:MSCF............,...................I........B........!E.x .cnww77jm.xpd.&3.4...B[......*..C..4.`^V.k/..D.U.R....{.s...nwv..6m.O.XW...*2!N`.......W.`?...........3.....m..wV..._@y..@..A/..ci..U..%y...,....@.$..:..t..X......m)....0.]..@.....fj..*...r..^.@...F...h......a......;.3q......~o.5-9~.h.hC.......y.<.fm.z...~c...\..=.~....9{..}1".......=...d~....t.......'...!,...A.L......<k.|..$..>.'..E.b.n...L...K>..'...xP.@.....U^..(.~4..].....#].ji.7^...&&&&&&&&&&&&&&&&&&.&m..^..mnX...;..*..>Sn~?.........L..E.........Hp1...I}..O.ZM...g._c.5.g_..$km.}...w..A."..6...5...W....w...r... ..._.....s..!nT....c.....w.{..Y..$....{..}!5z?.,7o.[..o.w....~lsq....~...{..0n.w.m..s..R......C..o......y....xh...Y{.4.............Wo.f .....s..._............/#a3.=...#.r...<N.....\......'#s..$.a$.S.V.#..|....f|...8..@......D~.! ..:.8D..N .g <.h.....+R.h<....gb<.......t.I....h]...x+._...K...;.O..9`.T[PQF.b....O.......=....</Dd.i.ft..%..q$C7....q,..H8....}.'.^y.Qa$.;t..1r.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnww77km.up_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 11717 bytes, 1 file, at 0x2c +A "cnww77km.upd", number 1, 2 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):11717
        Entropy (8bit):7.976795222570357
        Encrypted:false
        SSDEEP:192:tc/ugdDwiyM5mo1hjQXOH/87UEb3CqcjFdb20WdxHFkHSKQazc3HYlfq:umg98MEOBHRQ4dvWH2HSKQAMwq
        MD5:83C66E96B4EE11B28F6200E30E7771DF
        SHA1:70C4C016C66F3F5C8FE9601247869E451CBEF70E
        SHA-256:49A48D50D89BBD929C7C249A875924745701F124D2F0021CF66530BFB92234A0
        SHA-512:AE210BED3ED43D5AD15CD074BC593481A80FC1AEF6BA46436851B4AF39376EEBE2E4E4C1A90E5EA973D7C141953638710F321E820944A4890A3D17939BC88F06
        Malicious:false
        Preview:MSCF.....-......,...................I.................!E.x .cnww77km.upd.U[..."..[.........#b`%..O...U{U...qgln].:[T.7.VZ..6....rY..._U...:...........^...Eq.x...`...F....o..=..[....I...4...t..m..4....y..]@.......Ck.E.E...e56.&.....Y.Sk.....|.l...I.\d.&..a..2.3"*.......7/<o.V.ry.Q"%..( ................y.D...B..(..F.SF3S...}..J..X.......R.,M......E..z..+.Z...A,.A.}L...D.....^....../..nNo....W.=....k..=:r....6J...I..F.BG..2^..k..KOn6/.......<.C...........Z....1^.Y..7.Y.:J)h.n.ighl.e.....D;S.AGX.;m.F.GG..C=....l...].lz.x..s..D..F....P..+[..n$}E...5..P...:..p.avdYfe....9.o..%..]e..&fSeeAd.......r=..F...."..7..v.#..p.|W{...tV")...!..A...rc...V.<......[n./.U...._x.0...........x..y..B./..#.`....Uw.t.;..!....K..Y;...c$W=....h.....5L.heC`.K../.<.wr.=.dB.5...O1....C].ZZ..Z......M..N7..|....jD&e..q.kmhh....I....,k....:....w.+oI.e..Nn.on.r..8.k........v.D|..N..g\..jx...X....X.1..3L%.."L[6W..c\.......nf.f.{.).E.)|;..|.N..X;.W!7.>~.f..........)rU0

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnww77km.xp_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 2173 bytes, 1 file, at 0x2c +A "cnww77km.xpd", number 1, 1 datablock, 0xf03 compression
        Category:dropped
        Size (bytes):2173
        Entropy (8bit):7.861504195965034
        Encrypted:false
        SSDEEP:48:6OEmRs/+ph1Fnt3yUmkYlV97/ZcuWjGcRLfNXz9QGwwg7aGfP:6OEmm+HlyZLBSuWCaVSGRg7FfP
        MD5:471E774066EBA61C551DD43A184ED5F5
        SHA1:4ED586377E51750554D64D334C08991B9CFB362A
        SHA-256:4DDA57B5D0882167F9DE1487FA225B4460D47D07FC5FCFD68DA36CB1C906F45D
        SHA-512:973EF0D01FDAA0A92114E5B33B290D377B6BD1FB1EC525D673550CE35E2F7767B2865A17F77037B5F36B688AABA9F7556960C6355BBA463A7277B1F5EDD683F5
        Malicious:false
        Preview:MSCF....}.......,...................I........B........!E.x .cnww77km.xpd..(6.,..B[......*..C..4.`^V.k/..D.U.R....{.s...nww..2..t..F2.JLH..*.......*.. .. b..hh......g.._{.],....l.{..ZD..^&W.D....l...\.(.3..6.,....[.h*8.r.ph...;.D.1...........&q64..`.......)........+.w(.kb.....O!.....d.!......../.5X...yh....(....~{..Gc.$.&..<..$.{c5no..#..{...e~....x........7...!$...Q.M,..7.@kN|.z$..........|..&..-.......}<.G..F...7H...GZg..P...e..y...7...&.&&&&&&&&&&&&&&&&&&.&..y..mmx...C.....~S;..[..H...o...Tq...y?....~.l..?}..W.[....?x.a....M..W7....>.x.y.....;Hi...8v..C..A..?.n.{3...............n.0...N.l.({u.6..\.(.{......m...79D..s~....{.v.[...{s..w....o...........qr.d!0..p..L.7n=...J}...A7mS..........n....u......i.^.........h|_.\...eD..7_.z.3n.#|...pL...a.=.1.r2.xK6.:...Oe;.k.7,k...'o....p..J.......Brj...C...D.@...{g.;..X".N..V#.y.....*....Qjg.t@.].v....r..5.jY...a.D..8Z.GL...e.6.|`.....X.K.~.T.T.}.....H,..2*.H.>.d...:.....'.......q*4.?...sNN.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnxp0log.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 831 bytes, 1 file, at 0x2c +A "cnxp0log.dll", number 1, 1 datablock, 0xf03 compression
        Category:dropped
        Size (bytes):831
        Entropy (8bit):7.537929647006254
        Encrypted:false
        SSDEEP:24:wNlpj13dX3JxhS17f8PS2EXiPccNLs9llZF:8lpJ1hS1oP9EXELC5
        MD5:6184303E51F005FC6B46C34905C3517F
        SHA1:78AD10326C394675D68E31154C0B850F74F8F4C0
        SHA-256:430323862DD7C16DF00C2CA7668C1FA0074F114934BDDE61623AC6D2064EE174
        SHA-512:383901DB007584787A9BD53D4029CF909F0762E35D515614D3EEAE59BCE10D9129D5FB99200777EEEAE5134F1A10EBB67810CDB990D5AFAF2C1E551C2BAD9A16
        Malicious:false
        Preview:MSCF....?.......,...................I.................,-3~ .cnxp0log.dll.;.......[.... ..y..B..#.PP@...Y^...A...c..:."k.KRF.(.'.^..vz..=.#<Lp.P..........<<....`.Q@.........v.w..J|{cN..#....,.LYC3...4.Lw8..bfv...X!t.~......%..U>@....V.K....[.Z.rt.../zy.{y.v..|}...o.T..%...[|.&.....=..EQ.....f(V...l..].+......Om.b......>...+...C(.................IeOz....5CY....h..rS.2.-S.GN..!..bi4..X{.a..1.c{.Te.O..3.4..TJ...+........A....}....@A/Ow.yv..r..[..=.-.%m...(....p.....9.. .:`.Hp.A.......U./...$...1..ui...-.....>.a....r.<.Rp;.0..h.c..........L..^1m.0.y(.G,_.._.#...f......y..rR...]?......4<.b<Z.D..&.cY........A.F`U$..L...+..]..B.........1.....Y.05..4.[#.T....:...7....L.....J.3..... ..X)..C..y.A.z.&D.....AE...i.dU....Y........[A...+...h..8...u..8.?..j...,`.....Fd....T.. .Y3..}$.px...W.>V.....

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cnzsrgbc.ic_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 4521 bytes, 1 file, at 0x2c +A "cnzsrgbc.icc", number 1, 1 datablock, 0xf03 compression
        Category:dropped
        Size (bytes):4521
        Entropy (8bit):7.940636569659662
        Encrypted:false
        SSDEEP:96:KX78ss3y9jpgH47zUSh/2cSk76T6OXbDneTwIe6C8xFVIX/x:KL8ss3EC4/pp2cr/OrDn2U8HVYx
        MD5:4D16508F38B0F855E613752B3EDE9321
        SHA1:21B4225BA0B599DCEADD0344F90D163049C175E1
        SHA-256:12FA79752C1BD0AEE11F8615E9516AE469D94850CED7F30DB93D98CAAE54CF28
        SHA-512:7CA7A1926CE3FD412BB1B08F6AF951A31CEBBAE7B2F2FF130BF6552875EA0B2403AD4B1E989D33A875186B06DE475AFD6CABEAF31574B5468273B88D5491F69C
        Malicious:false
        Preview:MSCF............,...................I........%........i6.. .cnzsrgbc.icc.1...X..%[......\..!.P4.._..{....l.0.l.......m.v..n......ws.n............B..".(HSR.$*J... B.`5..p.....y...T...7@.....RE.X..w.x.R....I=....4Mz...HLc...r.*...C........+.~.....+.....EL.+...^..u.......8y.F...|....d.,2}**...).@.P.D.\....F#. .".........._. .<.).!O.v..`..1..."e...p6.~.3......o2.s.S....J`...Y8..~..1..~.B&.r.&._...I..@G..8.$.$..)..%...\.0...Oo..LZ...ROJ.o..yI.r....S.L...c6<.9.?...4C..B.tTa|.KDI..{.CH....6...H..q8@..B.V.|..B...t......L....T.1. -.K.n.../.Q...(....: 2@e.....<....5`j.........-0.`S...p..G.TM...0..5.c.JW.c......7.nA........ .X=.:.{@{.v....2.m.R.W!4.`?.>......"...,.9P.....I..`..L.I......e......S.`A..J.D..-.-.-.-..L/*......... .`3Aa...x..4 eh.a.....0...a.....A.a..C....P<.xA.A.a.!.a...........n.WCT....K........gDi.kD..71;.V1...-..b]1..X.,....n....1.c...c.1.....x.<p......%qIb0.Q...m........d.djdtdy.>db......L.&..de.e...eLe...z.\&,........5.y7s.8f.3.Lv..3;]=.-.s..=.....3.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc10dw1.ex_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 301213 bytes, 1 file, at 0x2c +A "cpc10dw1.exe", number 1, 25 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):301213
        Entropy (8bit):7.998824242778934
        Encrypted:true
        SSDEEP:6144:pZtbeyBZRbEKssfIP1p0BR3bF0G0+0nwtw0axCUxAx9sigNU/txv9uUdRdJ:pZtbeA/Hs/1sRZp01wtcXxW9sig6j1ui
        MD5:7098DD874F6191A3E9A480EF9A3B2CB8
        SHA1:C35B5CA7EC29810D749B952BB879E8EE9B13402C
        SHA-256:F4CC11B2C24C7FEFF4AD4CA55031722A638ABDB0966193D97F15BBE8ECD8FB37
        SHA-512:4C2843A63297D06965FB2A5CB062FA11C18D5C828262186B69CEB7F4A52DE7CCA44A49E261620C98B5B161112FEC4EE8C114958BA6FE693038515BC8A355176A
        Malicious:true
        Preview:MSCF............,...................I.......8^.........C.( .cpc10dw1.exe....~~8..[...4....."Rp4..o...nt...W.....l.............wB.,....t.B./..}.....'*.j.S[.*. ...t....T.......^.......W.M........k3.3...hy.MQ}...TK..........VP...5.....2....z... ...[.8h..........!.*..w...9{...n..o.W...J.....Hb.. C..(..P...... ...@..? |D.b...UEC:.i..i+.V..Ek.M.n.l".+r..>-..r...m>......O....k.m.....y..}l?......q~i_..jf.....'.d.z.....m...-..X....f|.....z'.....>.%._?.C......O.d^....g<1.K.M.P.\....25.(..B....P..u_.....D,......uj."}Rj&e(.......}J....2.h..O.....).U[..S"..[.....l,t..%x......[..8.5.R.jW......:..V...jo..o.@+.V.K..:(WZ6..'.}w...JK....~t...M.50......QOD=..O.=Q.D..QOD=....j..*..(.+.i<.1%....,^.....y.."M@.NP.R.T..;....%..tQ..l.?...b/..|.~...E.gC.*...qnwf.1dL.....C.."..Z...vN..w....D..;R..;P......;Y.:,N...V<.......t.....8....YRp..F."WE.*.8.{.pp. .... .....Je.-.....p{.)$...|>.w..\8.f.5g.?.u....k*.....{..!"...di..P{..).....jw6..z..Re.....9xb....6.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc10ew1.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 290803 bytes, 1 file, at 0x2c +A "cpc10ew1.dll", number 1, 30 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):290803
        Entropy (8bit):7.998991873989722
        Encrypted:true
        SSDEEP:6144:8++HmnaVc+dTnw3U3XAzKuZdfxQ9bS1rn9y58mwvKok4eeQbJ4:8++HeaVc+dTw3yQGuZDQk1rnYOyok4ea
        MD5:38C0A1992D546A9F47CBC92B59C5F39E
        SHA1:6BBFCA012830B148167526B19E5C0E7A30713A68
        SHA-256:7878DAAEC401E3167E5BC865C836D3F2D6A51DFCE1F1698D42315B3D39FB22E3
        SHA-512:541B7F67FFC7A69F38EEBA574BB3E10DD102C00F2E8C8108C977E69A99855CD9146181B38AE3DCEF57184E669B835A6212D80D0B1D322F7E08ACF7E58FA569D2
        Malicious:true
        Preview:MSCF.....o......,...................I..................C.( .cpc10ew1.dll.....X...[...>.P..."bP4..o...k]u..YW6.)..l9...r.......9c..I.M..=...t(. .!".....6..E.......YY4....Y...b...........*.Mw..y?..w........~...M..[..H...Z.j.....5.%...4^x$..I..l.q......U....VP...3.D4VUU..o..7..yYk......U.T.Q.#........EeI..$......D..@.` .....H>. ..Bx..Tk4.cP3.8;qu.\...r...8.......*:.*....~....{.}..?...6...#r.....C'.R........7c..v$..}..zQ....W..|+W.kd.E.u.-....2...j...........UO...[..o.[.=C{..]...-...!....@@fUD}..gH3....kt.R.A.|...}......\.I...!..y..{..._t.&...%..5..b.Q...v..J{'...nhF...b-...........'.oeSb....s.O3..........}RO..l.u.}......}..XZav.).[...../..O.uo..kzF....^i..>..~?7_.j8...+..A|....|..A....A|....u..X3..`.G...GD.d7p.nK.RZ]~xZ.<...B...-........d..B......B.J;>CW.3r....E\D ....0.-..7h....v.zt..r.._.B..p..&...i........H...U.-<.IY.\.9.'.."....<.Ep.'{.){..........P..*... )....._H~.Z...U.-.|}.g...B.....f.e....W...A..........F.c..-..?........r.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc10qw1.ex_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 312231 bytes, 1 file, at 0x2c +A "cpc10qw1.exe", number 1, 35 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):312231
        Entropy (8bit):7.99922297001245
        Encrypted:true
        SSDEEP:6144:zYH+2sXigpbi5az2regkY3SINWIjOpJXifYE:se2sygoa3gkYPHaXifr
        MD5:ACD157DBE12B204CE3A6B85C5F940341
        SHA1:343510C4D9371835CE83FC3200346C0EF094B693
        SHA-256:F0E51910F735A05B6C0537736D0F8A9BA3AF13DA4D351D7B0E7E5EED1EA6BB7B
        SHA-512:BC81371794C9468C66D41AB399DDC57F900B6DD3996006F751831F364D45186914033B3833B5BC5FF85CBAB22E738D31D7DFBCB3A6A3F624B37A748A94FFBE48
        Malicious:true
        Preview:MSCF............,...................I...#...8..........C.( .cpc10qw1.exe.L..:5..[...9.@P.."R`4..o...n..N]+[...t....+.V=3m......$.t/u.z.s...!...."y....oP5.e...U.I!...H(.L.M.Y.....?...?.Rn+y..w.m....y{.g..8....w.R-....I.. E..$l...>..Rl+(.bJ..,.).1$CB..*..A.l ?.8.ir.D........Y.......}{{...W....WY.7u55.D..L0....O...K0...b|. .$.0..8.<.u......@..[z.@..~.22j......_.z(...C..-9.b..V.zK..2....}.7.L...pa=.t.O7S..g....a..3....h.$T.t7.............M..6O[.\)........>yr..}.....k.%...[Z..Ws.V.n......P..Y.].......y%.._m.A..t.c...........hpT.:......w..h'-..E.....G.~...c..,...Vq.]...g+.fV.o..xI..jX.3.I...y.....%lJ.p.}Q7..z..._:..Z....1.M.|....]..`.*.....*......u;U.c-...._..l.+.....O.=A....AO.=..O.=A.....OQX.U.......&..Z....n^c.....N..@1.>...../S..^....v......_..&.2.k..}......!k}.&.K...[]~m..9/..o..a..)......U.NX...nA..HL..5....=..Geo...6..8...o..$;....n.k.(.nF..U%...n...9s.aJ..n.b.Z........ie.....s.x.f..|a.t4.8..h..b.T..%9.Hx%q.b...ztU....,..6=#8O..,.1.\Q.pG...L.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc10sw1.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 130633 bytes, 1 file, at 0x2c +A "cpc10sw1.dll", number 1, 10 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):130633
        Entropy (8bit):7.996121059517016
        Encrypted:true
        SSDEEP:3072:Ku33WrUyB7PggCXXICI4b3cQK3nwNitPUOX:KuHMUi9CHICI03cF3wNyFX
        MD5:CE8056584CF9E7D434B27D51FE55AA43
        SHA1:3275124CD614C827EECD4208136F858322CDE794
        SHA-256:2BA48398A464F0A22EB2CB059658A14FB223A307627173095F62ECF4BA896477
        SHA-512:6761A0FF8DAF560FE64DF17AA004058FB2F9EAAF15677A3DD65FF22E2EBEB0AE61FBB00C1020F668301A34C1E61D27319E00177F9D6196B39076AEC477DCBEE2
        Malicious:true
        Preview:MSCF....I.......,...................I..................C.( .cpc10sw1.dll..i..:A..[...).p...!..4..M..3....0..|..3o......(.k....3T*R...T*^..6W...J,...,L..hF..i...........M.......Kj,3..w.?.a+...wl.g0#ta.......h4.S'.`...-.......H....u.b.f.mF]u.....m...l.. 2.TDPe`.......9v...9_.v.4J.HSb!.P." ....T.H.D....itP....../B.g..%....v..#.E{g.M..}+&..Qn.-.Gp...U*RIQ.o..51=xS..i..R%~....J....2.H...!.._.m../bM8.....y.&Q.$.#.\....+.....d#....n.x+.b...2M...d QJ....-"G...p. .1u...P.SP...K.GF....W....-wzHK...P..Dg.....{Y......].......}.D.._...m...e...|..]z@U./<..}q......E......w......g.T.Uj......~...4.T.].x;"......./5.Fr.{.&......1....9.."cW.DI.GM..E..r.l..og..........|.s..`..$D..]......o'.Z..#...*.1....o...oa...d.uB.`x..JO. E.SYt..._.X..........!..Ui!...|.C.....) QB.(r...,.r...;...q......*D........./"...1.*..$.nbq7.S.......@...NHI.GM....SYl.G.9.z.AAeB..{....?X..*....0..B.9......=A.)_aO........^...Va.%..Z...\l......'..c.+jhj....Dv1..T.^..5R..y/.1W.Pes...m.s.X..Q

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc10vw1.ex_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 258223 bytes, 1 file, at 0x2c +A "cpc10vw1.exe", number 1, 20 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):258223
        Entropy (8bit):7.998743522623213
        Encrypted:true
        SSDEEP:6144:8Qoq3ICSDbgOXOAzD3lKsvUDZK53FfVKqWtPS:RoqTSbfXOQ3dqK5VfVKqQPS
        MD5:2D543A44AFA74D3E01BE1ABFA0AC84E3
        SHA1:2029BC84A0502DAE229628F2EF9F025C426AAF67
        SHA-256:A6E24135003F57C4811215C87B97032DEAE88C2A9E5E32CEB6A471AD253B1B5E
        SHA-512:23C4869AA657B478A750CA810612F7FA06DF49959978B7B579785712AFDB9CA283B8CF5D27E2D682D904FBDA14957E947DE4E6D968F1F0082BD1816DEBEE6AA7
        Malicious:true
        Preview:MSCF............,...................I.......8..........C.( .cpc10vw1.exe.,n.L2...[.....P-.."Rp4......[].6Yu.l!Gd..r.4h].......@.sD....u>;..it.D..G..>.....y.#.....iZ..h.|..3.i9.r.*...<....}..W.k7m.....=.9...<q..C6..&e...!Mi...F.......$R...=.P.H.i..R...9.6Po2....Lw.G......!+";................d2]n. ..ViD2....#...A.c.....(C.(..h^.-..!........y.|..u....,....]".........{.s....E.~....].....D.q_R.....57.2..G..K..f....wZ.]..Rw. J....F..t.7..b...}.a..tGu....n~..V...3?7Wh..|L.J....-E..?..,.X...p.(...9.d../...0......}'...C....2..O....r...s...&..l9...M..7.y. ..-.s.e.u.N%.nZ...=.oQOk.,.|.8...sd.[.+.{._.-..@qm_/.....X.<..uJ.x..s)...^...F..y.m#.+.:.?;....;;....;;....;?...ZI...m....&...+!EvIF.QT)...\....p.H...(...hF.."...'....[3..)...U..,.;W1s...7%.u/...RH..X.........$a$...~.O...B...X.u.....G.45...j*...^........Y.....R."i.{..tg..cX.....L...Z.5.J.q.5uf.+..v....Z.....H.dv.."..&...)...UZ.u.q\.<...._z5|..`s......7....np=N.aq.Uk.qh...Z..-X..%#a...>.B,.CJ...$.....

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1csw1.ch_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 21031 bytes, 1 file, at 0x2c +A "cpc1csw1.chm", number 1, 1 datablock, 0xf03 compression
        Category:dropped
        Size (bytes):21031
        Entropy (8bit):7.991134530547848
        Encrypted:true
        SSDEEP:384:Rj2fp1QwKuSjd3dsWZAtGNeA/9tA5c7JKZN/He0YMf+aUZ58ETZOKD2W:RafHQcSjd3iWuc304JSJHeMf+a055OKh
        MD5:DEB143D9EDD461B4BF6324A6B68FE4FC
        SHA1:E8ADAE502CA747510752ABB2E0EF9A0085677666
        SHA-256:72F26A2C7F5444B302A051DC77DF73F048B3AE565707C12016DACCA922DAA3B6
        SHA-512:3CAFEE5E565F7FE0DD236423DDC4C84ED3DBF3ABBDA3304CCC3BC15B3C8C318303362013B47C9B7CA70F18F9269F10D5988A3E6B07B6D94A8869D1C965A3F986
        Malicious:true
        Preview:MSCF....'R......,...................I.......<n........)6m. .cpc1csw1.chm...1..Q<n[..................]..........]..........w..wD..........^.^.(..*&\&\AH.B..f.e6.....{./.-..{.C./\..c.(B\...s........hf..f.....`../._./CN.PFCO.........fN.@...... G.....X............./.....Ol....Z.7.....jB.......7.......oG.V..fY. +.....].%1#...*....`...H.*)./.c...*.....z.|.........P....&...W$D..9.....i....#.................1..#..O...jh.j)...~|..H#,FCpbIee].jD...y.#.T.......C......LM.....}.w..#.......~........_...A@........b...9w...s...:..O........._MD.......mH.....M...I..b.S.s.Zx..........b.r[y"#..z...73f..O..|....Z..?o.B.#._.....ILw...._.sE.......aWC.....|.Q.K..X..K..fL.U...:..V....@..F.s..D...../.I........{.1S!A.....V.....9.p...~.R!p..;....5."..8....y..u./#B.?...{....$..?.c..Z.. .:~}8..~...T.!....@...f......:.>...%......&..b#~M...y?9.?....../.w...b.7..........\.P........3........v....o.<./.g.4....S..FI......>...~.w}.....3L../V..k..[_.~....@}..c3...H..7.7...?.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1csw1.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 59263 bytes, 1 file, at 0x2c +A "cpc1csw1.dll", number 1, 18 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):59263
        Entropy (8bit):7.993929297906875
        Encrypted:true
        SSDEEP:1536:k4OqqWP31nKHx+iGFIEqS+/euonczLDKWKYU+wcJxU:kdm3FMx+i8IJFmuo0LeWvwH
        MD5:DF995BFAC9015B39B594DE9C23592785
        SHA1:A554480050789FED9B7259666E4B3E3C4BF2F5C7
        SHA-256:216B075650C3F7CAE1EEA3BD88AFE51DB3A14C5EE92662BB979513C4CDA3C19A
        SHA-512:87FB00B70BE571E4BA0AC498E1EB6C8D1E119788C3A8443550E02D3CD7E62717464EDC1E4C00F6126AAFC8403FDFFD3CCB3168999D681C2C17496D71EFEF543C
        Malicious:true
        Preview:MSCF............,...................I.................,C;G .cpc1csw1.dll...AX.'..[.... .....3.%#.p.....U........Y...W6.%.cLbf......9o..;.|.6..zW..Y...mz.:.$...f.N.|..4....23.J.[<......`|H.ff.............{a>.K....$9..\89"&..].A..KM.o...._]..GF.t;.D..R..Jh..k.H.c$5...I ..q...!.."...).<...X..a.Z.@..........Y.....I..A...V9...3#./P..._.\..t....6.01..)...,qd,..g..p..|.G.z..K.....].'Vz~..{>.......I$.....>.....+.z._:.V|.?.)..Br.8.t..0.X4.0.j{OG...9.^1S...S.k?.}P...^$..ko.h..GS..=.d....p.,.Ku}..N.h.......p.i.8.n.q.......a.)...:.I..C..m_<..u..1.g.m..W[:..}..P.....:.s.Y...&$L..NO....Qb..%.mC........P..q.p.Db.~x....3F.a..y...q.4.Az9"..!r.x......#....A....'4...........b..l|.Y...Ab....q.9....m...#..R..j..e\.Q..6..(....(....:o.b.#..FC$X..7y.8. 7y.B..<......8..N.....D.....&.......A.1.0.......(....\..<..xb.}.....>.A.:.Fb.F...."../.b.Bp..P.a.!H...D8..R..".....`D............7.7....C!..P..oPpA..Gl....c..|...:}.c.#.$F.H...}1^pB.o...ob.....NPB$....D...ZX.<..'z.G....$

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1dew1.ch_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 21185 bytes, 1 file, at 0x2c +A "cpc1dew1.chm", number 1, 1 datablock, 0xf03 compression
        Category:dropped
        Size (bytes):21185
        Entropy (8bit):7.989133098150109
        Encrypted:false
        SSDEEP:384:6ESjV8RE5TNqPlQENa85+EHJp8XZ87zAGRTuaTqLhz2lJ2LqPCykUK8L7Fx:6zE1SENa8AEHJpy6bQaTqLN2luOVkUtz
        MD5:D42F318289E7E4F1658948981732FF11
        SHA1:7CBC33D7072FCFFE6B0246DBDC91377ACC9E2B5A
        SHA-256:76D197529C2203C010BD951F18EC27262FA2BB7F19147544B5DBBB18F35DA48D
        SHA-512:8FCC1EE3DA700BF927E9D44C278C3D02D79D51F854D7F2313EEB332F271CAC9A3644FCAB5D128E21CBD64DF1D3ADD0D557F4D37C6ADA0C8B931035C369F02C8C
        Malicious:false
        Preview:MSCF.....R......,...................I........n.........5 . .cpc1dew1.chm..n..pR.n[.....0........................\...w..w..`wH.U..@.....3.|jPs.@.e.Z.H&..w0L.-.z.7.'e@=.'.%.*.E..t.LKEt..t"@K.L6.\..t....#.P5.C..V.9<....::...}.M!.I..........La...O<D^@....Cf&.H.8...e...!.....L..C}b@.?.e.../O.r.......$....@..~.....2.K...?.1....._..%#.......xX.yAB....:.....T%..M..s.._))...&.)H.C....~.X...06..p..r.Bz...w1...QT.K~..s.......%.*.j..Vm......(..b...TDW..6...3.......N=IAO....._..P..J..MNM.....YV.95...A................<27;.8...P..SAdq.d.gR.+.o...`..... ..S...-.......D.......6..1.7~.z;.....U......r`..?Kc~.W0xf.....5.... ..v&.b0...............t.1..p......}..h....P~.8...Q.|C.M./CT....W.F.v.T./>......_....$..B1L..........mlM...L.%.;.C..[~..t...?_...c..D...1G..6..l.H ..d....Q?9\wH_...V.~...:~.9.......U.}.`..S..........S./.2...0.q .D6I>..7`\.K.O.r..........h.J...e%.?..Vw..?.m...C_.4.s!.dI?.1e. ...K..F...._%....r...E......PF..i-R.@...KN..f.u.Y.#...}0F.+sF[.C...#....2.";.9.~p

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1dew1.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 60775 bytes, 1 file, at 0x2c +A "cpc1dew1.dll", number 1, 19 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):60775
        Entropy (8bit):7.993887346007541
        Encrypted:true
        SSDEEP:1536:KzdyRDRb/XiwwryBP4CTHZ7tJVzvXJe6fh22g4PGYSaaOc:KzdMJXwryB4CT57N5ewvPXvc
        MD5:2AF2BA4269FBC3E01FE23CFF45E79FEA
        SHA1:331A93684466111C19A972D6E235EB75B32C6F95
        SHA-256:CE031110B9ED9DB5A800F92A7D89F85D6EB733F77667273E644EF45BED5A47C9
        SHA-512:5A89DCC2F6D7A6E7CB32D0DF4742C88E9D83F4E0A2B18FBA187CDC5E7CD801705766CEAC71B7E0B3DC69C046EBA8B8030E7FEA16C707F8B74C9B2F9A49FDEFC7
        Malicious:true
        Preview:MSCF....g.......,...................I........4........,C3G .cpc1dew1.dll..vm-.'..[.... .....3.%#.p.....U.......X._..P.*.1Z.KnJ...e...Jz.qKi..li...d....:...&....`_B=..-J..w.-.6...R. 33fCp.......~.....w..m.$`....I.D%.B%*....g........,.....uY..D::*8...."c.&`ru[8 Z!....?`.. ........}.?..o.a..%.. hZ.&`g"."YU.*.......<.."(\..h..F._.L[.{9.....*.V..;..$#..q..\/...Yp.......y...{8uG.{.r.s........W..........?.Fp[....:..m.....G....R0..["U.....S.....|..c.I...Y.W.cg.r.ws.-...?]u........W2.,9,....u8.F%T.}..L.....+J...E!E|:.F.(...f...=.#...}.a.....-..Y[ Wvky..LM!>..8.;..2."2dh..........0am.......#.D...........f. ...pb.:.....qr4H.!r.!...........(...........p..H&.a9<2]......gs..>g...{.*......=^...ME..V...pb.,...QR....3upGu.o..F#$.7`...x/:...x..R@`....Z..H....&.....D....0.)....,......#..tu..E!..8.....D E.~...:....F....$..2.b.Bt..3...R.pF.- .....$.Pb.Fd...........1.)...<r?....p...P.(o?.'*......Q.7H..a...;.|.q.1HH....!.....<..71J.!.t.. .o.@.y?&&..GC.....B

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1esw1.ch_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 20921 bytes, 1 file, at 0x2c +A "cpc1esw1.chm", number 1, 1 datablock, 0xf03 compression
        Category:dropped
        Size (bytes):20921
        Entropy (8bit):7.98801521425368
        Encrypted:false
        SSDEEP:384:ff+4AkYfqFSUbFULW77eM3+v9JRO8OrMpQazIUXq3AJVxc3Uw7yCZVEs5blB:HIjqZ2S7Juv9JU9Mp78nA7xc3KCEs5xB
        MD5:C43FBC4BCD87C09CAE556BBCF05E552C
        SHA1:CD48F569CB352E41A8751B9348CC99AE368F1A8B
        SHA-256:3254F0DB1835AB76BD2F8F9A96C15912FECBD6E455855B644DE08E837375CB5F
        SHA-512:11A766E9C2F060127C8FBA34C3FFA4BF4351EF9EE0A7ED4D6B5A0A027084833D8EFF48A2CBA65DBC9F8499B28ACD37D1FA59CE1FCD0A5555BAA10D582AB32950
        Malicious:false
        Preview:MSCF.....Q......,...................I........m.........5.. .cpc1esw1.chm.m`}.hQ.m[..... ......... .........W.wwwwvw...%....wwp...Q........<......F.".2..E..*.g...X.l.....Z.....<..%B<..<.b....w.......hH..f........|~..F.m..e...00...[..*...?..n..w.v..............._..9....!.......<.......oGu!..?....o..?.?.....f..X.%....?*/...Rh..AW....Y.,............5Q..?....J.)...h0.L2...@....%!>..%..Q.ML@F.........I.?./.b..O....C3?q.....S.?...p..BX........Y..xb.G.........S....I.PQ.....y.s.-'.1...:.~.4......O.x..?!U.......?.9{...k...p...":........T...r........d&"..$ty.}..{..... ........\V.......H.....k... ......9.../..1.........z2z..(?<..sS..B..T.R"....r..A..`...}...>.....v....>...W........K_.2O.._.......&.......57....ph......y.._Q.O.....}._.`.....8./.N....C~.o/".....7l.......l.-?....K.}F.}).(..U.],.....'....w...$....a.I....!.M....!...Z....X.~..p.......%.w......t..w....Wh.&....%>_D.Pc?.E.._........].}.F.oF..c.R4.....N..f.u..S......O...mFZ.B...#....2..7...~a..X1

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1esw1.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 60549 bytes, 1 file, at 0x2c +A "cpc1esw1.dll", number 1, 19 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):60549
        Entropy (8bit):7.993184936684109
        Encrypted:true
        SSDEEP:1536:Qzp6yu1V0CskcRkPSZ/FFWemYfWX2VTDUVrQzqGSD5MY/:Q16TLlTc26Z/FDmyWX2tDjzqtD//
        MD5:14B58FBED0F6140C24D480E14C6D6B97
        SHA1:B56079AB7F6CA65E0FF99F6CEC71F1FA7B2EDC5C
        SHA-256:83C45FA4B047BCB00EBCF559AC557EA9C752F705AD1611D4BEFFB1815A006484
        SHA-512:7242BEBCCED67A837CF30464DFA20132ED12F40045A864ECA9A998D8FC1A73EFF14B5B759A4B34F9118A962AC99EE7C6DB78A3A79AB49F637ED2CB5ACD6F26A3
        Malicious:true
        Preview:MSCF............,...................I........4........,C6G .cpc1esw1.dll..2^.'..[.... 9.....3.%#.p.....U......v.0v.V........S...M.zj\.9.M2...!....C\.;N+......{....M.>..#5...nK.......%N.|..@fh.f......;G..;..{..5_...e....p.p..$..MBm.K......:Y.Y.}c......"..b.5'.3w..4.....$@B.......Q.AY.s.....o^F.J.6. .(.0. .(."......{3s.7(g...F&@.,.....|W.=.S..(PW..|7.x.._c.82.......#....xd{\7..o...C..../.f.{.v.Q..F..n..&.R.....{...n.K.k.r<0:e...o...*nPm..J..a.Nu...<.;.....Q.....1..x.[.Jf.7...eu4...<.G.}..]v.....?..J...0.y..(S.3.....9.5.R. .Q.a..X... ...).+..`j...7j.(.'...=s....N.d\.D......E.. q..,fm....G.#...C.............E..(".9p..............,.G'..t..Q)H......X!..3X4B.P..q.D......p.?.?.9......._..}u.S....N4I....8..(..R1.X.ss.6E.E....xaC........1....`...L..`a.v...$....<2....0B.".<.q..`........stC33Q..8.D...D(..{.C.s..C.....,<..`.D ....Q.A.!L.B....,...D4..%.P...........b.y..`7q.......p..oHf.2..'.h....JQ.7a......0b,x........|}.....1a....:...X..#..G....y\2..>.O(:.G.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1frw1.ch_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 20717 bytes, 1 file, at 0x2c +A "cpc1frw1.chm", number 1, 1 datablock, 0xf03 compression
        Category:dropped
        Size (bytes):20717
        Entropy (8bit):7.989550267418251
        Encrypted:false
        SSDEEP:384:owPWWBHcDNwrlJ5QsH1KYYZGzB3bGjcqCiSxZ2ik66ogfPTWHJ39ngxhpriAu8xA:fJWwDPVKYYobGGdl0PTWHLgxjEkbAusb
        MD5:5072BB858D3CF10E5373D353C82C6FA6
        SHA1:CB52473749D5C02B286699EB96DDD8B4D8B8B1E8
        SHA-256:FAA72DB770C5C6D64312D6C8504D779771E61A2BC07521F1D76478AA6862CC3B
        SHA-512:C6EFA5D0C7F555BBE23749905FEDBA641457BE694A008370BDEEEBD33C88274B672BA4C4908132F9D52B6FB7D2F6401F6D85B785EDD0DFD11872230D2BA2C5EE
        Malicious:false
        Preview:MSCF.....P......,...................I.......$m.........5[. .cpc1frw1.chm.m...P$m[.....@...........w.bw.]..w.wwrw..w.w........b E$.`..........|_..6.#\.p.".H*..fn...+n.96._..PH....G3.^...Iy..0.yT...{....$.@4.Cd..H.z>.b..>6X..rZ.2.z..\..........n?..x.w.......!..............r.....1.O..........PWh.....?........?.Y.0.d..Ke........H!4.....'W.,.F"TAAE.Nl.L....T...'.uz.r.Z2x"...y...#.R..@I..Es....Q.?...{-...*Or..0....K.Ob!..?...?)h....<.I},.C#bFep]Jje...%(.'L......y.;.,.....M..L..}.w.[....Ov...9.t.[..[.......?.R.]..\..?.Pg.P?an.a.gP.).s...]...N...O...-..:~......B.............i........).l.../......<....R....?Z...o.b.#._....X.w.,..t.).........H..._.q...N..%......g5..p..R.q.Y...........t..f.w_.........q.A.....V.......{.........m.b%.....&qH?.l...~C........f.......m.....G.....a.h...Z..]<.-v..E.w"4..h.N..p?...?.~.%.t.'.K.&Kt......p....c...7..0.}.(..._.J.*U.....p.N`.C.......h.C.?I...G....[T.......................~'7..2....~......z_3....;..D.S./a......$.......*..

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1frw1.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 60541 bytes, 1 file, at 0x2c +A "cpc1frw1.dll", number 1, 19 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):60541
        Entropy (8bit):7.994185967044187
        Encrypted:true
        SSDEEP:1536:SxKohSrhqb/VgOG/CFSw2Npf2DeCwtr3rvgFdxRxJ3Exvt9:5ohBaOG/CkBMwtr3rUXTcvt9
        MD5:4D978F12782191CB4F74143D57956CFB
        SHA1:81096CA5AC8BECFFEAE762805C53EA985545B78A
        SHA-256:B558A31B0EDD9CA77C43AF3F65E585F2C56041BA6E5E80EC5857C0994748F6D1
        SHA-512:6BD13A0266CC3A038322400D34C046F536AF7F2023552E673A0600536D35B5B8694403E71C1328E1A8093CED708D27F89CA629CC57DCE0F32B47FDEA9D14DEB1
        Malicious:true
        Preview:MSCF....}.......,...................I........2........,C,G .cpc1frw1.dll.M.w..'..[.... ......3.%#.p.....U...../..r.w....T....l.iY/]*.M7....P%..8K........d.`.uY.....N+..>[...-.3a..o\Zu..+..$CPF.x..-..s..3v.~W..n..r.oH&...z.G.....]Z.....v...v-.]..m.uw..,R.....0....EY.rB ...g....D$PW5v...yh...>*.v. .(.0. ..R..D.........."h^..h..F._....^.....V0....=.'_....r...b...|.o..z..|....;..y...!.....g_0E..[...(.1..a.v..........}rUk......C*.......A..v......BC....[..._...Yp......O...M.[.oc...8r.....T.Qo.K..T.3.G.a9.9He...+..Z.7.H5.....G........8~>=.Uq...Ge.......k....IY..C..}~.#...$..)Y.#..0....H...c....#..........(b.;p..a.q.4..qqD.....!.....c....a/..h-L....Gh..9$0A.=.^..3.\..9.9.3s..>..t.h...V.R/A..J.5..JX..'.. ...f(`6...E.F..H.p!m.........m<.6.^..B..B._<...{...&..~.".).......Gj........p...-z.O..'... .)..C0f.aFk>... ....\0.a........QLa.!a.../....HB.EH..&....'(..F.).hh..,.....<.^..$...S...Gp....!...u..;.#......D$b..>.2:..<..Qx..SAP....D.....|..I.......><P.B..

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1itw1.ch_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 20741 bytes, 1 file, at 0x2c +A "cpc1itw1.chm", number 1, 1 datablock, 0xf03 compression
        Category:dropped
        Size (bytes):20741
        Entropy (8bit):7.989023096467219
        Encrypted:false
        SSDEEP:384:OglV8jftXf22V66fHF5Q+iPPq43+WeJsu2fx0yHBCxDI24z:Oglkfj7KpP8auyx0yHk02Y
        MD5:79FB1BF504170A709AAE0EA2A6AEAB08
        SHA1:9DB70657C3ABBA40174956D9C22F94C5083F9044
        SHA-256:8244536F1573F5EEB607AEDE7267BDAF92EFB72AC9D31FD967136EFA6F358456
        SHA-512:B1AF4CBAEF39C0BE48BD0E4C76D54ED3494C9F8C028D6FDEC35DD857C884A92C8233CA16DC6553ED6E91ED97AAE257D58C40284BAFB5B823E1D7109BDA6867F2
        Malicious:false
        Preview:MSCF.....Q......,...................I.......>m.........5.. .cpc1itw1.chm..l-..P>m[...................]...............w..q........... ....D...7...P{0.*kC.y2o....a...k`H......@.Iy....)........hH..f........|~....m..e...00...\..T.....?A.n..w.v.............../.....?....y....c......h..!.._.?..7.....W..?!Y.0.d.{.%....2..t...D. ..n..,..@X........m..5Q..?....J.)...h0.b....A..<.JB{..K.-.....O.l.!.*..I.?.f1+P..b..O.!Z..?O.h.)..~{..I!,FCpbJee].j<..ep(.'.........;......PQ.....}.w.[O....vh..7i:..m.-...........m..m..[(....0.......E....:..........\.rJ..G......hbQS.s.Z................$F..E..m..3L..g.+{@.Hd,ip.hA....e...7..h............J[..+.;........g.?b.].V........7......~o......,_.2[9...E..~.........e.2~..gx..b........?..h....g.........).;.q"V..@......?$.....w...Q....}.p....-..C............C~48Gl._...GI.....+....?.5\..K.i..r.0 .......+.....bS.P.......s.1......D) ...........[e..1../3'. .?.f..K0.........eVU.>....Y^....U.f....~.).lP...X....(.............

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1itw1.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 60275 bytes, 1 file, at 0x2c +A "cpc1itw1.dll", number 1, 19 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):60275
        Entropy (8bit):7.993631221284733
        Encrypted:true
        SSDEEP:1536:4eZlAd1yefX/R9QMDdRaSvuA7vK2hvdgQelyNY1lmhp0Fsu5su:4UAd1yefvR+MDjx7rky8lmhGGu
        MD5:8907FEC1B2898FEC847D17CDF6681034
        SHA1:EFBED1EC045E4452F7A52F0A2A3D8018D562D3F4
        SHA-256:FE0275936203A7C891A9C1023974B6920E15E83210DB8EDAA06EDB689BD4E066
        SHA-512:E8D3A53EDED4CCCB281363F6AD904DADD6A8E01557003A2FB95E99D13CB97061CF572D3B5D2A272168F9E748F6622223CF47B996DB742BBC7358F5FDAE983138
        Malicious:true
        Preview:MSCF....s.......,...................I........,........,C0G .cpc1itw1.dll..=..'..[.... ......3.%#.p.....U........Z._..(..S5....zu]v6oS.;.P%..8...l....^^K..Bv.^..p.0.,Mu..g.o..0m.>..............8.y...=_w..K...e.."Ir.D.+4I..]....y.s.[m.N..gme%.m.&]q.m%.#. \w.t&".........H...}......;....w...6.D...D...C.j@..$.+..........."(..f3.".......b...t....j#..+.............c.GxK.<...c\+...........'o./..."....3....d....T....1.yX...o..hP.....?..B.Pm.....u...1.....7..+=...;...Gc..<...T.?v..u=~.8..5.._.oR.....\.(.".'...(U..t....#..vD....:@[.4b.b..v........,HSOH..z....9s.D8..L.x .8b@Q.2J.[.2r...p.hp...qD\."qqht.(~..Bq.3....<zz...9... 9r..a....x..M...r...?.......Hx\..K.K.t.................gV...S^Z.<.tr).U.....N.A.6>B..6m.....=..........x.C......#.7:D1......VX...../^@.D.......{...Q....U.........#$..FC.b.=h....{.!.2......"......,<..`.D ....g. D.....2V0.....F....DX......#..z(..Q.:hn..<.Z.....F$...Ch..F......}#..uhGv.~.C."G...~.`..0zl<..7....P....?..Xx.8=...........p".~=

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1jpw1.ch_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 25613 bytes, 1 file, at 0x2c +A "cpc1jpw1.chm", number 1, 2 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):25613
        Entropy (8bit):7.990835689229193
        Encrypted:true
        SSDEEP:384:V9HhRdBpkzFOAPZiNG/KII6MJMEGPFG8GW+nIcI7ylW7Nz7suYd8AdHR6EaMwlbW:PJBp+U+Q8YnW02z7lYdDxMhMwlb3dK7
        MD5:B26BF8C2D47385E64A79F88FCFC855CF
        SHA1:00F1FBD52DA58DFF16F4660B8F10F2FB5484BBD2
        SHA-256:64528E6F2BA1868705800D55C64B3D4CC88A51ED69F9714A87C1FD98D65F8120
        SHA-512:2223B720E4FCB7EAFB82388A12FE9B944F5806AC35EF82B8871761130FAF5DB6E05832E7AD413B190217E244BF825C400439656B1A1F108E8347B60579F62184
        Malicious:true
        Preview:MSCF.....d......,...................I.......p..........B.( .cpc1jpw1.chm..4..c..[................................].]ww..wwww.p.......0.g7#.@..Ed...d..E.E..Efs.5ZT.z.!@..|K8...^..1...aU..I.....1.....w{1s8.`......._.%.k...4E0`...`.h...."J. ..z.d=....|.......K.ec`.....Uf?./..........4......C.d....a...._.p..O5..H.....$..T..P.GM.L.._.....A..y"JB."&.7`..T..BO.....QM%I.9.L....#P...............P...v.B....*g.....(P?f..31_.h..&Z....-_=X..+....D.dFg......?..p..O._I..."...l..E.tu7..6.6...n..........p....\......?.T.W.vO&.....J.L....i...}.....n.H.!2.O....F.C.?{. %.....A).@....q9a*...q/.`...........Z.[..V.i@.......?[...w..9..w..z.x$.?1k..g.G..?.7~...XW.....@..ly.:.~....j .....2E.&../.Lqm....&..2.._.f...+...c#.?e.d...dMsi.p...0....?.y..d...1H....g._..!V.._G......_.{.........c.gx. ...~9:.7...[."...`..C....~..O.z..~EP.....).vo3...?%.N....?.......[+..[.-...f._.".;.k...1(Eh..S...C..4....XRA../...L......2K......a..!.hOC.............Qo(|.~...!...9k..Q."..L...c.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1jpw1.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 59311 bytes, 1 file, at 0x2c +A "cpc1jpw1.dll", number 1, 18 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):59311
        Entropy (8bit):7.9939114871495445
        Encrypted:true
        SSDEEP:1536:XY+mqG/7Yz/cXlJmbU/SOwc1MxGN62Quz6d63+W:JA/MAljSX+MxGXB/
        MD5:D15AA101A9AA9BD8B9C3392C51C8F051
        SHA1:A750C061C267B1AD50B14EADC21A25039A9D3CBC
        SHA-256:ED247FE9994F00B2AC281E86821DB638C91BA718AF4547CCFA394417B247F8ED
        SHA-512:7B2F677BD38FD50257C0A9A41E16EAB97EF47D15A3641B6A1A3F7F9745D1F05A61967687B3065C791AF0C95E374788A747B4914850840AF142129AC4B461CC7E
        Malicious:true
        Preview:MSCF............,...................I..................B.( .cpc1jpw1.dll.ycC..'..[.... i.....3.%#.p.....U....m`...._..P./1.K..M.z.R.9o.8.P......2..k..N..:..d..-.3...l%t.....0..m.>.....0..;.0.~q.....{]Jm.,..hK.......q.6%...7...yms.\uno..........!hg"6B..ON`.H&..9IH...;.........."1.>....>......$P.....4...t#.G..ws-..8..Y.4..F.............\9.%E.........#7.......2.m.....}.t..(...<....{..F......#.}..v.c".l.....{....<...GB...g..:m...M.C..Z..|..NW.c......=....T$...o.K..)EC....7o.g...y#.=..].^.....m.m..M....Q.Pa.~K.E.<.F.)f...>.#....!..........C...WW5.J{p<.X...u.6.f.)s.......Rl...S..A..V..}Z.A8>&K....1.0|..Q..0..)3d..k.G......A..........1.3@....../D..+..h..I*1!9<6u......g.Xk>g.1.}&N..7Vi..S.Z.t.u...c.....Q...6JN..6m..A..?......`!..!C........<:.pA.....+.......0*l".`..B..60H.b.>....8b.P.7a...D..j.<~.OD..>.RN.. .1v.`........J....0......D....!(Q.....F.!.%.pD..p.bnn....nH..........B..I..d7.Z..H..QR.8...f..1.....?.H..$(....!......:..71P.a....@.o.H.ay?*&.....

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1krw1.ch_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 22229 bytes, 1 file, at 0x2c +A "cpc1krw1.chm", number 1, 1 datablock, 0xf03 compression
        Category:dropped
        Size (bytes):22229
        Entropy (8bit):7.989898491364522
        Encrypted:false
        SSDEEP:384:/dr4v6TvUelqS9GlZtQb+g9jLN1scbi+0fBn88vnEVwZ5H4XheFqDF7XJaXMa2a5:lr4wUeAlZnghXB90fB88vEVU5H4xeFmq
        MD5:11A59185975E62241E7286F9EB3912DC
        SHA1:CB263A8BA80BA9E056C67C444872CBC2C92F2D76
        SHA-256:A73B5609FFCD45091B24E598C00079A8995E8887CD3AEBF2153054E7ED52CECC
        SHA-512:7D20F234A55C8E52B4D9EE6F7919041690EDE0AF39774FF5CF264E57CC88A75F4FA30F2157A8E263E3F62E94599463FE54FC2B539807214EBE121980145B51B3
        Malicious:false
        Preview:MSCF.....V......,...................I........r........*6.Y .cpc1krw1.chm..A"5.V.r[......,........"..E..............p......ww.w3.VD.....F..X.d.c@...[.I.jQ...s..h..o....s]...E.o8..N|..........2..IN.........!.!....}@............T...?.wy....D.w.{.T......H...27...........a.._.sQ..........?.....@_................_.....<..w.h.{;.B.....5..).&...U....`..*...)30.F..........P.OQKFPD...t......B\.JC~..h..(.&. .W......Oz..8......Ob0.`..Y..O)h.........BP...Y....\.|.~.6u..0...._\.B$.DTZ>Tpp`l^f.......q......5-.......=....1.:;76..P-.?.oQbb..R.$1.K..?..^H...G|..-...R.8.......50....~..W...|~& ..'$.....~.......hs..B.W....d..e`+d...E......f.....;..Rc..+.I...."..y7qV.....b.....8.N.9M.Ox...M?........Q....M...(..-L.,....?.[.3.o.~.a.D.... ...(.(S....eA..~c.[.?.A....K.........>.t.h.._...x........|?.E.....#.../b9h....9...9=....d...../C.}..A.._......z.p."........\..1.G.R.S.kOlp.a'.S..L.H..w.......`m........ueV......#..0.=..f..c.z.....2.=.>...3->*Pf_.k.=../.6.0....he."..7.&..

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1krw1.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 59743 bytes, 1 file, at 0x2c +A "cpc1krw1.dll", number 1, 18 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):59743
        Entropy (8bit):7.992455155399203
        Encrypted:true
        SSDEEP:1536:o0ENJwHppaZji0OVbf01FGDq8xhnfIWg2hSObPV:yNCppa5iVVIyDq8nf2MbPV
        MD5:1B76D2CC0C819DD607B14FE9C9F23F86
        SHA1:B75C2BB5C2ACE935DD5B925C39CD2FA5AEE0012A
        SHA-256:AE1108C9ED1012DE87E66031F33E8E011229F6E07165774671B6528EAEA7CF82
        SHA-512:D5B7481DA72C8973D0845FDC9D163CE8697DB2CA5979C0429B5DABFDB14D084E38C9035FB3976CB811CA67B47F231CB77F784C91B26B2A53B323B4E5EA08BA84
        Malicious:true
        Preview:MSCF...._.......,...................I.................,C@G .cpc1krw1.dll....I.'..[.... ......2.5#.p....[.e..ZoClk.n.T.k.....+&{[kAt.z...(..ov.[l.}|.7.H]Q..SMN..N7.>.P.4.......}. p....C+..x3....]............J...L....]...[*.Z5.{.....;..5.;)[..^o.^8.-.ZI.b.....R.]A.......i..?......]..A'......w.B@..........A..]......9i...M.H..h.:$........%...\y..5..w../r2...Cf.~...[................Q.......i.v..l...W~.d.{^X.}i../.v..n.W*]..x..ex.J.d..tt;.v`Ou.?..3j].R.o...f...~(...7...^....R..).y...6y....Ce....fR.E.....2..W..N..R..o...+=.N.)f.=.?..<..|!........D-[]WWB...0>.B......q....hR.d....... ...2qm.......&..$...Q#......".q..B.f:1....abqz@.!`.8`...qzxB1.'ztLA(=.J....r.H..P.A..c...T..r...:...s6B8......WR~r.r.Uj...VbE,t..Q..R3.@.zziO..$...!10.X.6d<..6<B.p...)K.Mk-.D.}(B.%....M..p..'(....RN.!0.f.............<b....}.....@.c..........b.(D!`!.'.@...:#.".0x.....B..0$P..G...&'...()....,D.....~.H.......v.G..PH...Q.(..0f..=.?.8.....a....BoyxBA.<..S....$.....}.C....A4.<.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1ruw1.ch_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 20955 bytes, 1 file, at 0x2c +A "cpc1ruw1.chm", number 1, 1 datablock, 0xf03 compression
        Category:dropped
        Size (bytes):20955
        Entropy (8bit):7.990002880793497
        Encrypted:true
        SSDEEP:384:in2ncznbZF0vWNhk/Z7fRIpyTHIA7R0IpMs58H6Ch7tO2ZjVCnPOXfAINQqt35:ingsF0vWLgvH40MYgO2ZjCP6oY95
        MD5:E5F4C25D0E2E5FA5D886EC41C4C73399
        SHA1:018345047B6CA3727F5BF505B1D8D88E6DAF1B76
        SHA-256:82A749DF7A90CDBB801A61EE0D3955A16EEDEA5E7A6D1FF4240071A1EC6F8117
        SHA-512:0A4852B606477EB23AF68B5E26B324056E175D8F057164BCAE379794B4CADCC43DFCFCD691F810CA87AC62439600751790F6DE97D14F83B06A7C8DBFA3DA283E
        Malicious:true
        Preview:MSCF.....Q......,...................I........n........*6lk .cpc1ruw1.chm......Q.n[.........................................@.H..............Q.l....F2..=..5.k..m...........\..B.8O......@8........6a.l..0A...lk....oENNO.B......e.U.h..<.. .z.lG.pH......w.?_.....r..s.F..........G.?..j............o..........Y.4.`..;&B.......4. z...,^..X..B.........E|......O...$...T.4..8..F..J...R...fx?.'.%....E...*....../G........#......R........W..p..$$.VD...F..o,..z?%.#..}..V...".....n.jnd^.\.......f...7i:.mlM......@P...........~.s.......dpH..............L_...k...D..<..$$xy.}..{....A..;...,5..@...x.....k3..~s........9.../..1.........e....|...45....... /.....%..../......g...._.l..,...!.p}Y..,....../.....O.K_..!...Z.#._s|.:.C...........PB...u.H.o...vb1._.p.S..C.0./~.o..~.X..3...A...?l.-..K......F(}.8.'.........'w._..._.?..$}..q.....nJ....4s'.k.mkq`...K.A.?.J..aw.......%P..nH.........'J\>5.....E......2[...i..V..a.Q...}..H..f.u_.A......n.)kFX.?..*..j..E#l..\...A..P..o.......a

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1ruw1.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 60923 bytes, 1 file, at 0x2c +A "cpc1ruw1.dll", number 1, 19 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):60923
        Entropy (8bit):7.993240792302303
        Encrypted:true
        SSDEEP:1536:FXun/ua254Vx2HZnlfAf2TLXurx0lO5XlF/OgZ46idUIpgPDH3I9I7:cnma254XclfFTuracNltLZ45rpgPD4W
        MD5:6B2BD474A0B2F11F44F79B3E2C026FD4
        SHA1:95E5D6CBAE081329971259F9CB8466251AA88BF2
        SHA-256:C5CFC65A86C2A00AC92AAD81093348A9B4974C3267EEA6C05C6B0BF43E021859
        SHA-512:6865273216B4AEA92A7B5DD7B8AA9B9BB23141546D8098C46F185DEBB8E54DACF6572DB6AC87241080F9D18034C2A549E8E4DA05C7422C64BB473FB01694A2D0
        Malicious:true
        Preview:MSCF............,...................I........,........,CCG .cpc1ruw1.dll.j7.u.'..[.... ......3.%#.p....oW.y........;_|.....c*0....Z..e`...d6......Z(..~.X..=.{.,...6.I..Y....0..}..!..2.F3.g..~.g.~.....zmwuai....6G..=.m....u......9.....oK."...E..b.Q........ ...66MS.......3"3(......w.....H.P...P...8...h.....70#...I.VN6$y...8....^....n...<W....8.~<.;.o..Oc.W.+.>..c.n....a.{........W...g...6..3.y.1.VnO...{..m....w.G~'FX....9.....$.};.......\?...o7.....^.....u...nV..Q.M..}..........G._.qU....,U..&.g.FQ7.AaNw....w.!\5.....h.....mi.I$.+{.Ak..*_........!//.3.Bz.%..0..2pp|..pd. E.............D."qq\hB.y?:P.<..Qj..&..d..>E@8..1..$...&:....gl..c....^..?^..X..F..q9<,M....?B.?s.T..#Pa.!.t.n....V19..ZU..D.\.C'..P...jX.6...E.E..bf..6n.l."nxx......-!7..../......B/^X...78>1./>.A..}..@.7..P._.p....n&....(r.......`.....},..@`@... D`....g.(.../...^8.. ..F..".EX............)..$....>..B.F8......M8..7:@.b0o........0.,..aG c...A......8..80F'.....@.8`...<.........y

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1usw1.ch_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 20721 bytes, 1 file, at 0x2c +A "cpc1usw1.chm", number 1, 1 datablock, 0xf03 compression
        Category:dropped
        Size (bytes):20721
        Entropy (8bit):7.988711179786876
        Encrypted:false
        SSDEEP:384:E/LeZc2MqHgOHXqXmzTr5sPhWpS7xxWTCI7w7:kLdwHgOHa2T6wpS7xxWTCI7w7
        MD5:BAC1D12EE6072FFD34CAEFCFBCBEDACC
        SHA1:51EA2E7E8BDF66642ECA7F9C2E892EE6A6BC1918
        SHA-256:79DEC1B5394142ADDB312CE25DEEB129F8E01E664E673C3855257E1E6DB51B9B
        SHA-512:04610837B0CDF1A1DBB5FD2813F4BD5434F777AF554FB1124C44338B449D41746DD44DA83FADE55DAD8F5A8EFF651EE17BA87EACCCCA093767CFBF265A381AB4
        Malicious:false
        Preview:MSCF.....P......,...................I........l........K?.( .cpc1usw1.chm..j...P.l[..... ........./.UUm...Q.......j................@.H............8 L....J&`.n..*..o.2wV....X.^..D....q.... <!.%*$.?.<......(..!w.02$N..)..../.....4...@........q......#...D%..,c....w.K_._.....8.T....`~._.....W.t...N_@......y..............R..W..x..GJFA.e........K.........h?.)....z...........M....CTS4.G?..3.....{./..#......../.r..'....o..i.?..zT......v..BX.........*.......I.'....y.3...9..DE...u.o..o...?.O..?..5.4.....cD.....N....kT../.y.......#T~..|.........|.^..Z.r..~.?w...........'.........Q........"..X........V2.F.z..X.X.........}+.c...A...~...?..f.e.......#..../....)V_.W^........K../N.l.K..0.L.K..1(.a.K.~..[..o./..2w.._.?.....&.!&6.......6..O...rh...?V..:...?"7...n...'.>61............7~q....FQ.wi..w........ua.......Z..s..;..?E....w......3...g...~.G........w...C..{?._..o.._..}d.Um..6.PG .7.}..N.j..'-.......!...E^.........2.{?....U._=......?.....o..{..|u.....2..../......

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Driver\cpc1usw1.dl_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 59985 bytes, 1 file, at 0x2c +A "cpc1usw1.dll", number 1, 19 datablocks, 0xf03 compression
        Category:dropped
        Size (bytes):59985
        Entropy (8bit):7.993465523479563
        Encrypted:true
        SSDEEP:1536:qE++fSz9aHdRUO3yv1Us1pbQPujIqDbvn9WxVyS8CxirMo:qELq0dFsZpskDb1WxVf857
        MD5:68F73C00BC4345E0F67A76DB1F2CCF76
        SHA1:E2AEF81EC5E41BC3EDE650F84A8694CBF7DC85CE
        SHA-256:C73030F469DF8A98A9617DC9788D6DD0D0FA571887B27BC6A9E78578803360CF
        SHA-512:3EEB620679A0316CEAB66282C7A42D06DCB2549B7941580AB013C5058752C03A7118869A33A5935452C4BD7B660B2AB5955AE8ECCC837645083B8A7BA57F2027
        Malicious:true
        Preview:MSCF....Q.......,...................I........".........C.( .cpc1usw1.dll....p.'..[.... ......2.5#.p....k.j..P...-]..?..{.k{.k&t[.A.SJ..6[vj..}[..T.....|z...@w.\.^.w`.K.>.p........|w... .4.33.e....n..?.~..]..n.D.......!.\.J..m...g.w.^.j.u]......>.:...I$#t$.9Is6q.Oc$.1.B .........H..h...../f.9.......b...c.b..,....+....y..E.H..j..F._....]...v....u./..#=.....x.G..p.&..;.{.|?....U...=.x.9.@......UD{....FO..............b.{d..#.Q...Tw&....+......u.P..c....."....x.d.u..~..)..w.,...q...$~...w9mF%tum...K.."..'.D1..?AEt;.F.(...h..yn..#H.{..:..>..u=u.frn..G......s....Q.aI.. ..'.....P.....f...{^8.8<...H.8d4..9?:O.D..Ph..&.$...FdL..a.(T..KMXF..'..H..(..#......H..'...D...x.fN$..".s..{;F.....~....B#*..R....X.C'..Q.6B...m.....>..q.....D.......:..<........-... ."/^X..../8.a.....(,.........#...F$.....M:..>.OB...@..`4.......a...A.qb.O.Q.....C.<.1^h....."..a.&....'....PF..<.Y.Q.a@y0...H4..2MT..7:>.B0o......w.w0.0.FaG.#........yx.q.....`?....F....`..H...a.D..?83.h

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\CHECKSUM

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):2310
        Entropy (8bit):5.222986584446144
        Encrypted:false
        SSDEEP:48:yH2qf2gybykkzplp7vhywieneleGewBe9ecGfexePaes:yH2qftyfCVvek
        MD5:457FB300CB956C6DCDAB8DFB6163514A
        SHA1:9B03F553EB8720D9EE13BC64F30CFA88C29E7B6B
        SHA-256:266EC8777C33647F14CAA79CBD9F59C0106EB1D61724BFAA9F4A41A5C2E1C169
        SHA-512:F07432BB590105CC15256F6300EE2DDAFF1A6BC3E95CCC01D93780567438BBE9E05499CE7092E773E3E31DB6AB4C94F9D076F6822E178612A2D18CC4BBDCFC07
        Malicious:false
        Preview:CHECKSUM.--------------------------------..Data/UninstFiles.ini.0ef1a18517d5e71b570aafd0ab865d2a..Data/cnwiicef.exe.5db3a7c727ec6f96ffe8143f51050e4b..Data/cnwiidci.exe.112d16f4953028396bb688c92245fe80..Data/getinfo.ini.6323691f8cc8ae9109c77821432ad37a..Data/instpack.dll.13e42311a567ed4b6ec9a2353c52eb21..Data/reg.cbfd831195c9945c6781dfad928e5488..Data1.cab.0c3efd4ff34272d31246c84de34faeb3..Data2.cab.fc1647a245517ec4fb2d9e6a819f73e9..MUI.dll.6cc88e59c0d504a7f07baaaad334c78d..Readme_Chinese_Simplified.txt.c22f53722c3983ab43aaeade1985b27d..Readme_English.txt.368fbbd6a5687f37732fe076c59d09d0..Readme_French.txt.1d8492f4c1b886298c82ba839e949855..Readme_German.txt.185d4be988c4d909b81230a44c9b7772..Readme_Italian.txt.af3ab2001ae1868f298e0955739899e9..Readme_Japanese.txt.5484bbba0a02c485e4dcfebae1e05a8c..Readme_Korean.txt.259198514273f116215247577c102c56..Readme_Portuguese.txt.09fc1910a8ce3d070dbf69814cc72b64..Readme_Russian.txt.e36dc6c5ac8b8e90fb63a5fd35b899cc..Readme_Spanish.txt.7ab7c5982b35e2

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data1.cab

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, many, 744649 bytes, 21 files, at 0x2c +A "CN\setuprsc.dll" +A "CN\uinstrsc.dll", number 1, 98 datablocks, 0x1503 compression
        Category:dropped
        Size (bytes):744649
        Entropy (8bit):7.9989879161525925
        Encrypted:true
        SSDEEP:12288:H0ouUPH6+VobG3dFqR35sC5p4yIyWDmn0VkWgxo8L1H2EVLKkwO5:HsQVvD4tpJWPoouWOLK72
        MD5:0C3EFD4FF34272D31246C84DE34FAEB3
        SHA1:597734B432786E53C306CBA0DD43F25B7616D2D5
        SHA-256:19704FC83E46C6456D18BFD941334D85F0943F09D1F85EBA8F1EC171EA47FCC5
        SHA-512:8EB78D6CCE93EBA6B2EACA8B3D076B1F0FCFD34419F9D50EA8B17A1A82C6FFBBCBE088BA8F71AC9A4AB94662FB688B0A729F503B9E6D2A0ADEB47000260651C9
        Malicious:true
        Preview:MSCF.....\......,.......................b.............7D.i .CN\setuprsc.dll...........7D.i .CN\uinstrsc.dll...........7D.i .DE\setuprsc.dll...........7D.i .DE\uinstrsc.dll...........7D.i .ES\setuprsc.dll...........7D.i .ES\uinstrsc.dll...........7D.i .FR\setuprsc.dll...........7D.i .FR\uinstrsc.dll...........7D.i .IT\setuprsc.dll......D....7D.i .IT\uinstrsc.dll......D....7D.i .JP\setuprsc.dll......:....7D.i .JP\uinstrsc.dll......4....7D.i .KR\setuprsc.dll...........7D.i .KR\uinstrsc.dll......(....7D.i .PT\setuprsc.dll......>....7D.i .PT\uinstrsc.dll......>....7D.i .RU\setuprsc.dll......R....7D.i .RU\uinstrsc.dll......P....7D.i .US\setuprsc.dll......`....7D.i .US\uinstrsc.dll..N...`....7D.i .uninst.exe...."6..[.... ..q..0..5!.....O#..<..Hbe........|.6......1nX."..t...S....B.(.^........"..{....I...w6`..)..Dm:...d.F.@.a.. ..X"...Z~b..7...SY..}.Jj..R.Z........m%.``.q....... ....g..}............#.2u...m.................l..../.".....Z.....H(.$...%w...I..$<.x7..../(..6.T*.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data2.cab

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, many, 7140158 bytes, 95 files, at 0x2c +A "Canon CIW Extension.dll" +A "cnpdsdk.dll", number 1, 1409 datablocks, 0x1503 compression
        Category:dropped
        Size (bytes):7140158
        Entropy (8bit):7.99841266270066
        Encrypted:true
        SSDEEP:196608:qKmm5OsZNniJIj8iLhhD0Ye0AH5LK/wHiBH6I0p:q6OsjUIQiLXgYe0AH5W/wC4b
        MD5:FC1647A245517EC4FB2D9E6A819F73E9
        SHA1:DCDFBEB1316EBBE349AA524B7D68F8ADAD421153
        SHA-256:8A65A730A04BEEDB4D15FA9165F70594A6D8939198D1C1D822003899CB185D3D
        SHA-512:4A87D0E2790ECA674234EAC8C0084DB5E3FD58640E316A9A32CB5F5878A99BFAD8ADBA6A283CEF5790FCDCAB8366344BFEAB13258918D7136759B3B109BEF3F1
        Malicious:true
        Preview:MSCF....>.l.....,..........._..........................3.p .Canon CIW Extension.dll............9.V .cnpdsdk.dll.;p...`....*4.V .cptk.dll.P...;."...%C{M .iPRLyot.exe......~6...1C.. .iPRLyot407.dll......^V...1C.. .iPRLyot409.dll.......v...1C.. .iPRLyot40a.dll...........1C.. .iPRLyot40c.dll..........1C.. .iPRLyot410.dll...........1C.. .iPRLyot411.dll...........1C.. .iPRLyot412.dll......^....1C.. .iPRLyot416.dll......>5...1C.. .iPRLyot419.dll.......U...1C.. .iPRLyot804.dll.8.....t...!E.u .iRCort.exe......|.....D.. .iRCort407.dll...........D.. .iRCort409.dll...........D.. .iRCort40a.dll...........D.. .iRCort40c.dll...........D.. .iRCort410.dll...........D.. .iRCort411.dll...........D.. .iRCort412.dll......|.....D.. .iRCort416.dll...........D.. .iRCort419.dll...........D.. .iRCort804.dll.P....|....%C.M .iRCortStartUp.exe..0.........1.\ .LFCMP14nu.DLL......;.....1.m .lfeps14nu.dll......K.....1.m .lffax14nu.dll............1.n .lftif14nu.dll......{.....1.m .LTCLR14nu.dll....... ....1.l

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data\UninstFiles.ini

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):6280
        Entropy (8bit):5.102652514350941
        Encrypted:false
        SSDEEP:192:1ydqXctKLgRuvkF/bPARqLsN2XdrnIZiDE1Oflxx2vENiLAJ7Zx2botiHUJXc0b+:QdAl
        MD5:0EF1A18517D5E71B570AAFD0AB865D2A
        SHA1:088DB4117C580A29926ABBD7A8FF57C5FB613986
        SHA-256:17F1C325113564B9137C809CF765614C5FF0DEA349EFD1B042DF5633A1653B12
        SHA-512:B05EDC41B6B6E4DA2BC3A918F4CA2FD032B17D3EADC9686304532CDE360AAB63B6026590DF0C95BF437F0289FD271FF65BD5B2AA60CCD05D05AEA7E7F78DA5CD
        Malicious:false
        Preview:Canon CIW Extension.dll..cnpdsdk.dll..cnwiosif.dll..cptk.dll..iPRLyot.exe..iPRLyot407.chm..iPRLyot407.dll..iPRLyot409.chm..iPRLyot409.dll..iPRLyot40A.chm..iPRLyot40a.dll..iPRLyot40C.chm..iPRLyot40c.dll..iPRLyot410.chm..iPRLyot410.dll..iPRLyot411.chm..iPRLyot411.dll..iPRLyot412.chm..iPRLyot412.dll..iPRLyot416.chm..iPRLyot416.dll..iPRLyot419.chm..iPRLyot419.dll..iPRLyot804.chm..iPRLyot804.dll..iRCort.exe..iRCort407.chm..iRCort407.dll..iRCort409.chm..iRCort409.dll..iRCort40A.chm..iRCort40a.dll..iRCort40C.chm..iRCort40c.dll..iRCort410.chm..iRCort410.dll..iRCort411.chm..iRCort411.dll..iRCort412.chm..iRCort412.dll..iRCort416.chm..iRCort416.dll..iRCort419.chm..iRCort419.dll..iRCort804.chm..iRCort804.dll..iRCortStartUp.exe..LFCMP14nu.DLL..lfeps14nu.dll..lffax14nu.dll..lftif14nu.dll..LTCLR14nu.dll..LTDIS14nu.dll..ltefx14nu.dll..ltfil14nu.DLL..ltimg14nu.dll..ltkrn12n.dll..ltkrn14nu.dll..Ltwvc14Nu.dll..Readme_Chinese_Simplified.txt..Readme_English.txt..Readme_French.txt..Readme_German.txt..Readme

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data\cnwiicef.exe

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):182864
        Entropy (8bit):6.554692814527826
        Encrypted:false
        SSDEEP:3072:KvZMlc+AXqm5np9Glwu00ESbKq8IzOw0N3me1hx:KvZ4I/R4F00EaKq8Iziwe9
        MD5:5DB3A7C727EC6F96FFE8143F51050E4B
        SHA1:32E4DD5280631A4B7FD0799819240427F12AF033
        SHA-256:AB38F79F16412AF0E45F4534169EA8A12D3DCF2DA7972400C9A2F73B137AA6AA
        SHA-512:915421630FC800A0939C3025B7AE36CB0805037F8252434A730AA514836D3D832B019F691EE4A88A6564C1B2F2609AF3F815972E9F4FF815939C6292E4BF5BC7
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........m.=...n...n...n..Xn...n..mn...n..ln-..n.tUn...n...n...n..in...n..\n...n..[n...nRich...n........................PE..L...`.S.................................... ....@.................................W.....@.................................$t..P.......................P............!..............................PU..@............ ...............................text............................... ..`.rdata...]... ...^..................@..@.data....;...........d..............@....rsrc................~..............@..@.reloc..t$.......&..................@..B........................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data\cnwiidci.exe

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):178208
        Entropy (8bit):6.549427478274386
        Encrypted:false
        SSDEEP:3072:Fc+cJApH4hFbvGTJCCrtqSibf/WrQw8LaHkCvwpbpF+bmF:Fc+cJqY/8B3trQFmHkCSr9F
        MD5:112D16F4953028396BB688C92245FE80
        SHA1:28C1CD8D5394054BB1260B1E2C0610688014823C
        SHA-256:B3A837123FE89845AE9ADC9F74BE3378E118AF4161EC6CE0C93786AAD1192F56
        SHA-512:003B3DC107EA4FE5BC69F9E3E4F528BDF3B3B4E8F23CA36FD7867A116F704A399D82FB7D60C8ED420047DFAD9F0A9E475F87760D1DA133228F49DAED4BEA6978
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........N..x ..x ..x .....x .....x ....kx ......x ..x!.x .....x .....x .....x .Rich.x .................PE..L......Q.....................................0....@.................................ML................................................................. ............................................j..@............0...............................text...)........................... ..`.rdata..h`...0...b..................@..@.data....A...........x..............@....rsrc...............................@..@........................................................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data\getinfo.ini

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Generic INItialization configuration [OldVersionUtility]
        Category:dropped
        Size (bytes):4449
        Entropy (8bit):5.2209428250018615
        Encrypted:false
        SSDEEP:96:2RJh7mTFxHwGxFyFahrobPHf9q8/Fs4SK7I6oSB:2jETFxpxFuah8bff9q864P77N
        MD5:6323691F8CC8AE9109C77821432AD37A
        SHA1:E825BBB98B22669FF0F08888CFB5B935BA9AE277
        SHA-256:81A57469082594DB157F198D20B149458C495A711D7EED21899CD980FF9F6300
        SHA-512:8669D3E50F8F11DC6B29B1D7BFAD342BBD32384DF3C7FC1BDA161D3FFCBCC824638D424E4D3E1E52144CE0FBC418D13222E0D28369C8B1003598B17E1768EEBA
        Malicious:false
        Preview:[ApplicationName]..AppName=imagePROGRAF Printer Driver Extra Kit....[OldVersionUtility]..Existence=N..Registry=....[Registry]..FileNum=1..File00=reg....[DefaultInstallFolder]..Showfolder=Y....[Check32bitOS]..Check32bitOS=N....[Check64bitOS]..Check64bitOS=Y....[UseBoth32And64]..InstallAlways32bitArea=Y....[AdminAuthority]..Authority=Y....[StartMenu]..AppName=N..UninstallInfo=Y..ReadMeInfo=N..MediaGuide=N..OtherFile=1..File0=iRCort.exe..OptionCommand0=..ItemName0=Color imageRUNNER Enlargement Copy..WindowCaption0=....[DesktopShortCut]..ConfirmMessage=N..MediaGuide=N..MediaGudeName=..Readme=N..ReadmeName=..OtherFile=0..FileName0=..ItemName0=....[PrinterModelInfo]..showModelInfo=N..printerNum=0..N00=....[ConsentLicense]..showLicense=Y....[CompanyName]..name=Canon....[Version]..Appver=2.30.00..Instver=3, 1, 0, 1....[AttributeFile]..readPermitFileNum=0..name0=....[hardeFile]..filecount=0..name=....[Reboot]..showRebootDlg=N....[USBClassDrv]..NUM=0....[FireWireClassDrv]..NUM=0....[LPRClassDrv]

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data\instpack.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):299008
        Entropy (8bit):6.420200468736576
        Encrypted:false
        SSDEEP:6144:V4pRJjepNSdSQGqkV+o1l2GsnpnrbEbHK1Zuj/MP:V4BAiSX1apnrbNZujE
        MD5:13E42311A567ED4B6EC9A2353C52EB21
        SHA1:D63C9FCB9284E405F197B6321E0019DAFA15D333
        SHA-256:9ECCEAA10559890BA7CA2CD15B4E05D46B711F57DA71471050FF95022B578490
        SHA-512:3816C07A4C7377CB6FB20FD69AFE5A0843970A2A192A4A5C1A867CBC94E98E5FC37492A1C8C5E97049242F36752D1CBF56D1A660DA40CF8F3D998706011184E7
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......ki../.o./.o./.o.......o...0.'.o.....5.o.......o...2.6.o./.n.%.o.....Q.o.......o.......o.......o.Rich/.o.........................PE..L...y..H...........!................;m..............................................KU...............................3..X...............x........................'..................................@...@...................D...@....................text............................... ..`.rdata..h...........................@..@.data...<d...@... ...@..............@....rsrc...x............`..............@..@.reloc...P.......`...0..............@..B........................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Data\reg

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):103
        Entropy (8bit):4.67130744511877
        Encrypted:false
        SSDEEP:3:wgLxqwL9hN0tu+gLxqwL9hNE1eov:PLxTvN0mLxTvNE3v
        MD5:CBFD831195C9945C6781DFAD928E5488
        SHA1:FEB1A1EDFA9D63117F92690074FF2F4FC1C20FB3
        SHA-256:78420DAFE36759D96E901AAFD8D19AE2C5181CB2DF934318DDC59F750D09C107
        SHA-512:94E24B59B6FDA1A36640D6FEF5EB53E7BC6B2CC1BE56953AF236F5095DE9630A17DAD17EE471DBDBD751AAA8F0271CBA31D7251290FCD29A7FA010BC0D56CAD1
        Malicious:false
        Preview:[HKEY_LOCAL_MACHINE\SOFTWARE\Canon\GARO\ExKit]..[HKEY_LOCAL_MACHINE\SOFTWARE\Canon\GARO\ExKit\iRCort]..

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\MUI.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):4096
        Entropy (8bit):2.7284585698794146
        Encrypted:false
        SSDEEP:48:aR8Org1WYGw7ax/wrOzNL3qnOclEO5JtNCSC:O5Sax/YQYdhCt
        MD5:6CC88E59C0D504A7F07BAAAAD334C78D
        SHA1:788CB3A838ABEB99FFB8AF3A778DC68A53511BEB
        SHA-256:75C4A01FD9A76C95BB6B4C434617A171434A99C29C18C99F48BA32E74FB4908A
        SHA-512:FCF7C7CFAF060D4AE0477CC479A636115EC9E49FF9B6566B693B20529D654FAB59645FD4027C8EE5BD35D9FFF3559FC5B2588A7893DB09F44594D12A8C7322E0
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......}"j.9C..9C..9C.."..:C.."..:C..0;..;C..9C..?C.."..:C.."..8C.."..8C..Rich9C..................PE..L.....R...........!.........................................................P......D.....@..........................................0.......................@.......................................................................................rdata..............................@..@.data...(.... ......................@....rsrc........0......................@..@.reloc..n....@......................@..B................................................................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_Chinese_Simplified.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
        Category:dropped
        Size (bytes):5323
        Entropy (8bit):6.126918006238522
        Encrypted:false
        SSDEEP:96:hQIqT5KD2ZDtDWKZW4N4ru+Ka7rcybfDwBB28Hs+++Rxokthqm:hoQ4N417wvDLMDkr
        MD5:C22F53722C3983AB43AAEADE1985B27D
        SHA1:5DE4A4581948D4BB9A2290008B17D4E5E2536B32
        SHA-256:5F9DBA76332FBAB28A22DB359CAFDA44B80E828F70DFC16879D1BB1170778B79
        SHA-512:5B10683B44039A8E1425947ED492033BE92E031E96CF702A11D274072B55AB6C4EC682274EC1B8B51E2DCC3D999EAF2BB57BB3C79C3CDA4334A324066C165161
        Malicious:false
        Preview:._______________________________________________________________________________.... Printer Driver Extra Kit.. 2.30 ... *** CANON ...... 2015 ***.._______________________________________________________________________________.......... 1. .... 2. ...... 3. .......... 4. ...............1. .. ------------------------------------------------------------------------....Printer Driver Extra Kit.imagePROGRAF .............................imagePROGRAF.............................Free Layout............Color imageRUNNER....Enlargement Copy........<.....>..- Canon.Canon...imagePROGRAF................- Microsoft.Microsoft Corporation....

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_English.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
        Category:dropped
        Size (bytes):6172
        Entropy (8bit):4.695611653851606
        Encrypted:false
        SSDEEP:96:uHPsyeLhkDukDJkDQB6PxP4I8a1KA77Dw6TT8DNImJlgMjDvbwFk7mcwgcYXD:uvsnVhENB6P5a7ADZ38DNI27voUEgh
        MD5:368FBBD6A5687F37732FE076C59D09D0
        SHA1:3663B82569B02A9B1A6D609CC0ED875FF76024EB
        SHA-256:BF15CED9FC932528C9B69F2E20A324CA2D4F86AA673225B7091F9B79BF197368
        SHA-512:E68870B572CBADBC20517939C7503375857D05790EB26B6678A49E625D56D9656CED6F76EBD53AB313F01599B2D4B899D887D35FF8AF5DE53D23532F861BD5C7
        Malicious:false
        Preview:._______________________________________________________________________________.... Printer Driver Extra Kit.. Version 2.30.. *** Copyright CANON INC. 2015 ***.._______________________________________________________________________________....Contents.... 1. Introduction.. 2. System Requirements.. 3. Precautions During Installation.. 4. Cautions, Limitations and Restrictions....1. Introduction ---------------------------------------------------------------....Printer Driver Extra Kit is the expansion module for imagePROGRAF Printer ..Driver...Install this module to add the two extra functions to imagePROGRAF Printer ..Driver: ..Free Layout function allowing the user to arrange multiple images as desired ..when printing on roll paper, and Enlargement Copy function using the Color ..imageRUNNER MFC.....<Trademarks and Abbreviations>..- Canon, the Canon logo, and imagePROGRAF are trademarks or registe

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_French.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
        Category:dropped
        Size (bytes):7137
        Entropy (8bit):4.768494971359397
        Encrypted:false
        SSDEEP:96:ucfe4DLUZDVUZD3UZDEshaW2CsVjcckMOjuaHxV/FKPMYGJOI8rrwBugiRKjE6pK:urmCmccJXEntzOI8r0rEGl2riLIBAG
        MD5:1D8492F4C1B886298C82BA839E949855
        SHA1:7AD8238C2DED290579BB909551EB7933526770C1
        SHA-256:AF14589AB8AC6F1CFAD5BC0A3435D91FF32C5A938860FD23FD10DA728BB504EC
        SHA-512:B7AB1D82893A51E79640420E1E58A621CBE9EC49DF094EDD16166C1A57868E32DD7E8F81C40375F55259213AD5938BF136CDD82B0ED8582548399C86889F490A
        Malicious:false
        Preview:._______________________________________________________________________________.... Printer Driver Extra Kit.. Version 2.30.. *** Copyright CANON INC. 2015 ***.._______________________________________________________________________________....Sommaire.... 1. Introduction.. 2. Configuration requise.. 3. Pr.cautions . observer pendant l'installation.. 4. Pr.cautions, limitations et restrictions....1. Introduction ---------------------------------------------------------------....Printer Driver Extra Kit est le module d'extension du Pilote d'imprimante ..imagePROGRAF...Installez ce module pour ajouter deux fonctions suppl.mentaires au Pilote ..d'imprimante imagePROGRAF : la fonction Free Layout qui permet . l'utilisateur ..d'organiser plusieurs images lorsqu'il utilise le papier en rouleau pour ..imprimer et la fonction Enlargement Copy via Color imageRUNNER MFC.....< Marques de commerce et abr.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_German.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
        Category:dropped
        Size (bytes):7462
        Entropy (8bit):4.834158793516527
        Encrypted:false
        SSDEEP:192:uJD3nW1wVGGHrF04RYE3BiIGYyVxAh3ei0+g7A2qyWR:uJieVJdGVNing82qR
        MD5:185D4BE988C4D909B81230A44C9B7772
        SHA1:05029B4CDA6C15900348576D47B1FF0EECD8C4E4
        SHA-256:BDC79E50CBC2CF82438B9344767548DC1D656ED0397D108498474EEC251F49C0
        SHA-512:92F6B90C6B4CE0AE77ED4A914AFF558917BE3E43A51A8404C9C1AF5F0D268812088D657917B9A91A93DA9537DE0F9BE24B1D4904189B55EAEF64F2A86540CCAC
        Malicious:false
        Preview:._______________________________________________________________________________.... Printer Driver Extra Kit.. Version 2.30.. *** Copyright CANON INC. 2015 ***.._______________________________________________________________________________....Inhalt.... 1. Einf.hrung.. 2. Systemanforderungen.. 3. Vorsichtsma.nahmen w.hrend der Installation.. 4. Vorsichtshinweise, Begrenzungen und Beschr.nkungen....1. Einf.hrung -----------------------------------------------------------------....Printer Driver Extra Kit ist ein Erweiterungsmodul f.r den ..imagePROGRAF-Druckertreiber...Installieren Sie dieses Modul und erg.nzen Sie den imagePROGRAF-Druckertreiber ..um die zwei folgenden Zusatzfunktionen: Free Layout Funktion ..(erm.glicht dem Benutzer das freie Anordnen mehrerer Bilder beim Drucken auf ..Rollenpapier) und Enlargement Copy Funktion f.r vergr..erte Kopien (unter ..Verwendung von Color image

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_Italian.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
        Category:dropped
        Size (bytes):7115
        Entropy (8bit):4.623669950462014
        Encrypted:false
        SSDEEP:192:97ipVh+++0iy1/BUCI3XQavUa0f9DGDCIUbW:97We++1yExXQar0f9DXW
        MD5:AF3AB2001AE1868F298E0955739899E9
        SHA1:3C0BAA07087B3C832D0FF1CCFD01781CBA554B1A
        SHA-256:FEE806E9A5650B731FAD6CFFA6D18FEFA781E03430CAB4B6769156D1F3A4C8EF
        SHA-512:2F62A5F8AA2A3831E36300984766454E1E4D61EB1AD9A5D4145125FEC70C1E0173669A1CE45E3783F0CFC43EBD4B834DAB1C1BF2B10F9E43D4DB5F63C3FEEA5E
        Malicious:false
        Preview:._______________________________________________________________________________.... Printer Driver Extra Kit.. Versione 2.30.. *** Copyright CANON INC. 2015 ***.._______________________________________________________________________________....Sommario.... 1. Introduzione.. 2. Requisiti di sistema.. 3. Precauzioni durante l'installazione.. 4. Avvertenze, limiti e restrizioni....1. Introduzione ---------------------------------------------------------------....Printer Driver Extra Kit . il modulo di espansione del Driver di stampa ..imagePROGRAF...Installare questo modulo per aggiungere le due funzioni supplementari al ..Driver di stampa imagePROGRAF, ovvero la funzione Free Layout, che consente di ..disporre di pi. immagini nel modo desiderato durante la stampa su carta in ..rotolo, e la funzione Enlargement Copy usando Color imageRUNNER MFC.....< Marchi di Fabbrica e Abbreviazioni >..- Canon, il

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_Japanese.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
        Category:dropped
        Size (bytes):7365
        Entropy (8bit):5.449517154352485
        Encrypted:false
        SSDEEP:96:ug+H8AXFniNPb+D3gxD3bRDmD3bF1bvCEWgeOGvZrXetfno7EvIhJHR5fTwBnCBH:uyAkwMOwjWtg8f2Gfn9tgfLd
        MD5:5484BBBA0A02C485E4DCFEBAE1E05A8C
        SHA1:FBFA4E0121399725DD08E0C8B8DBDE62E54F91EF
        SHA-256:E1DBA83137E6C9B2983BFB126E5C6C30D30328BFD494E61222F2235F22B9EA50
        SHA-512:68F158DCE10FA00EA13FD928608C4C6721AC9D03C054DB078D8EA85BC29A0A872F52F9EEC6B49D1AC86B1E07AA646C6CA47D6F9319DC2D0A0B03EDE79EC91B24
        Malicious:false
        Preview:._______________________________________________________________________________.... Printer Driver Extra Kit.. Version 2.30.. *** Copyright CANON INC. 2015 ***.._______________________________________________________________________________........... 1. ...... 2. ...... 3. ............ 4. ..........1. .... -------------------------------------------------------------------....Printer Driver Extra Kit..imagePROGRAF............................................................................................Color imageRUNNER..................imagePROGRAF...............................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_Korean.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
        Category:dropped
        Size (bytes):7120
        Entropy (8bit):5.622700198356783
        Encrypted:false
        SSDEEP:96:tFpyVujWDmeDQeD2H6An60sTXj6RFr5ZgaAjbBFd4NwBAV7NqmA/w58Ci40ZtTOp:tzGuFa/yHWacBPy74w8CUW
        MD5:259198514273F116215247577C102C56
        SHA1:785810D607CCE7448F93F0AB98B52F0B6716B77B
        SHA-256:55F45B63572334CA2A27062A13E8F3C98659996077DA5CBC1E0FC122FC848895
        SHA-512:CD305A8DE8895169B41644224683580284AC23DF228642F65E59A8C3BABB6679EB34472759989FE24CE6D3F4CE3E6EAEDDD309709B4044DC8FEB15B757904C2C
        Malicious:false
        Preview:._______________________________________________________________________________.... Printer Driver Extra Kit.. .. 2.30.. *** ... CANON INC. 2015 ***.._______________________________________________________________________________.......... 1. ...... 2. ... ...... 3. .. . .. .... 4. .., .. ... ......1. .... --------------------------------------------------------------------....Printer Driver Extra Kit. imagePROGRAF... ..... .. .. ......... ... .... ... ... . .. .. .... .... .... ...Free Layout... . ... ... Color imageRUNNER. .... ...Enlargement Copy.... imagePROGRAF ... ..... ... . .........<... ..>..- Canon, Canon .. . imagePROGRAF.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_Portuguese.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
        Category:dropped
        Size (bytes):6779
        Entropy (8bit):4.7826975307977895
        Encrypted:false
        SSDEEP:96:xJi3gPnVW48D1vDN6vcdvsYIg7Eug9fO4KB94BnjuwBOjc+guoNpoqEV3vj9x4Q:xJiOEB6kdvsYHgQ4KB94lAg+guthvjV
        MD5:09FC1910A8CE3D070DBF69814CC72B64
        SHA1:25D468836BFB12B049A6642483121CF59CE72CFE
        SHA-256:5F7E4148476B1D3F041D960478189DE724CFB1B1B3616E6AE9E02C830C980F3D
        SHA-512:FFDACA034D3FAEC95C0B86785547A9CF60EC57CDA6947E1254B43883579A9F94014A902624C7361680F38A5303A1D3123A87A3912FB5DE2FBADDDBE5EE9B3997
        Malicious:false
        Preview:.________________________________________________________________________________.... Printer Driver Extra Kit.. Vers.o 2.30.. *** Copyright CANON INC. 2015 ***..________________________________________________________________________________....Conte.do.... 1. Introdu..o.. 2. Requisitos do sistema.. 3. Precau..es durante a instala..o.. 4. Cuidados, limita..es e restri..es....1. Introdu..o ------------------------------------------------------------------....O Printer Driver Extra Kit . o m.dulo de expans.o do driver de impressora ..imagePROGRAF...Instale esse m.dulo para adicionar mais duas fun..es ao driver ..de impressora imagePROGRAF:..A fun..o Free Layout, que permite que o usu.rio organize v.rias imagens conforme..desejar ao imprimir em papel em rolo, e a fun..o Enlargement Copy, que usa o..Color imageRUNNER MFC.....<Marcas comerciais e abrevia..es>..- Canon, o logot

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_Russian.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
        Category:dropped
        Size (bytes):11251
        Entropy (8bit):4.532839862948336
        Encrypted:false
        SSDEEP:192:fPHUVdVEXTWr9B9UN8xk2bBqsJeov8m/4136sLhVwuYVbKs/M+lk:Hx87qtNm/41qDukKEDlk
        MD5:E36DC6C5AC8B8E90FB63A5FD35B899CC
        SHA1:A6E73E8EF11F081879AF8CE6CB4A5B8090EF6AA3
        SHA-256:C60D8135D80FF8131DF035DB17F55374107676A4C58BB3C296682BB2AB39BFDF
        SHA-512:DEDCDAF2DE92A201F797F1CE5B0E4927A5D060DC83FFE1E3CAF5D2903F7B70F4850FC3FD8E95CA7E14B76747D8AD8188C645BE5BC1017B0B1B4040B6AB936E5B
        Malicious:false
        Preview:._______________________________________________________________________________.... Printer Driver Extra Kit.. ...... 2.30.. *** Copyright CANON INC. 2015 ***.._______________________________________________________________________________.................. 1. .......... 2. ......... ............ 3. .... ................ .. ..... ........... 4. ..............., ........... . ...........1. ........ --------------------------------------------------------------------....Printer Driver Extra Kit ........ ....... .......... ... imagePROGRAF Printer ..Driver............. .... ...... ... .......... .... .............. ....... . ..imagePROGRAF Printer Driver: ....... Free Layout, .......

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Readme_Spanish.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
        Category:dropped
        Size (bytes):7253
        Entropy (8bit):4.670600412205347
        Encrypted:false
        SSDEEP:192:jxyWXPu8XqpK+4XAxegszjvPXfYoEc+YoXTXRz2h33XPus+Hi:4W/iCZwgoDshH/Ii
        MD5:7AB7C5982B35E2CF12C710E59E01C846
        SHA1:F53D489881CC9D54992077150640FE36239FCA19
        SHA-256:D3BC204E59DD7E4B181C3B8E7AAE88263698D3DA3BA5FE2B066B79CA548B6BF6
        SHA-512:3D2E9910D4DFF598B15F81289005A9FD838533DCF264823B6EDEB003377ED7EE7B13B2770B1A9CA4E5CA5D2A2C5745A44CE8174635B141972569B18F180B139E
        Malicious:false
        Preview:._______________________________________________________________________________.... Printer Driver Extra Kit.. versi.n 2.30.. *** Copyright CANON INC. 2015 ***.._______________________________________________________________________________.....ndice.... 1. Introducci.n.. 2. Requisitos del sistema.. 3. Precauciones durante la instalaci.n.. 4. Precauciones, limitaciones y restricciones....1. Introducci.n ---------------------------------------------------------------....Printer Driver Extra Kit es el m.dulo de extensi.n del Controlador de ..impresora imagePROGRAF...Instale este m.dulo para a.adir dos nuevas funciones al Controlador de ..impresora imagePROGRAF: ..la funci.n Free Layout que permite al usuario organizar m.ltiples im.genes ..como desee al imprimir en rollo de papel, y la funci.n Enlargement Copy ..mediante el Color imageRUNNER MFC.....< Marcas registradas y Abreviaciones >

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Setup.exe

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):2320464
        Entropy (8bit):5.956380304463204
        Encrypted:false
        SSDEEP:49152:8O7YiGe7FLWNwPkbr09rO73VSREcPpMI3QOywgReywylzBOsgXkSETtULu+qW1aR:NGkLWNwPA0873VSREcPpMGuwgReollOw
        MD5:72970382EC4DFF28364351F6DD5E91E9
        SHA1:044F9E0DEDB2CDF03DD30BC725E3C4CCF09E2E06
        SHA-256:FE553CBDE7AB3DE6BAC7DF2322E5E0345326F083C51CB873E55F7797D334F659
        SHA-512:3F849896A4F3A1BFBD386DD75CD88CC66F52BAFCBE63C6DD9C7BA50F5E8D059E87315D184924BB19C586EA308B9BF4354F065F35DAD78F7757483663746D12B3
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......U.B...,...,...,.......,.~...:.,.~.....,.......,...-.'.,.~.....,.~.....,.~.....,.Rich..,.........................PE..L.....tS.................~..........$.............@...........................#.....l.#...@..................................F..@..... ..f...........J#.P.... !.........................................@...............X....>.......................text....|.......~.................. ..`.rdata..............................@..@.data....&...........n..............@....rsrc....f.... ..h.... .............@..@.reloc..(.... !....... .............@..B........................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\Setup.ini

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
        Category:dropped
        Size (bytes):15210
        Entropy (8bit):3.7182427555938387
        Encrypted:false
        SSDEEP:192:w4G+wnFz86dvlp2+MI1aLLNL30QH52qSZp:wD+GZ+L30Q8
        MD5:D7153D16AA674ACC829712909A1506DC
        SHA1:BE6FA8F817A8721DE9671FF7A62FB168D2145527
        SHA-256:7E823B5DDDE5AD37B40E71A0DDC6E2F03873299BBA8B0CB9186818AD67080CD8
        SHA-512:B64E813C55F8F54842383E2AC8BFC9F8AA0EF4004B00B4317B51307498892AD2BA8D28B4108A20C09023D8CD10A16ED3B2FDC6CB8574536EECBD1676F2851E72
        Malicious:false
        Preview:..[.S.t.a.r.t.u.p.].....A.p.p.N.a.m.e.=.".#.@.S.T.R._.A.P.P._.N.A.M.E.@.#.".....S.h.o.r.t.A.p.p.N.a.m.e.=.".#.@.S.T.R._.S.H.O.R.T._.A.P.P._.N.A.M.E.@.#.".....P.r.o.d.u.c.t.N.a.m.e.=.".i.R.C.o.r.t...e.x.e.".....V.e.r.s.i.o.n.=.".2...3.0...0.0.".....V.e.r.s.i.o.n.C.o.m.p.a.r.e.I.N.I.=.".1.".....E.U.L.A.=.".1.".....R.e.g.A.g.r.e.e.I.T.=.".1.".....F.o.l.d.e.r.S.e.l.e.c.t.=.".1.".....M.a.x.F.i.l.e.N.u.m.=.".2.4.8.".....M.a.x.P.a.t.h.L.e.n.=.".2.2.0.".....R.e.g.K.e.y.=.".S.o.f.t.w.a.r.e.\.C.a.n.o.n.\.i.m.a.g.e.P.R.O.G.R.A.F. .P.r.i.n.t.e.r. .D.r.i.v.e.r. .E.x.t.r.a. .K.i.t.".....I.n.s.t.D.e.f.F.o.l.d.e.r.P.r.g.X.8.6.=.".1.".........[.r.e.g.i.o.n. .i.n.f.o.].....R.E.G.I.O.N.=.".0.".........[.L.a.n.g.u.a.g.e.].....S.u.p.p.o.r.t.L.a.n.g.u.a.g.e.=.".U.S.,.J.P.,.F.R.,.I.T.,.D.E.,.E.S.,.C.N.,.K.R.,.R.U.,.P.T.".....E.U.L.A.D.I.R.=.".R.e.s.\.E.U.L.A.".....R.e.a.d.M.e.D.I.R.=.".\.".....A.p.p.S.t.r.i.n.g.D.I.R.=.".R.e.s.\.S.t.r.i.n.g.".........[.i.n.s.t.a.l.l. .f.o.l.d.e.r.].....F.o.l.d.e.r.N.a.m.e.=.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\EULA\EC_French.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with very long lines (1165), with CRLF line terminators
        Category:dropped
        Size (bytes):15268
        Entropy (8bit):3.548561898148572
        Encrypted:false
        SSDEEP:192:KQUXsuWrOg4aInxvMzUyQwGCxIRKMaQ4W2Thn0n6EpvpmfkqRiHJyMCshAqeAN4j:36g4aKLQIRbZE0n0R0vSsN+
        MD5:B267231D7A927E365ABAD1CD110A3A51
        SHA1:43BD5B06CCF29D4547BFEE8B560DC1015056A687
        SHA-256:F05FAE12A3A139C675AF4343D8A3E79F88876E74E21B8F9A4F84AB02D205328C
        SHA-512:36A68F75EB8E45E68C5968F4402A3749EDD938ED36BEEB7C4CB26CF1E73306B96A40E43D3FEC9EDC525CD57BAEA99CA8A20241FEE0022757F6A2ACF994F4C880
        Malicious:false
        Preview:..C.O.N.T.R.A.T. .D.E. .L.I.C.E.N.C.E. .D.E. .L.O.G.I.C.I.E.L. .D.E. .C.A.N.O.N.........I.M.P.O.R.T.A.N.T. .-. .N.E. .P.A.S. .O.U.B.L.I.E.R. .D.E. .L.I.R.E. .C.E. .C.O.N.T.R.A.T. .A.V.A.N.T. .D.'.I.N.S.T.A.L.L.E.R. .L.E. .L.O.G.I.C.I.E.L.!.........C.e. .d.o.c.u.m.e.n.t. .j.u.r.i.d.i.q.u.e. .e.s.t. .u.n. .c.o.n.t.r.a.t. .d.e. .l.i.c.e.n.c.e. ...t.a.b.l.i. .e.n.t.r.e. .v.o.u.s. .e.t. .l.a. .f.i.r.m.e. .C.a.n.o.n. .I.n.c... .(.d...s.i.g.n...e. .p.a.r. .".C.a.n.o.n.".). .r...g.i.s.s.a.n.t. .v.o.t.r.e. .u.t.i.l.i.s.a.t.i.o.n. .d.u. .l.o.g.i.c.i.e.l. .e.t. .d.u. .m.a.n.u.e.l. .e.n. .l.i.g.n.e. .o.u. ...l.e.c.t.r.i.q.u.e. .(.c.o.l.l.e.c.t.i.v.e.m.e.n.t. .d...s.i.g.n... .p.a.r. .l.e. .".L.O.G.I.C.I.E.L.".)... .E.N. .I.N.S.T.A.L.L.A.N.T. .L.E. .L.O.G.I.C.I.E.L.,. .I.L. .E.S.T. .C.O.N.S.I.D...R... .Q.U.E. .V.O.U.S. .A.C.C.E.P.T.E.Z. .D.'...T.R.E. .L.I... .P.A.R. .L.E.S. .C.O.N.D.I.T.I.O.N.S. .D.E. .C.E. .C.O.N.T.R.A.T... .E.N. .C.A.S. .D.E. .D...S.A.C.C.O.R.D. .A.V.E.C. .L.E.S. .C.O.N.D.I.T.I.O.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\EULA\EC_German.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with very long lines (1154), with CRLF line terminators
        Category:dropped
        Size (bytes):14720
        Entropy (8bit):3.596964066544626
        Encrypted:false
        SSDEEP:192:e9IV5FY9R5vPa0N5IMQHPQ+AKfkqg1JhExlo5c:dVbY9R5XajozIg1P9+
        MD5:C4E2B797D5B0D54EB19D4B884EF8CEE6
        SHA1:48B3E35731CEECF8048BF9B16D89F48838FF8DAB
        SHA-256:410ADF0F1FECFE0389DD14584515B0F821AE92AA832BB744DC8BAE4FD1510017
        SHA-512:6609B33634040A49CFAA4A09AA37ADC84702293A97718D9B1CFDD7C33C732CD4916906DD5E6F57C2255313B6D2C0FD725D6C55CFB6ADCBEF8F9A3F0575FAAF14
        Malicious:false
        Preview:..C.A.N.O.N. .S.O.F.T.W.A.R.E.-.L.I.Z.E.N.Z.V.E.R.E.I.N.B.A.R.U.N.G.........W.I.C.H.T.I.G. .-. .L.E.S.E.N. .S.I.E. .D.I.E.S.E. .V.E.R.E.I.N.B.A.R.U.N.G. .V.O.R. .D.E.R. .I.N.S.T.A.L.L.A.T.I.O.N. .D.E.R. .S.O.F.T.W.A.R.E.!.........D.i.e.s.e.s. .j.u.r.i.s.t.i.s.c.h.e. .D.o.k.u.m.e.n.t. .i.s.t. .e.i.n.e. .L.i.z.e.n.z.v.e.r.e.i.n.b.a.r.u.n.g. .z.w.i.s.c.h.e.n. .I.h.n.e.n. .u.n.d. .C.a.n.o.n. .I.n.c... .(.".C.a.n.o.n.".). .b.e.z...g.l.i.c.h. .I.h.r.e.r. .V.e.r.w.e.n.d.u.n.g. .d.e.r. .S.o.f.t.w.a.r.e. .u.n.d. .d.e.r. .i.n. .e.l.e.k.t.r.o.n.i.s.c.h.e.r. .F.o.r.m. .v.o.r.h.a.n.d.e.n.e.n. .A.n.l.e.i.t.u.n.g.e.n. .(.h.i.e.r. .g.e.m.e.i.n.s.a.m. .a.l.s. .".S.O.F.T.W.A.R.E.". .b.e.z.e.i.c.h.n.e.t.)... .M.I.T. .D.E.R. .I.N.S.T.A.L.L.A.T.I.O.N. .D.E.R. .S.O.F.T.W.A.R.E. .S.T.I.M.M.E.N. .S.I.E. .D.E.N. .B.E.D.I.N.G.U.N.G.E.N. .D.I.E.S.E.R. .V.E.R.E.I.N.B.A.R.U.N.G. .Z.U. .U.N.D. .S.I.N.D. .A.N. .D.I.E.S.E. .G.E.B.U.N.D.E.N... .W.E.N.N. .S.I.E. .D.E.N. .B.E.D.I.N.G.U.N.G.E.N. .D.I.E.S.E.R. .V.E.R.E.I.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\EULA\EC_Italian.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with very long lines (1028), with CRLF line terminators
        Category:dropped
        Size (bytes):14282
        Entropy (8bit):3.5384174747523645
        Encrypted:false
        SSDEEP:192:Knz81j5z2Doves6+BvwFCvqRaDkLI5xGdfkqmyqpjk1n3KQT4:B1jD6+4GkLX4js4
        MD5:BB7300A14A0C905E6F5BF9437E01488C
        SHA1:B59DAEC587AF5B5B04F4E153335D1AD2D04A346B
        SHA-256:8652E759D1B10E2F724BB8E07459C603DFEF4FFB7C24DE687B7ACAC8DF87A305
        SHA-512:89DCDE9632E107CB72375CC259C208EE27A819791655771EBC4EED8BF0F3D28E8C12E2D104449FB17540E880E340EC1B0ACE5F4DDB59B39674AC6C4BB97A6F9E
        Malicious:false
        Preview:..C.O.N.T.R.A.T.T.O. .D.I. .L.I.C.E.N.Z.A. .D.E.L. .S.O.F.T.W.A.R.E. .C.A.N.O.N.........I.M.P.O.R.T.A.N.T.E.-.L.E.G.G.E.R.E. .I.L. .P.R.E.S.E.N.T.E. .C.O.N.T.R.A.T.T.O. .P.R.I.M.A. .D.I. .I.N.S.T.A.L.L.A.R.E. .I.L. .S.O.F.T.W.A.R.E.!.........I.l. .p.r.e.s.e.n.t.e. .d.o.c.u.m.e.n.t.o. .l.e.g.a.l.e. .c.o.s.t.i.t.u.i.s.c.e. .u.n. .c.o.n.t.r.a.t.t.o. .d.i. .l.i.c.e.n.z.a. .t.r.a. .l.. u.t.e.n.t.e. .e. .l.a. .C.a.n.o.n. .I.n.c... .(.".C.a.n.o.n.".). .r.e.g.o.l.a.n.t.e. .l.. u.t.i.l.i.z.z.o. .d.e.l. .s.o.f.t.w.a.r.e. .e. .d.e.l. .m.a.n.u.a.l.e. .o.n.l.i.n.e. .o. .e.l.e.t.t.r.o.n.i.c.o. .(.n.e.l. .l.o.r.o. .i.n.s.i.e.m.e.,. .i.l. .".S.O.F.T.W.A.R.E.".)... .I.N.S.T.A.L.L.A.N.D.O. .I.L. .S.O.F.T.W.A.R.E.,. .L.. U.T.E.N.T.E. .A.C.C.E.T.T.A. .D.I. .E.S.S.E.R.E. .V.I.N.C.O.L.A.T.O. .D.A.L.L.E. .C.O.N.D.I.Z.I.O.N.I. .D.E.L. .P.R.E.S.E.N.T.E. .C.O.N.T.R.A.T.T.O... .Q.U.A.L.O.R.A. .L.. U.T.E.N.T.E. .N.O.N. .A.C.C.E.T.T.I. .L.E. .C.O.N.D.I.Z.I.O.N.I. .D.E.L. .P.R.E.S.E.N.T.E. .C.O.N.T.R.A.T.T.O.,. .D.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\EULA\EC_Portuguese.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with very long lines (996), with CRLF line terminators
        Category:dropped
        Size (bytes):13416
        Entropy (8bit):3.5904498930650592
        Encrypted:false
        SSDEEP:192:KI2rQypJRen0Lq2vS/JCZJ/Rc+UPZxIfcq/2LM676uuuCFCXnM3N8:URReGq2vSxCZsc/Hd3N8
        MD5:AE8FFCC659FA2DC5145CDEE5876C4E4B
        SHA1:3376DFBD033A9F88F262A57F5A4351C45A296E67
        SHA-256:A64F4C70BFB6F43C6AE9C78D58009B6E275C360DB16012366ECAC7F62FE81C6B
        SHA-512:7EB76A2F687DC709DE6B7C1FFB8FD9C09158B0341B7BCE1468CD485D5EA4154E8A9FA3AF6D7E173AB0088483DED70C27D824B0D8CD2AC1D9FE6DE7FE79D3A645
        Malicious:false
        Preview:..C.O.N.T.R.A.T.O. .D.E. .L.I.C.E.N...A. .D.O. .S.O.F.T.W.A.R.E. .C.A.N.O.N.........I.M.P.O.R.T.A.N.T.E.-.L.E.I.A. .E.S.T.E. .C.O.N.T.R.A.T.O. .A.N.T.E.S. .D.E. .I.N.S.T.A.L.A.R. .O. .S.O.F.T.W.A.R.E.!. . .........E.s.t.e. .d.o.c.u.m.e.n.t.o. .l.e.g.a.l. ... .u.m. .c.o.n.t.r.a.t.o. .d.e. .l.i.c.e.n...a. .e.n.t.r.e. .v.o.c... .e. .a. .C.a.n.o.n. .I.n.c... .(.".C.a.n.o.n.".). .q.u.e. .r.e.g.e. .s.u.a. .u.t.i.l.i.z.a.....o. .d.o. .s.o.f.t.w.a.r.e. .e. .o. .m.a.n.u.a.l. .o.n.l.i.n.e. .o.u. .e.l.e.t.r...n.i.c.o. .(.c.o.l.e.t.i.v.a.m.e.n.t.e. .o. .".S.O.F.T.W.A.R.E.".)... . .A.O. .I.N.S.T.A.L.A.R. .O. .S.O.F.T.W.A.R.E.,. .C.O.N.S.I.D.E.R.A.M.O.S. .Q.U.E. .V.O.C... .C.O.N.C.O.R.D.O.U. .E.M. .S.E.G.U.I.R. .O.S. .T.E.R.M.O.S. .D.E.S.T.E. .C.O.N.T.R.A.T.O... . .S.E. .N...O. .C.O.N.C.O.R.D.A.R. .C.O.M. .O.S. .T.E.R.M.O.S. .D.E.S.T.E. .C.O.N.T.R.A.T.O.,. .F.E.C.H.E. .I.M.E.D.I.A.T.A.M.E.N.T.E. .E.S.T.E. .P.R.O.G.R.A.M.A. .D.E. .I.N.S.T.A.L.A.....O. .E. .N...O. .I.N.S.T.A.L.E. .O. .S.O.F.T.W.A.R.E.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\EULA\EC_Russian.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with very long lines (1182), with CRLF line terminators
        Category:dropped
        Size (bytes):15598
        Entropy (8bit):4.127101730249165
        Encrypted:false
        SSDEEP:192:8Ia2U2mxtp9C2W1jiLNFVUrHlsrv+G9AM5zEfcqRHCRutyijmiD1T:ha2UBxtp91NFqrStDVaRHCRut/jrpT
        MD5:FB6FB9FAAF5063DFE77FB82F777BF0D0
        SHA1:EFDCEBD7815CCDFAFDB45965DD7602A70DD72418
        SHA-256:A0A48080A917214255493EA633BDC21A4DD4D17CC663EB14CD35BD2165AAE25C
        SHA-512:E2471DC0D799E2E20A103243265B0684DC72468ABFF095D4BFBD9819C5F96323303F4D804655208E068E629887576C4E2EF7D54D6DD3C1104788322E52026FB7
        Malicious:false
        Preview:......&........./. ..... ... ..... ............. .......!.....'......... .C.A.N.O.N...................:. ... ...'."..."... .-."... .!.........(......... ..... ..... .#.!."............... ... ..... ............... .......!.....'......./.!.........-.B.>.B. .?.@.0.2.>.2.>.9. .4.>.:.C.<.5.=.B. .O.2.;.O.5.B.A.O. .;.8.F.5.=.7.8.>.=.=.K.<. .A.>.3.;.0.H.5.=.8.5.<. .<.5.6.4.C. ...0.<.8. .8. .:.>.@.?.>.@.0.F.8.5.9. .C.a.n.o.n. .I.n.c... .(.".C.a.n.o.n.".).,. .>.?.@.5.4.5.;.O.N.I.8.<. .8.A.?.>.;.L.7.>.2.0.=.8.5. ...0.<.8. .M.B.>.3.>. .?.@.>.3.@.0.<.<.=.>.3.>. .>.1.5.A.?.5.G.5.=.8.O.,. .0. .B.0.:.6.5. .8.=.B.5.@.0.:.B.8.2.=.K.E. .8. .M.;.5.:.B.@.>.=.=.K.E. .@.C.:.>.2.>.4.A.B.2. .(.A.>.2.<.5.A.B.=.>. .=.0.7.K.2.0.5.<.K.E. ."... ..... .........+... .......!.....'...........".)... ... ...................".!./.,. .'."...,. .#.!."................./. .-."... ... ..... ............. .......!.....'.........,. ...+. ......."..... ........."... .!....... .!.........!..... ...+.".,. .!.../.........+... .#.!.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\EULA\EC_Spanish.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with very long lines (1087), with CRLF line terminators
        Category:dropped
        Size (bytes):14076
        Entropy (8bit):3.5471724731776297
        Encrypted:false
        SSDEEP:192:0G6xfF1ElOwGzSvfeEwZG5aobJovDLTFivfkqBLiNmbmmJT:M3EItSnPpaqJovXJibBhZT
        MD5:6285481F3C7A005B7A472F2E4E43AA19
        SHA1:B62EB5A6442C97B6591ECB839989A7D84039D038
        SHA-256:7F86CD994A32DB23582F725098103B73CA7D4592A7C43E099990FA1B92EFC369
        SHA-512:036282830CC341ACFC1D47744994CF8068F83B062F5A655DAB3D1BB2A49731E8AD85A3A0E23033179C946A27AE4C7E9534A6B18EBC42BF1A7771103903C8DF58
        Malicious:false
        Preview:..A.C.U.E.R.D.O. .D.E. .L.I.C.E.N.C.I.A. .D.E.L. .S.O.F.T.W.A.R.E. .D.E. .C.A.N.O.N.........I.M.P.O.R.T.A.N.T.E. .-. ...L.E.A. .E.S.T.E. .A.C.U.E.R.D.O. .A.N.T.E.S. .D.E. .I.N.S.T.A.L.A.R. .E.L. .S.O.F.T.W.A.R.E.!.........E.s.t.e. .d.o.c.u.m.e.n.t.o. .l.e.g.a.l. .e.s. .u.n. .a.c.u.e.r.d.o. .d.e. .l.i.c.e.n.c.i.a. .e.n.t.r.e. .u.s.t.e.d. .y. .C.a.n.o.n. .I.n.c... .(.".C.a.n.o.n.".). .q.u.e. .e.s.t.a.b.l.e.c.e. .e.l. .u.s.o. .d.e.l. .s.o.f.t.w.a.r.e. .y. .d.e.l. .m.a.n.u.a.l. .e.n. .l...n.e.a. .o. .e.l...c.t.r.i.c.o. .(.c.o.l.e.c.t.i.v.a.m.e.n.t.e.,. .e.l. .".S.O.F.T.W.A.R.E.".)... .C.O.N. .L.A. .I.N.S.T.A.L.A.C.I...N. .D.E.L. .S.O.F.T.W.A.R.E.,. .S.E. .C.O.N.S.I.D.E.R.A. .Q.U.E. .U.S.T.E.D. .E.S.T... .D.E. .A.C.U.E.R.D.O. .C.O.N. .L.A. .O.B.L.I.G.A.C.I...N. .D.E. .R.E.S.P.E.T.A.R. .L.O.S. .T...R.M.I.N.O.S. .D.E. .E.S.T.E. .A.C.U.E.R.D.O... .S.I. .U.S.T.E.D. .N.O. .A.C.E.P.T.A. .L.O.S. .T...R.M.I.N.O.S. .D.E. .E.S.T.E. .A.C.U.E.R.D.O.,. .C.I.E.R.R.E. .I.N.M.E.D.I.A.T.A.M.E.N.T.E. .E.S.T.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\EULA\JP_Japanese.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with very long lines (518), with CRLF line terminators
        Category:dropped
        Size (bytes):5854
        Entropy (8bit):5.491821021477222
        Encrypted:false
        SSDEEP:96:8hdm7UVE+wMJ7JSNkSg29qtOHkNqF2WkJaw1aAimuv2uvuvae7uKYpO:qdm7Ui00UrFWNnwcKf
        MD5:D4CCCE82B3BC26777BB162736E785102
        SHA1:79F39D0213EE570E5D6694AEE3258D09381FA478
        SHA-256:97E575C8A73C8C5879606127B28448079755830B2AA1BF014AFC803E353E145C
        SHA-512:3E5850A99F8D263618DB288D34C09121BC8DE9B2A622433365F8530249D767424E643DA417ECD7882894998EBD8C0BAA9CA7D0A92AFAC91CE1EE00E0593037EF
        Malicious:false
        Preview:.. . . . . . . . . . . . . . . . . . . . . . . ..0.0.0.0.0.0.O(u1...QY.}.f........,g.0.0.0.0.0.0.0T0.O(uk0j0.0MRk0.0.N.Nn0.e.z.0.0O0J0...0O0`0U0D0.0....S0n0QY.}o0.0J0.[.ih0.0.0.0.0.0*h._.O>y...N.N.0.0.0.0h0..D0~0Y0..h0n0..n0QY.}g0Y0.0.....0.0.0.0o0.0J0.[.ik0.[W0.0,gQY.}.fh0qQk0T0.c.OY0.0.0.0.0.0.0.0...T.0.0.0.0.0.0+T.0.0S0.0.0.0.}.yW0f0.N.N.0,g.0.0.0.0.0.0.0h0..D0~0Y0..n0^..r`S.v.O(u)j.0.N..ag..k0.We0M01...W0.0J0.[.i.0.N..ag..k0T0.T.aD0_0`0O0.0n0h0W0~0Y0.0....J0.[.io0.0.0,g.0.0.0.0.0.0.0n0.0.0.0.0.0.0.0.0c0f0.0S0n0QY.}k0.T.aW0_0S0h0k0j0.0~0Y0.0....J0.[.iL0S0n0QY.}k0.T.ag0M0j0D04X.Tk0o0.0T0.O(u.0.0.0.0.0.0.0U0.0Z0.0.va0k0.0,g.0.0.0.0.0.0.0.04x.hW0f0.NU0D0.0.............O(u1...........(.1.). .J0.[.io0.0.0,g.0.0.0.0.0.0.0.0.0.0.0.0.0n0.0.0.0.0.0.0.0.0.0.0.0...N.Nb..0.0.0.0c.h0..D0~0Y0..k0.v.c~0_0o0.0.0.0.0.0.0.0..X0.c.}U0.0.0..pen0.0.0.0.0.0.0n0]0.0^0.0k0J0D0f0.O(u...0.O(u.0h0o0.0.01....0.0.0.0.0.0.0.0.0.0.0.0.0.0n0...a.ZSO.Nk0.0.0.0.0.0.0Y0.0S0h0.0~0_0o0.0.0.0.0.0.0k0J0D0f0h.:yY0.0S0h0.0

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\EULA\US_English.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with very long lines (993), with CRLF line terminators
        Category:dropped
        Size (bytes):12970
        Entropy (8bit):3.572779344859941
        Encrypted:false
        SSDEEP:192:QCvzuzwEv1tjtmx0tjP3QyeRUMxnLJJdfkqewqoJ8x4z1k:dzA71tjtmOtjPgyeR7Pbqodk
        MD5:24694E5E0DE62755BA07668953CE8D2E
        SHA1:0478F36EBE3A9A3BB239D73709DCF93A8984CE23
        SHA-256:030850F44DCAFBC79C225B430D5FDBD321D129D7A63181B35479242EC733EB57
        SHA-512:D4E299C6FCFB92FD91E98BAB1FE432174E516CC3EFE81D0831895C727F5DD357A0DC11C218F0335F0D316662C89B9FF3563BD8EAF27FE213CE215A84B91CC2B1
        Malicious:false
        Preview:..C.A.N.O.N. .S.O.F.T.W.A.R.E. .L.I.C.E.N.S.E. .A.G.R.E.E.M.E.N.T.........I.M.P.O.R.T.A.N.T.-.R.E.A.D. .T.H.I.S. .A.G.R.E.E.M.E.N.T. .B.E.F.O.R.E. .I.N.S.T.A.L.L.I.N.G. .T.H.E. .S.O.F.T.W.A.R.E.!.........T.h.i.s. .l.e.g.a.l. .d.o.c.u.m.e.n.t. .i.s. .a. .l.i.c.e.n.s.e. .a.g.r.e.e.m.e.n.t. .b.e.t.w.e.e.n. .y.o.u. .a.n.d. .C.a.n.o.n. .I.n.c... .(.".C.a.n.o.n.".). .g.o.v.e.r.n.i.n.g. .y.o.u.r. .u.s.e. .o.f. .t.h.e. .s.o.f.t.w.a.r.e. .a.n.d. .t.h.e. .o.n.l.i.n.e. .o.r. .e.l.e.c.t.r.i.c. .m.a.n.u.a.l. .(.c.o.l.l.e.c.t.i.v.e.l.y.,. .t.h.e. .".S.O.F.T.W.A.R.E.".)... .B.Y. .I.N.S.T.A.L.L.I.N.G. .T.H.E. .S.O.F.T.W.A.R.E.,. .Y.O.U. .A.R.E. .D.E.E.M.E.D. .T.O. .H.A.V.E. .A.G.R.E.E.D. .T.O. .B.E. .B.O.U.N.D. .B.Y. .T.H.E. .T.E.R.M.S. .O.F. .T.H.I.S. .A.G.R.E.E.M.E.N.T... .I.F. .Y.O.U. .D.O. .N.O.T. .A.G.R.E.E. .T.O. .T.H.E. .T.E.R.M.S. .O.F. .T.H.I.S. .A.G.R.E.E.M.E.N.T.,. .P.R.O.M.P.T.L.Y. .C.L.O.S.E. .T.H.I.S. .I.N.S.T.A.L.L.A.T.I.O.N. .P.R.O.G.R.A.M. .A.N.D. .D.O. .N.O.T. .I.N.S.T.A.L.L. .T.H.E.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\EULA\US_Korean.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with very long lines (516), with CRLF line terminators
        Category:dropped
        Size (bytes):7038
        Entropy (8bit):5.442306312388692
        Encrypted:false
        SSDEEP:96:2skIZMhmfs/t98Ea2jcDutin4vTRQl7LGYZtcgsEmYdb7JZnuv2uvuvaeTuqIpyM:Aetfs/t9PjvtiIC7SatcgX3vkqe1n
        MD5:0C63F898493D157F3778EDE225445A60
        SHA1:0B17ECD00CC53687BFD3BCA265E8F2A260F3B521
        SHA-256:D41C27EA28B34D2AA549904B2F1CB85F4118871E4E5CBEB09E3D75B832B21675
        SHA-512:C67E4BBF40AAEDE267516FC805C36E4F22AC5E02DBE3561912A3D4DF8B3862E57FA72D896BC291939A0A5EDC20A1C84406CF2D0353B7E4E9160E889FDB1F328B
        Malicious:false
        Preview:..C.A.N.O.N. ......... .|.t. ... ..}.............. .-. .........|. .$.X.X.0. ..... .t. ..}...X. .....D. .}.<.....$.!.........t. ..... .8..... .........@. .(.|.x. ..... .... ..t... .(.h.. .".........". .|.. .}.h.). .X. ....... ...\. ......@. .C.a.n.o.n. .I.n.c... .(.".C.a.n.o.n.". .t.|.. .}.h.). ...t.X. .|.t. ... ..}......... .........|. .$.X.X.t. .t. ..}...X. .t... .p.m... ..X.X.. ...<.\. .x...)..... .t. ..}...X. .p.m... ..X.X... .J.<.t. ..... .$.X. ...\.....D. ... .........|. .$.X.X... ......$................... ..... ...\... .X.X... ....... ... ..}...X. .p.m... .p.t... ..X.X.. ...<.\. .x...).............1... .|.t. ... ...\. ..... ... ...\. ...m.:. ....... .C.a.n.o.n. ...l./. ....0.(."....0.". .|.. .}.h.). ....X. ....... ...t. ...... .....0...... .........|. ..... .(.".....". .t.. ....,. .\..,. .$.X.,. .... ..... .\... ..D. ...m.h.).`. ... .................. .... .....0.\. .l.1... .l..... ...<.p. .$.....l.|. ...t. ....0.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\EULA\US_SimplifiedChinese.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with very long lines (516), with CRLF line terminators
        Category:dropped
        Size (bytes):4524
        Entropy (8bit):6.4059931106650145
        Encrypted:false
        SSDEEP:96:K/3Hg5yECK6jhuHK0PEVs0Wnuv2uvuvaeTuqIpwOqwg:8wiTMq0PT0Wvkq7t3
        MD5:437A2E823505A067502C9417DDECB461
        SHA1:DC72D49E8C1A187321A0DDBB100E3A6BE0B9652D
        SHA-256:2AC6B9496C2F8F8D020687287E05F4C9F7AEB7AB7D128DE0BF9DB0EA7D33FF34
        SHA-512:739F53AA441A6F633A67E9D050F0BC036BD11AFE80A97816D9213139827156A64E1C62F8EEC3AE157630BC6D1BA571F183C386151A1B0472C593512BC87479CC
        Malicious:false
        Preview:..sO..o..N...SOS...............f...[..o..NMR........,gOS............,g.l._OS../f.`.NsO..lQ.S...{.y. sO... ..KN...v...SOS.....{.y. OS... ....v^....`.[o..N.ST.:g.b5uP[Kb.Q.v.O(u..qQ.T.{.y. o..N. ...0.[.,go..N..h.:y.`.].~.T.a.c.S,gOS...vag>k.0.Y.g.`.N.c.S,gOS...vag>k.Tag.N.....zsSsQ..[..z.^..v^.N.N...[..o..N.0..........Q.0R.o..N.v.O(uCg...`.^u..[,gOS...vag>k.Sag.N.0........1... ..cCg...S.SP.6R...[.N.O(usO...U.XSbpS:g...{.y. SbpS:g. .....`.S.N.N(W.`.v...{:g.N.O(u... .O(u. .a:NX[.P.0.R}..0.[..0gbL..b>f:y...o..N.v^..r.[...SCg.0.....Y.g.`.S.N.b.O@b.gL.A.N.(u7b.\u..[,gOS...vag>kv^...Y:N.`.b.b.N.RP.6R.SL.#....`.S.NAQ..vQ.[...{:g.vvQ.N(u7b.NQ..~.e._..c0R&{.T.Y.S...{:gOS...vSbpS:g... L.A.N.(u7b. ...O(u.o..N.0.....`.N._.\.o..N...N.0.Q...S.0.Q.U.0.Q.y.0.yA..0.P7..0l..y.bl....~,{.N.e...b1..y..S_?e.^.v._...cCg...\.o..N.NvQ.g.R..._.V.[&^.Q.b&^eQ.vQ.N.V.[.0d.^.,gOS..-N.g.fnx..[..&T.R.`.N._.Y6R.0....o..N.b.\vQl..y.bvQ.[.z.^......T.e_N.N._...NUO,{.N.e.[.edkI{L.:N.0.`.N._9e.S.0.O9e

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\STRING\EC_French.ini

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
        Category:dropped
        Size (bytes):388
        Entropy (8bit):3.528178436006482
        Encrypted:false
        SSDEEP:6:Q+slqGldxYHse4FO3d5K4dribYHfK4dxYHujSe4FcsQKlB4dxYHLXUlpe3PEyONv:Q+swGet4L0fquH4K8QDe38yON
        MD5:CB7382F10AF32893BDC04D14F621EFDA
        SHA1:6F271AA70A6F8DC7E67C0EDC9CB53AADEB8B6814
        SHA-256:AE6F4E5700B3F8979D69B9B5511A27927B2B4527F0D9A67B3EED60471A8A0419
        SHA-512:3C816855F6C3E5A71FA3A6E2D29136AA2183B55ABDA8F8CA42E63B7F79B0BC2AA49678CE068FB82CCEC3F85BAC4DEAE8ED220FD860E1EA8356EE3A9FCC13816E
        Malicious:false
        Preview:..[.S.t.r.i.n.g.].....S.T.R._.A.P.P._.N.A.M.E.=.".i.m.a.g.e.P.R.O.G.R.A.F. .P.r.i.n.t.e.r. .D.r.i.v.e.r. .E.x.t.r.a. .K.i.t.".....S.T.R._.S.H.O.R.T._.A.P.P._.N.A.M.E.=.".E.x.t.r.a. .K.i.t.".....S.T.R._.A.P.P._.N.A.M.E._.F.L.=.".i.m.a.g.e.P.R.O.G.R.A.F. .F.r.e.e.L.a.y.o.u.t.".....S.T.R._.A.P.P._.N.A.M.E._.I.R.=.".C.o.l.o.r. .i.m.a.g.e.R.U.N.N.E.R. .E.n.l.a.r.g.e.m.e.n.t. .C.o.p.y.".....

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\STRING\EC_German.ini

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
        Category:dropped
        Size (bytes):388
        Entropy (8bit):3.528178436006482
        Encrypted:false
        SSDEEP:6:Q+slqGldxYHse4FO3d5K4dribYHfK4dxYHujSe4FcsQKlB4dxYHLXUlpe3PEyONv:Q+swGet4L0fquH4K8QDe38yON
        MD5:CB7382F10AF32893BDC04D14F621EFDA
        SHA1:6F271AA70A6F8DC7E67C0EDC9CB53AADEB8B6814
        SHA-256:AE6F4E5700B3F8979D69B9B5511A27927B2B4527F0D9A67B3EED60471A8A0419
        SHA-512:3C816855F6C3E5A71FA3A6E2D29136AA2183B55ABDA8F8CA42E63B7F79B0BC2AA49678CE068FB82CCEC3F85BAC4DEAE8ED220FD860E1EA8356EE3A9FCC13816E
        Malicious:false
        Preview:..[.S.t.r.i.n.g.].....S.T.R._.A.P.P._.N.A.M.E.=.".i.m.a.g.e.P.R.O.G.R.A.F. .P.r.i.n.t.e.r. .D.r.i.v.e.r. .E.x.t.r.a. .K.i.t.".....S.T.R._.S.H.O.R.T._.A.P.P._.N.A.M.E.=.".E.x.t.r.a. .K.i.t.".....S.T.R._.A.P.P._.N.A.M.E._.F.L.=.".i.m.a.g.e.P.R.O.G.R.A.F. .F.r.e.e.L.a.y.o.u.t.".....S.T.R._.A.P.P._.N.A.M.E._.I.R.=.".C.o.l.o.r. .i.m.a.g.e.R.U.N.N.E.R. .E.n.l.a.r.g.e.m.e.n.t. .C.o.p.y.".....

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\STRING\EC_Italian.ini

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
        Category:dropped
        Size (bytes):388
        Entropy (8bit):3.528178436006482
        Encrypted:false
        SSDEEP:6:Q+slqGldxYHse4FO3d5K4dribYHfK4dxYHujSe4FcsQKlB4dxYHLXUlpe3PEyONv:Q+swGet4L0fquH4K8QDe38yON
        MD5:CB7382F10AF32893BDC04D14F621EFDA
        SHA1:6F271AA70A6F8DC7E67C0EDC9CB53AADEB8B6814
        SHA-256:AE6F4E5700B3F8979D69B9B5511A27927B2B4527F0D9A67B3EED60471A8A0419
        SHA-512:3C816855F6C3E5A71FA3A6E2D29136AA2183B55ABDA8F8CA42E63B7F79B0BC2AA49678CE068FB82CCEC3F85BAC4DEAE8ED220FD860E1EA8356EE3A9FCC13816E
        Malicious:false
        Preview:..[.S.t.r.i.n.g.].....S.T.R._.A.P.P._.N.A.M.E.=.".i.m.a.g.e.P.R.O.G.R.A.F. .P.r.i.n.t.e.r. .D.r.i.v.e.r. .E.x.t.r.a. .K.i.t.".....S.T.R._.S.H.O.R.T._.A.P.P._.N.A.M.E.=.".E.x.t.r.a. .K.i.t.".....S.T.R._.A.P.P._.N.A.M.E._.F.L.=.".i.m.a.g.e.P.R.O.G.R.A.F. .F.r.e.e.L.a.y.o.u.t.".....S.T.R._.A.P.P._.N.A.M.E._.I.R.=.".C.o.l.o.r. .i.m.a.g.e.R.U.N.N.E.R. .E.n.l.a.r.g.e.m.e.n.t. .C.o.p.y.".....

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\STRING\EC_Portuguese.ini

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
        Category:dropped
        Size (bytes):388
        Entropy (8bit):3.528178436006482
        Encrypted:false
        SSDEEP:6:Q+slqGldxYHse4FO3d5K4dribYHfK4dxYHujSe4FcsQKlB4dxYHLXUlpe3PEyONv:Q+swGet4L0fquH4K8QDe38yON
        MD5:CB7382F10AF32893BDC04D14F621EFDA
        SHA1:6F271AA70A6F8DC7E67C0EDC9CB53AADEB8B6814
        SHA-256:AE6F4E5700B3F8979D69B9B5511A27927B2B4527F0D9A67B3EED60471A8A0419
        SHA-512:3C816855F6C3E5A71FA3A6E2D29136AA2183B55ABDA8F8CA42E63B7F79B0BC2AA49678CE068FB82CCEC3F85BAC4DEAE8ED220FD860E1EA8356EE3A9FCC13816E
        Malicious:false
        Preview:..[.S.t.r.i.n.g.].....S.T.R._.A.P.P._.N.A.M.E.=.".i.m.a.g.e.P.R.O.G.R.A.F. .P.r.i.n.t.e.r. .D.r.i.v.e.r. .E.x.t.r.a. .K.i.t.".....S.T.R._.S.H.O.R.T._.A.P.P._.N.A.M.E.=.".E.x.t.r.a. .K.i.t.".....S.T.R._.A.P.P._.N.A.M.E._.F.L.=.".i.m.a.g.e.P.R.O.G.R.A.F. .F.r.e.e.L.a.y.o.u.t.".....S.T.R._.A.P.P._.N.A.M.E._.I.R.=.".C.o.l.o.r. .i.m.a.g.e.R.U.N.N.E.R. .E.n.l.a.r.g.e.m.e.n.t. .C.o.p.y.".....

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\STRING\EC_Russian.ini

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
        Category:dropped
        Size (bytes):388
        Entropy (8bit):3.528178436006482
        Encrypted:false
        SSDEEP:6:Q+slqGldxYHse4FO3d5K4dribYHfK4dxYHujSe4FcsQKlB4dxYHLXUlpe3PEyONv:Q+swGet4L0fquH4K8QDe38yON
        MD5:CB7382F10AF32893BDC04D14F621EFDA
        SHA1:6F271AA70A6F8DC7E67C0EDC9CB53AADEB8B6814
        SHA-256:AE6F4E5700B3F8979D69B9B5511A27927B2B4527F0D9A67B3EED60471A8A0419
        SHA-512:3C816855F6C3E5A71FA3A6E2D29136AA2183B55ABDA8F8CA42E63B7F79B0BC2AA49678CE068FB82CCEC3F85BAC4DEAE8ED220FD860E1EA8356EE3A9FCC13816E
        Malicious:false
        Preview:..[.S.t.r.i.n.g.].....S.T.R._.A.P.P._.N.A.M.E.=.".i.m.a.g.e.P.R.O.G.R.A.F. .P.r.i.n.t.e.r. .D.r.i.v.e.r. .E.x.t.r.a. .K.i.t.".....S.T.R._.S.H.O.R.T._.A.P.P._.N.A.M.E.=.".E.x.t.r.a. .K.i.t.".....S.T.R._.A.P.P._.N.A.M.E._.F.L.=.".i.m.a.g.e.P.R.O.G.R.A.F. .F.r.e.e.L.a.y.o.u.t.".....S.T.R._.A.P.P._.N.A.M.E._.I.R.=.".C.o.l.o.r. .i.m.a.g.e.R.U.N.N.E.R. .E.n.l.a.r.g.e.m.e.n.t. .C.o.p.y.".....

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\STRING\EC_Spanish.ini

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
        Category:dropped
        Size (bytes):388
        Entropy (8bit):3.528178436006482
        Encrypted:false
        SSDEEP:6:Q+slqGldxYHse4FO3d5K4dribYHfK4dxYHujSe4FcsQKlB4dxYHLXUlpe3PEyONv:Q+swGet4L0fquH4K8QDe38yON
        MD5:CB7382F10AF32893BDC04D14F621EFDA
        SHA1:6F271AA70A6F8DC7E67C0EDC9CB53AADEB8B6814
        SHA-256:AE6F4E5700B3F8979D69B9B5511A27927B2B4527F0D9A67B3EED60471A8A0419
        SHA-512:3C816855F6C3E5A71FA3A6E2D29136AA2183B55ABDA8F8CA42E63B7F79B0BC2AA49678CE068FB82CCEC3F85BAC4DEAE8ED220FD860E1EA8356EE3A9FCC13816E
        Malicious:false
        Preview:..[.S.t.r.i.n.g.].....S.T.R._.A.P.P._.N.A.M.E.=.".i.m.a.g.e.P.R.O.G.R.A.F. .P.r.i.n.t.e.r. .D.r.i.v.e.r. .E.x.t.r.a. .K.i.t.".....S.T.R._.S.H.O.R.T._.A.P.P._.N.A.M.E.=.".E.x.t.r.a. .K.i.t.".....S.T.R._.A.P.P._.N.A.M.E._.F.L.=.".i.m.a.g.e.P.R.O.G.R.A.F. .F.r.e.e.L.a.y.o.u.t.".....S.T.R._.A.P.P._.N.A.M.E._.I.R.=.".C.o.l.o.r. .i.m.a.g.e.R.U.N.N.E.R. .E.n.l.a.r.g.e.m.e.n.t. .C.o.p.y.".....

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\STRING\JP_Japanese.ini

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
        Category:dropped
        Size (bytes):362
        Entropy (8bit):3.8925345913000458
        Encrypted:false
        SSDEEP:6:Q+slqGldxYHse4FO3d5K4dribYHfK4dxYHujSe4PxYHLXUlpe9N8xv:Q+swGet4L0fquH4GQDe9M
        MD5:B7DAAFEACB21ABACBCDD1E7B3DE443BF
        SHA1:510C035EE5DCCBE2CF4CB7D53B90019D86279E64
        SHA-256:9E07753D2A0D0E96C54A58EC2D0673B611ED6BD440038D3ADB55A38ED6C23A48
        SHA-512:8F6F9B04431A760B47D15FCF6320E87035E0A300E6D4931C13D1408B1BA2DA2E5779F4257BFEEB3A64303D3A38245E3BBFAA3D5297B066013A74379E1B73C7D4
        Malicious:false
        Preview:..[.S.t.r.i.n.g.].....S.T.R._.A.P.P._.N.A.M.E.=.".i.m.a.g.e.P.R.O.G.R.A.F. .P.r.i.n.t.e.r. .D.r.i.v.e.r. .E.x.t.r.a. .K.i.t.".....S.T.R._.S.H.O.R.T._.A.P.P._.N.A.M.E.=.".E.x.t.r.a. .K.i.t.".....S.T.R._.A.P.P._.N.A.M.E._.F.L.=.".i.m.a.g.e.P.R.O.G.R.A.F..0.0.0.0.0.0.0.0".....S.T.R._.A.P.P._.N.A.M.E._.I.R.=.".C.o.l.o.r. .i.m.a.g.e.R.U.N.N.E.R.#.:d.b'Y.0.0.0".....

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\STRING\US_English.ini

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
        Category:dropped
        Size (bytes):388
        Entropy (8bit):3.528178436006482
        Encrypted:false
        SSDEEP:6:Q+slqGldxYHse4FO3d5K4dribYHfK4dxYHujSe4FcsQKlB4dxYHLXUlpe3PEyONv:Q+swGet4L0fquH4K8QDe38yON
        MD5:CB7382F10AF32893BDC04D14F621EFDA
        SHA1:6F271AA70A6F8DC7E67C0EDC9CB53AADEB8B6814
        SHA-256:AE6F4E5700B3F8979D69B9B5511A27927B2B4527F0D9A67B3EED60471A8A0419
        SHA-512:3C816855F6C3E5A71FA3A6E2D29136AA2183B55ABDA8F8CA42E63B7F79B0BC2AA49678CE068FB82CCEC3F85BAC4DEAE8ED220FD860E1EA8356EE3A9FCC13816E
        Malicious:false
        Preview:..[.S.t.r.i.n.g.].....S.T.R._.A.P.P._.N.A.M.E.=.".i.m.a.g.e.P.R.O.G.R.A.F. .P.r.i.n.t.e.r. .D.r.i.v.e.r. .E.x.t.r.a. .K.i.t.".....S.T.R._.S.H.O.R.T._.A.P.P._.N.A.M.E.=.".E.x.t.r.a. .K.i.t.".....S.T.R._.A.P.P._.N.A.M.E._.F.L.=.".i.m.a.g.e.P.R.O.G.R.A.F. .F.r.e.e.L.a.y.o.u.t.".....S.T.R._.A.P.P._.N.A.M.E._.I.R.=.".C.o.l.o.r. .i.m.a.g.e.R.U.N.N.E.R. .E.n.l.a.r.g.e.m.e.n.t. .C.o.p.y.".....

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\STRING\US_Korean.ini

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
        Category:dropped
        Size (bytes):388
        Entropy (8bit):3.528178436006482
        Encrypted:false
        SSDEEP:6:Q+slqGldxYHse4FO3d5K4dribYHfK4dxYHujSe4FcsQKlB4dxYHLXUlpe3PEyONv:Q+swGet4L0fquH4K8QDe38yON
        MD5:CB7382F10AF32893BDC04D14F621EFDA
        SHA1:6F271AA70A6F8DC7E67C0EDC9CB53AADEB8B6814
        SHA-256:AE6F4E5700B3F8979D69B9B5511A27927B2B4527F0D9A67B3EED60471A8A0419
        SHA-512:3C816855F6C3E5A71FA3A6E2D29136AA2183B55ABDA8F8CA42E63B7F79B0BC2AA49678CE068FB82CCEC3F85BAC4DEAE8ED220FD860E1EA8356EE3A9FCC13816E
        Malicious:false
        Preview:..[.S.t.r.i.n.g.].....S.T.R._.A.P.P._.N.A.M.E.=.".i.m.a.g.e.P.R.O.G.R.A.F. .P.r.i.n.t.e.r. .D.r.i.v.e.r. .E.x.t.r.a. .K.i.t.".....S.T.R._.S.H.O.R.T._.A.P.P._.N.A.M.E.=.".E.x.t.r.a. .K.i.t.".....S.T.R._.A.P.P._.N.A.M.E._.F.L.=.".i.m.a.g.e.P.R.O.G.R.A.F. .F.r.e.e.L.a.y.o.u.t.".....S.T.R._.A.P.P._.N.A.M.E._.I.R.=.".C.o.l.o.r. .i.m.a.g.e.R.U.N.N.E.R. .E.n.l.a.r.g.e.m.e.n.t. .C.o.p.y.".....

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Extra\res\STRING\US_SimplifiedChinese.ini

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
        Category:dropped
        Size (bytes):388
        Entropy (8bit):3.528178436006482
        Encrypted:false
        SSDEEP:6:Q+slqGldxYHse4FO3d5K4dribYHfK4dxYHujSe4FcsQKlB4dxYHLXUlpe3PEyONv:Q+swGet4L0fquH4K8QDe38yON
        MD5:CB7382F10AF32893BDC04D14F621EFDA
        SHA1:6F271AA70A6F8DC7E67C0EDC9CB53AADEB8B6814
        SHA-256:AE6F4E5700B3F8979D69B9B5511A27927B2B4527F0D9A67B3EED60471A8A0419
        SHA-512:3C816855F6C3E5A71FA3A6E2D29136AA2183B55ABDA8F8CA42E63B7F79B0BC2AA49678CE068FB82CCEC3F85BAC4DEAE8ED220FD860E1EA8356EE3A9FCC13816E
        Malicious:false
        Preview:..[.S.t.r.i.n.g.].....S.T.R._.A.P.P._.N.A.M.E.=.".i.m.a.g.e.P.R.O.G.R.A.F. .P.r.i.n.t.e.r. .D.r.i.v.e.r. .E.x.t.r.a. .K.i.t.".....S.T.R._.S.H.O.R.T._.A.P.P._.N.A.M.E.=.".E.x.t.r.a. .K.i.t.".....S.T.R._.A.P.P._.N.A.M.E._.F.L.=.".i.m.a.g.e.P.R.O.G.R.A.F. .F.r.e.e.L.a.y.o.u.t.".....S.T.R._.A.P.P._.N.A.M.E._.I.R.=.".C.o.l.o.r. .i.m.a.g.e.R.U.N.N.E.R. .E.n.l.a.r.g.e.m.e.n.t. .C.o.p.y.".....

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\ANIMIMG\USBANIM.av_

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:MS Compress archive data, SZDD variant, i is last character of original name, original size: 2396160 bytes
        Category:dropped
        Size (bytes):668217
        Entropy (8bit):7.711534353747695
        Encrypted:false
        SSDEEP:12288:gGngoyx+UmyuUksGOZjldqSC2EVxqn5cQCa7Oki3Tj3osR0e4qEbHKCg+C3:gmt2Tk6jlAZxE5BRE3Tj3oE0eQdI
        MD5:5DC52BA39839E232264D8F4F785FE751
        SHA1:BE5B42B695FDD8E3E00940D8636F9582D27F7621
        SHA-256:A03EE56F5D33B7871EE9659EE7D3A58C324CF2EA94C3001CB38480E4409C31F3
        SHA-512:768A62842EEC3A6074487EB01D3B2A16D902C29D3A7ACA082FD7855A9A93A4B6BCBBB448A4CFB7290E4826B3FC07F074E08FCF8C9D0A16F61E165DA5DA0CA94C
        Malicious:false
        Preview:SZDD..'3Ai..$..RIFF .$..AVI LIST.....hdrl.avih8....P....I.........X....}....j..y....!.8...t..st.rlP...vids`8.(.!. .,..'`.Yy3.P.f(..(..f2.....,.....t'.`.........................?*......_*.U.......................................%...%..%.....5...5..5.....E...E..E...UU...U..U...V.e...e..e..?V.u...u..u.._V............V............V............V............V............V............U..[..._..c.............?... .. ... ._... .. ... ....% .% ..% ....5 .5 ..5 ....E .E ..E ....U .U ..U ..G...e .e .j[..y".[...\.j. .. .. .?\.j. .. .. ._\.j. .. .. ..\.j. .. .. ..\.j. .. .. ..\.j. .. .. ..\.j. .. .. ..\... .. .. ...*U..[.._..c..0j.0..0..0.?.0j%0.%0.%0._.0j50.50.50...0jE0.E0.E0...0jU0.U0.U0...0je0.e0.e0...0ju0.u0.u0...0J.0..0..1.".c..`..0..0..0.?.`..0..0..0._.`..0..0..0...`..0..0..0...`..0..0..0...`..0..0..0..T`..0..0..1.. ..@....@.0.3*O.fO..O.......t b#..T.=@.=@..=@..T.M@.M@..M@..T.]@.]@.4]A.0..0....u@5.u@.u@.....@U..@..@...U.............C..BO..C.A.A.@J.UNK....M.M.M..M.].],]<]L]\]l].|].].].].].].].

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\DDI\CAB1.CAB

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Microsoft Cabinet archive data, many, 486440 bytes, 5 files, at 0x2c +A "CDDI_SDK.dll" +A "CDDITCPIP.ext", number 1, 34 datablocks, 0x1 compression
        Category:dropped
        Size (bytes):486440
        Entropy (8bit):7.99762462343018
        Encrypted:true
        SSDEEP:6144:GvrsNZdxPLjZ4fi7M7HLBmkCPHz2YbK+Gf7rWBOHARA67XpxCnclwT9baTwmiU9U:os7u5r4Lz2eOrWDR/vCnclG9bqwmjU
        MD5:5345EB273678FD2DD4E8DC2B7C055112
        SHA1:D90A14BE39C70925FE7E37E2FE1C578E40D647CC
        SHA-256:B817A8D813A7ED2D0408BB1AC508FED4D065407E1B89CE4FF00776E3A4F6F8F6
        SHA-512:7848B55AE271226C76E10C180D6CA821B6F8D55FE50A07E46696D692F4F55462B1172002A3EA0D8FCA772F1A0792B98AA11B7F17F409551CAEBC99BB5779A744
        Malicious:true
        Preview:MSCF....(l......,.......................".... ........H<vc .CDDI_SDK.dll...... ....b<.q .CDDITCPIP.ext...........H<.c .DeviceDiscovery.dll...........H<)d .SLPDiscovery.dll...........H<.e .SNMPDiscovery.dll..g}.0..CK.;.tT........4.X.. H0,.h..!..2.3#S.E..q.U\.(.K.......9...jw.u.l.D..h.D.=..lc........u0...~.w.{.&.$x...g.w.w...}...-.......A..3q...^.7}......?..}....].+....m..c..n.U.pK.{+.r..o..g..-.M.R%q<~v.w.=...._z....~...._...=m4.$=.7..y.~?.......g....(.x.j..U&.Wwo.^.o.....7 .r..2......j.......X..N...]....P....O..v....=l....RZ.......u.b...k]#./.m....=n.P....*..}..b..{.R..........`..zd..Y.....m....'YAf.....o..m....H..apu.....5~._...5~._...5~._..y\.#.24....;.,6..*1W.....4O...........0n...o=.e.............h..O..._..W.6hj../.......mM.>.u....d,..1.}..K.Kjy.3.`..y.7\....&.}.c'.....p..M.t\.0#..OC...w..t^....A....y....]l&...@.0p.?.h..D.J.....%.^......n......E_.Q...<..f.'.....h..o........#l#ClG.U........k....V..4..rP.`yW.........8.......i\..

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\DDI\CNWIDSCK.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):122880
        Entropy (8bit):5.44795318060492
        Encrypted:false
        SSDEEP:1536:kcqfTavgXTf+ySGdWLRRR/QeepjbehrCPMEod8yOhIVC666NGawhJ6A:kcSaZsOzRfhrCZod8BgC666NG/I
        MD5:94E245BF34D4C83766CF328D4EF7E213
        SHA1:91B0528081D1D97858D7E8CED43D0AF79BB3AF57
        SHA-256:7DBC955D53140260203B812242B104EDA9E492EB475068AF0BCFEC36436B02BD
        SHA-512:82DA38399F651C7DCA6B2D35C2E9FB9D64247CCBDE639554A8CA6CC5F94548A8E6BE73C6C66A81D4DCD7402C875E10732DD3F77F3B376F4BF7FC4A3CB26C5961
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...........]..]..]..2..W.....D..2.....$..{..]..[..?..L..]..6..[..\..[.._....\....\..Rich]..........PE..L....Z@F...........!.........0......V4.......................................0.......................................:..z....(..........."......................P.......................................................|............................text............................... ..`.rdata..*;.......@..................@..@.data...d....@...@...@..............@....rsrc....".......0..................@..@.reloc..X).......0..................@..B................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\DDI\CNWIDSK.INI

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Generic INItialization configuration [OLDCONFIG]
        Category:dropped
        Size (bytes):1728
        Entropy (8bit):4.697189332717237
        Encrypted:false
        SSDEEP:24:AHzGas1dYMm1DXt34Z601B/V+iws6FhnF2Q5hZz99/0dbAHJ9/hxcC4xlY/M8hHa:uxlCwFDb5HhV40TlZGm3SGDJ+h
        MD5:C53335E38FEC21A69224FA65D5CDD79E
        SHA1:605E6FE985E4A02FDA182EF79F831B4D4CD0A20C
        SHA-256:EA6D482B496617B898CC91A4249636DCFD12017EF7700061F1696B6489B60342
        SHA-512:C3E41291EF26B71FE3C784CD616528CD9C0407CB75C6732E7A6250ED644582C2167D0B9F4EB911B0A842BE33CD05C809EB710E33E80CF7C1FADC7E5F1CD2667B
        Malicious:false
        Preview:[NEWCONFIG]..COUNT=82..PRT 0=BIJ1300..PRT 1=BIJ2300..PRT 2=BIJ1350 LIPS..PRT 3=BIJ2350 LIPS..PRT 4=BIJ1350 PCL..PRT 5=BIJ2350 PCL..PRT 6=W6400PG..PRT 7=W8400PG..PRT 8=Graphic Color W2200..PRT 9=W6400..PRT 10=W8400..PRT 11=iPF5000..PRT 12=iPF500..PRT 13=iPF600..PRT 14=iPF700..PRT 15=iPF9000..PRT 16=iPF8000..PRT 17=iPF6100..PRT 18=iPF5100..PRT 19=iPF510..PRT 20=iPF610..PRT 21=iPF710..PRT 22=iPF8000S..PRT 23=iPF9000S..PRT 24=iPF8100..PRT 25=iPF9100..PRT 26=LP17..PRT 27=LP24..PRT 28=iPF605..PRT 29=iPF720..PRT 30=iPF6200..PRT 31=iPF810..PRT 32=iPF820..PRT 33=iPF6000S..PRT 34=iPF8110..PRT 35=iPF8010S..PRT 36=iPF9110..PRT 37=iPF9010S..PRT 38=iPF650..PRT 39=iPF655..PRT 40=iPF750..PRT 41=iPF755..PRT 42=iPF6300..PRT 43=iPF6350..PRT 44=iPF8300..PRT 45=iPF815..PRT 46=iPF825..PRT 47=iPF6300S..PRT 48=iPF8310S..PRT 49=iPF8300S..PRT 50=iPF760..PRT 51=iPF765..PRT 52=iPF9400..PRT 53=iPF9400S..PRT 54=iPF6400..PRT 55=iPF6450..PRT 56=iPF9410..PRT 57=iPF9410S..PRT 58=iPF6460..PRT 59=iPF6410..PRT 60=iPF8400.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\DDI\XML\SLPDiscoveryGA1.xml

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:XML 1.0 document, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):15270
        Entropy (8bit):4.913147484600566
        Encrypted:false
        SSDEEP:384:Pr1rorlrJqrrrkrjrcr6rrrorLryr1rgr5rUrXrHrqrLr1rBr4rLrLrTr2rYrVr9:D9ct8XQf4SXc369EpAbLC39hs33PWMd9
        MD5:B89F12CB729B3136A66047849C653F5E
        SHA1:7C11F551FF09F182F425234CB1A07916501C2CAC
        SHA-256:C31E281476BEB78AED5239C2C4C531375AE0990EE38AC8682729019A71A1DC84
        SHA-512:C3FD01F6DDFB061A8FB4371BA7A6BCE57BA7605F2EAAC199C813C12E285AD3B9C086581CAB9B1756977DC00BE66228CF958EB06AC49711FB96339C03943735B7
        Malicious:false
        Preview:<?xml version="1.0" encoding="utf-8"?>....<discovery xmlns="urn:slpdiscovery">......<refreshRate>60</refreshRate>...<timeout>4</timeout>.....<methodList onlyMatching="true">...... SLP method to find "service:printer" devices -->....<method name="Test" serviceType="printer.canon"> .....<AttributeList>......<devNameOID>x-can-PdInfoMachineName</devNameOID>......<devTypeOID>x-can-PdInfoProductName</devTypeOID>.. ....<sysDescOID>sysDescr</sysDescOID>.....</AttributeList>.......<deviceList>......<device name="Canon Office Color N1000" enum="1">.......<matchingDevTypeStrs>........<devTypeStr>Office Color N1000</devTypeStr>.......</matchingDevTypeStrs>......</device>........<device name="Canon Office Color N1100" enum="2">.......<matchingDevTypeStrs>........<devTypeStr>Office Color N1100</devTypeStr>.......</matchingDevTypeStrs>......</device>........<device name="Canon Office Color N2000" enum="3">.......<matchingDevTypeStrs>........<devTypeStr>Office Color N2000</devTypeStr>.......</matc

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\DDI\XML\SNMPDiscoveryGA1.xml

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:exported SGML document, ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):15534
        Entropy (8bit):4.950955793061044
        Encrypted:false
        SSDEEP:384:h1r1rorlrJqrrrkrjrcr6rrrorLryr1rgr5rUrXrHrqrLr1rBr4rLrLrTr2rYrVh:b9ct8XQf4SXc369EpAbLC39hs33PWMd9
        MD5:6F53BB390AE0B248D3CCB9FBD476A8B6
        SHA1:4AE0B61CB0B99BF57AE6F83507ADA76198AE168A
        SHA-256:DDF734D03ECC0DE8F91D41C22CF27BC06A13C9E55CFC45CF876AB1D5FDFFA243
        SHA-512:8C69FA3218C79DACFC865D31592596C2E702F74B0E12D269D9F82790E8AA671372760FD869C6310C2DE7AD0FB51E6F1E26623BBA6AC400AD77BBF0AF15472AE8
        Malicious:false
        Preview: ..;=====================================================================..; Copyright CANON INC. 2009 All Rights Reserved...; SNMPDiscovery.xml..;=====================================================================..-->..<discovery xmlns="urn:cissnmpdiscovery">......<refreshRate>60</refreshRate>...<timeout>8</timeout>.....<broadcastType>eLimitedBroadcast</broadcastType>...<methodList onlyMatching="false" snmpCommunity="public">......<method mibType="Canon MIB">.....<OIDList> ......<devTypeOID>.1.3.6.1.4.1.1602.1.1.1.1.0</devTypeOID>......<devNameOID>.1.3.6.1.4.1.1602.1.1.1.2.0</devNameOID>......<macAddrOID hexEncoded="true">.1.3.6.1.2.1.2.2.1.6.1</macAddrOID>......<sysDescOID>.1.3.6.1.2.1.1.1.0</sysDescOID>.....</OIDList>.......<deviceList>........<device name="Canon Office Color N1000" enum="1">.......<matchingDevTypeStrs>........<devTypeStr>Office Color N1000</devTypeStr>.......</matchingDevTypeStrs>......</device>........<device name="Canon Office Color N1100" enum="2">.......<

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\DDI\cnwdsck6.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):49152
        Entropy (8bit):6.078941896802106
        Encrypted:false
        SSDEEP:768:TjGdgO499kjfM5lS6Z4DwWjC3y09dks6foMRm3Yi:TjDXcSLuPCT6lRm3Yi
        MD5:6879B31B55636E320F304541B9E3FD58
        SHA1:593B2B2059B137DA0FB5AE39CDF7236EF397645F
        SHA-256:B475293E34D84F58F0AAEF575547176D4636958EB31B1195F542982646265792
        SHA-512:3BB2C3E8D505EC483D6C77E5BAF07D718F5A0FABD450C004EE0B613138AAE44BC9FC43236EFDD4E8C0CD2D9EA7102D00F0E67638095EF4155868E757421EA868
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......,v..h.tMh.tMh.tMao.MH.tMao.Mx.tMao.M!.tMh.uM?.tMO..Mo.tMao.Mk.tMao.Mi.tMvE.Mi.tMao.Mi.tMRichh.tM........PE..L...j..Q...........!.....n...N.......................................................T....@.............................\...T...P...............................`...`...................................@...............0............................text....m.......n.................. ..`.rdata...%.......&...r..............@..@.data...<...........................@....rsrc...............................@..@.reloc..Z...........................@..B................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\ENVINI.INI

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Generic INItialization configuration [Canon iPF770_w32]
        Category:dropped
        Size (bytes):522
        Entropy (8bit):5.065073998722065
        Encrypted:false
        SSDEEP:12:f932ZbsGSTcXCwAEg32T3sGSTcXCwAe32Yt3sGSTcXCwAz:1GqncX3XgGTcncX33GYtcncX3m
        MD5:536BB649CAF3685E00CD4F7476AC3B68
        SHA1:861EF6F793377C510A7E385D4FB6B3BC4CF27DA4
        SHA-256:D021402AFBA2B09826D60FA7496DBE3098A9A94C1824AAD4B2837FC38A7BAD41
        SHA-512:4DED44405751766C92B90D058EB21757174AB2E3E6F49EF6EA2644B83EB75EC45757DDB2226374AC109C4FC186A9EFAB9B56E1FEBCDF55CC899276976771B81F
        Malicious:false
        Preview:[CommonIniData_w32]..Data Type=RAW..PrintProcessor=WinPrint..Priority=1..Device Queue Name=..ProtocolType=9100..DefaultPort=..referTCPMON=YES..enableSNMP=AUTO....[Canon iPF770_w32]..Data Type=RAW..PrintProcessor=Canon iPF770 Print Processor..Priority=1..Device Queue Name=..ProtocolType=9100..DefaultPort=..referTCPMON=YES..enableSNMP=AUTO....[Canon iPF771_w32]..Data Type=RAW..PrintProcessor=Canon iPF771 Print Processor..Priority=1..Device Queue Name=..ProtocolType=9100..DefaultPort=..referTCPMON=YES..enableSNMP=AUTO..

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAC.RTF

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Rich Text Format data, version 1, ANSI, code page 932, default language ID 1033
        Category:dropped
        Size (bytes):33353
        Entropy (8bit):4.5160153751975765
        Encrypted:false
        SSDEEP:384:nbATNefcAmBtnBgL42+AVCVy9xurgkCuNUFaWHBOMCnEUWc38vUUvvOXMe5icC2r:nbOkoXJ
        MD5:823A6A78461CF7668C9085A45F726128
        SHA1:88FACB7F6B141043B4B827099B226D885DCFE578
        SHA-256:FC4D3B3459F57C779581F32046A51D530DA81561B8E70E98CFB230DAE6045384
        SHA-512:0A98ECD45E637A27EAC217E4EDE6874FD1C77F8AEA4F942874A9555642C6DEF0A52103EEF1DD400EE25B3A6E73DA2CCB2C5C2A0774A320BCE87D7ADD7392F55F
        Malicious:false
        Preview:{\rtf1\ansi\ansicpg932\uc2 \deff0\deflang1033\deflangfe1041{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}{\f17\fnil\fcharset134\fprq2{\*\panose 02010600030101010101}SimSun{\*\falt ??};}..{\f23\froman\fcharset128\fprq1{\*\panose 02020609040205080304}\'82\'6c\'82\'72 \'96\'be\'92\'a9{\*\falt MS Mincho};}{\f26\froman\fcharset0\fprq2{\*\panose 02040604050505020304}Century;}{\f28\fnil\fcharset134\fprq2{\*\panose 02010600030101010101}@SimSun;}..{\f52\froman\fcharset128\fprq1{\*\panose 02020609040205080304}@\'82\'6c\'82\'72 \'96\'be\'92\'a9;}{\f195\froman\fcharset238\fprq2 Times New Roman CE;}{\f196\froman\fcharset204\fprq2 Times New Roman Cyr;}..{\f198\froman\fcharset161\fprq2 Times New Roman Greek;}{\f199\froman\fcharset162\fprq2 Times New Roman Tur;}{\f200\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f201\froman\fcharset178\fprq2 Times New Roman (Arabic);}..{\f202\froman\fcharset186\fprq2 Times New Roman Baltic;}{\f333\fnil\fcharset0\fprq2 Sim

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAF.RTF

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Rich Text Format data, version 1, ANSI, code page 932, default language ID 1033
        Category:dropped
        Size (bytes):22343
        Entropy (8bit):5.182692740680335
        Encrypted:false
        SSDEEP:384:BSELrUUnvrB9woxgsaMqcTOfVUcgBWF3BktTRtElDqmWN+aVUoV1TEaRONlmG+Ds:xrUUnvrB9woxgsaMqcTOfVUcgBWF3Bkm
        MD5:0158E4C3425FAA2B1E81FAA36E21E6DB
        SHA1:03C806C46FF886E9937FB86C6B2DE39BF23FAE87
        SHA-256:9BD973A7F60FBD949EBBCD83A9416D55FFEB3C26AA10F5472CDA6D44AD496045
        SHA-512:AC243D0EF0C89671DC76BB1EE4847C61AE1281A2DAF56C82E73B9226235E4B1B9C2968335D60D2B2B24E746BA9891451B7CAE793BB48702A6E3ABD82258229B1
        Malicious:false
        Preview:{\rtf1\ansi\ansicpg932\uc2 \deff26\deflang1033\deflangfe1041{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}{\f1\fswiss\fcharset0\fprq2{\*\panose 020b0604020202020204}Arial;}..{\f23\froman\fcharset128\fprq1{\*\panose 02020609040205080304}\'82\'6c\'82\'72 \'96\'be\'92\'a9{\*\falt MS Mincho};}{\f26\froman\fcharset0\fprq2{\*\panose 02040604050505020304}Century;}..{\f28\froman\fcharset128\fprq1{\*\panose 02020609040205080304}@\'82\'6c\'82\'72 \'96\'be\'92\'a9;}{\f39\froman\fcharset238\fprq2 Times New Roman CE;}{\f40\froman\fcharset204\fprq2 Times New Roman Cyr;}{\f42\froman\fcharset161\fprq2 Times New Roman Greek;}..{\f43\froman\fcharset162\fprq2 Times New Roman Tur;}{\f44\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f45\froman\fcharset178\fprq2 Times New Roman (Arabic);}{\f46\froman\fcharset186\fprq2 Times New Roman Baltic;}..{\f47\fswiss\fcharset238\fprq2 Arial CE;}{\f48\fswiss\fcharset204\fprq2 Arial Cyr;}{\f50\fswiss\fcharset161\fprq2 Arial

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAG.RTF

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Rich Text Format data, version 1, ANSI, code page 932, default language ID 1033
        Category:dropped
        Size (bytes):21119
        Entropy (8bit):5.2915764720129514
        Encrypted:false
        SSDEEP:384:DlfnyDmjVYA2atcar2yr3x41J151wRdwhK1f8iGOd1X/:D1nySjVH2atcaqox41J151gehK58iGOP
        MD5:A7963AC2C1FDBB2C0089CBC56D48968C
        SHA1:290AF6804425DB36CB2A84911E04E512A2CBD401
        SHA-256:5348B976A994511050EBB50E1B0E96E9F5AB75A9C1953E0426A491E71E83079E
        SHA-512:124B78662ED079CDDBB16311687A13FA4A70B2468F4FC0BC77441191868029EF3A7BCA0BB3231E21BA39F2106838603F7B35930B6DEA08BD0F5077CC26834412
        Malicious:false
        Preview:{\rtf1\ansi\ansicpg932\uc2 \deff0\deflang1033\deflangfe1041{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}..{\f23\froman\fcharset128\fprq1{\*\panose 02020609040205080304}\'82\'6c\'82\'72 \'96\'be\'92\'a9{\*\falt MS Mincho};}{\f28\fswiss\fcharset0\fprq2{\*\panose 020b0604030504040204}Tahoma;}..{\f49\froman\fcharset128\fprq1{\*\panose 02020609040205080304}@\'82\'6c\'82\'72 \'96\'be\'92\'a9;}{\f193\froman\fcharset238\fprq2 Times New Roman CE;}{\f194\froman\fcharset204\fprq2 Times New Roman Cyr;}..{\f196\froman\fcharset161\fprq2 Times New Roman Greek;}{\f197\froman\fcharset162\fprq2 Times New Roman Tur;}{\f198\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f199\froman\fcharset178\fprq2 Times New Roman (Arabic);}..{\f200\froman\fcharset186\fprq2 Times New Roman Baltic;}{\f379\froman\fcharset0\fprq1 MS Mincho Western{\*\falt MS Mincho};}{\f377\froman\fcharset238\fprq1 MS Mincho CE{\*\falt MS Mincho};}{\f378\froman\fcharset204\fprq1 MS Mincho Cyr{\*

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAI.RTF

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Rich Text Format data, version 1, ANSI, code page 932, default language ID 1033
        Category:dropped
        Size (bytes):19435
        Entropy (8bit):5.249640519280235
        Encrypted:false
        SSDEEP:384:163Ovmw3CMSNu5YRpRYYGavN+6kVYvvQ7rKa8Qdgav3jIS9JS1/NO+YGJzA9vnDv:83Ovmw3hSNu5YRpRYYGavN+6kVcvQ7rL
        MD5:2FA3092ABA23850C08229C36F1C9E7EE
        SHA1:37D2F45BACE19DD86280F5121F6D0D8250982611
        SHA-256:1B2D73B1C2D1A4909B8479F50F184B97A5FC659C2B1EAA6ECB3DCDBBBABFC5E8
        SHA-512:F6730F836FB00AF7082E95D7EBD869B1FCCCDC4D93FB0AC8BB6694196CF5BDB0E1C553EF2601A98021B93A1C07AE73273BC5027C27D6E4455887B7046EA02AEE
        Malicious:false
        Preview:{\rtf1\ansi\ansicpg932\uc2 \deff0\deflang1033\deflangfe1041{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}{\f1\fswiss\fcharset0\fprq2{\*\panose 020b0604020202020204}Arial;}..{\f23\froman\fcharset128\fprq1{\*\panose 02020609040205080304}\'82\'6c\'82\'72 \'96\'be\'92\'a9{\*\falt MS Mincho};}{\f49\froman\fcharset128\fprq1{\*\panose 02020609040205080304}@\'82\'6c\'82\'72 \'96\'be\'92\'a9;}..{\f193\froman\fcharset238\fprq2 Times New Roman CE;}{\f194\froman\fcharset204\fprq2 Times New Roman Cyr;}{\f196\froman\fcharset161\fprq2 Times New Roman Greek;}{\f197\froman\fcharset162\fprq2 Times New Roman Tur;}..{\f198\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f199\froman\fcharset178\fprq2 Times New Roman (Arabic);}{\f200\froman\fcharset186\fprq2 Times New Roman Baltic;}{\f201\fswiss\fcharset238\fprq2 Arial CE;}..{\f202\fswiss\fcharset204\fprq2 Arial Cyr;}{\f204\fswiss\fcharset161\fprq2 Arial Greek;}{\f205\fswiss\fcharset162\fprq2 Arial Tur;}{\f206\fsw

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAJ.RTF

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Rich Text Format data, version 1, ANSI, code page 932, default language ID 1033
        Category:dropped
        Size (bytes):33849
        Entropy (8bit):4.522092372336813
        Encrypted:false
        SSDEEP:384:gQAboFf/cqIAIWevR/B3I9kRvqCsLqs3A+BXy+ML00g7c:GboFXmAIl34qvq1YLM4
        MD5:65E53E0B63282B33B8C3D5BAE03954F5
        SHA1:4DBEF40DB2BD1701BB7E641B6309A1A96280D690
        SHA-256:C83D17D15D690D826259A95138C4B31EEC1C68F60061882C166EA44CCFEB068B
        SHA-512:0F9DDA8FE95FFE9CDD85408EAAD1940DA0B9095B704C396D91569F5ED4D69ABE79F32F45285FF7913A6DC78F566079F98A3CEF8263DEF01F60F532816A6EBF13
        Malicious:false
        Preview:{\rtf1\ansi\ansicpg932\uc2 \deff26\deflang1033\deflangfe1041{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}..{\f23\froman\fcharset128\fprq1{\*\panose 02020609040205080304}\'82\'6c\'82\'72 \'96\'be\'92\'a9{\*\falt MS Mincho};}{\f26\froman\fcharset0\fprq2{\*\panose 02040604050505020304}Century;}..{\f28\fmodern\fcharset128\fprq2{\*\panose 020b0600070205080204}\'82\'6c\'82\'72 \'82\'6f\'83\'53\'83\'56\'83\'62\'83\'4e;}{\f29\froman\fcharset128\fprq1{\*\panose 02020609040205080304}@\'82\'6c\'82\'72 \'96\'be\'92\'a9;}..{\f30\fmodern\fcharset128\fprq2{\*\panose 020b0600070205080204}@\'82\'6c\'82\'72 \'82\'6f\'83\'53\'83\'56\'83\'62\'83\'4e;}{\f45\froman\fcharset238\fprq2 Times New Roman CE;}{\f46\froman\fcharset204\fprq2 Times New Roman Cyr;}..{\f48\froman\fcharset161\fprq2 Times New Roman Greek;}{\f49\froman\fcharset162\fprq2 Times New Roman Tur;}{\f50\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f51\froman\fcharset178\fprq2 Times New Roman (Arabi

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAO.RTF

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Rich Text Format data, version 1, ANSI, code page 932, default language ID 1033
        Category:dropped
        Size (bytes):114674
        Entropy (8bit):4.08707002465212
        Encrypted:false
        SSDEEP:384:k646R96z2t+4t7mWsfKPCav30KK7V/7hiDA64sxFbkjwYdyFIoYD8wYeM5/kmSAO:k646KaMSPZhX4jYFIogs93eEG1GRM
        MD5:D8DDE4E10950F459E8028B29F795157D
        SHA1:29527C54365B3833AD1063DA5E3F0103EB443AEA
        SHA-256:994C3FA0FF03AEE24A034ED136F51F9D1176F19A05DF015DDA2271D363A6BACB
        SHA-512:C2B45F857B162FB1DB7897684538C71281E1EB94F81352E4301510EBB9337F4A3AEE6CC287EF3BB9A1517F4419AB4F165E02458F731569E7B7EF5D599ABA99B2
        Malicious:false
        Preview:{\rtf1\ansi\ansicpg932\uc2 \deff0\deflang1033\deflangfe1041{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}..{\f23\froman\fcharset128\fprq1{\*\panose 02020609040205080304}\'82\'6c\'82\'72 \'96\'be\'92\'a9{\*\falt MS Mincho};}{\f26\froman\fcharset0\fprq2{\*\panose 02040604050505020304}Century;}..{\f28\fmodern\fcharset129\fprq1{\*\panose 020b0609000101010101}GulimChe;}{\f58\froman\fcharset128\fprq1{\*\panose 02020609040205080304}@\'82\'6c\'82\'72 \'96\'be\'92\'a9;}{\f124\fmodern\fcharset129\fprq1{\*\panose 020b0609000101010101}@GulimChe;}..{\f201\froman\fcharset238\fprq2 Times New Roman CE;}{\f202\froman\fcharset204\fprq2 Times New Roman Cyr;}{\f204\froman\fcharset161\fprq2 Times New Roman Greek;}{\f205\froman\fcharset162\fprq2 Times New Roman Tur;}..{\f206\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f207\froman\fcharset178\fprq2 Times New Roman (Arabic);}{\f208\froman\fcharset186\fprq2 Times New Roman Baltic;}{\f387\froman\fcharset0\fprq1 MS

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAP.RTF

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Rich Text Format data, version 1, ANSI, code page 932, default language ID 1033
        Category:dropped
        Size (bytes):23104
        Entropy (8bit):5.219985529023853
        Encrypted:false
        SSDEEP:384:a9b5mhRbEbfTlqAJvWP4oi+ze6K8QbQIl38:a9b5mhRbEbLlqAJ8ti+wnZl38
        MD5:A560059226C6035D867B6D564B5602C2
        SHA1:29BA6730627DA2A5DA6A6BB935E617ACAD0800CE
        SHA-256:E607CB01C4107ADB38DD18837626D603199B6A8BC8B0BC020F05F7E6524F8717
        SHA-512:FA288F891CA2D4760CB48875464345BE9C8713C1F8B6297BA2B24DF64ACA42877ACA3DDA768072C5BF40A3A384ACA9CD472765A98FEBC9183999BDF937814885
        Malicious:false
        Preview:{\rtf1\ansi\ansicpg932\uc2 \deff26\deflang1033\deflangfe1041{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}..{\f23\froman\fcharset128\fprq1{\*\panose 02020609040205080304}\'82\'6c\'82\'72 \'96\'be\'92\'a9{\*\falt MS Mincho};}{\f26\froman\fcharset0\fprq2{\*\panose 02040604050505020304}Century;}..{\f29\froman\fcharset128\fprq1{\*\panose 02020609040205080304}@\'82\'6c\'82\'72 \'96\'be\'92\'a9;}{\f44\fmodern\fcharset128\fprq2{\*\panose 020b0600070205080204}\'82\'6c\'82\'72 \'82\'6f\'83\'53\'83\'56\'83\'62\'83\'4e;}..{\f45\fmodern\fcharset128\fprq2{\*\panose 020b0600070205080204}@\'82\'6c\'82\'72 \'82\'6f\'83\'53\'83\'56\'83\'62\'83\'4e;}{\f475\froman\fcharset238\fprq2 Times New Roman CE;}{\f476\froman\fcharset204\fprq2 Times New Roman Cyr;}..{\f478\froman\fcharset161\fprq2 Times New Roman Greek;}{\f479\froman\fcharset162\fprq2 Times New Roman Tur;}{\f480\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f481\froman\fcharset178\fprq2 Times New Roman

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAR.RTF

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
        Category:dropped
        Size (bytes):26662
        Entropy (8bit):3.5849320390259494
        Encrypted:false
        SSDEEP:384:Nzof6qsV7zJMJVNK7WKJMthqFAEKj2yhDBVsorro3tsW0fkoZ1RYVC4NIGQz0lYm:NA6qsaV6WCs2W/RU50fCePMP/6G
        MD5:B8A4F24A17897032E8C1621D888A2338
        SHA1:2EA232EB2256ABC6DBF5DC32A7D069EA1071A126
        SHA-256:8C9D66AB7B54BAD8F49FF9F0729DDF1351636B3A85DE3774E57FBF9127B4CAE6
        SHA-512:96E00E3D1B2155AA5CB592C3176C084B344C0AD21086D285767A71771A218EEC11C5499F30E394AE086B30985844FE822D4723472F094A9C73CAFF0675D5D8FF
        Malicious:false
        Preview:{\rtf1\ansi\ansicpg1252\deff0\deflang1033\deflangfe1033\deftab840{\fonttbl{\f0\fswiss\fprq2\fcharset204{\*\fname Arial;}Arial CYR;}{\f1\fswiss\fprq2\fcharset0 Arial;}}..{\info{\horzdoc}{\*\lchars $([\'5c\'7b\'a3\'a5\'91\'93<\'ab????$([\'7b???}{\*\fchars !%),.:\'3b?]\'7d\'a2\'b0\'92\'94\'89'?????>\'bb????????\'b7??!%),.:\'3b?]\'7d???????}}..\viewkind4\uc1\pard\nowidctlpar\qj\lang1049\kerning2\f0\fs21\'cb\'c8\'d6\'c5\'cd\'c7\'c8\'df \'cd\'c0 \'cf\'d0\'ce\'c3\'d0\'c0\'cc\'cc\'cd\'ce\'c5 \'ce\'c1\'c5\'d1\'cf\'c5\'d7\'c5\'cd\'c8\'c5 CANON\par..\f1\par..\f0\'c2\'c0\'c6\'cd\'ce: \'cf\'d0\'ce\'d7\'d2\'c8\'d2\'c5 \'dd\'d2\'ce \'d1\'ce\'c3\'cb\'c0\'d8\'c5\'cd\'c8\'c5 \'cf\'c5\'d0\'c5\'c4 \'d3\'d1\'d2\'c0\'cd\'ce\'c2\'ca\'ce\'c9 \'cf\'d0\'ce\'c3\'d0\'c0\'cc\'cc\'cd\'ce\'c3\'ce \'ce\'c1\'c5\'d1\'cf\'c5\'d7\'c5\'cd\'c8\'df!\f1\par..\par..\f0\'dd\'f2\'ee\'f2 \'ef\'f0\'e0\'e2\'ee\'e2\'ee\'e9 \'e4\'ee\'ea\'f3\'ec\'e5\'ed\'f2 \'ff\'e2\'eb\'ff\'e5\'f2\'f1\'ff \'eb\'e8\'f6\'e5\'ed\'e7\'e8\'ee\'ed\'ed\'fb

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAS.RTF

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Rich Text Format data, version 1, ANSI, code page 932, default language ID 1033
        Category:dropped
        Size (bytes):21959
        Entropy (8bit):5.210347327390985
        Encrypted:false
        SSDEEP:384:INsmxwwXM0Ps0Iq1I/x2xIaNjV+dHFxqEA/BTT7TK1IxiudP7SbV4Tle0PTWn6TE:osmWwXZPs0Iq1Ipg1pV+dH3qEA/BTT78
        MD5:7E3E11D6FE902B5D1FF210914C4CEBF5
        SHA1:33B3944B16F5042E9A39EED7AC3811BEE53AD392
        SHA-256:90409140C39E883039462CF3AE9A4D399FE7ACE16762E274C6D223981485D2DE
        SHA-512:903684AFB55875A39ADCC995D9981994826DAC282151DBDE50D0FB5C24C0EC192A8B2495C0191FBA60DEA79CF7AAD7EAEBBF3C8E37605BF93C1BA0BCEF6C8725
        Malicious:false
        Preview:{\rtf1\ansi\ansicpg932\uc2 \deff0\deflang1033\deflangfe1041{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}..{\f23\froman\fcharset128\fprq1{\*\panose 02020609040205080304}\'82\'6c\'82\'72 \'96\'be\'92\'a9{\*\falt MS Mincho};}{\f28\fswiss\fcharset0\fprq2{\*\panose 020b0604030504040204}Tahoma;}..{\f29\froman\fcharset128\fprq1{\*\panose 02020609040205080304}@\'82\'6c\'82\'72 \'96\'be\'92\'a9;}{\f40\froman\fcharset238\fprq2 Times New Roman CE;}{\f41\froman\fcharset204\fprq2 Times New Roman Cyr;}{\f43\froman\fcharset161\fprq2 Times New Roman Greek;}..{\f44\froman\fcharset162\fprq2 Times New Roman Tur;}{\f45\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f46\froman\fcharset178\fprq2 Times New Roman (Arabic);}{\f47\froman\fcharset186\fprq2 Times New Roman Baltic;}..{\f226\froman\fcharset0\fprq1 MS Mincho Western{\*\falt MS Mincho};}{\f224\froman\fcharset238\fprq1 MS Mincho CE{\*\falt MS Mincho};}{\f225\froman\fcharset204\fprq1 MS Mincho Cyr{\*\falt M

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\EULAU.RTF

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Rich Text Format data, version 1, ANSI, code page 932, default language ID 1033
        Category:dropped
        Size (bytes):17363
        Entropy (8bit):5.367633225037607
        Encrypted:false
        SSDEEP:192:AASsuY1o6FRC1g94rsN/qNIOhOKTPM9BxXLZLAU3VASc/WdLDsdNMNLJMIsPZ3TI:BSELzCI4LTk3Yjt/WdvLJuFc3
        MD5:3226AE0CE8A64A73AB498D01896C9DED
        SHA1:0A6EB6F5C8629575270F09285E742964879CFBB8
        SHA-256:B5586415BA1417AAA6A67F2A5A83D33160EBD8015B6B3E83C53D5FDB069991C6
        SHA-512:27664DBEAF5FCDC26DF29740CA77B90E870D689893D321ED51379B497D34C9C2CA22DB77AE8CE34FA4F2D989A3956B54A80E191BD2AB3BD2E7B12BD1E18AF2D1
        Malicious:false
        Preview:{\rtf1\ansi\ansicpg932\uc2 \deff26\deflang1033\deflangfe1041{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}{\f1\fswiss\fcharset0\fprq2{\*\panose 020b0604020202020204}Arial;}..{\f23\froman\fcharset128\fprq1{\*\panose 02020609040205080304}\'82\'6c\'82\'72 \'96\'be\'92\'a9{\*\falt MS Mincho};}{\f26\froman\fcharset0\fprq2{\*\panose 02040604050505020304}Century;}..{\f28\froman\fcharset128\fprq1{\*\panose 02020609040205080304}@\'82\'6c\'82\'72 \'96\'be\'92\'a9;}{\f39\froman\fcharset238\fprq2 Times New Roman CE;}{\f40\froman\fcharset204\fprq2 Times New Roman Cyr;}{\f42\froman\fcharset161\fprq2 Times New Roman Greek;}..{\f43\froman\fcharset162\fprq2 Times New Roman Tur;}{\f44\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f45\froman\fcharset178\fprq2 Times New Roman (Arabic);}{\f46\froman\fcharset186\fprq2 Times New Roman Baltic;}..{\f47\fswiss\fcharset238\fprq2 Arial CE;}{\f48\fswiss\fcharset204\fprq2 Arial Cyr;}{\f50\fswiss\fcharset161\fprq2 Arial

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\INSDRV.INI

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Generic INItialization configuration [DriverSetPath]
        Category:dropped
        Size (bytes):1758
        Entropy (8bit):5.440727594433392
        Encrypted:false
        SSDEEP:24:HGOVEk3uDX8Q1eqFmCpcVnmCybKVddzqu1RvD4gzUMdxP48dp44vQ5JlC3AETtuC:HGOVEkEnFk5y4nOLMvQ5JUlTtz
        MD5:2185AB41962B0390F0631E2A4B8F0A3B
        SHA1:6325EE4058FD23C0506CEA20AFB30CD8745BD5B2
        SHA-256:719B3FB4C20E8F86B3BE8D37A1C4E057847AC974A95413A0965965016E48FE81
        SHA-512:7CA5C7B7A8C3278FCDB311132F14B7DAACA479FF812203265B5D32E3A0D6CEE27D8AB7C9C1CD847695109E5A0A51EA69E32D96ACCDA18354DFEA563656A28702
        Malicious:false
        Preview:[Installer Info]..PDL=imagePROGRAF..PDL_TYPE=..Product=GARO Printer Driver..Version=4.91..DIAS_USE=0..USB=1..IEEE1394=0..Dynamic=1..DynamicLevel=0..Uninstall=ON..UninstallPath=DEFAULT..OneDriverInst=0..DomsServiceSTOP=ON..DefaultPort=MANUAL..PortSet=OFF..USBAviFilePath=".\ANIMIMG\USBANIM.av_"..IEEE1394AviFilePath=..DynamicWakeup=1..DynamicWakeupWaitTime=10000..UsePrintUI=1..AddinCheck=1..ShareInstall=OFF..DynamicShare=OFF..CheckJobMonitor=OFF..CheckNetSpot=OFF..DispReadme=ON..EulaFileName=EULAU.RTF..RestoreInstall=OFF..CheckPreConfig=ON..CompareDriverFile=No..UpdateNoQueueDriver=ON..NoRegistDriverStore=NO..DomsServiceNAME=Canon Output Manager Service..UpdateCustomDriver=OFF..FileRename=YES..FirmVersion=..MCTName2=W77J..IPV6TAB=ON..OptDrvInstall=YES..OptDrvPath="..\OptDrv\Setup.exe"..DispRegionSelect=OFF....[DriverSetPath]..PDriverw32="..\Driver"..IEEE1394Driver=....[Driver_w32]..Canon iPF770=P4.91..Canon iPF771=P4.91....[Canon iPF770_w32]..ExtraKitPath="..\Extra\Setup.exe"..AppInstExtr

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\InsCmn.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):462848
        Entropy (8bit):6.305005288942509
        Encrypted:false
        SSDEEP:6144:irzMND6EFwFrJFvloIUASZ8jgcwYl2orrzsUn0OpLGV84x2AOJU9BSu+:UzEdGrJFloIX/3n0gl
        MD5:CF41E424AC8D4DF79DBCA9E72DAD0CE6
        SHA1:92C1AB5127589B6BCDCF82B070867515810E709F
        SHA-256:3D9A3D5708B938A7AE880A0873B6799E5FCEC21BC73EEADF6C05015CE20C337E
        SHA-512:A2DD774DACACB0375E168CC178379B7652D1184C8753E32675292D614B8209F693860FB759982ACD87EAAD1B048DC490FE9BCCC682375B9D134AE0CF3C68C1EC
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........d..............w.......g.....y.U.....y.W.........Y.....d.......p.......v.......r.....Rich............PE..L...U.oK...........!..... ...................0...............................0......R...................................Q....k..........|....................... ;......................................@............0...............................text...&........ .................. ..`.rdata...Q...0...`...0..............@..@.data....:....... ..................@....rsrc...|...........................@..@.reloc...I.......P..................@..B................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIC.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):1003520
        Entropy (8bit):5.34552046128675
        Encrypted:false
        SSDEEP:6144:JibCLvvbnD1gYkTCX4HAjqjXVRcK8kuQz6rm7jYBcTyzp+Zz5rCj29xGhcbB:9Lvvbnkg2Xnz6K7jYBcgcB5rCjNhcbB
        MD5:9DC607932558BE5C0DD25E242C19C6AF
        SHA1:5AA9C2B3A7AA10E8270927A8600CC0A5968D6FE2
        SHA-256:E683FCA0F00017F87303F9D977E30261E0929B862F86D4F3469298BB0FF4C537
        SHA-512:75A228BC3072884C5BA46356E124A8AA4D6B61715AFE1E5E2E40A4586625CBB59A7CD363C72561AC96E3066BA3BD23E017999B903A58593ACA1D830DC83ADECA
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G4^..U0..U0..U0.$.M..U0.$.].DU0..Zm..U0..U1.HU0.$.^..U0.$.L..U0.$.H..U0.Rich.U0.................PE..L...zS.Q...........!.....p...................................................`.......@..........................................(.......0p...................@......0...............................@...@............................................text....c.......p.................. ..`.rdata..b........ ..................@..@.data...............................@....rsrc...0p..........................@..@.reloc.......@... ...0..............@..B........................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIF.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):1040384
        Entropy (8bit):5.297102376147775
        Encrypted:false
        SSDEEP:6144:5pbWLvvbnD1gYkTCX4HAjqjXVRcK8kuQz6rm7jYBcTyzp+Zz5rCj29xGhcbB:iLvvbnkg2Xnz6K7jYBcgcB5rCjNhcbB
        MD5:1B95C1172DA3DA9E8FBFD7420DA17779
        SHA1:4060AC9C6DFC4C6DAF9B53108FD4EC0679FA970E
        SHA-256:BF6356B095F247F3471130916BB22388D73EDD3D84F55BF2CB723E88F91533DC
        SHA-512:AECCF80F60A33DF8D3EA412656A06C01142436547E231C80B1ED2B79230A8BCBDEB08EA09C5B1374486954FC79F8B9018E9B06604584F0B8A081C1549F5F01FA
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G4^..U0..U0..U0.$.M..U0.$.].DU0..Zm..U0..U1.HU0.$.^..U0.$.L..U0.$.H..U0.Rich.U0.................PE..L....S.Q...........!.....p...`..................................................................................................(.......H...........................0...............................@...@............................................text....c.......p.................. ..`.rdata..b........ ..................@..@.data...............................@....rsrc...H...........................@..@.reloc........... ..................@..B........................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIG.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):1040384
        Entropy (8bit):5.290069814209086
        Encrypted:false
        SSDEEP:12288:0Lvvbnkg2Xnz6K7jYBcgcB5rCjNhcbB5:v/Xnz6lcg25W5O5
        MD5:90812D76A5F8B8C31C1207734467ECB6
        SHA1:78E0BF42C9B9D4201FA8A20783B7431DCD54AA3C
        SHA-256:7E19B339C512565A225D97BDF17DB51C2DC3451FE68534AEC6E5401E13019850
        SHA-512:F4DDDB4B52A6D83F1E7E56FFA957C820576549ECBC4C2B23BA181B906528A077439EB36FD32454C63BEEE71C661DEFEFEFBA5B213C8C263693F79F2423ABD35F
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G4^..U0..U0..U0.$.M..U0.$.].DU0..Zm..U0..U1.HU0.$.^..U0.$.L..U0.$.H..U0.Rich.U0.................PE..L....S.Q...........!.....p...`..................................................................................................(...................................0...............................@...@............................................text....c.......p.................. ..`.rdata..b........ ..................@..@.data...............................@....rsrc...............................@..@.reloc........... ..................@..B........................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUII.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):1036288
        Entropy (8bit):5.284329786123692
        Encrypted:false
        SSDEEP:6144:HCbMLvvbnD1gYkTCX4HAjqjXVRcK8kuQz6rm7jYBcTyzp+Zz5rCj29xGhcbB:NLvvbnkg2Xnz6K7jYBcgcB5rCjNhcbB
        MD5:1104C44DD82D9AF0E39873D35EEC6EDC
        SHA1:8FAC7AB95D16460A7DF7E0133AC33CF6F332134C
        SHA-256:0EC937955B7A7358B95CB805F4F41A88810AA48C4CB3A3DDD00CA67227894CB8
        SHA-512:A6335DA89DD4D5E5F89A51F83A9EB05B055777AE85183828E200188C622CE1FCF1BF3CED8103362D1337A0186B302188F05059F5AF4FD68209AFB97C7AA5E254
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G4^..U0..U0..U0.$.M..U0.$.].DU0..Zm..U0..U1.HU0.$.^..U0.$.L..U0.$.H..U0.Rich.U0.................PE..L....S.Q...........!.....p...P......................................................FC..........................................(.......(...........................0...............................@...@............................................text....c.......p.................. ..`.rdata..b........ ..................@..@.data...............................@....rsrc...(...........................@..@.reloc........... ..................@..B........................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIJ.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):1011712
        Entropy (8bit):5.335302469546927
        Encrypted:false
        SSDEEP:6144:X3b/LvvbnD1gYkT60X4HAjqjXVRcK8kuQz6rFjYBcTyzp+Zz5rCj29xGhcbBk:jLvvbn9Zg2Xnz65jYBcgcB5rCjNhcbB
        MD5:64F91E7298BB2261D54BD3B80337558B
        SHA1:A3D5B5CA5498AE5AB1942CA8FFE17F08508AA7F8
        SHA-256:A576B0BB889D9C70331EB7BCD46DE54CB84D24E6AA069463ECA9BD762EE1B3F8
        SHA-512:2ED3FE32FF6C69ECEFD76516F0ECFC47216CE2C1B984D74A4C6BE5C088DA9128BB1AF4D623333F0EF60FBF6337263212B2F33F8245FB064B9B24CE569E5C45F1
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G4^..U0..U0..U0..Zm..U0..U1.HU0.$.M..U0.$.].DU0.$.^..U0.$.L..U0.$.H..U0.Rich.U0.................PE..L...+Z.Q...........!.....p......................................................................................................(............................`......0...............................@...@............................................text....c.......p.................. ..`.rdata........... ..................@..@.data...............................@....rsrc...`...........................@..@.reloc.......`... ...P..............@..B........................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIO.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):1011712
        Entropy (8bit):5.352372030999838
        Encrypted:false
        SSDEEP:6144:ljb2LvvbnD1gYkTCX4HAjqjXVRcK8kuQz6rm7jYBcTyzp+Zz5rCj29xGhcbBxrGi:YLvvbnkg2Xnz6K7jYBcgcB5rCjNhcbB
        MD5:AF55574F4772A5D2603E5FAA6B2E2F07
        SHA1:6EC24041F4B24569CEA0A53E8C303A4BAB1BAE81
        SHA-256:6421E483ADC32D95F4B1139CF82D39CD342F51E01AFBF3305BB1FAD26C30DC4B
        SHA-512:08D4165C8C7777326C523E36E84FE2E65F27927BE5027A855BC176201143BECF460A574FC09703827C5AC5484F6000A9D2FCD14EC2536E31243E70321F1CE063
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G4^..U0..U0..U0.$.M..U0.$.].DU0..Zm..U0..U1.HU0.$.^..U0.$.L..U0.$.H..U0.Rich.U0.................PE..L....T.Q...........!.....p...........................................................?..........................................(............................`......0...............................@...@............................................text....c.......p.................. ..`.rdata..b........ ..................@..@.data...............................@....rsrc...............................@..@.reloc.......`... ...P..............@..B........................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIP.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):1036288
        Entropy (8bit):5.300627275494112
        Encrypted:false
        SSDEEP:6144:XxbOLvvbnD1gYkTCX4HAjqjXVRcK8kuQz6rm7jYBcTyzp+Zz5rCj29xGhcbBu:0Lvvbnkg2Xnz6K7jYBcgcB5rCjNhcbB
        MD5:37F7F72B11951DB3E391B3C66093859B
        SHA1:4C2B23195FCC6709DF87391FC35590AC1D3E6DE9
        SHA-256:1944780761198E07A1E100FDC7787AEDD92D3E80B5E9D23C29D4DDBB69EBB9F8
        SHA-512:2E1259B396771EF6F65D419A435F6C41B5DD5D606AD6D4E8468C2A21AE1A84EE3089D48E7955BC84B3D5B51979BC638E66B9278ED213A66079D76C478F44ABC8
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G4^..U0..U0..U0.$.M..U0.$.].DU0..Zm..U0..U1.HU0.$.^..U0.$.L..U0.$.H..U0.Rich.U0.................PE..L....*.Q...........!.....p...P..................................................................................................(.......H...........................0...............................@...@............................................text....c.......p.................. ..`.rdata..b........ ..................@..@.data...............................@....rsrc...H...........................@..@.reloc........... ..................@..B........................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIR.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):1032192
        Entropy (8bit):5.390999540252786
        Encrypted:false
        SSDEEP:6144:GubSLvvbnD1gYkTCX4HAjqjXVRcK8kuQz6rm7jYBcTyzp+Zz5rCj29xGhcbBF:CLvvbnkg2Xnz6K7jYBcgcB5rCjNhcbB
        MD5:458B71778D9AC26B4873DD30F7A2AF0F
        SHA1:FAD1D7E430AD1ED07A6BBC0D5D2F9FA0DCE3DD9F
        SHA-256:381E4C1D8DB8AE6D3F4D5F6D1D757A839A29098D9EDD9D3B542EDD64825645FD
        SHA-512:10045CB298B2C7F69E4B4BAF86D994AC0D4C37470321FAB05BA69DAF40740993A4EBFB82EF99A1FF9E1056A889FE74D070EB839199DB4B10857D76AA4E6E1172
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G4^..U0..U0..U0.$.M..U0.$.].DU0..Zm..U0..U1.HU0.$.^..U0.$.L..U0.$.H..U0.Rich.U0.................PE..L......S...........!.....p...@......................................................en.........................................(...................................0...............................@...@............................................text....c.......p.................. ..`.rdata..2........ ..................@..@.data...............................@....rsrc...............................@..@.reloc........... ..................@..B........................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIS.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):1040384
        Entropy (8bit):5.296216494651767
        Encrypted:false
        SSDEEP:6144:ILbULvvbnD1gYkTCX4HAjqjXVRcK8kuQz6rm7jYBcTyzp+Zz5rCj29xGhcbBJGK:DLvvbnkg2Xnz6K7jYBcgcB5rCjNhcbB
        MD5:8E0C2043B882DA726AEFA351ADD4FCCD
        SHA1:DBDC6C69E55BBC4CD49368C0EC4B04F70F84DA33
        SHA-256:7DFE056465AF2EB7BA35A51013578F4636076555E84A240E76F20B20555B7298
        SHA-512:E50CBCB43A81C68ED51DA13C088A046AD76504B2029345F81EC4886B0621763255A96CC99F0499FEDDBD2979A0194E919E5B8C8AE7BD04F876E498A9E7B3055A
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G4^..U0..U0..U0.$.M..U0.$.].DU0..Zm..U0..U1.HU0.$.^..U0.$.L..U0.$.H..U0.Rich.U0.................PE..L....*.Q...........!.....p...`......................................................s...........................................(....... ...........................0...............................@...@............................................text....c.......p.................. ..`.rdata..b........ ..................@..@.data...............................@....rsrc... ...........................@..@.reloc........... ..................@..B........................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\SetupUIU.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):1032192
        Entropy (8bit):5.297054618866926
        Encrypted:false
        SSDEEP:6144:onb3LvvbnD1gYkTCX4HAjqjXVRcK8kuQz6rm7jYBcTyzp+Zz5rCj29xGhcbBDh:MLvvbnkg2Xnz6K7jYBcgcB5rCjNhcbB
        MD5:67DFEDBAAD5A159F769A97835154DE55
        SHA1:E9D46F071A3B60F72D20D20BA878E0E0FFA2E567
        SHA-256:243C39B86A15541E1FB54C3791CE084EAEEACED8DD3B6817833682D49C9D2C2A
        SHA-512:2B9262D339229A8114386D1190743CE9D3AF2FF46C1F1CD15048D918C34CC69165E7DF92EA6D031CBE667951E4E8AFAD8836AA817E01EDAA99AADD40C055EE49
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G4^..U0..U0..U0.$.M..U0.$.].DU0..Zm..U0..U1.HU0.$.^..U0.$.L..U0.$.H..U0.Rich.U0.................PE..L...NT.Q...........!.....p...@..................................................................................................(...................................0...............................@...@............................................text....c.......p.................. ..`.rdata..b........ ..................@..@.data...............................@....rsrc...............................@..@.reloc........... ..................@..B........................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UNINSTAL.exe

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):1060448
        Entropy (8bit):5.950182734618596
        Encrypted:false
        SSDEEP:24576:ZqenZAEZHKCUFX3AEHAq9B8gk1XD0/7jviDFP:UenZAEZHKCUFX3AEHAq9B8gk1XD0/7jW
        MD5:A501BFD940219B5C0F6B28665A607805
        SHA1:48652048EF3313BF74E227D60D9CA38A60ADBC23
        SHA-256:A1EB3878BC14441399B943A57109A4E5619D1F3EEEE339A7CD1A5A5E15C3779D
        SHA-512:BF267C9A0D3EFDFB90019C547F9720FD33132D4EDC101FB18DA0DB96425448A74199A814068387B51E65E8A5A3B389BA4DDDA987B12AA8BF03D467BE7BAFFA62
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...........b...b...b.I.=...b..7....b..7..8.b.I.?...b...c...b..7....b..7....b..7....b.Rich..b.................PE..L.....S.................@...................P....@..........................`.......+......................................L...........x...............`...........pY...............................*..@............P..........@....................text.../2.......@.................. ..`.rdata......P.......P..............@..@.data...Xs.......0..................@....rsrc...x............@..............@..@........................................................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIC.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):352256
        Entropy (8bit):4.251909407641206
        Encrypted:false
        SSDEEP:3072:HtzBSdta+rYHWDqD+lpZAAqOa7s1xFxt31oP29Sm7xyBLwWouJ:NTArDT7AXPQjDjAs3ygu
        MD5:88F9BEF61E96EBD493EEEB3EF33D9559
        SHA1:CB21325C110C79A60CC7D7878C04DFE8EE5CA860
        SHA-256:D61785C28E05E035A6B9B97AFBFC32F063A5587FD5EF3AC59520C5B842904CFC
        SHA-512:1867D093F6EB5BA89550BBBD6A1055BC0191EB7AC5A7C43F3410E4FA88C7976DF26E9E17793A19E3C58AEF8A8B8566634826FC8C18F6E739AA1C6C03B59C713E
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G4^..U0..U0..U0..Zm..U0..U1.HU0.$.M..U0.$.].DU0.$.^..U0.$.L..U0.$.H..U0.Rich.U0.................PE..L....*.Q...........!.....p...................................................p......5...........................................(............................`......0...............................@...@............................................text....c.......p.................. ..`.rdata..r........ ..................@..@.data...............................@....rsrc...............................@..@.reloc..d....`.......P..............@..B........................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIF.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):360448
        Entropy (8bit):4.251932917430582
        Encrypted:false
        SSDEEP:3072:QtzBoytaxJrYHWDqD+lpZAAqOa7s1xFxt31oP29Sm7xyBLwWouOA:SAx1rDT7AXPQjDjAs3ygu
        MD5:C3FEF4715B08EF7D3F287A13304CAFD2
        SHA1:23E2AEC45C30634A2B9BFC9B8A665F4A4090FD9E
        SHA-256:AB8460EAC740239FD7F8991C369A5FA5F127808D0C0FC4046223A3BD1BAB9FA8
        SHA-512:60D4C34EB2AA4DFD2D914381AAE711B7DBC5DF00101DD69BDC0967497317C127E0E081814168B03251DF30F7B46674A473B55734B3590051EBF1A3510E2CEBC0
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G4^..U0..U0..U0..Zm..U0..U1.HU0.$.M..U0.$.].DU0.$.^..U0.$.L..U0.$.H..U0.Rich.U0.................PE..L....+.Q...........!.....p.....................................................................................................(.......H...........................0...............................@...@............................................text....c.......p.................. ..`.rdata..r........ ..................@..@.data...............................@....rsrc...H...........................@..@.reloc..x............p..............@..B........................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIG.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):360448
        Entropy (8bit):4.255964898098985
        Encrypted:false
        SSDEEP:3072:8tzBWktaBrYHWDqD+lpZAAqOa7s1xFxt31oP29Sm7xyBLwWou/VXCXJxL/:+UdrDT7AXPQjDjAs3ygu
        MD5:641AC23DA78F9DCA75D5F2539F1DA4A2
        SHA1:53D4BC233E44B38344754B36826B1F77FBFB6039
        SHA-256:4A48C7F331C911929A1E5821B80E2F5C422F9D7E2B52F8DA85F97191F88D12A9
        SHA-512:D10C0DD5CE445DB550FB94B927D79D068B273C9395F10438FA7FF7FE21E7E68AA28BEDF2EE519CDB3E2B8F294010618AF60FE4E662DE5F5EB84AACDB9CB5CC30
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G4^..U0..U0..U0..Zm..U0..U1.HU0.$.M..U0.$.].DU0.$.^..U0.$.L..U0.$.H..U0.Rich.U0.................PE..L....+.Q...........!.....p...........................................................8..........................................(.......H...........................0...............................@...@............................................text....c.......p.................. ..`.rdata..r........ ..................@..@.data...............................@....rsrc...H...........................@..@.reloc..x............p..............@..B........................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUII.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):360448
        Entropy (8bit):4.256738589021654
        Encrypted:false
        SSDEEP:3072:etzBsrta/rYHWDqD+lpZAAqOa7s1xFxt31oP29Sm7xyBLwWou2W:gLTrDT7AXPQjDjAs3ygu
        MD5:7DE973902B808D347931CEC17D7D7AF8
        SHA1:76D112B521048DF4742BA431C066B72BC3329721
        SHA-256:4D3B3C54FBBCD63576CD4572869B8F0DF6F52965A2DEA39C807701CB7B54F724
        SHA-512:8A32117BE21D448ADC2D507E31763CC94797327B8868B1E602176CF8C77BBCAD5B083DE91DD46A2A37409ACDE111370678830CCBEB915A58C8B929855A3F5F73
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G4^..U0..U0..U0..Zm..U0..U1.HU0.$.M..U0.$.].DU0.$.^..U0.$.L..U0.$.H..U0.Rich.U0.................PE..L...@+.Q...........!.....p...........................................................O..........................................(...................................0...............................@...@............................................text....c.......p.................. ..`.rdata..r........ ..................@..@.data...............................@....rsrc...............................@..@.reloc..x............p..............@..B........................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIJ.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):356352
        Entropy (8bit):4.304781330294008
        Encrypted:false
        SSDEEP:3072:c9xN5wItaJrYHWDqD+lpZAAqOa7s1xFxt31oP29Sm7xyBLwWouNiJ:Olc1rDT7AXPQjDjAs3ygu
        MD5:73D35515C02CC3614251C29FF13886D2
        SHA1:80625FF5C9847E643B4F5C749BC2BD270377AEE7
        SHA-256:1DA809E85322070780BDB8C2EB064107F44ED585D756C3F227C4C5DF3B28649D
        SHA-512:5396DFFACC36BC3F3CB2A8BFF3A77523B914B11147EA8FC8D6AA33A192F2F26D95C7707F95C866359305967D2E6314008382DD3072AB89B876E95E72352FED6E
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G4^..U0..U0..U0..Zm..U0..U1.HU0.$.M..U0.$.].DU0.$.^..U0.$.L..U0.$.H..U0.Rich.U0.................PE..L....%.Q...........!.....p.....................................................................................................(............................p......0...............................@...@............................................text....c.......p.................. ..`.rdata..B........ ..................@..@.data...............................@....rsrc...............................@..@.reloc..n....p.......`..............@..B........................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIO.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):356352
        Entropy (8bit):4.296670568416248
        Encrypted:false
        SSDEEP:3072:dtzBzQtaNrYHWDqD+lpZAAqOa7s1xFxt31oP29Sm7xyBLwWouZ0t:LnZrDT7AXPQjDjAs3yguZ0
        MD5:F75451FC66BAA86696B144F9754704A9
        SHA1:07E2EFB7EBB3009D22664602861119FA9E395B3C
        SHA-256:44A0AF41DF6009DAD809053861A465CA84208EDAA515E6E8BECAE81424189747
        SHA-512:D1325FCBDAD1BA0D9289835C1D78B9E35F3BF4FE8809FFB77665029D59694F0A359C93495661B2510E0A2E64F0820CC9732183D24EE05C18551ADCA83F07CB8F
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G4^..U0..U0..U0..Zm..U0..U1.HU0.$.M..U0.$.].DU0.$.^..U0.$.L..U0.$.H..U0.Rich.U0.................PE..L...U+.Q...........!.....p......................................................................................................(...........................p......0...............................@...@............................................text....c.......p.................. ..`.rdata..r........ ..................@..@.data...............................@....rsrc..............................@..@.reloc..n....p.......`..............@..B........................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIP.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):360448
        Entropy (8bit):4.267273588202512
        Encrypted:false
        SSDEEP:3072:E9xN5TwtaBrYHWDqD+lpZAAqOa7s1xFxt31oP29Sm7xyBLwWouGa:mlRdrDT7AXPQjDjAs3ygu
        MD5:E0F4D906C83EC0EF1BDCAD0A75C3C05F
        SHA1:04F8512ED6B32A2DD87A7E505B8598AB19D65AD7
        SHA-256:1CF80B3AD2879122D9137B5469BC8A94255966B9125FEE0453A9BA17964D2EAA
        SHA-512:8E946DCFAA54E8D78DDA8F3340FF60D95C7ABFA1F14DBB5809122E6AD429CB027C1C8890D069516CB15F2DD44D1D35DAFDF3B9163F99786935035FA3AAE0620A
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G4^..U0..U0..U0..Zm..U0..U1.HU0.$.M..U0.$.].DU0.$.^..U0.$.L..U0.$.H..U0.Rich.U0.................PE..L...s..Q...........!.....p...........................................................E.........................................(.......D...........................0...............................@...@............................................text....c.......p.................. ..`.rdata..B........ ..................@..@.data...............................@....rsrc...D...........................@..@.reloc..x............p..............@..B........................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIR.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):360448
        Entropy (8bit):4.3391179172959395
        Encrypted:false
        SSDEEP:3072:qtzBArtaKxrYHWDqD+lpZAAqOa7s1xFxt31oP29Sm7xyBLwWouuC:cTKNrDT7AXPQjDjAs3ygu
        MD5:90CC214B579ABC6A5C04A9A3A9812C53
        SHA1:C0BB8F310549094DAED2CCA1290EBAF51C06EAF9
        SHA-256:5677D351CD23B3563F52BF0BD98DCAC219E62C161011543B99D955681EF0F8E4
        SHA-512:F01BF9EEC702625A1826A736C05B1459CF09A420AD2AE4688C8F340E4C35960FFB5CDA59FA0C8C8C64570D1BC445065D534A99D54589AE2578F11B29D13C66AE
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G4^..U0..U0..U0..Zm..U0..U1.HU0.$.M..U0.$.].DU0.$.^..U0.$.L..U0.$.H..U0.Rich.U0.................PE..L...|+.Q...........!.....p..........................................................l...........................................(...................................0...............................@...@............................................text....c.......p.................. ..`.rdata..r........ ..................@..@.data...............................@....rsrc...............................@..@.reloc..x............p..............@..B........................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIS.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):360448
        Entropy (8bit):4.259108073909341
        Encrypted:false
        SSDEEP:3072:+tzB8statrYHWDqD+lpZAAqOa7s1xFxt31oP29Sm7xyBLwWouzW:Ay5rDT7AXPQjDjAs3ygu
        MD5:24FC24FA7EB0EF396CE5A4E7B5D2E36F
        SHA1:26997347B9B38F70113C9041C0D058CDE3AD6C48
        SHA-256:9334A71A66514F097D6DB3DF8734B691C7CCAA26843F9BB2861A91DF857E5E6C
        SHA-512:970D2BE113B98D09888571EE34FD55E4170C5F8E50DE69378D2A89A36C7FD90BB023D7ACEAA13FC22F9431EF7A37F1B26444B4F9E431FEDB4EFF490A9934330A
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G4^..U0..U0..U0..Zm..U0..U1.HU0.$.M..U0.$.].DU0.$.^..U0.$.L..U0.$.H..U0.Rich.U0.................PE..L....+.Q...........!.....p......................................................................................................(.......8...........................0...............................@...@............................................text....c.......p.................. ..`.rdata..r........ ..................@..@.data...............................@....rsrc...8...........................@..@.reloc..x............p..............@..B........................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\UninsUIU.dll

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):360448
        Entropy (8bit):4.2742139604421885
        Encrypted:false
        SSDEEP:3072:9tzBVAtahwrYHWDqD+lpZAAqOa7s1xFxt31oP29Sm7xyBLwWouWczXIf+:r9harDT7AXPQjDjAs3ygu
        MD5:15C8BE2E50ABB6204F47635B125E40AA
        SHA1:FA7A0DBE5E94F0B068E6CE20E0BAD4DE2AA14559
        SHA-256:B9E234FDB7A3F7E99C30F3894A1649995E2ADDF634819143DA5FF2329E2995D5
        SHA-512:AE4381F6D7284890B7EE0299B72D163745539C685E32BA9E5CCE4C6F93669FE6F205BF01F83A83A05FEFA733AB38341D8597C401684750DFD9719FFE7AA785C0
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G4^..U0..U0..U0..Zm..U0..U1.HU0.$.M..U0.$.].DU0.$.^..U0.$.L..U0.$.H..U0.Rich.U0.................PE..L....+.Q...........!.....p......................................................................................................(..................................0...............................@...@............................................text....c.......p.................. ..`.rdata..r........ ..................@..@.data...............................@....rsrc..............................@..@.reloc..x............p..............@..B........................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\MISC\Uninst.ini

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Generic INItialization configuration [Profiles]
        Category:dropped
        Size (bytes):2837
        Entropy (8bit):5.259114564071047
        Encrypted:false
        SSDEEP:48:CaVolyOBdaf6QbB5qyhSNQBzkLTuozBg3GiZ1nHRvIbX3fmJcVvO:CaGrw+xLaAByHRAmcW
        MD5:58BBB1B3C74C27718C8B952B78C5F61D
        SHA1:2EB531B06A33A869986F31545700BE09342C7263
        SHA-256:F4A6BCC396A8B199D90C49E12B3F41C1B0C78A7474E71DADF06DAF8D908BF1A7
        SHA-512:9F1772CE6D52B9CCFC6012200617B928CC213D81F9E70ECEC5C3FC58197B9A346C75A0BA7BA9739856E46E0C5AF8C68BB4DF538EA4E85D3AA4BFCA68989E3439
        Malicious:false
        Preview:[PDL]..PDL=GARO1..PDL_TYPE=....[Profiles]..PDL_NAME=GARO Printer Driver..UninstallLevel=2..PST_DEL=OFF..AUTHORITYCHECK=ON..CheckJobMonitor=OFF..DelRestoreFile=OFF..CheckiWEMC_DRM=ON..UsePrintUI=0....[ModuleInfo]..ResourceModule=UninsUIU.dll....[Uninstall Drivers]..Canon Office Color N1000..Canon Office Color N1100..Canon Office Color N2000..Canon Office Color N2100..Canon Graphic Color W2200..Canon Large Format W6200PG..Canon Large Format W7200..Canon Large Format W7250..Canon Large Format W8200..Canon Large Format W8200PG..Canon BJ-W3000..Canon BJ-W3050..Canon BJ-W7000..Canon BIJ1300..Canon BIJ2300..Canon BIJ1350..Canon BIJ2350..Canon W6400PG..Canon W8400PG..Canon BIJ1350D..Canon W6400..Canon W8400..Canon iPF500..Canon iPF600..Canon iPF5000..Canon iPF700..Canon iPF9000..Canon iPF8000..Canon iPF6100..Canon iPF5100..Canon iPF510..Canon iPF610..Canon iPF710..Canon iPF8000S..Canon iPF9000S..Canon iPF8100..Canon iPF9100..Canon LP17..Canon LP24..Canon iPF605..Canon iPF720..Canon iPF6200..Ca

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\CHECKSUM

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:ASCII text, with CRLF line terminators
        Category:dropped
        Size (bytes):1776
        Entropy (8bit):5.151028731724469
        Encrypted:false
        SSDEEP:48:csylPYOw/0xne3UaHRFa7G0dZcQKB1YnxZ:nylnVcHi7G0dyQaynf
        MD5:EC3E7307716B633F79F4BF7F2DC58A71
        SHA1:91CFCDFEB82553B91DC0BD1B6284ACD91D742007
        SHA-256:288A05A6D6E7EFD6E27A9D8961E03D419CB4D976163074677177922A90A83C1E
        SHA-512:4984D38D0F85F6CEC652776DB14E9FB42F016A68926147CE6FE1D1D6139E48AEA06B6B52346E9C34C2DF5D89C7662117948A3505F08C25F0E872248CF4BAB984
        Malicious:false
        Preview:CHECKSUM.--------------------------------..Drv/100/cnwgdi10.hdi.7e237632336bd8cbb2b6f28c22658bbc..Drv/101/cnwgdi10.hdi.b069a3fc20e053af58d935c10d0262b7..Drv/102/cnwgdi10.hdi.cfb32a2cda097e47be3a45dd933417d3..Drv/110/cnwgdi11.hdi.19a79555ea6fce9b1ad14a7d20d6c136..Drv/111/cnwgdi11.hdi.c6bb95ccd1ac18ca234eddfe58cfcdbe..Drv/120/cnwgdi12.hdi.1e80bd6b350f4828af2d724b6c15e4fc..Drv/91/cnwgdi9.hdi.023de967a3f46ee75924ac3ef5a85929..Drv/92/cnwgdi9.hdi.8819fe7a69364d721cf5bcf915fa2e25..Eula/EULA_C.RTF.823a6a78461cf7668c9085a45f726128..Eula/EULA_E.RTF.3226ae0ce8a64a73ab498d01896c9ded..Eula/EULA_F.RTF.0158e4c3425faa2b1e81faa36e21e6db..Eula/EULA_G.RTF.a7963ac2c1fdbb2c0089cbc56d48968c..Eula/EULA_I.RTF.2fa3092aba23850c08229c36f1c9e7ee..Eula/EULA_J.RTF.65e53e0b63282b33b8c3d5bae03954f5..Eula/EULA_K.RTF.d8dde4e10950f459e8028b29f795157d..Eula/EULA_P.RTF.a560059226c6035d867b6d564b5602c2..Eula/EULA_R.RTF.b8a4f24a17897032e8c1621d888a2338..Eula/EULA_S.RTF.7e3e11d6fe902b5d1ff210914c4cebf5..Readme/Readme_Chinese

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\100\cnwgdi10.hdi

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):66048
        Entropy (8bit):6.247089629283839
        Encrypted:false
        SSDEEP:1536:a9kSm+SdhMIdWgjKdk6LcUZz2cWOteAGy:ukT+RdVLcUZaOteAG
        MD5:7E237632336BD8CBB2B6F28C22658BBC
        SHA1:B25E960F819AE31AC008CC646F227B1DE7DC6D83
        SHA-256:C7CD70A4101312710B6A3C097B6A0761FDE4D4CA2CF5EEA2B9A7CE74B9B412BA
        SHA-512:CD782A67D38FB43E911B5DA4DB4408E2C1D6FA48072E8DB94011C589826D1D76EE78C09E7DFF01ABC06E5FFEEE9C6B48EFEE5B6A48C620D894F82C5F3D3E04BF
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........."..L..L..L.x...L.....L.....L......L..J7..L.....L..M...L.....L.....L.....L.....L.Rich.L.........PE..L...f.OQ...........!.....j..........%l.......................................0.......p....@.............................X................................... ..........................................@............................................text....h.......j.................. ..`.rdata...p.......r...n..............@..@.data...............................@....rsrc...............................@..@.reloc..<.... ......................@..B................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\101\cnwgdi10.hdi

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):105984
        Entropy (8bit):5.7467048951707405
        Encrypted:false
        SSDEEP:768:vNkrg9DJrFhQ9mXvJpTdAhZyWzPlOkmSsWg/IKaxRWHVfpXzpgzdqEOtv+zbPrW:vEgtm9ERpTdADRzPlOkmrnH7eOtvuby
        MD5:B069A3FC20E053AF58D935C10D0262B7
        SHA1:697BA3A329CFC39CC87514EF485203976B56AE72
        SHA-256:55E193D841F3D95D316D5C975882230A106748894DBE47F2DE504152D5927852
        SHA-512:F9AF5D5CFC3BFD13BE86BCAD47C8C20224B9C5E18E7CDF14E9B5D75932A86C4500C94CA077116ED441A68833CE3F2EBF9B254B58D9F01D67E9147BFD1C247B47
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......y.c.=..E=..E=..E..E<..E4.E>..E4.E3..E.UvE;..E4.E0..E=..E...E4.E1..E4.E<..E#..E<..E4.E<..ERich=..E........PE..L...{.OQ...........!.....l...........p..............................................7.....@.........................0g..X...........................................................................p...@............................................text....k.......l.................. ..`.rdata...............p..............@..@.data........p.......X..............@....rsrc................t..............@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\102\cnwgdi10.hdi

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):68608
        Entropy (8bit):6.267351839494306
        Encrypted:false
        SSDEEP:768:eTab9j573kX29wFBNMBKVl8f/uVdu9nh2TdHZHaajVXzpgzdq1O1DDGW:z9jxd9my6u/gdu9nh4D/vO1DSW
        MD5:CFB32A2CDA097E47BE3A45DD933417D3
        SHA1:A101B70276D06EB6CF37D92ADB1170FC10092A06
        SHA-256:4332E979FB146AD9D76A7A6E6BBB86ECE953FA33CF1224016D8F10CEF92C96D6
        SHA-512:9E956D39393A0C75550B4FBE608487F2CD039759C8A5850A39ABED7A671FD1C9E489A65D12784582F2623E6DA6E537703B36AF2230A7BE45EFFCC6F69A2BEC88
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........F...'fV.'fV.'fV.h.V.'fV._.V.'fV._.V.'fV...V.'fV._.V.'fV.'gV.&fV._.V.'fV._.V.'fV.u.V.'fV._.V.'fVRich.'fV........PE..L.....OQ...........!.....n...........p.......................................0............@.............................X................................... ..........................................@............................................text....l.......n.................. ..`.rdata...t.......v...r..............@..@.data...P...........................@....rsrc...............................@..@.reloc....... ......................@..B........................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\110\cnwgdi11.hdi

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):69120
        Entropy (8bit):6.2442640183108455
        Encrypted:false
        SSDEEP:768:bro1VS6Wfhm4lQBDBHZYwMDGZ/Quy4ZlvQKK0lZRpXOpgzdqgOBndQRff/:I1Vwc9HlMDGxQufltOBGxf/
        MD5:19A79555EA6FCE9B1AD14A7D20D6C136
        SHA1:4BF26A8E3B596B0484D9513A048247055EDC787A
        SHA-256:927CABE023DC1B25938C439C6A390D2D7E8623E11DC26037AE4728D523CC5566
        SHA-512:5B18B6DF4D97EB43B1292A3BA73A06A99BB0C5A342DD16D22C8F47AC1B6FDD9B0F45C8D14AF3BE4909777F5AC1A95D96FA698B500DF1ED4E3B5BEB020C5282E1
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........8jX.V9X.V9X.V97..9Z.V9...9Y.V97..9[.V97..9U.V9Q..9P.V9C3.9S.V9X.W9c.V97..9V.V97..9Y.V97..9Y.V97..9Y.V9RichX.V9........PE..L.....OQ...........!.....p...........r.......................................0......,.....@.............................X.................................... ......................................x...@............................................text....n.......p.................. ..`.rdata..(u.......v...t..............@..@.data...@...........................@....rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\111\cnwgdi11.hdi

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):69120
        Entropy (8bit):6.244253608125527
        Encrypted:false
        SSDEEP:768:wrolVS6Wfhm4lQBDBHZYwMDGZ/Quy4Z3IKK0lZhZXOpgzdqgOBnd2RP//:xlVwc9HlMDGxQujtOBAR//
        MD5:C6BB95CCD1AC18CA234EDDFE58CFCDBE
        SHA1:0CDD7BF8491E2793F8011757D2D55B6FEB6EA49E
        SHA-256:D1139000D6616D463C435CD9D95C3C620AB5A2B6843FE80542BFFC82A6F8C346
        SHA-512:D7B6118FCF4E577645CD91D1EA02B4947635322866B569F0926DED7B381928ADCF50D76524EC6E226A987420462235E69D064EB62A7B20A9A751EBC20472A01A
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........8jX.V9X.V9X.V97..9Z.V9...9Y.V97..9[.V97..9U.V9Q..9P.V9C3.9S.V9X.W9c.V97..9V.V97..9Y.V97..9Y.V97..9Y.V9RichX.V9........PE..L.....OQ...........!.....p...........r.......................................0......0.....@.............................X.................................... ......................................x...@............................................text....n.......p.................. ..`.rdata..(u.......v...t..............@..@.data...@...........................@....rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\120\cnwgdi12.hdi

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):68608
        Entropy (8bit):6.188709823669632
        Encrypted:false
        SSDEEP:1536:YK6JPbj88kIsWkmjKh5N2J+YZW2kmNJU:vU/kmjKfoIYZcmNJU
        MD5:1E80BD6B350F4828AF2D724B6C15E4FC
        SHA1:D052561AE74EC777E0C7808506463ABCD7664481
        SHA-256:1A662287D9024E3355904EB13D8A9D55DF058277D5194C66705E7100F79D4DD3
        SHA-512:97A05D6B1068322705284908ABE657DFE204BC82ADE121C8F78BE2700BA0F038951285FAF8E78015463633BD9C8C70FF3E2E08FD5D88E31DB70B026BA3287ABB
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 3%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......C............u......u......u......u.......f....a]........0..._......_......_.......H....._.....Rich...........................PE..L...1^CS...........!.....p...........q.......................................0............@.........................@...X...,...........H.................... ..........8..............................@............................................text...+o.......p.................. ..`.rdata...s.......t...t..............@..@.data...8...........................@....rsrc...H...........................@..@.reloc..8.... ......................@..B........................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\91\cnwgdi9.hdi

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):65536
        Entropy (8bit):6.206080413371368
        Encrypted:false
        SSDEEP:768:xhd6su7tEM8ze2W3mdSR56IaxwAHA1cpjA+ddXHq8LnqOgJiXk4qdQ:p6s33alnR56IaqR1eT8OgJiU4qW
        MD5:023DE967A3F46EE75924AC3EF5A85929
        SHA1:0618B1E398F5BB5337F1F795D13F25AEE5F52A8D
        SHA-256:3DEA9EF4B6CC3F194C528CAF9D47243BF4ECEFF586DDDA03C91CCDC006F750FC
        SHA-512:F32B75499A2801E377CA3B62C52FF38EFF5258A4FE2F63E4B46CC4D82639135D16F0FEECF5A89EB7C3EC2C0D8E5C6D75AB98F5E55C3AE10E4AE6470022625F54
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........X.`..`..`.\u...`..w...`..w...`..w...`...=..`..w...`..a..`..w...`..w...`..w...`..w...`.Rich.`.................PE..L...4.OQ...........!.....j...........l............@..........................0......p...................................W................................... ..........................................@............................................text...9h.......j.................. ..`.rdata..7p.......r...n..............@..@.data...............................@....rsrc...............................@..@.reloc....... ......................@..B........................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Drv\92\cnwgdi9.hdi

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):65536
        Entropy (8bit):6.206646568649195
        Encrypted:false
        SSDEEP:768:D6JPcKeFEs2AhUO4ClVO0EGoi0sGwhcp1+gUQWYfIR5JZqOgQSXQbU:UUKeDhFlVO0E1uhfJSOgQSA4
        MD5:8819FE7A69364D721CF5BCF915FA2E25
        SHA1:91112D843318CEB71A0823B360BE0BE4279FA985
        SHA-256:F52529F9912742A7624B993DDC2E47EB055730C86E0F2B73B40398CEBEC4A106
        SHA-512:1EAA7F16E59C08BB76FBA8682123FB5607D3FD1B480E0257BE3BE510FEF787F2D149316A064B11C49794D74077FA9B8AC6E0F8F8479B67E3D18C9C001B7BAB36
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........X.`..`..`.\k...`..i...`..i...`..i...`...=..`..i...`..a..`..i...`..i...`..i...`..i...`.Rich.`.........PE..L...J.OQ...........!.....j..........|l............@..........................0..........................................W................................... ..........................................@............................................text....h.......j.................. ..`.rdata...p.......r...n..............@..@.data...............................@....rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_C.RTF

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Rich Text Format data, version 1, ANSI, code page 932, default language ID 1033
        Category:dropped
        Size (bytes):33353
        Entropy (8bit):4.5160153751975765
        Encrypted:false
        SSDEEP:384:nbATNefcAmBtnBgL42+AVCVy9xurgkCuNUFaWHBOMCnEUWc38vUUvvOXMe5icC2r:nbOkoXJ
        MD5:823A6A78461CF7668C9085A45F726128
        SHA1:88FACB7F6B141043B4B827099B226D885DCFE578
        SHA-256:FC4D3B3459F57C779581F32046A51D530DA81561B8E70E98CFB230DAE6045384
        SHA-512:0A98ECD45E637A27EAC217E4EDE6874FD1C77F8AEA4F942874A9555642C6DEF0A52103EEF1DD400EE25B3A6E73DA2CCB2C5C2A0774A320BCE87D7ADD7392F55F
        Malicious:false
        Preview:{\rtf1\ansi\ansicpg932\uc2 \deff0\deflang1033\deflangfe1041{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}{\f17\fnil\fcharset134\fprq2{\*\panose 02010600030101010101}SimSun{\*\falt ??};}..{\f23\froman\fcharset128\fprq1{\*\panose 02020609040205080304}\'82\'6c\'82\'72 \'96\'be\'92\'a9{\*\falt MS Mincho};}{\f26\froman\fcharset0\fprq2{\*\panose 02040604050505020304}Century;}{\f28\fnil\fcharset134\fprq2{\*\panose 02010600030101010101}@SimSun;}..{\f52\froman\fcharset128\fprq1{\*\panose 02020609040205080304}@\'82\'6c\'82\'72 \'96\'be\'92\'a9;}{\f195\froman\fcharset238\fprq2 Times New Roman CE;}{\f196\froman\fcharset204\fprq2 Times New Roman Cyr;}..{\f198\froman\fcharset161\fprq2 Times New Roman Greek;}{\f199\froman\fcharset162\fprq2 Times New Roman Tur;}{\f200\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f201\froman\fcharset178\fprq2 Times New Roman (Arabic);}..{\f202\froman\fcharset186\fprq2 Times New Roman Baltic;}{\f333\fnil\fcharset0\fprq2 Sim

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_E.RTF

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Rich Text Format data, version 1, ANSI, code page 932, default language ID 1033
        Category:dropped
        Size (bytes):17363
        Entropy (8bit):5.367633225037607
        Encrypted:false
        SSDEEP:192:AASsuY1o6FRC1g94rsN/qNIOhOKTPM9BxXLZLAU3VASc/WdLDsdNMNLJMIsPZ3TI:BSELzCI4LTk3Yjt/WdvLJuFc3
        MD5:3226AE0CE8A64A73AB498D01896C9DED
        SHA1:0A6EB6F5C8629575270F09285E742964879CFBB8
        SHA-256:B5586415BA1417AAA6A67F2A5A83D33160EBD8015B6B3E83C53D5FDB069991C6
        SHA-512:27664DBEAF5FCDC26DF29740CA77B90E870D689893D321ED51379B497D34C9C2CA22DB77AE8CE34FA4F2D989A3956B54A80E191BD2AB3BD2E7B12BD1E18AF2D1
        Malicious:false
        Preview:{\rtf1\ansi\ansicpg932\uc2 \deff26\deflang1033\deflangfe1041{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}{\f1\fswiss\fcharset0\fprq2{\*\panose 020b0604020202020204}Arial;}..{\f23\froman\fcharset128\fprq1{\*\panose 02020609040205080304}\'82\'6c\'82\'72 \'96\'be\'92\'a9{\*\falt MS Mincho};}{\f26\froman\fcharset0\fprq2{\*\panose 02040604050505020304}Century;}..{\f28\froman\fcharset128\fprq1{\*\panose 02020609040205080304}@\'82\'6c\'82\'72 \'96\'be\'92\'a9;}{\f39\froman\fcharset238\fprq2 Times New Roman CE;}{\f40\froman\fcharset204\fprq2 Times New Roman Cyr;}{\f42\froman\fcharset161\fprq2 Times New Roman Greek;}..{\f43\froman\fcharset162\fprq2 Times New Roman Tur;}{\f44\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f45\froman\fcharset178\fprq2 Times New Roman (Arabic);}{\f46\froman\fcharset186\fprq2 Times New Roman Baltic;}..{\f47\fswiss\fcharset238\fprq2 Arial CE;}{\f48\fswiss\fcharset204\fprq2 Arial Cyr;}{\f50\fswiss\fcharset161\fprq2 Arial

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_F.RTF

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Rich Text Format data, version 1, ANSI, code page 932, default language ID 1033
        Category:dropped
        Size (bytes):22343
        Entropy (8bit):5.182692740680335
        Encrypted:false
        SSDEEP:384:BSELrUUnvrB9woxgsaMqcTOfVUcgBWF3BktTRtElDqmWN+aVUoV1TEaRONlmG+Ds:xrUUnvrB9woxgsaMqcTOfVUcgBWF3Bkm
        MD5:0158E4C3425FAA2B1E81FAA36E21E6DB
        SHA1:03C806C46FF886E9937FB86C6B2DE39BF23FAE87
        SHA-256:9BD973A7F60FBD949EBBCD83A9416D55FFEB3C26AA10F5472CDA6D44AD496045
        SHA-512:AC243D0EF0C89671DC76BB1EE4847C61AE1281A2DAF56C82E73B9226235E4B1B9C2968335D60D2B2B24E746BA9891451B7CAE793BB48702A6E3ABD82258229B1
        Malicious:false
        Preview:{\rtf1\ansi\ansicpg932\uc2 \deff26\deflang1033\deflangfe1041{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}{\f1\fswiss\fcharset0\fprq2{\*\panose 020b0604020202020204}Arial;}..{\f23\froman\fcharset128\fprq1{\*\panose 02020609040205080304}\'82\'6c\'82\'72 \'96\'be\'92\'a9{\*\falt MS Mincho};}{\f26\froman\fcharset0\fprq2{\*\panose 02040604050505020304}Century;}..{\f28\froman\fcharset128\fprq1{\*\panose 02020609040205080304}@\'82\'6c\'82\'72 \'96\'be\'92\'a9;}{\f39\froman\fcharset238\fprq2 Times New Roman CE;}{\f40\froman\fcharset204\fprq2 Times New Roman Cyr;}{\f42\froman\fcharset161\fprq2 Times New Roman Greek;}..{\f43\froman\fcharset162\fprq2 Times New Roman Tur;}{\f44\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f45\froman\fcharset178\fprq2 Times New Roman (Arabic);}{\f46\froman\fcharset186\fprq2 Times New Roman Baltic;}..{\f47\fswiss\fcharset238\fprq2 Arial CE;}{\f48\fswiss\fcharset204\fprq2 Arial Cyr;}{\f50\fswiss\fcharset161\fprq2 Arial

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_G.RTF

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Rich Text Format data, version 1, ANSI, code page 932, default language ID 1033
        Category:dropped
        Size (bytes):21119
        Entropy (8bit):5.2915764720129514
        Encrypted:false
        SSDEEP:384:DlfnyDmjVYA2atcar2yr3x41J151wRdwhK1f8iGOd1X/:D1nySjVH2atcaqox41J151gehK58iGOP
        MD5:A7963AC2C1FDBB2C0089CBC56D48968C
        SHA1:290AF6804425DB36CB2A84911E04E512A2CBD401
        SHA-256:5348B976A994511050EBB50E1B0E96E9F5AB75A9C1953E0426A491E71E83079E
        SHA-512:124B78662ED079CDDBB16311687A13FA4A70B2468F4FC0BC77441191868029EF3A7BCA0BB3231E21BA39F2106838603F7B35930B6DEA08BD0F5077CC26834412
        Malicious:false
        Preview:{\rtf1\ansi\ansicpg932\uc2 \deff0\deflang1033\deflangfe1041{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}..{\f23\froman\fcharset128\fprq1{\*\panose 02020609040205080304}\'82\'6c\'82\'72 \'96\'be\'92\'a9{\*\falt MS Mincho};}{\f28\fswiss\fcharset0\fprq2{\*\panose 020b0604030504040204}Tahoma;}..{\f49\froman\fcharset128\fprq1{\*\panose 02020609040205080304}@\'82\'6c\'82\'72 \'96\'be\'92\'a9;}{\f193\froman\fcharset238\fprq2 Times New Roman CE;}{\f194\froman\fcharset204\fprq2 Times New Roman Cyr;}..{\f196\froman\fcharset161\fprq2 Times New Roman Greek;}{\f197\froman\fcharset162\fprq2 Times New Roman Tur;}{\f198\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f199\froman\fcharset178\fprq2 Times New Roman (Arabic);}..{\f200\froman\fcharset186\fprq2 Times New Roman Baltic;}{\f379\froman\fcharset0\fprq1 MS Mincho Western{\*\falt MS Mincho};}{\f377\froman\fcharset238\fprq1 MS Mincho CE{\*\falt MS Mincho};}{\f378\froman\fcharset204\fprq1 MS Mincho Cyr{\*

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_I.RTF

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Rich Text Format data, version 1, ANSI, code page 932, default language ID 1033
        Category:dropped
        Size (bytes):19435
        Entropy (8bit):5.249640519280235
        Encrypted:false
        SSDEEP:384:163Ovmw3CMSNu5YRpRYYGavN+6kVYvvQ7rKa8Qdgav3jIS9JS1/NO+YGJzA9vnDv:83Ovmw3hSNu5YRpRYYGavN+6kVcvQ7rL
        MD5:2FA3092ABA23850C08229C36F1C9E7EE
        SHA1:37D2F45BACE19DD86280F5121F6D0D8250982611
        SHA-256:1B2D73B1C2D1A4909B8479F50F184B97A5FC659C2B1EAA6ECB3DCDBBBABFC5E8
        SHA-512:F6730F836FB00AF7082E95D7EBD869B1FCCCDC4D93FB0AC8BB6694196CF5BDB0E1C553EF2601A98021B93A1C07AE73273BC5027C27D6E4455887B7046EA02AEE
        Malicious:false
        Preview:{\rtf1\ansi\ansicpg932\uc2 \deff0\deflang1033\deflangfe1041{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}{\f1\fswiss\fcharset0\fprq2{\*\panose 020b0604020202020204}Arial;}..{\f23\froman\fcharset128\fprq1{\*\panose 02020609040205080304}\'82\'6c\'82\'72 \'96\'be\'92\'a9{\*\falt MS Mincho};}{\f49\froman\fcharset128\fprq1{\*\panose 02020609040205080304}@\'82\'6c\'82\'72 \'96\'be\'92\'a9;}..{\f193\froman\fcharset238\fprq2 Times New Roman CE;}{\f194\froman\fcharset204\fprq2 Times New Roman Cyr;}{\f196\froman\fcharset161\fprq2 Times New Roman Greek;}{\f197\froman\fcharset162\fprq2 Times New Roman Tur;}..{\f198\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f199\froman\fcharset178\fprq2 Times New Roman (Arabic);}{\f200\froman\fcharset186\fprq2 Times New Roman Baltic;}{\f201\fswiss\fcharset238\fprq2 Arial CE;}..{\f202\fswiss\fcharset204\fprq2 Arial Cyr;}{\f204\fswiss\fcharset161\fprq2 Arial Greek;}{\f205\fswiss\fcharset162\fprq2 Arial Tur;}{\f206\fsw

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_J.RTF

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Rich Text Format data, version 1, ANSI, code page 932, default language ID 1033
        Category:dropped
        Size (bytes):33849
        Entropy (8bit):4.522092372336813
        Encrypted:false
        SSDEEP:384:gQAboFf/cqIAIWevR/B3I9kRvqCsLqs3A+BXy+ML00g7c:GboFXmAIl34qvq1YLM4
        MD5:65E53E0B63282B33B8C3D5BAE03954F5
        SHA1:4DBEF40DB2BD1701BB7E641B6309A1A96280D690
        SHA-256:C83D17D15D690D826259A95138C4B31EEC1C68F60061882C166EA44CCFEB068B
        SHA-512:0F9DDA8FE95FFE9CDD85408EAAD1940DA0B9095B704C396D91569F5ED4D69ABE79F32F45285FF7913A6DC78F566079F98A3CEF8263DEF01F60F532816A6EBF13
        Malicious:false
        Preview:{\rtf1\ansi\ansicpg932\uc2 \deff26\deflang1033\deflangfe1041{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}..{\f23\froman\fcharset128\fprq1{\*\panose 02020609040205080304}\'82\'6c\'82\'72 \'96\'be\'92\'a9{\*\falt MS Mincho};}{\f26\froman\fcharset0\fprq2{\*\panose 02040604050505020304}Century;}..{\f28\fmodern\fcharset128\fprq2{\*\panose 020b0600070205080204}\'82\'6c\'82\'72 \'82\'6f\'83\'53\'83\'56\'83\'62\'83\'4e;}{\f29\froman\fcharset128\fprq1{\*\panose 02020609040205080304}@\'82\'6c\'82\'72 \'96\'be\'92\'a9;}..{\f30\fmodern\fcharset128\fprq2{\*\panose 020b0600070205080204}@\'82\'6c\'82\'72 \'82\'6f\'83\'53\'83\'56\'83\'62\'83\'4e;}{\f45\froman\fcharset238\fprq2 Times New Roman CE;}{\f46\froman\fcharset204\fprq2 Times New Roman Cyr;}..{\f48\froman\fcharset161\fprq2 Times New Roman Greek;}{\f49\froman\fcharset162\fprq2 Times New Roman Tur;}{\f50\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f51\froman\fcharset178\fprq2 Times New Roman (Arabi

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_K.RTF

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Rich Text Format data, version 1, ANSI, code page 932, default language ID 1033
        Category:dropped
        Size (bytes):114674
        Entropy (8bit):4.08707002465212
        Encrypted:false
        SSDEEP:384:k646R96z2t+4t7mWsfKPCav30KK7V/7hiDA64sxFbkjwYdyFIoYD8wYeM5/kmSAO:k646KaMSPZhX4jYFIogs93eEG1GRM
        MD5:D8DDE4E10950F459E8028B29F795157D
        SHA1:29527C54365B3833AD1063DA5E3F0103EB443AEA
        SHA-256:994C3FA0FF03AEE24A034ED136F51F9D1176F19A05DF015DDA2271D363A6BACB
        SHA-512:C2B45F857B162FB1DB7897684538C71281E1EB94F81352E4301510EBB9337F4A3AEE6CC287EF3BB9A1517F4419AB4F165E02458F731569E7B7EF5D599ABA99B2
        Malicious:false
        Preview:{\rtf1\ansi\ansicpg932\uc2 \deff0\deflang1033\deflangfe1041{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}..{\f23\froman\fcharset128\fprq1{\*\panose 02020609040205080304}\'82\'6c\'82\'72 \'96\'be\'92\'a9{\*\falt MS Mincho};}{\f26\froman\fcharset0\fprq2{\*\panose 02040604050505020304}Century;}..{\f28\fmodern\fcharset129\fprq1{\*\panose 020b0609000101010101}GulimChe;}{\f58\froman\fcharset128\fprq1{\*\panose 02020609040205080304}@\'82\'6c\'82\'72 \'96\'be\'92\'a9;}{\f124\fmodern\fcharset129\fprq1{\*\panose 020b0609000101010101}@GulimChe;}..{\f201\froman\fcharset238\fprq2 Times New Roman CE;}{\f202\froman\fcharset204\fprq2 Times New Roman Cyr;}{\f204\froman\fcharset161\fprq2 Times New Roman Greek;}{\f205\froman\fcharset162\fprq2 Times New Roman Tur;}..{\f206\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f207\froman\fcharset178\fprq2 Times New Roman (Arabic);}{\f208\froman\fcharset186\fprq2 Times New Roman Baltic;}{\f387\froman\fcharset0\fprq1 MS

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_P.RTF

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Rich Text Format data, version 1, ANSI, code page 932, default language ID 1033
        Category:dropped
        Size (bytes):23104
        Entropy (8bit):5.219985529023853
        Encrypted:false
        SSDEEP:384:a9b5mhRbEbfTlqAJvWP4oi+ze6K8QbQIl38:a9b5mhRbEbLlqAJ8ti+wnZl38
        MD5:A560059226C6035D867B6D564B5602C2
        SHA1:29BA6730627DA2A5DA6A6BB935E617ACAD0800CE
        SHA-256:E607CB01C4107ADB38DD18837626D603199B6A8BC8B0BC020F05F7E6524F8717
        SHA-512:FA288F891CA2D4760CB48875464345BE9C8713C1F8B6297BA2B24DF64ACA42877ACA3DDA768072C5BF40A3A384ACA9CD472765A98FEBC9183999BDF937814885
        Malicious:false
        Preview:{\rtf1\ansi\ansicpg932\uc2 \deff26\deflang1033\deflangfe1041{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}..{\f23\froman\fcharset128\fprq1{\*\panose 02020609040205080304}\'82\'6c\'82\'72 \'96\'be\'92\'a9{\*\falt MS Mincho};}{\f26\froman\fcharset0\fprq2{\*\panose 02040604050505020304}Century;}..{\f29\froman\fcharset128\fprq1{\*\panose 02020609040205080304}@\'82\'6c\'82\'72 \'96\'be\'92\'a9;}{\f44\fmodern\fcharset128\fprq2{\*\panose 020b0600070205080204}\'82\'6c\'82\'72 \'82\'6f\'83\'53\'83\'56\'83\'62\'83\'4e;}..{\f45\fmodern\fcharset128\fprq2{\*\panose 020b0600070205080204}@\'82\'6c\'82\'72 \'82\'6f\'83\'53\'83\'56\'83\'62\'83\'4e;}{\f475\froman\fcharset238\fprq2 Times New Roman CE;}{\f476\froman\fcharset204\fprq2 Times New Roman Cyr;}..{\f478\froman\fcharset161\fprq2 Times New Roman Greek;}{\f479\froman\fcharset162\fprq2 Times New Roman Tur;}{\f480\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f481\froman\fcharset178\fprq2 Times New Roman

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_R.RTF

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
        Category:dropped
        Size (bytes):26662
        Entropy (8bit):3.5849320390259494
        Encrypted:false
        SSDEEP:384:Nzof6qsV7zJMJVNK7WKJMthqFAEKj2yhDBVsorro3tsW0fkoZ1RYVC4NIGQz0lYm:NA6qsaV6WCs2W/RU50fCePMP/6G
        MD5:B8A4F24A17897032E8C1621D888A2338
        SHA1:2EA232EB2256ABC6DBF5DC32A7D069EA1071A126
        SHA-256:8C9D66AB7B54BAD8F49FF9F0729DDF1351636B3A85DE3774E57FBF9127B4CAE6
        SHA-512:96E00E3D1B2155AA5CB592C3176C084B344C0AD21086D285767A71771A218EEC11C5499F30E394AE086B30985844FE822D4723472F094A9C73CAFF0675D5D8FF
        Malicious:false
        Preview:{\rtf1\ansi\ansicpg1252\deff0\deflang1033\deflangfe1033\deftab840{\fonttbl{\f0\fswiss\fprq2\fcharset204{\*\fname Arial;}Arial CYR;}{\f1\fswiss\fprq2\fcharset0 Arial;}}..{\info{\horzdoc}{\*\lchars $([\'5c\'7b\'a3\'a5\'91\'93<\'ab????$([\'7b???}{\*\fchars !%),.:\'3b?]\'7d\'a2\'b0\'92\'94\'89'?????>\'bb????????\'b7??!%),.:\'3b?]\'7d???????}}..\viewkind4\uc1\pard\nowidctlpar\qj\lang1049\kerning2\f0\fs21\'cb\'c8\'d6\'c5\'cd\'c7\'c8\'df \'cd\'c0 \'cf\'d0\'ce\'c3\'d0\'c0\'cc\'cc\'cd\'ce\'c5 \'ce\'c1\'c5\'d1\'cf\'c5\'d7\'c5\'cd\'c8\'c5 CANON\par..\f1\par..\f0\'c2\'c0\'c6\'cd\'ce: \'cf\'d0\'ce\'d7\'d2\'c8\'d2\'c5 \'dd\'d2\'ce \'d1\'ce\'c3\'cb\'c0\'d8\'c5\'cd\'c8\'c5 \'cf\'c5\'d0\'c5\'c4 \'d3\'d1\'d2\'c0\'cd\'ce\'c2\'ca\'ce\'c9 \'cf\'d0\'ce\'c3\'d0\'c0\'cc\'cc\'cd\'ce\'c3\'ce \'ce\'c1\'c5\'d1\'cf\'c5\'d7\'c5\'cd\'c8\'df!\f1\par..\par..\f0\'dd\'f2\'ee\'f2 \'ef\'f0\'e0\'e2\'ee\'e2\'ee\'e9 \'e4\'ee\'ea\'f3\'ec\'e5\'ed\'f2 \'ff\'e2\'eb\'ff\'e5\'f2\'f1\'ff \'eb\'e8\'f6\'e5\'ed\'e7\'e8\'ee\'ed\'ed\'fb

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Eula\EULA_S.RTF

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Rich Text Format data, version 1, ANSI, code page 932, default language ID 1033
        Category:dropped
        Size (bytes):21959
        Entropy (8bit):5.210347327390985
        Encrypted:false
        SSDEEP:384:INsmxwwXM0Ps0Iq1I/x2xIaNjV+dHFxqEA/BTT7TK1IxiudP7SbV4Tle0PTWn6TE:osmWwXZPs0Iq1Ipg1pV+dH3qEA/BTT78
        MD5:7E3E11D6FE902B5D1FF210914C4CEBF5
        SHA1:33B3944B16F5042E9A39EED7AC3811BEE53AD392
        SHA-256:90409140C39E883039462CF3AE9A4D399FE7ACE16762E274C6D223981485D2DE
        SHA-512:903684AFB55875A39ADCC995D9981994826DAC282151DBDE50D0FB5C24C0EC192A8B2495C0191FBA60DEA79CF7AAD7EAEBBF3C8E37605BF93C1BA0BCEF6C8725
        Malicious:false
        Preview:{\rtf1\ansi\ansicpg932\uc2 \deff0\deflang1033\deflangfe1041{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}..{\f23\froman\fcharset128\fprq1{\*\panose 02020609040205080304}\'82\'6c\'82\'72 \'96\'be\'92\'a9{\*\falt MS Mincho};}{\f28\fswiss\fcharset0\fprq2{\*\panose 020b0604030504040204}Tahoma;}..{\f29\froman\fcharset128\fprq1{\*\panose 02020609040205080304}@\'82\'6c\'82\'72 \'96\'be\'92\'a9;}{\f40\froman\fcharset238\fprq2 Times New Roman CE;}{\f41\froman\fcharset204\fprq2 Times New Roman Cyr;}{\f43\froman\fcharset161\fprq2 Times New Roman Greek;}..{\f44\froman\fcharset162\fprq2 Times New Roman Tur;}{\f45\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f46\froman\fcharset178\fprq2 Times New Roman (Arabic);}{\f47\froman\fcharset186\fprq2 Times New Roman Baltic;}..{\f226\froman\fcharset0\fprq1 MS Mincho Western{\*\falt MS Mincho};}{\f224\froman\fcharset238\fprq1 MS Mincho CE{\*\falt MS Mincho};}{\f225\froman\fcharset204\fprq1 MS Mincho Cyr{\*\falt M

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_Chinese_Simplified.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
        Category:dropped
        Size (bytes):4038
        Entropy (8bit):4.749326133335532
        Encrypted:false
        SSDEEP:96:YZRUZRwrH1uTCPf4ldWTY8oAOF2OEebl+3mpMaNT2ci03yWYR2Sg9:YZRUZRKHNfAw8pAOF2OvbyQlJ3yW8g9
        MD5:8E7FD88E0EAFE471855FF5B21EF7AA3D
        SHA1:6740208A5C341BD72831742B8E4D1783AB03E23B
        SHA-256:160DDB47E3710FCFB90D6A3610D5060DBFDAEB3AFED8489AAC9BAE51CA2BCC7D
        SHA-512:C1A118C32555CB6FD1C0D1C186C7CA215214A2A852AEA612C70DA46FDD652D72879D4AE4DBA6E2E145CEE7E68C0BDD15A0AE6D8EE31757EC199E107A65618679
        Malicious:false
        Preview:.._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._......... . . . . . . . . . .P.r.i.n.t.e.r. .D.r.i.v.e.r. .O.p.t.i.m.i.z.a.t.i.o.n. .M.o.d.u.l.e. .f.o.r. .A.u.t.o.C.A.D. .V.e.r.s.i.o.n. .1...1.3..... . . . . . . . . . . . . . . . . . . . . . .*.*.*. .C.A.N.O.N. .lQ.SHrCg@b.g .2.0.1.4. .*.*.*....._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._..........vU_........ . .1... .._...... . .2... ..|.~..Bl.... . .3... ..[..e.v.l.a.Ny..... . .4... ..l.a.Ny..0@\P.'`.TP.6R............1...._..-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.........&^.g .i.m.a.g.e.P.R.O.G.R.A.F. ..v .P.r.i.n.t.e.r. .D.r.i.v.e.r. .O.p.t.i.m.i.z.a.t.i.o.n. .M.o.d.u.l.e. .f.o.r. .A.u.t.o.C.A.D. .......(W

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_English.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
        Category:dropped
        Size (bytes):6552
        Entropy (8bit):3.4142773788029324
        Encrypted:false
        SSDEEP:192:YZRuN3ZRFCmZnl69hiAOF2OvbwOwvXL6RXSF2XyF:YZRuN3ZRFzZl69hiAOF2mbrwvXuRpXyF
        MD5:C130104B083B1013B837413D0C75F34E
        SHA1:786F15C5BD78304DFB940C2DE321AD625CF5EED4
        SHA-256:F0A0E2D9A714D88AEEC2089376B73E530845429EA0C6BA9937AF6D060E1FE1A4
        SHA-512:18AA9964E90B6F786617F0FA41EFB1FF78DBD86041E635992F1B43C18C2CC05DF79DA4D582E9E5B60777B9998602F0C3E28ABF3FA0D9BE0C0A02D6A661817377
        Malicious:false
        Preview:.._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._......... . . . . . . . . . .P.r.i.n.t.e.r. .D.r.i.v.e.r. .O.p.t.i.m.i.z.a.t.i.o.n. .M.o.d.u.l.e. .f.o.r. .A.u.t.o.C.A.D. .V.e.r.s.i.o.n. . .1...1.3..... . . . . . . . . . . . . . . . . . . . . . . .*.*.*. .C.o.p.y.r.i.g.h.t. .C.A.N.O.N. .I.N.C... .2.0.1.4. .*.*.*....._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._.........C.o.n.t.e.n.t.s......... . .1... .I.n.t.r.o.d.u.c.t.i.o.n..... . .2... .S.y.s.t.e.m. .R.e.q.u.i.r.e.m.e.n.t.s..... . .3... .P.r.e.c.a.u.t.i.o.n.s. .D.u.r.i.n.g. .I.n.s.t.a.l.l.a.t.i.o.n..... . .4... .C.a.u.t.i.o.n.s.,. .L.i.m.i.t.a.t.i.o.n.s. .a.n.d. .R.e.s.t.r.i.c.t.i.o.n.s.............1... .I.n.t.r.o.d.u.c.t.i.o.n. .-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_French.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
        Category:dropped
        Size (bytes):7278
        Entropy (8bit):3.4120835244137067
        Encrypted:false
        SSDEEP:192:YZRmKSZRT8FDE6awSbAOF2OvbggR0MMLAh8TokJ7PVlSjp:YZRmKSZRT866awSbAOF2mbL0MiAhPMNw
        MD5:9622C6E24FC176F4B3C46654703967EF
        SHA1:32B16ACEE8DF0035E0403E6D3CACEA1D409E03BA
        SHA-256:4B7F45F9823B9D6AFA7C6283040A338A458D94900A14C0D45988FFDB7AB0CCA2
        SHA-512:94770BD3ABF72B8DF5AC87901E6A3642C2B15CE2C28BB7D6881CCC358B7A102B9FA1AC08DC5C67C1632843B47A037A3D7BC2DCF66E6A487E58FF93F0350F57E5
        Malicious:false
        Preview:.._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._......... . . . . . . . . . .P.r.i.n.t.e.r. .D.r.i.v.e.r. .O.p.t.i.m.i.z.a.t.i.o.n. .M.o.d.u.l.e. .f.o.r. .A.u.t.o.C.A.D. .v.e.r.s.i.o.n. .1...1.3..... . . . . . . . . . . . . . . . . . . . . . . .*.*.*. .C.o.p.y.r.i.g.h.t. .C.A.N.O.N. .I.N.C... .2.0.1.4. .*.*.*....._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._.........S.o.m.m.a.i.r.e......... . .1... .I.n.t.r.o.d.u.c.t.i.o.n..... . .2... .C.o.n.f.i.g.u.r.a.t.i.o.n. .r.e.q.u.i.s.e..... . .3... .P.r...c.a.u.t.i.o.n.s. ... .o.b.s.e.r.v.e.r. .p.e.n.d.a.n.t. .l.'.i.n.s.t.a.l.l.a.t.i.o.n..... . .4... .P.r...c.a.u.t.i.o.n.s.,. .l.i.m.i.t.a.t.i.o.n.s. .e.t. .r.e.s.t.r.i.c.t.i.o.n.s.............1...I.n.t.r.o.d.u.c.t.i.o.n.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_German.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
        Category:dropped
        Size (bytes):7060
        Entropy (8bit):3.450972664090475
        Encrypted:false
        SSDEEP:192:YZR1ZRA0FmDbK6GqOrm/AOF2Ovbjmyt6fzIQ:YZR1ZRA0E/K6sm/AOF2mbjVt6fzIQ
        MD5:3C216AAE84CEBC97CE7B640A0771F5A5
        SHA1:59887DD4D1B20FCE99A7B97E5BBB38216229B3EA
        SHA-256:A5023E672DDFC0E820739DBB4F2C60DA62872DEA56FFED1354DC5C0AFF20E223
        SHA-512:87052120F2D34D70C756EC5186EFF3D9529EE13A1CDBD216FFDBDA106B4F7DDC0BA666265FCB117CBAAC3767DFAD7F76EB9D4DAF9A9E4598D5686CCAB1DBA16F
        Malicious:false
        Preview:.._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._......... . . . . . . . . . .P.r.i.n.t.e.r. .D.r.i.v.e.r. .O.p.t.i.m.i.z.a.t.i.o.n. .M.o.d.u.l.e. .f.o.r. .A.u.t.o.C.A.D. .v.e.r.s.i.o.n. .1...1.3..... . . . . . . . . . . . . . . . . . . . . . . .*.*.*. .C.o.p.y.r.i.g.h.t. .C.A.N.O.N. .I.N.C... .2.0.1.4. .*.*.*....._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._.........I.n.h.a.l.t......... . .1... .E.i.n.f...h.r.u.n.g..... . .2... .S.y.s.t.e.m.a.n.f.o.r.d.e.r.u.n.g.e.n..... . .3... .V.o.r.s.i.c.h.t.s.m.a...n.a.h.m.e.n. .w...h.r.e.n.d. .d.e.r. .I.n.s.t.a.l.l.a.t.i.o.n..... . .4... .V.o.r.s.i.c.h.t.s.h.i.n.w.e.i.s.e.,. .B.e.g.r.e.n.z.u.n.g.e.n. .u.n.d. .B.e.s.c.h.r...n.k.u.n.g.e.n.............1... .E.i.n.f...h.r.u.n.g. .-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_Italian.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
        Category:dropped
        Size (bytes):6990
        Entropy (8bit):3.3885703823472526
        Encrypted:false
        SSDEEP:192:YZRhZRRyXW6a0KmbAOF2OvbPGZB2nQdrLSi7glj:YZRhZRQXW6aAbAOF2mbPeBkQdrGtj
        MD5:F6746F861250E1906852193712052AB9
        SHA1:BEEE10F16D3BD5007318F36E5A23C2AE96BB4642
        SHA-256:719CB2AD0CA1C69473523FC1958196E6168C7ED4228B6DF39E28990E06C89F66
        SHA-512:403FFF9414178B5E0A24FD0D9668C4F600EA098960BE4762FBF9DBA006806E87471E992B3F92D3673070648DC2F37AF9014DFE6BBA28BD374866D8A517C6DC0D
        Malicious:false
        Preview:.._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._......... . . . . . . . . . .P.r.i.n.t.e.r. .D.r.i.v.e.r. .O.p.t.i.m.i.z.a.t.i.o.n. .M.o.d.u.l.e. .f.o.r. .A.u.t.o.C.A.D. .v.e.r.s.i.o.n. .1...1.3..... . . . . . . . . . . . . . . . . . . . . . . .*.*.*. .C.o.p.y.r.i.g.h.t. .C.A.N.O.N. .I.N.C... .2.0.1.4. .*.*.*....._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._.........S.o.m.m.a.r.i.o......... . .1... .I.n.t.r.o.d.u.z.i.o.n.e..... . .2... .R.e.q.u.i.s.i.t.i. .d.i. .s.i.s.t.e.m.a..... . .3... .P.r.e.c.a.u.z.i.o.n.i. .d.u.r.a.n.t.e. .l.'.i.n.s.t.a.l.l.a.z.i.o.n.e..... . .4... .A.v.v.e.r.t.e.n.z.e.,. .l.i.m.i.t.i. .e. .r.e.s.t.r.i.z.i.o.n.i.............1... .I.n.t.r.o.d.u.z.i.o.n.e. .-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_Japanese.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
        Category:dropped
        Size (bytes):4328
        Entropy (8bit):4.702082453789514
        Encrypted:false
        SSDEEP:48:T+kUn+I7+kaK+u+8hvQ+e+Z+5J+iH+f+OEH+K+l+v9fNSyPnNvFPEl8+ALAAkRNN:KWXhfePAOF2OEebl+myPNdsdAL70NFH
        MD5:046220D1869A2041535B5D86A42B05A2
        SHA1:DE01E00E5DF8ABF85A88A1073424094F49A25288
        SHA-256:3D6D4C27139EB9C3B3DB544DF56A7F95126F76AFD91D7836A7CEF97389C7AFEE
        SHA-512:5BB1D21956A9C079CD0102A86AA83C32733A19D0E8ED95D6B8F11A87B4EB55C3F581B3CD4D3CF70C9D71F29B00B5669C37259F20688156DBA2DC433DE7E00BB4
        Malicious:false
        Preview:.._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._......... . . . . . . . . . . . . . . . . . .A.u.t.o.C.A.D.(u.0.0.0.0.0.0.0.0.gi..S.0.0.0 .V.e.r.s.i.o.n. .1...1.3..... . . . . . . . . . . . . . . . . . . . . . . .*.*.*. .C.o.p.y.r.i.g.h.t. .C.A.N.O.N. .I.N.C... .2.0.1.4. .*.*.*....._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._..........%.v!k........ . .1... .o0X0.0k0.... . .2... ..O(u.t.X.... . .3... ..0.0.0.0.0.0Bfn0.l.a.... . .4... ..O(u.Nn0.l.a............1... .o0X0.0k0 .-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.........A.u.t.o.C.A.D.(u.0.0.0.0.0.0.0.0.gi..S.0.0.0...N.N.0.gi..S.0.0.0..o0.0i.m.a.g.e.P.R.O.G.R.A.F.g0.0.....0.0.0.0.0.0>yn0C.A.D.(u.0.0.0.0.0.0.0A.u.t.o.C.A.D..0

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_Korean.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
        Category:dropped
        Size (bytes):4788
        Entropy (8bit):4.69560849267884
        Encrypted:false
        SSDEEP:96:YZRlFZRMEhRQrLkMK6PM9sPAOF2OEebl+evaC7UeUwUMVbHOcDgpO:YZR3ZRMEhRxD6MsPAOF2Ovb1tVb8pO
        MD5:320DDB44BE1FDB827130678F98D7AE04
        SHA1:48BB0C37939D5536F7E05C406C3136FF2C26E52C
        SHA-256:E7F765083882D30DC6680E614AEBC2A833FB1D8C649EED18310C03FBC77A1B31
        SHA-512:EB3F1A7667B7047360B8AE7FCA41379768A1D2E0187B01EB6D18CBB78C4DBEC209EAEDA8DCD8494931AE097C2B8336C32A511E9C5B98486823C96B8987ED8A33
        Malicious:false
        Preview:.._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._......... . . . . . . . . . .P.r.i.n.t.e.r. .D.r.i.v.e.r. .O.p.t.i.m.i.z.a.t.i.o.n. .M.o.d.u.l.e. .f.o.r. .A.u.t.o.C.A.D. .V.e.r.s.i.o.n. . .1...1.3..... . . . . . . . . . . . . . . . . . . . . . . . . . . .*.*.*. ..... .C.A.N.O.N. .I.N.C... .2.0.1.4. .*.*.*....._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._...........(......... . .1... ....X.0..... . .2... ....\. ...l.p.t..... . .3... .$.X. ... ...X. ...m..... . .4... ...X.,. ...\. ...... ...}.............1... ....X.0.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.........P.r.i.n.t.e.r. .D.r.i.v.e.r. .O.p.t.i.m.i.z.a.t.i.o.n. .M.o.d.u.l.e. .f.o.r. .A.u.t.o.C.A.D.(.t.X. .O.p.t.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_Portuguese.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
        Category:dropped
        Size (bytes):6772
        Entropy (8bit):3.4123503279032916
        Encrypted:false
        SSDEEP:96:YZRg/UVZRCMrKqqH6BQlFYQK6a8eQiDbAOF2OEebl+qbmqdizb/502LaJZa2uN5o:YZRzZRCnRQ6aZbAOF2OvblKR02LF5Amo
        MD5:503216C25A4054B772F348DCEF185AC3
        SHA1:4D303E9967D502C4993F830123857D48F6A32824
        SHA-256:D96F002E541EA03D10BD99BFC995BFECDD17DBFD4097D1C9DC0C64DFF55E245E
        SHA-512:0539AD0818F0F2B2D63B99FC63E58D6EF5FA3560165CCA16DB67BD27F42D9B78390D9AC283BD5E3F4BA17F109D5E48907EA871D1D0F612BEDE0A1DD7B93831B8
        Malicious:false
        Preview:.._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._......... . . . . . . . . . .P.r.i.n.t.e.r. .D.r.i.v.e.r. .O.p.t.i.m.i.z.a.t.i.o.n. .M.o.d.u.l.e. .f.o.r. .A.u.t.o.C.A.D. .V.e.r.s.i.o.n. . .1...1.3..... . . . . . . . . . . . . . . . . . . . . . . .*.*.*. .C.o.p.y.r.i.g.h.t. .C.A.N.O.N. .I.N.C... .2.0.1.4. .*.*.*....._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._.........C.o.n.t.e...d.o......... . .1... .I.n.t.r.o.d.u.....o..... . .2... .R.e.q.u.i.s.i.t.o.s. .d.o. .s.i.s.t.e.m.a..... . .3... .P.r.e.c.a.u.....e.s. .d.u.r.a.n.t.e. .a. .i.n.s.t.a.l.a.....o..... . .4... .C.u.i.d.a.d.o.s.,. .l.i.m.i.t.a.....e.s. .e. .r.e.s.t.r.i.....e.s.............1... .I.n.t.r.o.d.u.....o. .-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_Russian.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
        Category:dropped
        Size (bytes):7000
        Entropy (8bit):4.088919026549438
        Encrypted:false
        SSDEEP:96:YZRYa+ZR3PUmGDOQkK6xOjbAOF2OEebl+/YVxIk7qjPCspqOlrLsP/3Lyi:YZREZR3PUmM6EjbAOF2OvbAsu8OlrLWL
        MD5:C66D6112AD7B70C6A49A101968342D54
        SHA1:27A40EAAE72EEAF8AD888D045A67E6441080F12B
        SHA-256:BC52C0CF510111B5A0402426EFAFCBE4716E805231CF9047D27A2914EC23BE9D
        SHA-512:3515A2C3DA943638852D3D8A89A5D34EF85A32CCDF80A54E7539581D44762A4BC27978D5B6F34126598D3AA39D8AA688F138D905B22DCAF508678AC6E110F481
        Malicious:false
        Preview:.._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._......... . . . . . . . . . .P.r.i.n.t.e.r. .D.r.i.v.e.r. .O.p.t.i.m.i.z.a.t.i.o.n. .M.o.d.u.l.e. .f.o.r. .A.u.t.o.C.A.D. .V.e.r.s.i.o.n. .1...1.3..... . . . . . . . . . . . . . . . . . . . . . . .*.*.*. .C.o.p.y.r.i.g.h.t. .C.A.N.O.N. .I.N.C... .2.0.1.4. .*.*.*....._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._.........!.>.4.5.@.6.0.=.8.5......... . .1... ...2.5.4.5.=.8.5..... . .2... .!.8.A.B.5.<.=.K.5. .B.@.5.1.>.2.0.=.8.O..... . .3... ...5.@.K. .?.@.5.4.>.A.B.>.@.>.6.=.>.A.B.8. .2.>. .2.@.5.<.O. ..... . . . . .C.A.B.0.=.>.2.:.8..... . .4... ...@.5.4.>.A.B.5.@.5.6.5.=.8.O.,. .>.3.@.0.=.8.G.5.=.8.O. .8. .C.A.;.>.2.8.O.............1... ...2.5.4.5.=.8.5. .-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Readme\Readme_Spanish.txt

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
        Category:dropped
        Size (bytes):7184
        Entropy (8bit):3.3919719373800397
        Encrypted:false
        SSDEEP:96:YZRPZapZRl8fAAvgVQB97QK6y0A+abAOF2OEebl+U1xRuquG+b2Nb3o/AnNuCLLI:YZR4ZRlJw6AbAOF2OvbTg43dxLLu90/C
        MD5:D6DD1E6680FFB326F64B8DD7814D9521
        SHA1:54CE2C7C0D4092F802FF2CA73EA71F5B1D864DEF
        SHA-256:C03B9ADA3DC7D8D2F10F28AD6578AE00BD5688D375C679C3E15DF0DA5AA11FDD
        SHA-512:5F8D8878D16D5F39091087D4224186D040BAEA49993EFC32B9CA0D8706945C959D8E2C47E6A5D72C653F09B7B2FD03CDDB34DAAE70B3BE8FFA48CC4DA88DD69E
        Malicious:false
        Preview:.._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._......... . . . . . . . . . .P.r.i.n.t.e.r. .D.r.i.v.e.r. .O.p.t.i.m.i.z.a.t.i.o.n. .M.o.d.u.l.e. .f.o.r. .A.u.t.o.C.A.D. .V.e.r.s.i.o.n. .1...1.3..... . . . . . . . . . . . . . . . . . . . . . . .*.*.*. .C.o.p.y.r.i.g.h.t. .C.A.N.O.N. .I.N.C... .2.0.1.4. .*.*.*....._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._...........n.d.i.c.e......... . .1... .I.n.t.r.o.d.u.c.c.i...n..... . .2... .R.e.q.u.i.s.i.t.o.s. .d.e.l. .s.i.s.t.e.m.a..... . .3... .P.r.e.c.a.u.c.i.o.n.e.s. .d.u.r.a.n.t.e. .l.a. .i.n.s.t.a.l.a.c.i...n..... . .4... .P.r.e.c.a.u.c.i.o.n.e.s.,. .l.i.m.i.t.a.c.i.o.n.e.s. .y. .r.e.s.t.r.i.c.c.i.o.n.e.s.............1... .I.n.t.r.o.d.u.c.c.i...n.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Setup.exe

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):482872
        Entropy (8bit):5.675837590234053
        Encrypted:false
        SSDEEP:6144:Ci53c/96sDmUSDMusyK9IQq2ajYBcTyzp+Zz5rCj29xGhcbBI7:CRDLuq9IpjYBcgcB5rCjNhcbBI7
        MD5:6EED6F77971B74A821408307CFB42890
        SHA1:B9A4A7F04EB791DFD49F7D891FFFD338A41A5937
        SHA-256:8107DE9D9F773CBE73C5D3094B3F3D9E12D52E3BFBB6A2C4086FF33C42EA609D
        SHA-512:80B15CC1FF13D68E2B4FAD7A144528280D932B4348C4F15B0364310DECDF0A95A320F5DAB939B81E5F2619B22DEDDE7748084E36F7459A2E645AAB3A5F7A0589
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........-^.L0..L0..L0...K..L0..L1.~M0...M..L0...].'L0...^..L0...B..L0...L..L0...H..L0.Rich.L0.........PE..L...Q\BS.....................P....................@..........................................................................G.......... ............@..8...........p............................... $..@...................(G..@....................text............................... ..`.rdata...l.......p..................@..@.data....Y...`... ...`..............@....rsrc... ...........................@..@................................................................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\Uninstal.exe

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):491064
        Entropy (8bit):5.091839294142142
        Encrypted:false
        SSDEEP:6144:L3J4K+xoUPxIqFbZ3OSJDrDT7AXPQjDjAs3ygubC:JUPxLbZhkkjAs3yDbC
        MD5:2FA439CD5D0B678AABB712C37C4B90F2
        SHA1:797884F52790388D34522E94FCB3BAF8FB3CB7A5
        SHA-256:7CDA1E047B762BEC048D2A6345E23D48BE1791C54AFF7A8B83AA8F93B1AB48D3
        SHA-512:172D2D4B9B515152FB1C33407C029FB09D50CE1A900062BD6C13CFF77DD036C14103F097895AB23AB87BADD22F7F90DE573A03F4D44387D218D75FF413AE10C6
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 2%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........p[h.#[h.#[h.#|..#Nh.#[h.#.i.#|..#Bh.#|..#.h.#|..#,h.#|..#Yh.#|..#Zh.#|..#Zh.#Rich[h.#................PE..L...M\BS.....................`......2.............@........................................................................tX.......................`..8............................................4..@....................W..@....................text...5........................... ..`.rdata...l.......p..................@..@.data...tY...p... ...p..............@....rsrc...............................@..@........................................................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\cnwgdicp.exe

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):1056312
        Entropy (8bit):5.944229446812078
        Encrypted:false
        SSDEEP:12288:mGIH42NHouHYqerhbRhnTUmtWhD+r98nQIWOVH6yA1PD:+Sub31c98nQIWOVHRApD
        MD5:015C347A361F9EE29D75E9E07F883995
        SHA1:7BFFD11D408858CEA75B11DF5DF3D14C34B0196C
        SHA-256:36A9C817069015F156C7076AABAF30859FAE26BEC63A6F0E29C17B157B7C8A46
        SHA-512:2CB6E45B690F864D55BBC51F5B0FBD99F236876BD103C5CC172208D7C876B83A8953B6A43EBADBCE462CC8BF7492340DBD38C7E1756CDD6AF0DB534674F783F4
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......^~..............=......=......=......=..............=..1...=......=..............=......Rich............PE..L.../.iS.....................p.......Y............@.................................k...................................F...............\...............8...........P................................T..@.......................@....................text....v.......................... ..`.rdata..VI.......P..................@..@.data...8........@..................@....rsrc...\............ ..............@..@................................................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\OptDrv\cnwgdicp.ini

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Generic INItialization configuration [SupportLanguage]
        Category:dropped
        Size (bytes):1983
        Entropy (8bit):5.139094287137588
        Encrypted:false
        SSDEEP:24:yWMIQz0I/Nj8R4v986m8e74DsaV+4/SRyocKnQt30xRkTeXomioRxi:y3dyyl8z8eWLV+4/SRXcKnQt3CRkTz
        MD5:58A15B30E0509219065A8D719EDD136E
        SHA1:909D3CEE75A1F5F3A7AA790A8B2128C49F9BED98
        SHA-256:75A06A3ED5645CD907A240E2B0C622F6935DF1400B6DED89E1E83620E359B735
        SHA-512:D9BAE52A84995C65293D21EF692B58CCBD188B2D705D557C3B3A3376A91EDCC6812E3A381D493DBFB0576453D3A3CBC34EFE541C51012A823E8DEAAC6BDE47B6
        Malicious:false
        Preview:[SupportOS]..Win2K=1..WinXP=1..Win2003=1..WinVista=1..Win2008=1..Win7=1..Win8=1..Win2012=1..Newer=1....[SupportLanguage]..English=1..French=1..Italian=1..German=1..Spanish=1..Japanese=1..Chinese Simplified=1..Korean=1..Russian=1..Portuguese=1....[Settings]..Overwrite=3..SrcOptModulePath=Drv..OptModuleNamePrefix=cnwgdi..OptModuleNameSrcFmt=%HEIDIVER_MAJOR%%HEIDIVER_MINOR%\%MODULE_PREFIX%%HEIDIVER_MAJOR%.hdi..OptModuleNameDstFmt=%MODULE_PREFIX%%HEIDIVER_MAJOR%.hdi..EulaPath=Eula..ReadmePath=Readme..MinHeidiVer=9..AcadVersions=2008-2015..FixedSearchResult=1....[SupportApps]..AutoCAD 2008..AutoCAD 2009..AutoCAD 2010..AutoCAD 2011..AutoCAD 2012..AutoCAD 2013..AutoCAD 2014..AutoCAD 2015..AutoCAD LT 2008..AutoCAD LT 2009..AutoCAD LT 2010..AutoCAD LT 2011..AutoCAD LT 2012..AutoCAD LT 2013..AutoCAD LT 2014..AutoCAD LT 2015..DWG TrueView 2008..DWG TrueView 2009..DWG TrueView 2010..DWG TrueView 2011..DWG TrueView 2012..DWG TrueView 2013..DWG TrueView 2014..DWG TrueView 2015..AutoCAD Architecture

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Setup.exe

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
        Category:dropped
        Size (bytes):3317344
        Entropy (8bit):5.3714323896530765
        Encrypted:false
        SSDEEP:49152:b9X45dsb31U3hZ8PsSH7el7ZC0EVHEJHysSOR8S0ZycgD5OP:1a6bkhCsSHMCpVHwHT5KccgD5OP
        MD5:A51AD89CEB7A52E4DC25164D7684CBFF
        SHA1:2E7086BD550EEB7A5AB3CC44E0DE7234E7C00EC3
        SHA-256:B94C725111E4A0C3C563A379D44494A4DCCEE99B1DCB750C6DF76E657676B93D
        SHA-512:96982371D7198137EB42A0955E75373B556FFCA6C736F8D7AFB75E7B2924AA483578CBC01927D9D70F91CA676653BFAC4AF77F38CC5D49DDE65FBDCFF11357AE
        Malicious:false
        Antivirus:
        • Antivirus: ReversingLabs, Detection: 0%
        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........=.;.\.h.\.h.\.h0S.h.\.h..h.\.h..h2\.h0S.h.\.h.\.h.^.h..h.].h..h.\.h..h.\.hRich.\.h........PE..L...N..S.................P... ......yY.......`....@...........................2......<3.......................................!.T.....-...............2.`............i..............................p...@............`......\.!.@....................text....O.......P.................. ..`.rdata..(....`.......`..............@..@.data.........".......".............@....rsrc.........-.......-.............@..@................................................................................................................................................................................................................................................................................................................................................................................

        C:\Users\user\Desktop\iPF770Series-Drv-Win-491\32bit\Setup.ini

        Download File
        Process:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File Type:Generic INItialization configuration [SupportOS]
        Category:dropped
        Size (bytes):284
        Entropy (8bit):5.04134413804199
        Encrypted:false
        SSDEEP:6:9qDwg7a3i0ZMdMjG5IooIuUaMmymUDkov8xvQ/L2v1ln:9JadWMdB+GQvQ/Qn
        MD5:0A46D986648942B57019570DC8C587A4
        SHA1:FA040DB364CBE5D95A36929C997C7804F03ABA52
        SHA-256:ADE3983A50E30C78F5FF73418A0C0CA843551017AD80918153644D253D69B8C2
        SHA-512:858FF3D5F9C7D6677E8CE7925ED51B08CBC80DE44B84DA68F7BEFBD9EA0B361673C4D42F3343DBF5A6C157F2FA452777B55328480E674DE8DF45263DE11FAD17
        Malicious:false
        Preview:[ModuleInfo]..ResourceModule=SetupUIU.dll..CheckiWEMC_DRM=ON....[SupportOS]..Win2K=1..WinXP=1..Win2003=1..WinVista=1..Win2008=1..Win7_x86=1....[SupportLanguage]..English=1..French=1..Italian=1..German=1..Spanish=1..Japanese=1..Chinese Simplified=1..Korean=1..Russian=1..Portuguese=1..

        Static File Info

        General

        File type:PE32 executable (GUI) Intel 80386, for MS Windows
        Entropy (8bit):7.998331159312715
        TrID:
        • Win32 Executable (generic) a (10002005/4) 99.30%
        • InstallShield setup (43055/19) 0.43%
        • Winzip Win32 self-extracting archive (generic) (23002/1) 0.23%
        • Generic Win/DOS Executable (2004/3) 0.02%
        • DOS Executable Generic (2002/1) 0.02%
        File name:SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        File size:45'428'392 bytes
        MD5:4f5f177604def1f099b2c6612cc919f2
        SHA1:c96214d34e9e50703518e7ec501ca3921874349f
        SHA256:49924087e1c13a0bdca2836c7ae899a6d51f0f3c7312f7c6da24b5b9838369a2
        SHA512:f7a89b220d50dc387b04481e9fdb7a2d214ff226887f0851e97852dd991edcc920846e4136dc8fa2665e4af3b0514621d5dc38dc3a452a9d29dc98798863edf6
        SSDEEP:786432:1PLWuZfj/pBcZKpf/ykRudO1oKi1+OpzLgF5MFESQH2s0NgBAiaMuJDkY3r5b:BqiHcZKNKOWKiRpnMM2H2sYoZcDXp
        TLSH:C5A7330AFB9C8CA1E5200E31B45657A345E6C0351C64EEC64EA1377D1E73A24EBE7B4B
        File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......qw.W5...5...5.......&.......E...5...........8...............4.......4...5...7.......4...Rich5...........................PE..L..

        File Icon

        Icon Hash:533c2b2713576fee

        Static PE Info

        General

        Entrypoint:0x40a79e
        Entrypoint Section:.text
        Digitally signed:true
        Imagebase:0x400000
        Subsystem:windows gui
        Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
        DLL Characteristics:
        Time Stamp:0x4AEF3FA7 [Mon Nov 2 20:23:03 2009 UTC]
        TLS Callbacks:
        CLR (.Net) Version:
        OS Version Major:4
        OS Version Minor:0
        File Version Major:4
        File Version Minor:0
        Subsystem Version Major:4
        Subsystem Version Minor:0
        Import Hash:f2f9102c7663962c22d17a8dabc5e7ce

        Authenticode Signature

        Signature Valid:true
        Signature Issuer:CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
        Signature Validation Error:The operation completed successfully
        Error Number:0
        Not Before, Not After
        • 25/03/2014 01:00:00 19/04/2015 01:59:59
        Subject Chain
        • CN=Canon Inc., OU=Inkjet System Development Center, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Canon Inc., L=Kawasaki-shi, S=Kanagawa, C=JP
        Version:3
        Thumbprint MD5:73E3593F02FAA7E3EAD78014ACAC0ED7
        Thumbprint SHA-1:9FD63BE7142588C5B3DCDFB0B5C71AA8A3DCA172
        Thumbprint SHA-256:F465C102018BCFCE87D7BD3C666922F9A15BBD3A4335F746332101E3DAB6EE3D
        Serial:42E42D04DA33DB4275572152C9CFDABE

        Entrypoint Preview

        Instruction
        call 00007F4F6D515D83h
        jmp 00007F4F6D51112Bh
        push ebp
        mov ebp, esp
        sub esp, 00000328h
        mov dword ptr [00423C20h], eax
        mov dword ptr [00423C1Ch], ecx
        mov dword ptr [00423C18h], edx
        mov dword ptr [00423C14h], ebx
        mov dword ptr [00423C10h], esi
        mov dword ptr [00423C0Ch], edi
        mov word ptr [00423C38h], ss
        mov word ptr [00423C2Ch], cs
        mov word ptr [00423C08h], ds
        mov word ptr [00423C04h], es
        mov word ptr [00423C00h], fs
        mov word ptr [00423BFCh], gs
        pushfd
        pop dword ptr [00423C30h]
        mov eax, dword ptr [ebp+00h]
        mov dword ptr [00423C24h], eax
        mov eax, dword ptr [ebp+04h]
        mov dword ptr [00423C28h], eax
        lea eax, dword ptr [ebp+08h]
        mov dword ptr [00423C34h], eax
        mov eax, dword ptr [ebp-00000320h]
        mov dword ptr [00423B70h], 00010001h
        mov eax, dword ptr [00423C28h]
        mov dword ptr [00423B24h], eax
        mov dword ptr [00423B18h], C0000409h
        mov dword ptr [00423B1Ch], 00000001h
        mov eax, dword ptr [00417420h]
        mov dword ptr [ebp-00000328h], eax
        mov eax, dword ptr [00417424h]
        mov dword ptr [ebp-00000324h], eax
        call dword ptr [004131B4h]

        Rich Headers

        Programming Language:
        • [ASM] VS2005 build 50727
        • [ C ] VS2005 build 50727
        • [C++] VS2005 build 50727
        • [EXP] VS2005 build 50727
        • [RES] VS2005 build 50727
        • [LNK] VS2005 build 50727

        Data Directories

        NameVirtual AddressVirtual Size Is in Section
        IMAGE_DIRECTORY_ENTRY_EXPORT0x167100x32.rdata
        IMAGE_DIRECTORY_ENTRY_IMPORT0x158440x8c.rdata
        IMAGE_DIRECTORY_ENTRY_RESOURCE0x260000x97a8.rsrc
        IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
        IMAGE_DIRECTORY_ENTRY_SECURITY0x2b510000x1ea8_winzip_
        IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
        IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
        IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
        IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
        IMAGE_DIRECTORY_ENTRY_TLS0x00x0
        IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x14e480x40.rdata
        IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
        IMAGE_DIRECTORY_ENTRY_IAT0x130000x2b8.rdata
        IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
        IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
        IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

        Sections

        NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
        .text0x10000x11ff50x120008ad57c6baf27d65ae8dae769b564ae30False0.624267578125data6.620173902911684IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
        .rdata0x130000x37420x40005936658766ce0c07e562dccd1db5a0e3False0.32928466796875OpenPGP Secret Key4.937916234393975IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
        .data0x170000xe7440x20007460e406a7148a8dd50702400531409cFalse0.1732177734375data1.977862513710453IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
        .rsrc0x260000x97a80xa000a2a34523050e5027f138a4ff5f5f7f76False0.4905029296875data5.291962974613592IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
        _winzip_0x300000x2b2e0000x2b2e000d03323fa5a298d36cd3f1faf8ec31ea5unknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

        Resources

        NameRVASizeTypeLanguageCountryZLIB Complexity
        WZ_MANIFEST0x2ea580x5dfXML 1.0 document, ASCII text, with CRLF line terminatorsEnglishUnited States0.4311377245508982
        RT_ICON0x287e80x668Device independent bitmap graphic, 48 x 96 x 4, image size 1152EnglishUnited States0.4176829268292683
        RT_ICON0x28e500x2e8Device independent bitmap graphic, 32 x 64 x 4, image size 512EnglishUnited States0.4959677419354839
        RT_ICON0x291380x128Device independent bitmap graphic, 16 x 32 x 4, image size 128EnglishUnited States0.5608108108108109
        RT_ICON0x292600xea8Device independent bitmap graphic, 48 x 96 x 8, image size 2304, 256 important colorsEnglishUnited States0.6548507462686567
        RT_ICON0x2a1080x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 1024, 256 important colorsEnglishUnited States0.7851985559566786
        RT_ICON0x2a9b00x568Device independent bitmap graphic, 16 x 32 x 8, image size 256, 256 important colorsEnglishUnited States0.4848265895953757
        RT_ICON0x2af180x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 9600EnglishUnited States0.6487551867219917
        RT_ICON0x2d4c00x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 4224EnglishUnited States0.6995778611632271
        RT_ICON0x2e5680x468Device independent bitmap graphic, 16 x 32 x 32, image size 1088EnglishUnited States0.5611702127659575
        RT_DIALOG0x264d00x27edataEnglishUnited States0.5188087774294671
        RT_DIALOG0x2f6100x192dataEnglishUnited States0.5920398009950248
        RT_STRING0x267500x2fcMatlab v4 mat-file (little endian) h, numeric, rows 0, columns 0EnglishUnited States0.3717277486910995
        RT_STRING0x26a500x16edataEnglishUnited States0.5683060109289617
        RT_STRING0x26bc00x91adataEnglishUnited States0.3776824034334764
        RT_STRING0x274e00x880dataEnglishUnited States0.35018382352941174
        RT_STRING0x27d600x4fedataEnglishUnited States0.3935837245696401
        RT_STRING0x282600x518dataEnglishUnited States0.4125766871165644
        RT_STRING0x287780x6edataEnglishUnited States0.6727272727272727
        RT_GROUP_ICON0x2e9d00x84dataEnglishUnited States0.6363636363636364
        RT_MANIFEST0x2f0380x5d4XML 1.0 document, ASCII text, with CRLF line terminatorsEnglishUnited States0.43029490616621985

        Imports

        DLLImport
        SHELL32.dllSHGetPathFromIDListA, SHGetSpecialFolderLocation, ShellExecuteA, FindExecutableA, SHBrowseForFolderA, SHGetMalloc
        USER32.dllGetClientRect, SetRect, EndPaint, LoadCursorA, GetLastActivePopup, KillTimer, ShowWindow, PostMessageA, SendMessageA, EnableWindow, SetTimer, SetWindowTextA, SetForegroundWindow, SetActiveWindow, SetDlgItemTextA, GetKeyState, CharUpperBuffA, PeekMessageA, GetSysColor, DispatchMessageA, GetParent, SendDlgItemMessageA, GetDlgItem, InvalidateRect, UpdateWindow, LoadStringA, MessageBoxA, DialogBoxParamA, GetWindowLongA, SetWindowLongA, GetDlgItemTextA, EndDialog, GetWindowRect, GetSystemMetrics, SetWindowPos, SetCursor, CharNextA, BeginPaint, SetWindowWord, GetWindowWord, DefWindowProcA, RegisterClassA, TranslateMessage
        KERNEL32.dllGetLocaleInfoA, GetStringTypeW, GetStringTypeA, GetSystemTimeAsFileTime, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, GetFileType, SetHandleCount, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsA, LCMapStringW, LCMapStringA, GetStdHandle, HeapCreate, HeapDestroy, VirtualAlloc, VirtualFree, EnterCriticalSection, LeaveCriticalSection, DeleteCriticalSection, HeapSize, Sleep, GetCurrentThreadId, SetLastError, TlsFree, TlsSetValue, GetVersionExA, FindClose, FindFirstFileA, GetCurrentDirectoryA, SetCurrentDirectoryA, CreateDirectoryA, SetFileTime, LocalFileTimeToFileTime, DosDateTimeToFileTime, LocalAlloc, GetDriveTypeA, GetEnvironmentVariableA, SetFilePointer, CreateFileA, GetWindowsDirectoryA, GlobalFree, GlobalUnlock, GlobalHandle, _lclose, _llseek, _lread, _lopen, GlobalLock, GlobalAlloc, GlobalMemoryStatus, GetVersion, GetModuleFileNameA, WriteFile, GetSystemTime, LocalFree, ExitProcess, FormatMessageA, GetLastError, GetModuleHandleA, GetVolumeInformationA, WideCharToMultiByte, CreateProcessA, lstrcmpiA, SetErrorMode, MultiByteToWideChar, GetLocalTime, lstrlenA, CreateFileW, ReadFile, GetConsoleCP, GetConsoleMode, LoadLibraryA, InitializeCriticalSection, SetStdHandle, WriteConsoleA, GetConsoleOutputCP, FlushFileBuffers, WriteConsoleW, CloseHandle, RtlUnwind, HeapAlloc, HeapFree, HeapReAlloc, RaiseException, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, GetCommandLineA, GetProcessHeap, GetStartupInfoA, GetCPInfo, InterlockedIncrement, InterlockedDecrement, GetACP, GetOEMCP, IsValidCodePage, GetProcAddress, TlsGetValue, TlsAlloc
        GDI32.dllSetTextColor, SetTextAlign, GetBkColor, GetTextExtentPoint32A, ExtTextOutA, CreateDCA, GetDeviceCaps, CreateFontIndirectA, DeleteDC, SelectObject, DeleteObject, SetBkColor
        ADVAPI32.dllRegQueryValueA
        COMCTL32.dll

        Possible Origin

        Language of compilation systemCountry where language is spokenMap
        EnglishUnited States

        Network Behavior

        No network behavior found

        Statistics

        CPU Usage

        Click to jump to process

        Memory Usage

        Click to jump to process

        System Behavior

        General

        Target ID:1
        Start time:14:40:22
        Start date:23/04/2024
        Path:C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe
        Wow64 process (32bit):true
        Commandline:"C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Midie.4996.30257.exe"
        Imagebase:0x400000
        File size:45'428'392 bytes
        MD5 hash:4F5F177604DEF1F099B2C6612CC919F2
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Has exited:true

        Disassembly

        No disassembly