File SimpleSudokuPortable_4.2n.paf.exe

Size 1.1MB Resubmit sample
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 de443768c2912cfa5be1db2917b3abcd
SHA1 fc341741b2608c73740b74b31d1be69adb6620d3
SHA256 6a24561f3dfa767d590b218359dd3e782abcde422b7fa68e3e8507d7f9e1de64
SHA512
72f760df6cddc2614f2423b5c3bd06c34188a573af40b1bad495814f50e100612db606bbb934ca3785f2ed5c5ddd4dffcea542190e17e8baf1f260605e97e8b5
CRC32 91270BE1
ssdeep 24576:X9D/TKatr4aP+WILtKriwHBdlFmdJNW+S3b0OsNqFwtTlG2py:X99rDPpazwHjV+e4npy
Yara
  • IsPE32 -
  • IsWindowsGUI -
  • IsPacked - Entropy Check
  • HasOverlay - Overlay Check
  • HasRichSignature - Rich Signature Check
  • PEiD_00055_Alias_PIX_Vivid_IMG_Graphics_format_ - [Alias PIX/Vivid IMG Graphics format]
  • PEiD_00497_dUP_v2_x_Patcher_____www_diablo2oo2_cjb_net_ - [dUP v2.x Patcher --> www.diablo2oo2.cjb.net]
  • PEiD_01091_Microsoft_Visual_C___8_ - [Microsoft Visual C++ 8]
  • PEiD_01686_Petite_v2_2____www_un4seen_com_petite_ - [Petite v2.2 -> www.un4seen.com/petite]
  • PEiD_02152_StarForce_V3_X_DLL____StarForce_Copy_Protection_System_ - [StarForce V3.X DLL -> StarForce Copy Protection System]
  • Contains_PE_File - Detect a PE file inside a byte sequence
  • escalate_priv - Escalade priviledges
  • screenshot - Take screenshot
  • win_registry - Affect system registries
  • win_token - Affect system token
  • win_files_operation - Affect private profile
  • contentis_base64 - This rule finds for base64 strings
  • CRC32_poly_Constant - Look for CRC32 [poly]
  • maldoc_function_prolog_signature -
  • maldoc_suspicious_strings -

Score

This file shows numerous signs of malicious behavior.

The score of this file is 2.2 out of 10.

Please notice: The scoring system is currently still in development and should be considered an alpha feature.

Information on Execution

Category Started Completed Duration Logs
FILE Jan. 9, 2019, 10:24 a.m. Jan. 9, 2019, 10:28 a.m. 254 seconds

Machine

Name Label Started On Shutdown On
winxpsp3pro32 winxpsp3pro32 2019-01-09 10:24:10 2019-01-09 10:28:23

Analyzer Log

2019-01-09 03:11:54,015 [analyzer] DEBUG: Starting analyzer from: C:\epkdo
2019-01-09 03:11:54,030 [analyzer] DEBUG: Pipe server name: \\.\PIPE\EflPQwePjDdxgJeMzsJvgknnKWcSHr
2019-01-09 03:11:54,030 [analyzer] DEBUG: Log pipe server name: \\.\PIPE\BvLjAJjsklrlJkgAhzZRKuSSwKOWD
2019-01-09 03:11:54,030 [analyzer] DEBUG: No analysis package specified, trying to detect it automagically.
2019-01-09 03:11:54,030 [analyzer] INFO: Automatically selected analysis package "exe"
2019-01-09 03:11:55,717 [analyzer] DEBUG: Started auxiliary module Disguise
2019-01-09 03:11:55,875 [analyzer] WARNING: Unable to find the correct offsets for functions of: 32-bit kernel32.dll (with timestamp 0x4802a12c)
2019-01-09 03:11:55,875 [analyzer] WARNING: Unable to find the correct offsets for functions of: 32-bit kernel32.dll (with timestamp 0x4802a12c)
2019-01-09 03:11:55,937 [analyzer] DEBUG: Loaded monitor into process with pid 692
2019-01-09 03:11:55,937 [analyzer] DEBUG: Started auxiliary module DumpTLSMasterSecrets
2019-01-09 03:11:55,937 [analyzer] DEBUG: Started auxiliary module Human
2019-01-09 03:11:55,937 [analyzer] DEBUG: Started auxiliary module InstallCertificate
2019-01-09 03:11:55,937 [analyzer] DEBUG: Started auxiliary module Reboot
2019-01-09 03:11:56,217 [analyzer] DEBUG: Started auxiliary module RecentFiles
2019-01-09 03:11:56,217 [analyzer] DEBUG: Started auxiliary module Screenshots
2019-01-09 03:11:56,342 [lib.api.process] INFO: Successfully executed process from path u'C:\\DOCUME~1\\zamen\\LOCALS~1\\Temp\\SimpleSudokuPortable_4.2n.paf.exe' with arguments '' and pid 1440
2019-01-09 03:11:56,453 [analyzer] WARNING: Unable to find the correct offsets for functions of: 32-bit kernel32.dll (with timestamp 0x4802a12c)
2019-01-09 03:11:56,453 [analyzer] WARNING: Unable to find the correct offsets for functions of: 32-bit kernel32.dll (with timestamp 0x4802a12c)
2019-01-09 03:11:56,592 [analyzer] DEBUG: Loaded monitor into process with pid 1440
2019-01-09 03:11:56,625 [analyzer] DEBUG: Received request to inject pid=1440, but we are already injected there.
2019-01-09 03:11:56,750 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\nsl2.tmp
2019-01-09 03:11:56,890 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\LangDLL.dll
2019-01-09 03:11:57,092 [modules.auxiliary.human] INFO: Found button "OK", clicking it
2019-01-09 03:11:58,125 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\System.dll
2019-01-09 03:11:58,217 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\FindProcDLL.dll
2019-01-09 03:11:58,390 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\modern-header.bmp
2019-01-09 03:11:58,500 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\modern-wizard.bmp
2019-01-09 03:11:58,625 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\nsDialogs.dll
2019-01-09 03:11:59,155 [modules.auxiliary.human] INFO: Found button "&Next >", clicking it
2019-01-09 03:12:01,265 [modules.auxiliary.human] INFO: Found button "&Install", clicking it
2019-01-09 03:12:02,312 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\w7tbp.dll
2019-01-09 03:12:02,421 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\SimpleSudokuPortable.exe
2019-01-09 03:12:02,453 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\help.html
2019-01-09 03:12:02,467 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\Readme.txt
2019-01-09 03:12:02,483 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\appicon.ico
2019-01-09 03:12:02,500 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\appicon_128.png
2019-01-09 03:12:02,500 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\appicon_16.png
2019-01-09 03:12:02,500 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\appicon_256.png
2019-01-09 03:12:02,515 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\appicon_32.png
2019-01-09 03:12:02,515 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\appicon_48.png
2019-01-09 03:12:02,515 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\appicon_75.png
2019-01-09 03:12:02,530 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\appinfo.ini
2019-01-09 03:12:02,530 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\installer.ini
2019-01-09 03:12:02,530 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\pac_installer_log.ini
2019-01-09 03:12:02,546 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\Launcher\SimpleSudokuPortable.ini
2019-01-09 03:12:02,578 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\DefaultData\settings\SimpleSudoku.reg
2019-01-09 03:12:02,578 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Castellano.lang
2019-01-09 03:12:02,592 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Cesky.lang
2019-01-09 03:12:02,608 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\ChineseS.lang
2019-01-09 03:12:02,608 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\ChineseT.lang
2019-01-09 03:12:02,608 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Copyright.txt
2019-01-09 03:12:02,608 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Dansk.lang
2019-01-09 03:12:02,625 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Deutsch.lang
2019-01-09 03:12:02,625 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\English.lang
2019-01-09 03:12:02,625 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Francais.lang
2019-01-09 03:12:02,640 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Greek.lang
2019-01-09 03:12:02,640 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Italiano.lang
2019-01-09 03:12:02,640 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Nederlands.lang
2019-01-09 03:12:02,655 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Norsk.lang
2019-01-09 03:12:02,655 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Polski.lang
2019-01-09 03:12:02,671 [analyzer] ERROR: Pipe command handler exception occurred (command FILE_NEW args 'C:\\Documents and Settings\\zamen\\Local Settings\\Temp\\SimpleSudokuPortable\\App\\SimpleSudoku\\Portugu\xc3\xaas-Brasileiro.lang').
Traceback (most recent call last):
  File "C:\epkdo\analyzer.py", line 402, in dispatch
    response = fn(arguments)
  File "C:\epkdo\analyzer.py", line 310, in _handle_file_new
    self.analyzer.files.add_file(data.decode("utf8"), self.pid)
  File "C:\epkdo\analyzer.py", line 64, in add_file
    pid, filepath
  File "C:\Python27\lib\logging\__init__.py", line 1128, in info
    self._log(INFO, msg, args, **kwargs)
  File "C:\Python27\lib\logging\__init__.py", line 1246, in _log
    self.handle(record)
  File "C:\Python27\lib\logging\__init__.py", line 1256, in handle
    self.callHandlers(record)
  File "C:\Python27\lib\logging\__init__.py", line 1293, in callHandlers
    hdlr.handle(record)
  File "C:\Python27\lib\logging\__init__.py", line 740, in handle
    self.emit(record)
  File "C:\epkdo\lib\common\results.py", line 102, in emit
    self.send("{0}\n".format(msg))
UnicodeEncodeError: 'ascii' codec can't encode character u'\xea' in position 184: ordinal not in range(128)
2019-01-09 03:12:02,687 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Russian.lang
2019-01-09 03:12:02,687 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Suomi.lang
2019-01-09 03:12:02,687 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Svenska.lang
2019-01-09 03:12:02,703 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Turkce.lang
2019-01-09 03:12:02,703 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Ukrainian.lang
2019-01-09 03:12:02,703 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced001.ss
2019-01-09 03:12:02,717 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced002.ss
2019-01-09 03:12:02,717 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced003.ss
2019-01-09 03:12:02,717 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced004.ss
2019-01-09 03:12:02,733 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced005.ss
2019-01-09 03:12:02,733 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced006.ss
2019-01-09 03:12:02,733 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced007.ss
2019-01-09 03:12:02,733 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced008.ss
2019-01-09 03:12:02,750 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced009.ss
2019-01-09 03:12:02,750 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced010.ss
2019-01-09 03:12:02,750 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced011.ss
2019-01-09 03:12:02,765 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\colors1.ss
2019-01-09 03:12:02,765 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\colors2.ss
2019-01-09 03:12:02,765 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\colors4.ss
2019-01-09 03:12:02,780 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\colors5.ss
2019-01-09 03:12:02,780 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\colors6.ss
2019-01-09 03:12:02,780 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\colors7.ss
2019-01-09 03:12:02,780 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\colors8.ss
2019-01-09 03:12:02,812 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\easy1.ss
2019-01-09 03:12:02,858 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\easy2.ss
2019-01-09 03:12:02,875 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\hard1.ss
2019-01-09 03:12:02,875 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\hard2.ss
2019-01-09 03:12:02,890 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\hard3.ss
2019-01-09 03:12:02,890 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\hard4.ss
2019-01-09 03:12:02,905 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\hard5.ss
2019-01-09 03:12:02,905 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\hard6.ss
2019-01-09 03:12:02,921 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\hard7.ss
2019-01-09 03:12:02,921 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\hidden_quads.ss
2019-01-09 03:12:02,921 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\invalid_puzzle.ss
2019-01-09 03:12:02,921 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa001.ss
2019-01-09 03:12:02,937 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa002.ss
2019-01-09 03:12:02,937 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa003.ss
2019-01-09 03:12:02,937 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa004.ss
2019-01-09 03:12:02,953 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa005.ss
2019-01-09 03:12:02,953 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa006.ss
2019-01-09 03:12:02,953 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa007.ss
2019-01-09 03:12:02,967 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa008.ss
2019-01-09 03:12:02,967 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa009.ss
2019-01-09 03:12:02,967 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa010.ss
2019-01-09 03:12:02,967 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa011.ss
2019-01-09 03:12:02,983 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa012.ss
2019-01-09 03:12:02,983 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa013.ss
2019-01-09 03:12:02,983 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa014.ss
2019-01-09 03:12:03,000 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa015.ss
2019-01-09 03:12:03,000 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa016.ss
2019-01-09 03:12:03,000 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\moderate1.ss
2019-01-09 03:12:03,000 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\moderate2.ss
2019-01-09 03:12:03,015 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\moderate3.ss
2019-01-09 03:12:03,015 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\moderate4.ss
2019-01-09 03:12:03,015 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors001.ss
2019-01-09 03:12:03,030 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors002.ss
2019-01-09 03:12:03,030 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors003.ss
2019-01-09 03:12:03,030 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors004.ss
2019-01-09 03:12:03,046 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors005.ss
2019-01-09 03:12:03,046 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors006.ss
2019-01-09 03:12:03,046 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors008.ss
2019-01-09 03:12:03,046 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors009.ss
2019-01-09 03:12:03,062 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors010.ss
2019-01-09 03:12:03,062 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors011.ss
2019-01-09 03:12:03,062 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors012.ss
2019-01-09 03:12:03,078 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors013.ss
2019-01-09 03:12:03,078 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors014.ss
2019-01-09 03:12:03,078 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors015.ss
2019-01-09 03:12:03,092 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors016.ss
2019-01-09 03:12:03,092 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors017.ss
2019-01-09 03:12:03,092 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors018.ss
2019-01-09 03:12:03,108 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors019.ss
2019-01-09 03:12:03,108 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors020.ss
2019-01-09 03:12:03,108 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors1.ss
2019-01-09 03:12:03,125 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors2.ss
2019-01-09 03:12:03,125 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors3.ss
2019-01-09 03:12:03,125 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors4.ss
2019-01-09 03:12:03,140 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors5.ss
2019-01-09 03:12:03,140 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors6.ss
2019-01-09 03:12:03,140 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors7.ss
2019-01-09 03:12:03,155 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors8.ss
2019-01-09 03:12:03,155 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors9.ss
2019-01-09 03:12:03,155 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle001.ss
2019-01-09 03:12:03,171 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle002.ss
2019-01-09 03:12:03,171 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle003.ss
2019-01-09 03:12:03,171 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle004.ss
2019-01-09 03:12:03,187 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle005.ss
2019-01-09 03:12:03,187 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle006.ss
2019-01-09 03:12:03,187 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle007.ss
2019-01-09 03:12:03,187 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle008.ss
2019-01-09 03:12:03,203 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle009.ss
2019-01-09 03:12:03,203 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle010.ss
2019-01-09 03:12:03,203 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle011.ss
2019-01-09 03:12:03,217 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle012.ss
2019-01-09 03:12:03,217 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle013.ss
2019-01-09 03:12:03,217 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle014.ss
2019-01-09 03:12:03,217 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle015.ss
2019-01-09 03:12:03,233 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle016.ss
2019-01-09 03:12:03,233 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle017.ss
2019-01-09 03:12:03,233 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle018.ss
2019-01-09 03:12:03,250 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle019.ss
2019-01-09 03:12:03,250 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle020.ss
2019-01-09 03:12:03,250 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle021.ss
2019-01-09 03:12:03,265 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle022.ss
2019-01-09 03:12:03,265 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle023.ss
2019-01-09 03:12:03,265 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle024.ss
2019-01-09 03:12:03,265 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle025.ss
2019-01-09 03:12:03,280 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle026.ss
2019-01-09 03:12:03,280 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle027.ss
2019-01-09 03:12:03,280 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle028.ss
2019-01-09 03:12:03,296 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle029.ss
2019-01-09 03:12:03,296 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle030.ss
2019-01-09 03:12:03,296 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle031.ss
2019-01-09 03:12:03,312 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle032.ss
2019-01-09 03:12:03,312 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle033.ss
2019-01-09 03:12:03,312 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle034.ss
2019-01-09 03:12:03,328 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle035.ss
2019-01-09 03:12:03,342 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle036.ss
2019-01-09 03:12:03,342 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle037.ss
2019-01-09 03:12:03,358 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle038.ss
2019-01-09 03:12:03,358 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle039.ss
2019-01-09 03:12:03,358 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle040.ss
2019-01-09 03:12:03,375 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle041.ss
2019-01-09 03:12:03,375 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle042.ss
2019-01-09 03:12:03,375 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle043.ss
2019-01-09 03:12:03,390 [modules.auxiliary.human] INFO: Found button "&Next >", clicking it
2019-01-09 03:12:03,390 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle044.ss
2019-01-09 03:12:03,390 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle045.ss
2019-01-09 03:12:03,390 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle046.ss
2019-01-09 03:12:03,405 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\quads1.ss
2019-01-09 03:12:03,405 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\simplesudoku.cnt
2019-01-09 03:12:03,530 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\simplesudoku.exe
2019-01-09 03:12:03,640 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\simplesudoku.hlp
2019-01-09 03:12:03,655 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish001.ss
2019-01-09 03:12:03,655 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish002.ss
2019-01-09 03:12:03,671 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish003.ss
2019-01-09 03:12:03,671 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish004.ss
2019-01-09 03:12:03,671 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish005.ss
2019-01-09 03:12:03,687 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish006.ss
2019-01-09 03:12:03,687 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish007.ss
2019-01-09 03:12:03,687 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish008.ss
2019-01-09 03:12:03,703 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish009.ss
2019-01-09 03:12:03,703 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish010.ss
2019-01-09 03:12:03,703 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish011.ss
2019-01-09 03:12:03,717 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish012.ss
2019-01-09 03:12:03,717 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish013.ss
2019-01-09 03:12:03,717 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish014.ss
2019-01-09 03:12:03,717 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish015.ss
2019-01-09 03:12:03,733 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish016.ss
2019-01-09 03:12:03,733 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish017.ss
2019-01-09 03:12:03,733 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish018.ss
2019-01-09 03:12:03,750 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish020.ss
2019-01-09 03:12:03,750 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish021.ss
2019-01-09 03:12:03,765 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish022.ss
2019-01-09 03:12:03,765 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish023.ss
2019-01-09 03:12:03,765 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish024.ss
2019-01-09 03:12:03,765 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish025.ss
2019-01-09 03:12:03,780 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish1.ss
2019-01-09 03:12:03,780 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish2.ss
2019-01-09 03:12:03,796 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish3.ss
2019-01-09 03:12:03,796 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish4.ss
2019-01-09 03:12:03,796 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish5.ss
2019-01-09 03:12:03,796 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish6.ss
2019-01-09 03:12:03,812 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\triples1.ss
2019-01-09 03:12:03,812 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\triples2.ss
2019-01-09 03:12:03,828 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\unins000.dat
2019-01-09 03:12:03,983 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\unins000.exe
2019-01-09 03:12:04,078 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\very_easy1.ss
2019-01-09 03:12:04,078 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\very_hard1.ss
2019-01-09 03:12:04,078 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\very_hard2.ss
2019-01-09 03:12:04,092 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\very_hard3.ss
2019-01-09 03:12:04,092 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\very_hard4.ss
2019-01-09 03:12:04,092 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\very_hard5.ss
2019-01-09 03:12:04,108 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing001.ss
2019-01-09 03:12:04,108 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing002.ss
2019-01-09 03:12:04,108 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing003.ss
2019-01-09 03:12:04,125 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing004.ss
2019-01-09 03:12:04,125 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing005.ss
2019-01-09 03:12:04,125 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing006.ss
2019-01-09 03:12:04,140 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing007.ss
2019-01-09 03:12:04,140 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing008.ss
2019-01-09 03:12:04,140 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing009.ss
2019-01-09 03:12:04,155 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing010.ss
2019-01-09 03:12:04,155 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing011.ss
2019-01-09 03:12:04,155 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing012.ss
2019-01-09 03:12:04,155 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing013.ss
2019-01-09 03:12:04,171 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing014.ss
2019-01-09 03:12:04,171 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing015.ss
2019-01-09 03:12:04,171 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing016.ss
2019-01-09 03:12:04,187 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing017.ss
2019-01-09 03:12:04,187 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing018.ss
2019-01-09 03:12:04,187 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing019.ss
2019-01-09 03:12:04,203 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing020.ss
2019-01-09 03:12:04,203 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing021.ss
2019-01-09 03:12:04,203 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing022.ss
2019-01-09 03:12:04,217 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing023.ss
2019-01-09 03:12:04,217 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing024.ss
2019-01-09 03:12:04,217 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing025.ss
2019-01-09 03:12:04,233 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing026.ss
2019-01-09 03:12:04,233 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing027.ss
2019-01-09 03:12:04,233 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing028.ss
2019-01-09 03:12:04,250 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing029.ss
2019-01-09 03:12:04,250 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing030.ss
2019-01-09 03:12:04,250 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing031.ss
2019-01-09 03:12:04,250 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing1.ss
2019-01-09 03:12:04,265 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing2.ss
2019-01-09 03:12:04,265 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing3.ss
2019-01-09 03:12:04,280 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing4.ss
2019-01-09 03:12:04,280 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\xy-wing1.ss
2019-01-09 03:12:04,280 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\xy-wing2.ss
2019-01-09 03:12:04,296 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\xy-wing3.ss
2019-01-09 03:12:04,296 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\xy-wing4.ss
2019-01-09 03:12:04,296 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\xy-wing5.ss
2019-01-09 03:12:04,312 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\xy-wing6.ss
2019-01-09 03:12:04,342 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Help\Images\Donation_Button.png
2019-01-09 03:12:04,358 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Help\Images\Favicon.ico
2019-01-09 03:12:04,358 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Help\Images\Help_Background_Footer.png
2019-01-09 03:12:04,358 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Help\Images\Help_Background_Header.png
2019-01-09 03:12:04,375 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Help\Images\Help_Logo_Top.png
2019-01-09 03:12:04,390 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Source\AppNamePortable.ini
2019-01-09 03:12:04,390 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Source\LauncherLicense.txt
2019-01-09 03:12:04,405 [analyzer] INFO: Added new file to list with pid 1440 and path C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Source\Readme.txt
2019-01-09 03:12:05,453 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:06,453 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:08,515 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:09,515 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:11,592 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:12,608 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:14,671 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:15,671 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:17,733 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:18,733 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:20,796 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:21,796 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:23,858 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:24,858 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:26,921 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:27,921 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:29,983 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:31,000 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:33,062 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:34,062 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:36,125 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:37,125 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:39,187 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:40,187 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:42,250 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:43,250 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:45,312 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:46,312 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:48,390 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:49,390 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:51,453 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:52,453 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:54,515 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:55,515 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:57,578 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:12:58,578 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:00,640 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:01,640 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:03,703 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:04,703 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:06,780 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:07,780 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:09,858 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:10,858 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:12,921 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:13,921 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:15,983 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:16,983 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:19,046 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:20,046 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:22,108 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:23,108 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:25,171 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:26,171 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:28,233 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:29,233 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:31,296 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:32,296 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:34,358 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:35,358 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:37,421 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:38,421 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:40,483 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:41,483 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:43,546 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:44,546 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:46,608 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:47,608 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:49,671 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:50,671 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:52,750 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:53,750 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:55,812 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:56,812 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:58,875 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:13:59,875 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:01,937 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:02,937 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:05,000 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:06,000 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:08,062 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:09,062 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:11,125 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:12,125 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:14,187 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:15,187 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:17,250 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:18,250 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:20,312 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:21,312 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:23,375 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:24,375 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:26,437 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:27,437 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:29,500 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:30,500 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:32,562 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:33,562 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:35,640 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:36,640 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:38,703 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:39,703 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:41,765 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:42,765 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:44,828 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:45,828 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:47,890 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:48,890 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:50,953 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:51,953 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:54,015 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:55,015 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:57,078 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:14:58,078 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:00,140 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:01,140 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:03,203 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:04,203 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:06,265 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:07,265 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:09,328 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:10,328 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:12,405 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:13,405 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:15,467 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:16,467 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:18,530 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:19,530 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:21,592 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:22,592 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:24,655 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:25,655 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:27,717 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:28,717 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:30,780 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:31,780 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:33,842 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:34,842 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:36,937 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:37,953 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:40,015 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:41,015 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:43,078 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:44,078 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:46,140 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:47,140 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:49,203 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:50,203 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:52,265 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:53,265 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:55,328 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:55,453 [analyzer] INFO: Analysis timeout hit, terminating analysis.
2019-01-09 03:15:55,453 [analyzer] INFO: Terminating remaining processes before shutdown.
2019-01-09 03:15:55,453 [lib.api.process] INFO: Successfully terminated process with pid 1440.
2019-01-09 03:15:56,328 [modules.auxiliary.human] INFO: Found button "&Run Simple Sudoku Portable", clicking it
2019-01-09 03:15:57,312 [analyzer] WARNING: File at path "u'c:\\documents and settings\\zamen\\local settings\\temp\\nsl2.tmp'" does not exist, skip.
2019-01-09 03:15:57,890 [analyzer] INFO: Analysis completed.

Cuckoo Log

2019-01-09 10:24:10,373 [lib.cuckoo.core.scheduler] INFO: Task #620: acquired machine winxpsp3pro32 (label=winxpsp3pro32)
2019-01-09 10:24:10,798 [modules.auxiliary.sniffer] INFO: Started sniffer with PID 4066 (interface=eth2, host=192.168.128.102, pcap=/opt/cuckoo/storage/analyses/620/dump.pcap)
2019-01-09 10:24:13,544 [lib.cuckoo.core.guest] INFO: Starting analysis on guest (id=winxpsp3pro32, ip=192.168.128.102)
2019-01-09 10:28:22,308 [lib.cuckoo.core.guest] INFO: winxpsp3pro32: analysis completed successfully
2019-01-09 10:37:04,382 [lib.cuckoo.core.plugins] WARNING: The processing module "Suricata" returned the following error: Unable to locate Suricata binary
2019-01-09 10:37:13,527 [elasticsearch] WARNING: HEAD http://127.0.0.1:9200/_template/cuckoo_template [status:N/A request:0.000s]
Traceback (most recent call last):
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/connection/http_urllib3.py", line 94, in perform_request
    response = self.pool.urlopen(method, url, body, retries=False, headers=self.headers, **kw)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 643, in urlopen
    _stacktrace=sys.exc_info()[2])
  File "/usr/local/lib/python2.7/dist-packages/urllib3/util/retry.py", line 251, in increment
    raise six.reraise(type(error), error, _stacktrace)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 594, in urlopen
    chunked=chunked)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 361, in _make_request
    conn.request(method, url, **httplib_request_kw)
  File "/usr/lib/python2.7/httplib.py", line 1017, in request
    self._send_request(method, url, body, headers)
  File "/usr/lib/python2.7/httplib.py", line 1051, in _send_request
    self.endheaders(body)
  File "/usr/lib/python2.7/httplib.py", line 1013, in endheaders
    self._send_output(message_body)
  File "/usr/lib/python2.7/httplib.py", line 864, in _send_output
    self.send(msg)
  File "/usr/lib/python2.7/httplib.py", line 826, in send
    self.connect()
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connection.py", line 163, in connect
    conn = self._new_conn()
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connection.py", line 147, in _new_conn
    self, "Failed to establish a new connection: %s" % e)
NewConnectionError: <urllib3.connection.HTTPConnection object at 0x7f9b50223290>: Failed to establish a new connection: [Errno 111] Connection refused
2019-01-09 10:37:13,528 [elasticsearch] WARNING: HEAD http://127.0.0.1:9200/_template/cuckoo_template [status:N/A request:0.000s]
Traceback (most recent call last):
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/connection/http_urllib3.py", line 94, in perform_request
    response = self.pool.urlopen(method, url, body, retries=False, headers=self.headers, **kw)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 643, in urlopen
    _stacktrace=sys.exc_info()[2])
  File "/usr/local/lib/python2.7/dist-packages/urllib3/util/retry.py", line 251, in increment
    raise six.reraise(type(error), error, _stacktrace)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 594, in urlopen
    chunked=chunked)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 361, in _make_request
    conn.request(method, url, **httplib_request_kw)
  File "/usr/lib/python2.7/httplib.py", line 1017, in request
    self._send_request(method, url, body, headers)
  File "/usr/lib/python2.7/httplib.py", line 1051, in _send_request
    self.endheaders(body)
  File "/usr/lib/python2.7/httplib.py", line 1013, in endheaders
    self._send_output(message_body)
  File "/usr/lib/python2.7/httplib.py", line 864, in _send_output
    self.send(msg)
  File "/usr/lib/python2.7/httplib.py", line 826, in send
    self.connect()
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connection.py", line 163, in connect
    conn = self._new_conn()
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connection.py", line 147, in _new_conn
    self, "Failed to establish a new connection: %s" % e)
NewConnectionError: <urllib3.connection.HTTPConnection object at 0x7f9b50223710>: Failed to establish a new connection: [Errno 111] Connection refused
2019-01-09 10:37:13,529 [elasticsearch] WARNING: HEAD http://127.0.0.1:9200/_template/cuckoo_template [status:N/A request:0.000s]
Traceback (most recent call last):
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/connection/http_urllib3.py", line 94, in perform_request
    response = self.pool.urlopen(method, url, body, retries=False, headers=self.headers, **kw)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 643, in urlopen
    _stacktrace=sys.exc_info()[2])
  File "/usr/local/lib/python2.7/dist-packages/urllib3/util/retry.py", line 251, in increment
    raise six.reraise(type(error), error, _stacktrace)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 594, in urlopen
    chunked=chunked)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 361, in _make_request
    conn.request(method, url, **httplib_request_kw)
  File "/usr/lib/python2.7/httplib.py", line 1017, in request
    self._send_request(method, url, body, headers)
  File "/usr/lib/python2.7/httplib.py", line 1051, in _send_request
    self.endheaders(body)
  File "/usr/lib/python2.7/httplib.py", line 1013, in endheaders
    self._send_output(message_body)
  File "/usr/lib/python2.7/httplib.py", line 864, in _send_output
    self.send(msg)
  File "/usr/lib/python2.7/httplib.py", line 826, in send
    self.connect()
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connection.py", line 163, in connect
    conn = self._new_conn()
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connection.py", line 147, in _new_conn
    self, "Failed to establish a new connection: %s" % e)
NewConnectionError: <urllib3.connection.HTTPConnection object at 0x7f9b50223b90>: Failed to establish a new connection: [Errno 111] Connection refused
2019-01-09 10:37:13,530 [elasticsearch] WARNING: HEAD http://127.0.0.1:9200/_template/cuckoo_template [status:N/A request:0.000s]
Traceback (most recent call last):
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/connection/http_urllib3.py", line 94, in perform_request
    response = self.pool.urlopen(method, url, body, retries=False, headers=self.headers, **kw)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 643, in urlopen
    _stacktrace=sys.exc_info()[2])
  File "/usr/local/lib/python2.7/dist-packages/urllib3/util/retry.py", line 251, in increment
    raise six.reraise(type(error), error, _stacktrace)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 594, in urlopen
    chunked=chunked)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 361, in _make_request
    conn.request(method, url, **httplib_request_kw)
  File "/usr/lib/python2.7/httplib.py", line 1017, in request
    self._send_request(method, url, body, headers)
  File "/usr/lib/python2.7/httplib.py", line 1051, in _send_request
    self.endheaders(body)
  File "/usr/lib/python2.7/httplib.py", line 1013, in endheaders
    self._send_output(message_body)
  File "/usr/lib/python2.7/httplib.py", line 864, in _send_output
    self.send(msg)
  File "/usr/lib/python2.7/httplib.py", line 826, in send
    self.connect()
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connection.py", line 163, in connect
    conn = self._new_conn()
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connection.py", line 147, in _new_conn
    self, "Failed to establish a new connection: %s" % e)
NewConnectionError: <urllib3.connection.HTTPConnection object at 0x7f9b50223a50>: Failed to establish a new connection: [Errno 111] Connection refused
2019-01-09 10:37:13,530 [lib.cuckoo.core.plugins] ERROR: Failed to run the reporting module "ElasticSearch":
Traceback (most recent call last):
  File "/opt/cuckoo/lib/cuckoo/core/plugins.py", line 533, in process
    current.run(self.results)
  File "/opt/cuckoo/modules/reporting/elasticsearch.py", line 196, in run
    self.connect()
  File "/opt/cuckoo/modules/reporting/elasticsearch.py", line 79, in connect
    if not self.es.indices.exists_template("cuckoo_template"):
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/client/utils.py", line 69, in _wrapped
    return func(*args, params=params, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/client/indices.py", line 491, in exists_template
    name), params=params)
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/transport.py", line 327, in perform_request
    status, headers, data = connection.perform_request(method, url, params, body, ignore=ignore, timeout=timeout)
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/connection/http_urllib3.py", line 105, in perform_request
    raise ConnectionError('N/A', str(e), e)
ConnectionError: ConnectionError(<urllib3.connection.HTTPConnection object at 0x7f9b50223a50>: Failed to establish a new connection: [Errno 111] Connection refused) caused by: NewConnectionError(<urllib3.connection.HTTPConnection object at 0x7f9b50223a50>: Failed to establish a new connection: [Errno 111] Connection refused)

Signatures

The executable has PE anomalies (could be a false positive) (1 event)
section .ndata
Allocates read-write-execute memory (usually to unpack itself) (2 events)
Time & API Arguments Status Return Repeated
Jan. 9, 2019, 12:11 a.m.
NtProtectVirtualMemory
base_address: 0x10004000
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
process_identifier: 1440
process_handle: 0xffffffff
success 0 0
Jan. 9, 2019, 12:11 a.m.
NtProtectVirtualMemory
base_address: 0x10004000
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
process_identifier: 1440
process_handle: 0xffffffff
success 0 0
Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation (4 events)
Time & API Arguments Status Return Repeated
Jan. 9, 2019, 12:12 a.m.
GetDiskFreeSpaceExW
total_number_of_free_bytes: 18093649291837444
free_bytes_available: 196751008720749321
root_path: C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable
total_number_of_bytes: 563877666357248
failed 0 0
Jan. 9, 2019, 12:12 a.m.
GetDiskFreeSpaceExW
total_number_of_free_bytes: 24103698432
free_bytes_available: 24103698432
root_path: C:\Documents and Settings\zamen\Local Settings\Temp\
total_number_of_bytes: 31453437952
success 1 0
Jan. 9, 2019, 12:12 a.m.
GetDiskFreeSpaceExW
total_number_of_free_bytes: 5339348723570775
free_bytes_available: 845431476544928
root_path: C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable
total_number_of_bytes: 5340688753360896
failed 0 0
Jan. 9, 2019, 12:12 a.m.
GetDiskFreeSpaceExW
total_number_of_free_bytes: 24103698432
free_bytes_available: 24103698432
root_path: C:\Documents and Settings\zamen\Local Settings\Temp\
total_number_of_bytes: 31453437952
success 1 0
Creates executable files on the filesystem (9 events)
file C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\w7tbp.dll
file C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\simplesudoku.exe
file C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\DefaultData\settings\SimpleSudoku.reg
file C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\System.dll
file C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\SimpleSudokuPortable.exe
file C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\FindProcDLL.dll
file C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\unins000.exe
file C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\LangDLL.dll
file C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\nsDialogs.dll
File has been identified by one AntiVirus engine on VirusTotal as malicious (1 event)
Bkav HW32.Packed.192D
The binary likely contains encrypted or compressed data. (2 events)
section {u'size_of_data': u'0x0001c800', u'virtual_address': u'0x00056000', u'entropy': 7.236979877048305, u'name': u'.rsrc', u'virtual_size': u'0x0001c6f8'} entropy 7.23697987705 description A section with a high entropy has been found
entropy 0.783505154639 description Overall entropy of this PE file is high

Network

DNS

No domains contacted.

Hosts

No hosts contacted.

Summary

Process SimpleSudokuPortable_4.2n.paf.exe (1440)

  • Opened files

    • C:\WINDOWS\system32\oleaccrc.dll
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\pac_installer_log.ini
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable_4.2n.paf.exe
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable
    • C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\modern-header.bmp
    • C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\modern-wizard.bmp
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Help\Images
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Help
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\Launcher
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\DefaultData
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Source
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\DefaultData\settings
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku
  • Written files

    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\hard7.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle046.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Greek.lang
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing007.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish3.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\appicon_16.png
    • C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\System.dll
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors004.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Italiano.lang
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors3.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing014.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa004.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa012.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish018.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\hidden_quads.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle034.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing020.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish014.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing005.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish007.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\quads1.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish2.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\simplesudoku.exe
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Copyright.txt
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle002.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Polski.lang
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa005.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing016.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish017.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\colors6.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing018.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa014.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing009.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle026.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors016.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\ChineseS.lang
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa011.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle019.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors9.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\colors2.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing029.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\Launcher\SimpleSudokuPortable.ini
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\colors7.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\unins000.exe
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced008.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle028.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\FindProcDLL.dll
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle014.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors2.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Nederlands.lang
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\hard6.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\triples2.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\xy-wing1.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing4.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\very_hard3.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing011.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle039.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Russian.lang
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle021.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Help\Images\Donation_Button.png
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Help\Images\Help_Background_Header.png
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle015.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle008.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing024.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish002.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle038.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish004.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\very_easy1.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors006.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors7.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced002.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle031.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Turkce.lang
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle006.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle044.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\appicon_75.png
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing031.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\appicon.ico
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing1.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\moderate3.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing001.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle036.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\appicon_256.png
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish015.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa015.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced001.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\help.html
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors001.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors8.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle023.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing006.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced009.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle027.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish016.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle009.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors018.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa006.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors017.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors5.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing2.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Source\LauncherLicense.txt
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Ukrainian.lang
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Portugu√™s-Brasileiro.lang
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\unins000.dat
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle030.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\appicon_48.png
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish011.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors008.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa008.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\hard1.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors010.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors014.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle018.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\DefaultData\settings\SimpleSudoku.reg
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish008.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa009.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa010.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish003.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle022.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\easy1.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\colors8.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa001.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle025.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish006.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\moderate2.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish023.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\ChineseT.lang
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle029.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Svenska.lang
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish1.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle017.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\colors1.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\xy-wing2.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\pac_installer_log.ini
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced006.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle012.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced003.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Help\Images\Help_Background_Footer.png
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors4.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle042.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa007.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Francais.lang
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\very_hard5.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa002.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Source\Readme.txt
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing012.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing017.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing021.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Help\Images\Favicon.ico
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle043.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\SimpleSudokuPortable.exe
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors009.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle035.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle007.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle024.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors020.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing023.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors6.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\Readme.txt
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish022.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing028.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\invalid_puzzle.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish021.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Help\Images\Help_Logo_Top.png
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced011.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced007.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\modern-wizard.bmp
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish5.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors1.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle040.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing022.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa003.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\hard5.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Cesky.lang
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\triples1.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing030.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish010.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle033.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors015.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\LangDLL.dll
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish012.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors003.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\xy-wing4.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish020.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle032.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish013.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa013.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle011.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Castellano.lang
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors002.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\appicon_32.png
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa016.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing3.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced010.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\moderate4.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle013.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing010.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\colors4.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing003.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\appinfo.ini
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle020.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing013.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors011.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing027.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing002.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\colors5.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\installer.ini
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle016.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\hard3.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish001.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\xy-wing3.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Deutsch.lang
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\hard4.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Norsk.lang
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\very_hard1.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish025.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\modern-header.bmp
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle045.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle004.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\hard2.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish024.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle001.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors019.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors012.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced004.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle041.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle003.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle010.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\English.lang
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Suomi.lang
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish009.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\xy-wing5.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing004.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\w7tbp.dll
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle037.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced005.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish4.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors005.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish6.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\simplesudoku.hlp
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\xy-wing6.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\nsl2.tmp
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\very_hard2.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\moderate1.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\very_hard4.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing026.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\nsDialogs.dll
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing015.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish005.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing019.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\easy2.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle005.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\appicon_128.png
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Dansk.lang
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing008.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors013.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\simplesudoku.cnt
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing025.ss
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Source\AppNamePortable.ini
  • Files Read

    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\pac_installer_log.ini
    • C:\Documents and Settings\zamen\Local Settings\Temp\nsl2.tmp
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable_4.2n.paf.exe

Process SimpleSudokuPortable_4.2n.paf.exe (1440)

  • Registry keys opened

    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
    • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ProductOptions
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{d396530e-636a-11e6-ba0d-806d6172696f}\
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\AppLogLevels
    • HKEY_CLASSES_ROOT\Directory
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d396530e-636a-11e6-ba0d-806d6172696f}\
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\ShellEx\IconHandler
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
    • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\MiniNT
    • HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}
    • HKEY_CURRENT_USER\Control Panel\Desktop
    • HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\LangBarAddIn\
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
    • HKEY_LOCAL_MACHINE\Software\Microsoft\windows\CurrentVersion\Explorer\AutoComplete
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion
    • HKEY_CLASSES_ROOT\Folder
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ThemeManager
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\SimpleSudokuPortable_4.2n.paf.exe
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\FontSubstitutes
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\Clsid
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d396530a-636a-11e6-ba0d-806d6172696f}\
    • HKEY_CLASSES_ROOT\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InProcServer32
    • HKEY_LOCAL_MACHINE\System\Setup
    • HKEY_LOCAL_MACHINE\System\WPA\PnP
    • HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\winlogon
    • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\System
    • HKEY_LOCAL_MACHINE\Software\Microsoft\COM3\Debug
    • HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
    • HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Explorer\AutoComplete
    • HKEY_CLASSES_ROOT\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InProcServer32
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\(Default)
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{d396530d-636a-11e6-ba0d-806d6172696f}\
    • HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\InProcServer32
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLEAUT
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\Clsid
    • HKEY_CURRENT_USER\Keyboard Layout\Toggle
    • HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\LangBarAddIn\
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{d396530a-636a-11e6-ba0d-806d6172696f}\
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\CurVer
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d396530d-636a-11e6-ba0d-806d6172696f}\
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
    • HKEY_LOCAL_MACHINE\SYSTEM\Setup
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{d396530b-636a-11e6-ba0d-806d6172696f}\
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d396530b-636a-11e6-ba0d-806d6172696f}\
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLEAUT\UserEra
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\(Default)
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Setup
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete
  • Registry keys written

    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d396530e-636a-11e6-ba0d-806d6172696f}\BaseClass
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d396530d-636a-11e6-ba0d-806d6172696f}\BaseClass
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d396530a-636a-11e6-ba0d-806d6172696f}\BaseClass
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d396530b-636a-11e6-ba0d-806d6172696f}\BaseClass
  • Registry keys read

    • HKEY_CURRENT_USER\Keyboard Layout\Toggle\Language Hotkey
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\SourcePath
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{d396530d-636a-11e6-ba0d-806d6172696f}\Data
    • HKEY_CURRENT_USER\Keyboard Layout\Toggle\Hotkey
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewAlphaSelect
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\DontPrettyPath
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{d396530a-636a-11e6-ba0d-806d6172696f}\Data
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{d396530b-636a-11e6-ba0d-806d6172696f}\Generation
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewScrollOver
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DevicePath
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceActiveDesktopOn
    • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Domain
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\DriverCachePath
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DontShowSuperHidden
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\RsopDebugLevel
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\InProcServer32\(Default)
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InProcServer32\(Default)
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\NoNetCrawling
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\IsShortcut
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\WebView
    • HKEY_LOCAL_MACHINE\SYSTEM\Setup\OsLoaderPath
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
    • HKEY_CURRENT_USER\Keyboard Layout\Toggle\Layout Hotkey
    • HKEY_LOCAL_MACHINE\SYSTEM\Setup\SystemSetupInProgress
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewWatermark
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\MS Shell Dlg 2
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{d396530e-636a-11e6-ba0d-806d6172696f}\Data
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\NeverShowExt
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSimpleStartMenu
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InProcServer32\(Default)
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowCompColor
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowInfoTip
    • HKEY_LOCAL_MACHINE\SYSTEM\Setup\SystemPartition
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}\DriveMask
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ClassicShell
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\LogPath
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UserEnvDebugLevel
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetHood
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\DocObject
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\MinimumFreeMemPercentageToCreateProcess
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ServicePackSourcePath
    • HKEY_LOCAL_MACHINE\SYSTEM\WPA\PnP\seed
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\MapNetDrvBtn
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Filter
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ServicePackCachePath
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\RsopLogging
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\LogLevel
    • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Hostname
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Personal
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{d396530a-636a-11e6-ba0d-806d6172696f}\Generation
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{d396530d-636a-11e6-ba0d-806d6172696f}\Generation
    • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ComputerName\ActiveComputerName\ComputerName
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Tahoma
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{d396530b-636a-11e6-ba0d-806d6172696f}\Data
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewShadow
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{d396530e-636a-11e6-ba0d-806d6172696f}\Generation
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktop
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWebView
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideIcons
    • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ProductOptions\ProductType
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewScrollOver
    • HKEY_CURRENT_USER\Control Panel\Desktop\LameButtonText
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\UseDoubleClickTimer
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\SeparateProcess
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\MinimumFreeMemPercentageToCreateObject
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\BrowseInPlace
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\SeparateProcess
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local Settings
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\ChkAccDebugLevel
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetCrawling
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ThemeManager\Compositing
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\AlwaysShowExt

Process SimpleSudokuPortable_4.2n.paf.exe (1440)

  • Mutexes accessed

    • oleacc-msaa-loaded
    • MSCTF.Shared.MUTEX.EFG

Process SimpleSudokuPortable_4.2n.paf.exe (1440)

  • Directories created

    • C:\Documents and Settings
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\~PRESERVEFILE1
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Source
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other
    • C:\Documents and Settings\zamen\Local Settings\Temp\
    • C:\Documents and Settings\zamen\Local Settings\Temp
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable
    • C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Help\Images
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\Launcher
    • C:\Documents and Settings\zamen\Local Settings
    • C:\Documents and Settings\zamen
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\DefaultData
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Help
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\DefaultData\settings
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Data
  • Directories removed

    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\~PRESERVEFILE1\
  • Directories enumerated

    • C:\Documents and Settings
    • C:\Program Files\Microsoft Office\Office12
    • C:\WINDOWS\system32\ctfmon.exe
    • C:\WINDOWS\explorer.exe
    • C:\Python27\pythonw.exe
    • C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\*.*
    • C:\WINDOWS\system32\lsass.exe
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\*.*
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\*.*
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable
    • C:\Program Files\Java\jre7\bin\jqs.exe
    • C:\Program Files\Java\jre7
    • C:\Documents and Settings\zamen\Local Settings\Temp\PortableApps.com\PortableAppsPlatform.exe
    • C:\WINDOWS
    • C:\PortableApps
    • C:\WINDOWS\system32\svchost.exe
    • C:\Documents and Settings\zamen\Local Settings
    • C:\Documents and Settings\zamen\PortableApps\*.*
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\~PRESERVEFILE1\*.ss
    • C:\WINDOWS\system32
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\*.ss
    • C:\Python27
    • C:\Documents and Settings\zamen\Local Settings\Temp
    • C:\WINDOWS\system32\services.exe
    • C:\Program Files\Java
    • E:\PortableApps
    • C:\Documents and Settings\zamen
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\~PRESERVEFILE1
    • C:\Program Files\Common Files\Java
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App
    • C:\Program Files\Java\jre7\bin
    • C:\WINDOWS\system32\spoolsv.exe
    • C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other
    • C:\WINDOWS\system32\alg.exe
    • C:\Program Files\Common Files\Java\Java Update\jusched.exe

Process SimpleSudokuPortable_4.2n.paf.exe (1440)

  • DLLs Loaded

    • C:\WINDOWS\system32\APPHELP.dll
    • C:\WINDOWS\system32\USERENV.dll
    • C:\WINDOWS\system32\SHELL32.dll
    • kernel32.dll
    • UxTheme.dll
    • C:\WINDOWS\system32\OLEACC.dll
    • C:\WINDOWS\system32\CRYPTBASE.dll
    • C:\DOCUME~1\zamen\LOCALS~1\Temp\nsv3.tmp\FindProcDLL.dll
    • C:\WINDOWS\system32\browseui.dll
    • C:\DOCUME~1\zamen\LOCALS~1\Temp\nsv3.tmp\LangDLL.dll
    • ole32.dll
    • C:\WINDOWS\system32\UXTHEME.dll
    • C:\WINDOWS\system32\DWMAPI.dll
    • C:\WINDOWS\system32\RichEd20.dll
    • C:\WINDOWS\system32\PROPSYS.dll
    • C:\WINDOWS\system32\SETUPAPI.dll
    • C:\DOCUME~1\zamen\LOCALS~1\Temp\nsv3.tmp\System.dll
    • C:\DOCUME~1\zamen\LOCALS~1\Temp\nsv3.tmp\nsDialogs.dll
    • C:\WINDOWS\system32\SHFOLDER.dll
    • SHELL32.dll
    • PSAPI.DLL
    • C:\DOCUME~1\zamen\LOCALS~1\Temp\nsv3.tmp\w7tbp.dll
    • C:\WINDOWS\system32\CLBCATQ.dll
    • browseui.dll
    • shell32.dll
    • SETUPAPI.dll

PE Compile Time

2017-07-31 20:33:59

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x000063d1 0x00006400 6.47945120906
.rdata 0x00008000 0x0000138e 0x00001400 5.14383173215
.data 0x0000a000 0x00020358 0x00000600 4.00073907016
.ndata 0x0002b000 0x0002b000 0x00000000 0.0
.rsrc 0x00056000 0x0001c6f8 0x0001c800 7.23697987705

Imports

Library KERNEL32.dll:
0x408070 ExitProcess
0x408074 SetFileAttributesW
0x408078 Sleep
0x40807c GetTickCount
0x408080 CreateFileW
0x408084 GetFileSize
0x408088 GetModuleFileNameW
0x40808c GetCurrentProcess
0x408094 GetFileAttributesW
0x4080a0 GetTempPathW
0x4080a4 GetCommandLineW
0x4080a8 GetVersion
0x4080ac SetErrorMode
0x4080b0 lstrlenW
0x4080b4 lstrcpynW
0x4080b8 CopyFileW
0x4080bc GetShortPathNameW
0x4080c0 GlobalLock
0x4080c4 CreateThread
0x4080c8 GetLastError
0x4080cc CreateDirectoryW
0x4080d0 CreateProcessW
0x4080d4 RemoveDirectoryW
0x4080d8 lstrcmpiA
0x4080dc GetTempFileNameW
0x4080e0 WriteFile
0x4080e4 lstrcpyA
0x4080e8 MoveFileExW
0x4080ec lstrcatW
0x4080f0 GetSystemDirectoryW
0x4080f4 GetProcAddress
0x4080f8 GetModuleHandleA
0x4080fc GetExitCodeProcess
0x408100 WaitForSingleObject
0x408104 lstrcmpiW
0x408108 MoveFileW
0x40810c GetFullPathNameW
0x408110 SetFileTime
0x408114 SearchPathW
0x408118 CompareFileTime
0x40811c lstrcmpW
0x408120 CloseHandle
0x408128 GlobalFree
0x40812c GlobalUnlock
0x408130 GetDiskFreeSpaceW
0x408134 GlobalAlloc
0x408138 FindFirstFileW
0x40813c FindNextFileW
0x408140 DeleteFileW
0x408144 SetFilePointer
0x408148 ReadFile
0x40814c FindClose
0x408150 lstrlenA
0x408154 MulDiv
0x408158 MultiByteToWideChar
0x40815c WideCharToMultiByte
0x408168 FreeLibrary
0x40816c LoadLibraryExW
0x408170 GetModuleHandleW
Library USER32.dll:
0x408194 GetSystemMenu
0x408198 SetClassLongW
0x40819c EnableMenuItem
0x4081a0 IsWindowEnabled
0x4081a4 SetWindowPos
0x4081a8 GetSysColor
0x4081ac GetWindowLongW
0x4081b0 SetCursor
0x4081b4 LoadCursorW
0x4081b8 CheckDlgButton
0x4081bc GetMessagePos
0x4081c0 LoadBitmapW
0x4081c4 CallWindowProcW
0x4081c8 IsWindowVisible
0x4081cc CloseClipboard
0x4081d0 SetClipboardData
0x4081d4 EmptyClipboard
0x4081d8 OpenClipboard
0x4081dc ScreenToClient
0x4081e0 GetWindowRect
0x4081e4 GetDlgItem
0x4081e8 GetSystemMetrics
0x4081ec SetDlgItemTextW
0x4081f0 GetDlgItemTextW
0x4081f4 MessageBoxIndirectW
0x4081f8 CharPrevW
0x4081fc CharNextA
0x408200 wsprintfA
0x408204 DispatchMessageW
0x408208 PeekMessageW
0x40820c ReleaseDC
0x408210 EnableWindow
0x408214 InvalidateRect
0x408218 SendMessageW
0x40821c DefWindowProcW
0x408220 BeginPaint
0x408224 GetClientRect
0x408228 FillRect
0x40822c DrawTextW
0x408230 EndDialog
0x408234 RegisterClassW
0x40823c CreateWindowExW
0x408240 GetClassInfoW
0x408244 DialogBoxParamW
0x408248 CharNextW
0x40824c ExitWindowsEx
0x408250 DestroyWindow
0x408254 GetDC
0x408258 SetTimer
0x40825c SetWindowTextW
0x408260 LoadImageW
0x408264 SetForegroundWindow
0x408268 ShowWindow
0x40826c IsWindow
0x408270 SetWindowLongW
0x408274 FindWindowExW
0x408278 TrackPopupMenu
0x40827c AppendMenuW
0x408280 CreatePopupMenu
0x408284 EndPaint
0x408288 CreateDialogParamW
0x40828c SendMessageTimeoutW
0x408290 wsprintfW
0x408294 PostQuitMessage
Library GDI32.dll:
0x40804c SelectObject
0x408050 SetBkMode
0x408054 CreateFontIndirectW
0x408058 SetTextColor
0x40805c DeleteObject
0x408060 GetDeviceCaps
0x408064 CreateBrushIndirect
0x408068 SetBkColor
Library SHELL32.dll:
0x40817c ShellExecuteExW
0x408184 SHBrowseForFolderW
0x408188 SHGetFileInfoW
0x40818c SHFileOperationW
Library ADVAPI32.dll:
0x408004 RegCreateKeyExW
0x408008 RegOpenKeyExW
0x40800c SetFileSecurityW
0x408010 OpenProcessToken
0x408018 RegEnumValueW
0x40801c RegDeleteKeyW
0x408020 RegDeleteValueW
0x408024 RegCloseKey
0x408028 RegSetValueExW
0x40802c RegQueryValueExW
0x408030 RegEnumKeyW
Library COMCTL32.dll:
0x408038 ImageList_Create
0x40803c ImageList_AddMasked
0x408040 ImageList_Destroy
0x408044 None
Library ole32.dll:
0x40829c OleUninitialize
0x4082a0 OleInitialize
0x4082a4 CoTaskMemFree
0x4082a8 CoCreateInstance

!This program cannot be run in DOS mode.
`.rdata
@.data
.ndata
Instu_
softuV
NulluM
SVWj _3
Aj"A[f
D$$SPS
Vj%SSS
f9=(7B
D$$+D$
D$,+D$$P
\u f9O
90u'AAf
UXTHEME
USERENV
SETUPAPI
APPHELP
PROPSYS
DWMAPI
CRYPTBASE
OLEACC
CLBCATQ
RichEd32
RichEd20
MulDiv
DeleteFileW
FindFirstFileW
FindNextFileW
FindClose
SetFilePointer
ReadFile
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetPrivateProfileStringW
WritePrivateProfileStringW
FreeLibrary
LoadLibraryExW
GetModuleHandleW
GlobalAlloc
GlobalFree
ExpandEnvironmentStringsW
lstrcmpW
lstrcmpiW
CloseHandle
SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
SetFileAttributesW
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
SetEnvironmentVariableW
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
GetVersion
SetErrorMode
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
GetLastError
CreateDirectoryW
CreateProcessW
RemoveDirectoryW
lstrcmpiA
GetTempFileNameW
WriteFile
lstrcpyA
MoveFileExW
lstrcatW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
KERNEL32.dll
EndPaint
DrawTextW
FillRect
GetClientRect
BeginPaint
DefWindowProcW
SendMessageW
InvalidateRect
EnableWindow
ReleaseDC
LoadImageW
SetWindowLongW
GetDlgItem
IsWindow
FindWindowExW
SendMessageTimeoutW
wsprintfW
ShowWindow
SetForegroundWindow
PostQuitMessage
SetWindowTextW
SetTimer
CreateDialogParamW
DestroyWindow
ExitWindowsEx
CharNextW
DialogBoxParamW
GetClassInfoW
CreateWindowExW
SystemParametersInfoW
RegisterClassW
EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongW
SetCursor
LoadCursorW
CheckDlgButton
GetMessagePos
LoadBitmapW
CallWindowProcW
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuW
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharPrevW
CharNextA
wsprintfA
DispatchMessageW
PeekMessageW
USER32.dll
SelectObject
SetTextColor
SetBkMode
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
GetDeviceCaps
SetBkColor
GDI32.dll
SHFileOperationW
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
SHGetSpecialFolderLocation
SHELL32.dll
RegEnumValueW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegCreateKeyExW
ADVAPI32.dll
ImageList_Destroy
ImageList_AddMasked
ImageList_Create
COMCTL32.dll
CoCreateInstance
OleUninitialize
OleInitialize
CoTaskMemFree
ole32.dll
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
VERSION
SHGetFolderPathW
SHFOLDER
SHAutoComplete
SHLWAPI
SHELL32
InitiateShutdownW
RegDeleteKeyExW
ADVAPI32
GetUserDefaultUILanguage
GetDiskFreeSpaceExW
SetDefaultDllDirectories
KERNEL32
[Rename]
%ls=%ls
:hW2e+S
B-o@mm=
zV@uM5'
!l|]R~!
T0/~Aw
p]Dm6M
@Gk3o#
by/1YZ
s]go`Q
s}}=G
$3?U,d
Gpo/U,
OA]]5w
Garjl2
O@ntBz.
!hni`a
6nh[15
r(t'PN
ICCc+454
>1iT=TkD~
MqT~x^^c
GkcPUU
gi4blk
olj}xyGK
K6#hqHx
tw-ezo
m[aYW;dr9
"_` `
!JR6;-,
@ ah"5
4ocOY)
:JuN:p
YAHRqE
Z;z8}h
P{nlmP
6j;4F#
c{hdt
k4s}J6
NQ3T[]
CWVWin|
_A>VS*
LJ'VqWe
w^ZH=b#^"
{D6Ium
Da5V} #
aq4j"K`
BBL#%9
0[Z;$J
1]lBK/`
0B>i#R
Z\rMM!%
H1Vfgh
Zlp)p$
)]@$2c`%
A:[bf<"R
8W,9+p
wd-8:@
7Hrhls
JZJ!5[
nk$'5;x
Q#kaQ
7\IE,)
O<AO=J
m'QQhF
g76j4>3I
RZdBD PS
, '-c&
?Da[+/
"1?2,1$
RG !/E
D^+x3x~
tnyU6E
O&'&C+
;8*wEZ
w^}CB>
!KI+OF
;-*<f"
p\cOdK!1
Gu6:Zs@;
9GWgoR.
;EyNS
20n2EB|6"
yldHp
'!;"00
PGCTl~aD
*Ujrj
MSs34lw
V5x!4R
S&M7wd
qJvly
Sghv~^
j'_FtYDk
KiT*t|a^
ejE",+
y#v`[=
5\Kv'R
4\x$N2
e5@B},
V&'i{w
{X7.C/
jh.b)*S}
a$2f3Su
J@6.Ms(J
9l<x@j
OKgNKC
dj359AGVWd
i:6?)@
;jKoo0
\EnK;#@{
^|D.Ne7
=vdqH!HZ
wE~d0H
{49=Ii
/sNx,u
!%r@C6
cWEnl!
483`kby
0&DiYlB
~p7b7Y673
Hj\("XMF
vSH@al6
tcsgx?
7L#i:F
*4'f`N
_^tvAY
:27Q6,4N
;5<w%&E
HCIs&%
97(?86I
B<1Y44V
!:5<~35\
D>Fz/*
<4*F:5L
<:;t54]
@;>n3&
<61W:=l
D=,'7:e
D?<JSRj
FCK{YY~
85HO\^
8>t`NP
=<^[_a
GA=;KJf
HDGPC<&
LGLtPPp
MG>BJI]
IDBD $DQ47
((L0,/d
*,Va37o
94**wma
40%.qh\
83('[TH
B<0crj]
?:.O[TH
C=1V;6+
=7+1JD7cRL@
JE8g>9,3
*%4r84Cp,#
0*"?%%B
-+-V,+O
4()E10N
QNSfef
RMMRIB6
MG@.USd
NH=!$&`DQS
"'f/EH
LGGNMKg
VSUbOI:
23Qe:?|
+-]q8<t
MN{]@>i
"%SG,.V
QK?I^YM
SMALHB7
pD?>A="
HO@DFFDD'!"
pFOOHSNNSMFB&%
jPOPLXmjVKKWMEA'n
niM48KWREBm
f58ksIN
j8WUHBYs
0WZHBMko:.2
N2WUIBIikK.28
(/iTG3CJWf,+*
iJWnTM
9nM603CIf9
ojI4($3C6f,
gx7+JG0
]a]a]]
abbab]\
\bvv]zz`
746!%%A
IHa}?<<
42?D%'L
B?I;@;0
22Il*+X
DBTb>91
13nL05n
5:xL<A|
;?~LIK
BD|LRS
@Af]WY
QQoMhi
KLumhj
:;coAD
36p6:>y
`ZOIKF:
;4F?>@6.,
IEFNlD89A4/k
c@G0Ln9'
a9G1<h(
B=#$@9
TU]USQY
`^^^sS
\FmT69K!
8b{kw~
baP`g|
_jlvzyxb^
]buxyubO
+&/d,-U
VSX\il
XU_^RL;
GGg]OQ{
(*^cCCk
[UISaYNd|sg
aYNde^RgHB6
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity version="1.0.0.0" processorArchitecture="*" name="Nullsoft.NSIS.exehead" type="win32"/><description>Nullsoft Install System v3.02.1</description><dependency><dependentAssembly><assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="*" publicKeyToken="6595b64144ccf1df" language="*" /></dependentAssembly></dependency><trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"><security><requestedPrivileges><requestedExecutionLevel level="asInvoker" uiAccess="false"/></requestedPrivileges></security></trustInfo><compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1"><application><supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"/><supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"/><supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"/><supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/></application></compatibility><application xmlns="urn:schemas-microsoft-com:asm.v3"><windowsSettings><dpiAware xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">true</dpiAware></windowsSettings></application></assembly>
NullsoftInst
N:kbgY
J]9[v?+DA
1D/Air4
R<m<(d2
Ed7Ero|
u1"|"h
uHt-e8
N[["~'
D[.ofY
$|woU,
))NI'"EKuRleO?
AGlaMB
*E!{9l=1=
77 5qK'
vJ?|eX.
Vm8K+`U
%R4&J;h
H[1t}V
9lOzfRs
*{MdeO
q`c"SZ
F?/2uoZx
z/G}}f
\:/Mqv{
Jt$q8~
dc[B7]&
E-a:W)
%6w^}5EDL;
gKgFOG
^"n{"^k
\|W%>
9<DU9lQ
!u+v(}
w+vwmW
*Gc_Z7a
:9&)G
7U%>y
xfgcP#
O,be6DBD
rf`Ln\
pZh,&D
rMJw6!
g\gfkw
Gj#A{9
*8w9!A
rn.5|"
H<SqKQ
sx8w*&
>9"8_"
BXbCo2
XHPKXV
]12x8!
)L.v^e
JBgS9(
U'\p,V
2L5"=+v6
'b(MV{
m*_7F=(
E,mfY^7
XNV$bkKNS
=3):c6o
C z<N4
|[1}|o@D
F<@nG0
i{7?!1jnc)
KX<p/{
fv(:d%
$k, =s
,%8=Y,l
>diyp4
I4x4+y
n(QJ=0J
=}?ws3
8xW0Vq
5Ah{'+
\&|~"W"zl|%
m9`n|
JIzwHZ
hp#Y;(
z7^a^g
d.y.$V)
44>I8Y
9pGVpy
y08ZM4
qGmU4f
h.HA\
[']C2>
V\$yO&
JM#fVi
6~xR`r
vekV$o
VXArC;2
Jf}Hs|
S{FJw5
4fv3U=.
:M3+d(k
#FrjoX
^e2}sC
iP8iDM
zR&*Pp
fDbqB}
*3'qG)&
x/ w~*
h"h*.T?
b0OPP#
I|oCc
?RN3<Nm
vcp)@o
#/J=%`
i,ab+T
0lzeK"
=OB]S8*
3eg*s}
hs8$sC
_IG*%oB
Il2c}01n
TD*UGN
n,">NC
$lgZ7v
#hU|-?d
_5>K;M
z2 8>|
^<Y4:w
iyaj03
Cn#16L
$GrW2%(
Tz1/{O3
;cjn!@e
-,l:&'!
Fzch tcj>t
.}E!n
!Vlt;_
{s-PxT
`0bX5V
7Y1qj[.`^R!M
Pr~bAG|=
<oJ6zrD
==CX&1
Ij|D^w
bjfl$_
C*)>m]^
6Qg%Y"
CW+ZZ~V
HZ'G%n
EH+(Qp{
Prv$/Y
n#nG^d
*G |=*~
q)|)v%
],>A6e}K rF
\BhSK3ke
wHi5?
s9Oz8j:i
'YESc{3w
A)@Bu_
c3A8DO
>CZn|o&_
JQR@SL#H"cff
v@@~=>
;Y9(jn
yiQoS$
hd1:w3
8k*%xq
+gNf^.
E)f$s@|
J.0,GPX
`-r^uS=
\28"5c4
99_M=:k<
xy,z>Th
5sCKh5h
J/i]y!
\&cw.o
XX:'A1
:v16q,
5n?9+I
{dxnR5
R{~rkY
K;K#j9
s8],9va>Q
D#U/0M
cNT;a)
_%92B.
#BZ-m@{L
Zom!$
Y.8\np
%MW\tC
S7i0gN
(Ahp|Q
lB>\20
U)({qLQ
Ge\7|_
&@g5mU
l^rwas
O*"X*N
N!1\t4
jq.t{>
f,<-0B
o"<#Jn
D56W<&
l'F["$
b2"#:8
ac?Ha3
zl]5[?
PxwSQN
u yE}1
HF!'2Mv
FAU5|C&
-Y7Pz'
g\aH,rS
}Fwpk<
RzdJ6p]{;
") #zW4
Kl%%eO
GJ}w7_
gs,wQhEC
lO(h)!
|17RE'
7yb-m0
M_VwVt9WT
8>tqbQM
!:dDQJ
O:p?u9
=$L#!g
4=>uGf
4:6Ig*
H2j6Cp
4lG{PO
Bt`K1hG
u iVCJ
bVR>^O
Yb`$V3+!7
8|KREJ
k,Ps8"]
Ycl[jo
2 [H(h
}}M#hs
9m}AYv
,~lpdh
QE<w}22
d%_VMz
|yX<HH
fSxRGTc
gQ1{IW
Vsc5I$
[^RQG0
d_1$#p
$=ouhj]
G:bL?lP
\$O/Fg
,9|T!|
4d:C-
.+&8"~
n)`Utj
&JS)x<+
}jt?/&
'OTBU2A
8qXRJ1
1cDca*2
i\Dhcf
e86tt
,mNq2lD>e
'"C\kB
_EbCHJY
puN`ZJM
3=:V}%
1C(Qh2
$OQ3_
{m1VbQ
nOU[ef
bwlDOfk
AP=OY1i
*n3}J:H
NGN6&D
j3dA[%
h!t6BN
6VIcT{
S9gG4R4%
+.6KDpzM
He0=L%
&M"czdW&CD
xpC6lG8J
?wzU3#
t<LFQi
5&0RE|R
}>PW^~
J?]xdD`
@I[_Dy
eZ|+!<
L~8vt35Po$
wIrcy]
]W;H%Z
O1VjKJk
p1>b4To
%b(DI<J
C]h"@
GIjUyN
"}oIePeCS
+M"jwd-
6 4tIcEJ
X%)#"<s
5TYL.&x
z _.l&
\&hvB3
9\25z^
Q)>Mk8
%T:MY!
L5b3B!
ru)*1Z421
9w$HSrL$idy
bjBTI/
;]o$:f
>6]W{c
gw'q]O
oUS@vzT
hsGf,J
UwjN+T
c>-g6TF
[-bvr2
JA"={"
#PLO|~
Z?6TEr
W}Vj3#
eth-4f
v$(EFP
wpAGo>"-^x]
/H$Det
|*nl_(mt/
1!NGr+
h.z_{0N
D2JOaF
FQZq`E
h*]JO
%_/Qpm3
X;$_r]
y`h.Z-
_4I?yO7
`<n|<[
+;Q?MsJH
~.nJ]{
T0kb0O
k4O)-q9
'b,<~mZ
MkU:2M
[pVB"0
I@pcJ{
[a7hG!9`5
"$M%^5A
x)3HY
gSJ`dHcX
M8J>~&
fJ>fE
jrGk$f
htzn54b
eu:fCj-
GxmiyzI2
4.-{ra
".?I'0o
OnQ&M
-n'gWx
4zU `l
Q?`Y*L
pHVsPo&
;{m\E?
be?'Q'
EGvxjn>
49@o>g
N!,rlQ
f#n<?WB
0yIpn8
{m>)pz
0!EcY
g:1zS\g
:lA`d
z6W+G@
}Pr`q-
y<-0?q#
_&7p{-
BF{5.Y
-W,qU=
Ra(vdl
lhhL<'-x
=$^*[l
zebO%|f
Ps=cPFK
+i;yE:
79CyS(
b21KrBU
,fWQ0&xQ
n(swvv
uKPu~2o
LXGAMj
j-/%z2
e9v:Z7WF
Y||fBWG[-
?L=23+
Hz%~l
9(J"[]6
qv6az:
Q4P&#vQ.
).Wopx
@=jpfJu7
1T&x)Wm
;j}xp1
D#}^w~
}E.^e_
J!Wj'6
D(R$V-
SeeI=3
Ds#cSA
b'q FB/
5{t>An
T[ouK0
2hcW?8RO
dt's<(
Miinl4
mR|\MP
%WM:#*
r0+-kh
J<+vm3ri
elx:as
'+p||~x
_q~JzC
OU{d*
0a04%;
g~uOUAl
x=3ma7
L+,=[O
Fc`&jkl?
F/ggqOfw`
uUs&*9
X;\. aEtv,
;7]gt<p
<Ym-q&GE
wcrzc
<jVU4$
t4LXf%P6
avpHNih_O
LfU*21
Gfw=Be
0R>/=#
(KJ_R9
:cfD;-
%/3:3h
I"-pbm
D8>L_/
4l+1L0b
&:EU^z1
7skT2'
,a#a55
1[=EK<:
PC@pi2
<O3NBC
xkral7
hN>SS
'=x?KZ
1Tfb`C
;p=aj:
Iu_DSiG
=rYAWZ
cW"hL[
vVZe56C
sKH?lQ
[cC!J<2_
]@L"nE
pdQLdFw`\;
bQ[G c
?HpT(v
N|uGP!?u
@ |4td
AU%t7wW
z9?,$O
(h|rbY
k5g`]e
7+f$WQ
Zsdhh-
a-0pWh
Zwd'\]
ISi)%D
{zO7X{F
9Fl762!i
&c#~\S
VBzzv2
]28s.~'
DE3Yvg
w/KI_z
!ECEl%
/AG9M|
*!LI?I
j6mlc:.
1-$<Q_d+f
n]T;]5
iy337j40
AhV%zx
Ni\7[%
S5X6;d
gLT!I]
6#2{P
Q'a-gR
?hpwH6
jYkV^vlnN
xe%}Ll
r/L{$$
3QPso6
4T2@=o
gi(3gC
U}mpR)
mVF"#7
4YgqyM
=RVop%
-g744M
!=,B[R)
\0y%os
^.Q|]0D
;~"|!%
v}ZhuE
zLlEt]
-=!<Du
M7De *
`a{e1O
=OUC\T)
MKth==
4/r% _=
9L"-q&
EFXcNy
1wmL,u
m*MRYr
AG4KYi4
$?BX(>
>i"n:6X3z
q-:tp
Xz%csZ
Dn5(V;
I7i`]$b"H
%V"Vm*HHr]
f<yx~2Gb;
]<Cza5
f<s|"cR5d
I9[ojOT
Vn;.n!$
2#P< .
;H[WIoX
c`6//\
g*[f=1
;a3\.O
=!,,R&
<jjvDC6
qxO~"~
yy&b;T
(1#x#py
[Ni]YO
j=k\4J
!*9|UG
zZF'r2
t9t9^M
o^D%WU
JulnYr6
5~Ni!BF
|jxD.T&
|N=nkM
vvS=`G4
2-2bU0
uLw(bo
D-k@|'L
VwIe*4z
Yiuq*G
(wsGZ.%y%
dQfu<.ju,
6v]=C#
~3n|C}M
~kZzY*
Y>.~d@
uc6e'v
g|0zqa
Md7E.:
8fBmFs
iNc?d
&@C3EP
PqH($5
RpbmK;1
g5j!dQ5z
ApZ[<,
-)9qt4
W:$3cb
_VQsS
5Y]mr[6g9;~#k
]303|
_T\G3[^;
'q'/8.Q
,Y/:Di
kUe]1Y1
NO`;I4SU
n#atGa
j;*>v
ly02Bl
an~T\
O=6g1:6
,jF\-6L
MXy 0
-GMii"
Y/qqG:G
7|m))Ec.
fR(+)1e0)
rn[HiF
JPmtWR
]W,lg2
C U(Dv
L(9'>]
.k3fu on
wAo &.
&N6QbI%
Kw,~K
)jyew|
"_cX%
o<n4bj
&$Z> ?Qy
WB`n0m
%%;iDvr
QhN_QY
K:/Sm#U
`+~W[R
I689dlO
"Id&|D
g+=4TNrbGwo#
QICnQ{
jl4H45
47B?A :{
EhV 7l
:!^vEy
5&<|aP
VL`e6L
vs}b*N
wN(<KaA
::["#j
H9EDTP
WLSTL7
Jb8N0B
,V +fw
qWnlVG
|u.`qb
XBJfD
6_RNR}F
e~rYVe
4pJo9e
]Q:KIb
5-Gzn;
2;$j?'
(X =J`l
TzmDp~
[6bJSLu
jEJMI5R
+|gCI1'
*WaS-7}{"F]
;rQtld
rGU'<8
R<TXse
~*h/HD
@)=eQQ
yCpuyU
ZYW[.w
`N%<?N
i;gF8a
%xK,W
J{OP&0
=NRYFD@;O
;^/Yr|
8/|;L_
6.-7t0
WNjWi|
.SE<M#
3\aF45
^,++1iH9
9;!OO.
ml\9kz
QNeF^ME
ngP6{[
J5*y2Y
Gzn&2r
<xjn!<N'
@7!V;R
t$8LIo"V
gQfD^1
|C4RG'&>&
5OW]!X
D3Q(@K
\d%.|0
CZIrL-
tExibn
OA%-6z
\M6LWLu
6&xY;m
pC&Yy(
4Ld0!{v
U\yf-p
wRcON'c
>$p6=}
}+@0K*xa
rJ$5MZc
(t?:3;
7NBE"^\h<J
~Y]*l/
%P1~$K
F(a'0zy&
#oeCKW
[`A,JG
'w.EW~
Ga\dG0
O5Y[d/
nw=yfm@KQ
^lx^9KXD*
j~K[oD
zF(/Uj
Cv{qm+
@^w?A_
=$4Ct=
n|H35LrzA
@QJ7@o
RwrWB0
M'9r`W
k ^!h{
ZH:I&M
%@Q'Ez
=L NH7
52V #hK
JqT4#.
lhsQ4U
>Bj,l$Ol
'4xfKuS
#vk";A\
(CrngK-
i@,W?x
|KGaij|?K%\
sI<K#<
75Ot4YeU
>\gc>\K
Xd)Hy`
SLY-='
CG/I#HQ
x?sQ>u
QE?`uoL
s3HdHm
_ThjE4
dn=|\{
!_1^,QC
3hAX>k(
a$=aeu<0
kZ-DOF
%@KKf4
<aCSdX
b;zNZuM
ZIfZ*7
EJUj"_
O+)V-V
y:XjX`,3`p
TIv71PV
yfsUCn
h$HtxZ
T9:b1M
q+lVx=
PE|Y,;F
]GZ-|<
+. uFz
+%yU9j
]J=8&>
1{'rOIA
2,4#no
I^Q@u)
"iQgQIO
w*:2DR
/P^9O'J
[4rXv+
Sh$*}5
}(_/E`
//C1UdkxxB
DPk32
E+Eq`l
|khz,
+5gUy2
ZaR+N1+s
fB)_8Z
M=KU-,
l^hq!6R
()r-BF
LFsEjL
)N,U$L}+
7McEo,t
N`)jE7
wVeLJl
>w[xTq
7}n1i]@1&
]MGY}b
7!a_ys
ww |m/f0
Lga`I>
cActo4
'](uFq
]W5IG2K
G&o"'X
+"|hM5e
`@P&Ip;
t?phbe_
!MB@eH
cXNdDZ+
;hbP8
P"i+Iv+Y
z6T8{Q
A)q\p^L
S_: x:
;-.>rT:
}W6CMC
>5nR_Z
NWh-YA
stD;0w
>#5HG%O
TwR(`=
x*<+xlm'
!}72]P
UIY1`.
kbmwFq
""u!bA=
xCui+:
[mz#+?J]
wveRr:
*esJtF
A=3.rL
>#gJPw
76%$6k
CquyS:
c<#t2^Y'
T\#Z;l
oL< .F
7H0]J&3
!ha6(2
Z#o^MP
Ax!uMEK
)Ib'5-
dhnE&l1x
!RbeYSb
2b32o}
I^VIC
3Zy6-h<
31>=d.t
ke6`rf
TAJ_B]
gl:R,Q
eEy#(y
d).o=M
M'ir?>x
Ln:/9_
cG|Mnk
jn'lFelT
aM6<w8G
-b#.?
U{/aa_
Xq@x;L&
Rf>,MD
8wK1G1B
{;smj^%h
7JuWd
7QKjCo
No!v={
3?WEUW
S[[O>+Q
\*c(wZ
#6sp*:
?@)Vqw
cR[Lt2
-U+;9N
T=.&CA
v:3}}b
Oqk.bCP
Jr_G-0M[%cq
W9Z#W(
SB)0kye
vTbs/
]/3PX*Q>
M`8IOV
86Pp~C
G{,%G)V
{&9'd,
'1qna-
OHg~)D
EQLM+\Dw
NWZb~n
FQ^3_1
io[k}E
N+(}BT
E<:9S#
03O3NUc
F~;wCH
fo;g3>
tDcp4lg9
ltqC2a
T3:pKLG
ExZ{m-
uTQ:t[%r
U*e2c
;)|@&Q
"3atWD.
,L"*I%
18Q<QP
rq;wk,
%Wi$zUlh
>S"@,R
Xz@&g7
Amj,+h:
'6+,5TK
/t&/9@
vD <"[
e&Vg9m
iVK]dn
at,]kz
uPG!io
v-'NQE
l[8ZA>
Og~;l
ObqeQf
,UrX$@02
d%Rg8_
q}diica
OV.nzBD
k7gvdi
qyp0*`G
/cCImpnF
h4&H$AI@k
RPuId-Pk
)gMl89
@woFDa
uQ,|H'+
1=cAZ%
9)AZ+4
AGm6Knb
3&S!pFo
2KBED3V
9$;cSZ
WklI$`
*UYYN;
@sRk[j
Kyj6I
]Yt"Y[p
S2!`+aK
62\j'`
"163){6=
*pDp}D
%DUO5L
,YmjYnq
.9hK\5
Ls{>r%Z6&
G_GDvV
KXe.4r
{~An.
j@tXgi
a_sFg1
d9c^0N
#W5m.?
Zh7F]s
u67 v08V
{AI"m0
B3<"S9
\0TX+)
6!xz^
K!D(^S
0]Eli2
`Af(z#
K%5X\k
MZ9cQH
:n BkK
|zP;KD
L'ph8>
!\k]cZ
`sJ(6m
thi9<N
\D051j
{,4WB9(
@ZK/_x
y\Uy^
:LQ#F|
}^]f1}
W;F4pE
60(3^R}
4"J!u[
sY}LBs
\9!Qf\
}nJEjv:
x5k&VV
NP!xbuf
8_Q,MQ.
eUa2J&>~
~Fw%r9
SSh>%xn}.
zGRIu3
CSvDV0F
D8D@rH
$YIP(Nm_
WG7bO`
DYqga>
'6o= .$Y
2;X4a7
PX jV}
n>)LPur
z6kaP7
LT,F3j
DQ."=7
'M$B0X
l"6C]A[
g85=fy
7t$z?q
VE5e1z
LK6Xg|
wdL(6~
+c]?~g
:,^T<>j/
< ,%IN
|=OECT
)pW[$d
q_U`=?
tu2U-H9
[Zt~j:5<6>PC
aa&#8"
i-21&!
X_z.]?
WLHb2?
ZhCqf3
WWfZL`
WrKkhV
MeOsC=*94
8-KB]v
e^CD.g
1,p`r7/z\C
84Sx3N'
E/&~@y
)}YOsjI
A(Q*nK
]/uAYO
z ;Wz0
sB;p[m0
g26T\H!
D:NfBA*
1WcCyJ,c
NBd*$)
iBpsm~9@7
SaHc6\
$A|D3#
v]$iksg
(@+!T
P@VL+y
TidsgHnpn
6jGiH\
p6t/>Vv
jXa@tAM
C#DjRl
j2,"V[
FXP/"#
\TC~\x
|}?\cq
qO!uEi
2tu3~:
9l_wFfst
$eiB-Hl
npz)P#$
r/F1!c
S4eHN$
&~6Utm
J{mx0S
pI\jS5
S4B3;5
[gK42s
h]I8UZ
'O<6WuQ
~,vt][
-E+gph
b^ZXLr
qR2(Q=O
-^ofT<
i-<Zk7G
}^qW?v
(0Dw-
K#8tj)
J;m!ZO
er1cY!
:4J_Up
Rt6zPdq
a1%1ws
X:-+Y{
&Gx~wq
$lv4-L
N<>]jnvE
&!Wc{_U
o<'=K_g
k(h>*S
3!hS&d
KlVmxq>
?4(H>%
9LHW6d}
wu!2@a
4IhJ1{V
1t.0hQ
Y62 \P
QjLFf$2
Rb4L3d
R#_~v)+n
tOVGO+TN
ZZk?Fm
jv*(O|
31zEi7
&I5eHz>
vIFTux
Uu_z?]
HBEl{DG(
}&kjL|\
:7dN2
C*R.}Uy
O1(e8W
7={XM%R
1x848(
GPX3`={
|Oz[jZ1
}lQ 8J=
9VP'_F
)`3[v^4
t|hd7w
SAt8TW
FO&DN,
o,!P-\
r("QRc
kEZISCAZ
U}~_A!
r)9iO8
fFZ%C-
a/TJM7?
%i`=b3
#H)ga2
{p:o\
P-@0{|
O^0&er
\vm>Q%
Qb>hMn,
(%`SS.J
T79vfKD
&+f}]P
x5h\?i
;/]OHd
HR{ob2
IHTsy&-;kM*
gzB|2'
S".)NW
zptKZP
[H$1Cj
dlvc%$
{N]Q!v
m0_BIs
H3x#W3k
E5yEih
&q2]kZ0
-q1;&e
VA7^@_
q(dVTbE
^bv}55?
V7^YLO
1C7_+
5QSVF:oU
'y 7*d/
?'S#Uf:S
TE:*X4
}#vjnn
)SDnah
_JOe#9y
5>}#Or*
QZQkjZ
YjiKATBa
k+y_;5
xH^a;Sw
8Rv-zm!
U"u4R!
BD!M03
6F1<LG
0Kr7N[
7^67|:4
boMsnAY
E.;}PH0
l:&{89
YnnJHp
i[V0mK
-g8$%-
HZBFds^
b5#np:Z.8
~$a,x
h`w3$`]
{z&=PO
hW)A6x
0;yR2I
CA% @l?
|]&19_
EFp!7w-e
2bQ5C$
`pD'm8
R Z|q)
Fub\nG
SgkG_i0g
|2BdmB
YE]tJwJ;:;
yI.U^=
TiQ`z;
X}[,8~5
hvYWv)*vM:
`d1xdJ
,lb;g?
W*"oU5
XJx=F7
-L:KNYQ
lBad>SXd
/ao@0j
+<eI"cO
/e@Tac
Z#=8.S
w-;PMC
RmfY]]^
"qfN`V{)
DiGE}$M[N
1g8SK4
PP,# A
j:Q)^Y6
O}=--F !
h!&0wKD
i8[9=v5
D|9z\2
ZP^V*z
y=#KYkr@2
q^,&%#
y\tVyRW
rQ&Jn7
K;-bCL4
h x('J
v:S ~Z
V>SWg
9b4"\,
>!UzXG
XadQ49
qxMJgx
kywOFY
_8#u|i
VCTuS^
GkW}_ Xq
L#`r9W
gI]b8<7
YxO6@um|TO
^8)Y"
g E1CD
R,umjo
}g|^"s
cbvX?~
)P3[qT#
XueHQg
lHd=7;<
zD^%8{
J~<@>O
b.#d66
WeOB\g
zsjc&R
.~mJ=z
nnuG0[Q
M_wt={
J0R4jd9
s5h':{:|
w>~rr
,W'[t
{y-Xz<
HR<.dd
][PxsC
.KEyob
d i2O>
l.rg3M
|U1Iu:
+J w).
&qSfvB29
vo[(R+9o
#^T-u2
<.u 3&]
^0v2A9
G5PJii<
>D20 "
q6eD7%$
&qw%2D
zXm#Dr
P_k+4&
ORlbA"
g(4^he
;%#Kcr
$m?Fb@
B'\RdU
!,g2Oe
k)Uxu@gU
=>b"Rg
A.4oT_
t6Mc"A
I6D;$;z
v>cD12m
iactZ#
RhI'?;3
4f`Dc-
'2Q:rku
('Ui(9<
+,R^PxHh
0y]\6}
NI/-]L(_
Henvun=
@,k{45
a?#*66;m
_Ow-_1
!/1H.T
Cs}j!<
JKKd+\
D++/cv
d$H9;y
f-S2_*uo
}Kf{y:
nmZ86m
g 0I#J-
K=flPR.
>8vlb9
)2bDhLf{
$Vr8).
b&E~c`
i>FmRBT
^~sQUr
/Zbl*uG
C;DL,0}ne3f
K:7GHV{
'8x/A1
YS-gV?
`:|+]T
V.Xo]z
}:lL4ko+[
f[H$O2
d9L7T?
Z'C2sS)
xY&UCe
R$;LDz
_ggC.6
Z}^wvB
2<A(Gc
%bnH`/
gZD}7(;
R9Vq9q
6.z93o
z98}Vi
k:K*[|`
w&kk:B1g*]7
l.\'+N
"ALLA].
]m>^PJ
]~^2F-
<#UeDCk
hbsMI\
A9HP~
du.l:!
y@`2<1
B2ajZ+
O1mI)1p4
qy0M|1M
/Ini`Bgy
UY\\Q#
;P)[=`E
t,!HK"
4*oleI
+g,tb~
~7q\H*
h"l#a_
QDA[WW2u
_n,b<$
&=,a49!
2f{dYk
ve&jm&
zY8QcV
=LsP.x
_'P0gY
yN96nr
|q;(x8i
/&%c96=
5;/luk
$cyh::
=#GWYP0
~cJ~r9
`I5'+L
nQQG6s~
y3X'I]X
}Fb2A0
Nse R{bkp
O5Z\p;
?7</8<
z^&J!Y
}I=7pM
;[L^V%
irGW:p>5<`P
)'y$,FsT
UM" 8u
^5&7`s
uK3e7!1
f)N0AV
MM(p}Q
k6>#`X
Dyl8q]0
]WREJbs
a>^:G 6
=n.s&S7
diev30
BT<D@T8
1/+0Sa
l03Q:.g
KcZ T:N
]"W^#:
'kD@,fy
u=m(p+`
uiltXI
1|-%h4L
M;}f[{
b@&<{W
}^=Q,YC
EHGdl(
TZ%M})
,{P85tM
Aq-(P?
Xo44R
1`73/[(
~J#$s%t
D(Gn&v]
`9t#'SC
%x=?'I
%8&roD
I.y^*e
ybgT}!
IBE:gh
}#I\\L
dc*GEHe
5wV7.H
R[-C">
CF:2Rv1T
(c)$}#
Vz&,26'
U#Xvw2S
sx$6N-
e0LWeZ
xG!165
NV?yx:
7+!+iB
z;R&^*
DrX9Jvo
H>81\t
b|$)f6
j'0rf+
w3XsQR
G1=G8%
jwcFz m
6Os*4O
X6wNpr2
?g I5-
;ShCw#
%cj36
F$oDH+
aE_=_V1
2(w(7r
)qEMVZhM
[v42h&$
\{6][
wpN/Er
-d%>c2
b#X)h8
ho;SI.k
5$xOp?1g
h?)aDUz
+7ls>M
"f=wyG
NS>fRN+
8V-$zy
J~8&sR
\<(-(J
2kfy$v
%_SJ}w
2MaC8EW
WjwT_T
0Qw,.&
%)$C_T
3/VlC4#
3&2ip
6ztX<\U
e]k)k!
8t$*Ff
y7, vn
KV<?K'G
aY6BMm
No.Mk5}
cp"YKU6
?EBI'K
ix1%;:
-&}Z>4
4bPF7
6g"wp79
1!ary)
Za(fA[
Kve P
e$VxEs
TK9*kQl
=|_>a>
#fF@Dub
eycPo(:
$hl3Lh
+sx@`nJ
;3ueK+
oJ42XS
=G\r2B
sYYyxNc@
~2RZaM%
w)YK8^m
W19\L=K
Y@q\)-
x.$2Zg
F^ XV#
9OjSweS'
KS9;VX
AgEl1
?h0wF8
#Z0azl
.fjm0,K4
4W=0NV
NH4hKO
.UXl)rh
}CL b/
LF`,on
T/LW%}
Rj]9:#3
JTWv}Y
a?K7q25
?D~I|_
~Kjmv3
WDP512
!eGqH,
6&tU$I
Gc,&lt
l.6(U!
?<f}&c
:1/0%k
c+7R{L
PEr;R>O
~h|Xve__U
Sbx%eo
bJ0>z+
q=J3,jN
QfBcI<
O.;F/}
).&(9m
]tT+xd
[W7Foq
\.AVOO&
ZGU` *
u8_mIz[
q 2$Bv
6MFVf;
G:,r<6VC
KPg@AY
|3N s%
^#4qv#x
)ByPQd
=|YM8y
aB\XBh*
;;gnTVT
w]7R<k
yirL<R
XsW|:r
ZvirB.
e$uBxH_4
&GuhTU
HX'#'7
`Xp~}2Cx
XFt:Id
<<"P8X
>(jGTIW
wfYta:4
qdYz(&=
yRE\t`s
r/s1*2
tgX] Qt
]s"`'H
X&/Ndiz
m,RU!.
JTJf#X
;,=AWK
t$cN)I
0dwc(
8v{Ob3
qCz?QD
<5_3UHo$Y
Iiq:@b
#6SdgD
5DN*&P
kVV.ET5
"qAH.JAjm
vX2"75
e^<*Qiv
(Ws#iU
&o_cR-
z,!NN=D
ZsuvNF9
<r&t:>B
2Xq"kO
F{\Kf{O
? \f~i
Lq,or+
e+[NJ5
LjLb|=
5Pf"";
~u_'ZN
<,+'m"
?AOSB*
jMN?5Y
?hCV)/
"9jOPu
^?fj'Uw
wp[Rw*
*E>=9PH4
?8Ff`2
@ $t|D
[c@AQ
Vc_o[3
!+jKe+<q
Z?V: 7
q#J$Fj
UcBZ/+
Dk =:#
dsb:fw
Bn[?Zg/
`0g DY
u)@sJf
)NJ\"e
Yj!@EJ
M8gOo+
~V_g9$
.B-3Di
>l#8,L
?A/zHH
GctAHN
7X=vB
G*]sCG
bSj1lI
"XE5?I
Iz>/@5
x#>!f_g
qy03.5
6vJHe m
<DL 7"
G; 1G#q31
d~JZcX.J
uorM!>C
Dg+H+S
Q:vX)0zb
70c';g
2R9i&(
!/oYaT
X/3\V`
kj"7R
l@mMLF
4mzz)u
)-y@zL
lM]>O}
y"[K2;
!ccta_\
eH./ws
gU Ll2
'HF?g:
!lfvOK
F885wJO
U!/@W)J6
MA\H=e
,TAP(k>
aCAKm0M
mEo83J
<Rfdd%0
&O)R=PG
=@5;HGAe2J
AR8w`p}?
qzc3k#T
i7831J
Ib6D%m
)K{-<
dq2:D2U
6 G\ 
f?vB{vW
2E"2N|C@
8)Bv}Q
^POsL!
?Ddfw
-QR5NU
0nl36>
jNcEmr
-mdUJT
2:zaBDh
s(~J!j
NY;u&
o0d7qHS
e?5wEd
0Weg}q
/|2*s@
dA~C6f
i7`<Q$T
l'&/pp
:e\kyCW
P%72@0u@,W
#B`Hm,
@w0Mxp
UhJA{@
g$O94M
|]Z{$TNQ*
`SZ%[,
~>;h@!
yky`vd
"Z04~`
{&A8\]
4_"k-D
J`y~R
bFfW+Q
M<gIOp
,Ms){j:h}B
;-qlYU
{*93R=
{cs_F1
;uV) Jl
RichEdit
RichEdit20W
.DEFAULT\Control Panel\International
Control Panel\Desktop\ResourceLocale
Software\Microsoft\Windows\CurrentVersion
\Microsoft\Internet Explorer\Quick Launch
verifying installer: %d%%
unpacking data: %d%%
... %d%%
Installer integrity check has failed. Common causes include
incomplete download and damaged media. Contact the
installer's author to obtain a new copy.
More information at:
http://nsis.sf.net/NSIS_Error
Error writing temporary file. Make sure your temp folder is valid.
Error launching installer
SeShutdownPrivilege
NSIS Error
%u.%u%s%s
*?|<>/":
%s%S.dll
/ P6pL
,/KPip
/-P?pR
MS Shell Dlg
MS Shell Dlg
MS Shell Dlg
msctls_progress32
SysListView32
MS Shell Dlg
Please wait while Setup is loading...
MS Shell Dlg
MS Shell Dlg
MS Shell Dlg
msctls_progress32
SysListView32
MS Shell Dlg
Please wait while Setup is loading...
MS Shell Dlg
MS Shell Dlg
MS Shell Dlg
msctls_progress32
SysListView32
MS Shell Dlg
Please wait while Setup is loading...
MS Shell Dlg
MS Shell Dlg
MS Shell Dlg
msctls_progress32
SysListView32
MS Shell Dlg
Please wait while Setup is loading...
msctls_progress32
SysListView32
Please wait while Setup is loading...
msctls_progress32
SysListView32
Please wait while Setup is loading...
MS Shell Dlg
MS Shell Dlg
MS Shell Dlg
msctls_progress32
SysListView32
MS Shell Dlg
Please wait while Setup is loading...
msctls_progress32
SysListView32
Please wait while Setup is loading...
msctls_progress32
SysListView32
Please wait while Setup is loading...
VS_VERSION_INFO
StringFileInfo
040904b0
Comments
For additional details, visit PortableApps.com
CompanyName
PortableApps.com
FileDescription
Simple Sudoku Portable
FileVersion
4.2.1.0
InternalName
Simple Sudoku Portable
LegalCopyright
2007-2017 PortableApps.com, PortableApps.com Installer 3.5.5.0
LegalTrademarks
PortableApps.com is a registered trademark of Rare Ideas, LLC.
OriginalFilename
SimpleSudokuPortable_4.2n.paf.exe
PortableApps.comAppID
SimpleSudokuPortable
PortableApps.comFormatVersion
PortableApps.comInstallerVersion
3.5.5.0
ProductName
Simple Sudoku Portable
ProductVersion
4.2.1.0
VarFileInfo
Translation
Antivirus Signature
Bkav HW32.Packed.192D
MicroWorld-eScan Clean
CMC Clean
CAT-QuickHeal Clean
ALYac Clean
Cylance Clean
VIPRE Clean
SUPERAntiSpyware Clean
TheHacker Clean
K7GW Clean
K7AntiVirus Clean
Arcabit Clean
Invincea Clean
Baidu Clean
NANO-Antivirus Clean
Cyren Clean
Symantec Clean
TotalDefense Clean
TrendMicro-HouseCall Clean
Paloalto Clean
ClamAV Clean
Kaspersky Clean
BitDefender Clean
Babable Clean
AegisLab Clean
Avast Clean
Tencent Clean
Endgame Clean
Sophos Clean
Comodo Clean
F-Secure Clean
DrWeb Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Clean
Emsisoft Clean
SentinelOne Clean
F-Prot Clean
Jiangmin Clean
Webroot Clean
Avira Clean
Fortinet Clean
Antiy-AVL Clean
Kingsoft Clean
Microsoft Clean
ViRobot Clean
ZoneAlarm Clean
Avast-Mobile Clean
TACHYON Clean
AhnLab-V3 Clean
McAfee Clean
AVware Clean
MAX Clean
VBA32 Clean
Malwarebytes Clean
Zoner Clean
ESET-NOD32 Clean
Rising Clean
Yandex Clean
Ikarus Clean
eGambit Clean
GData Clean
Ad-Aware Clean
AVG Clean
Cybereason Clean
Panda Clean
CrowdStrike Clean
Qihoo-360 Clean

Process Tree


SimpleSudokuPortable_4.2n.paf.exe, PID: 1440, Parent PID: 1312

default registry file network process services synchronisation iexplore office pdf

Deprecation note: While processing this analysis you did not have the httpreplay Python library installed. Installing this library (i.e., pip install httpreplay) will allow Cuckoo to do more proper PCAP analysis including but not limited to showing full HTTP and HTTPS (!) requests and responses. It is recommended that you install this library and possibly reprocess any interesting analysis tasks.

Hosts

No hosts contacted.

DNS

No domains contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.128.102 137 192.168.128.255 137
192.168.128.102 138 192.168.128.255 138

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Name d16d56c6f5bb96ec_swordfish008.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish008.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 7f48f4b2a8c2c75838b28758a4d5eccb
SHA1 bfbdca61d9f57c4eae685b4905c438def5434207
SHA256 d16d56c6f5bb96ecf8930ff79ab3fa7a20cbf773ef5e4f39ebd2ed91bf278124
CRC32 5B5FBB34
ssdeep 3:NHkqdtIZLLeLetgQLW2LZLiZS2ZLL5gTMS5LkvLIWNLLh/mtQb/0ZZJoan:NHkqdG1q1QLZLgZS+Wfkv8CEtQmrn
Yara None matched
VirusTotal Search for analysis
Name eae72f759927d92c_x-wing003.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing003.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 d7ada6d7bb4beb49fe9be3cf9cc35e22
SHA1 3be919ae9b09ddc22f2afc3d624373dfd06dae02
SHA256 eae72f759927d92cadb55cd2386c4d82c0a33d87c6c4828be5ed03076570ed0f
CRC32 AA3E2EBF
ssdeep 3:8H2LcUy6t7tCIWNTS5LC/SLov/L1Ud9bLW2LZLeZ/XbZj7Lgwv:8H24YVtLCe5tu/Kd9bLZLMZ/rZv0wv
Yara None matched
VirusTotal Search for analysis
Name e383f9a63af08d6f_x-wing019.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing019.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 71624deff5b78a1bb12b84af4ac3423d
SHA1 08c0b2654e3ad0de172c3579b870b15a739dbfa3
SHA256 e383f9a63af08d6f3c3fc4a4593329d0de1e13fcc9cd526c3e5cefc6df0b5448
CRC32 87E4ABD6
ssdeep 3:PyLRRUcZL4oYZ1Ly1CWUwCLotZFeSoljcdI1WH8vovIBURXLVLowv:6FyoLaw1CqIorwSolYdC28vovIUywv
Yara None matched
VirusTotal Search for analysis
Name 6eb67a5d13d67a5a_multicolors5.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors5.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 3746bfcd67b2be3fa5780834c513930f
SHA1 e1c6b5795010673331648b640a2b89396305769f
SHA256 6eb67a5d13d67a5ade0b26205d2b05dd32c863372b03d1df3d8235ca7ad1795b
CRC32 E046C89E
ssdeep 3:4LZMLUyspLc4vLEgLO8WKvU/LZRLEL2LsWDL/t/WLpLUyy:4tlPI4nO8Fs/taqLsyFeLpIyy
Yara None matched
VirusTotal Search for analysis
Name 5c29dd7769b969cf_chineses.lang
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\ChineseS.lang
Size 7.4KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 bcb9799f743d135e6b2d8eecfc390f1a
SHA1 a15891661b95a6158a6ef7dd5bdf083f4c22586e
SHA256 5c29dd7769b969cfcac5ce4cc08a2743dbb429ed766d4390a3eda145f97be62c
CRC32 242C62D0
ssdeep 96:vdGEjkfDPv/opaFyg3s5o/7YtS9SautdW8rI6:vdjkr/H4Krga9G
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name 9e3f0daef49fc42c_appicon_128.png
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\appicon_128.png
Size 1.0KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
MD5 33a714059e348838522063bcd4c5c059
SHA1 a5af5a0edb136fea50af0356166899aee43b0dea
SHA256 9e3f0daef49fc42cd3f944855da9bf5784ef9abce3a3ec89defa2e194d07b3ad
CRC32 EE140266
ssdeep 12:6v/7SAdNRroIGjI901Rn6Eben2sJWl6Rt+psNx+LhrcJgta41vSN5TnX08uLbgOs:YWQG76cefUlvSxCpcuoMy41bgO/hFrXM
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name e15990c0121428fb_hard2.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\hard2.ss
Size 101.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 f94346abe0aa0905b8619b947b606184
SHA1 e969df7beb6446e35b614d824cac2690927f48fb
SHA256 e15990c0121428fba5cb509c2e06d3ad71fe6fae9162aa9c8d2fb34897a58f02
CRC32 5C6ABAB2
ssdeep 3:XV9QoMPovdQJf0TROoly90f9+TyfLRufXTS/V99ovovn:wkv5dOolrfjtjyvov
Yara None matched
VirusTotal Search for analysis
Name d6e545ba924d5284_puzzle034.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle034.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 87eebbc4c68eda5b057451e46ea073b2
SHA1 a9d7765a79f072a8db17e4d673fce9105aa8d217
SHA256 d6e545ba924d5284a410f2816c39a8b596c4e8a50a32be84134534a3ce20e25b
CRC32 270B2B10
ssdeep 3:7VeTGZWQLovI11WQTtLe/tcELLyLluv8WI1ROyFWXdc2tLJ+oa:xjoe/zQ/tclxg8r8IWNc5
Yara None matched
VirusTotal Search for analysis
Name 9b6e55d908fea6f1_multicolors019.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors019.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 36ecd1f997f886930e8423b7f0928e80
SHA1 f1e44de2cc115f8dc3528ff8ac38a53d53159c23
SHA256 9b6e55d908fea6f10a2a8b74ba55348b591f9470d269ca17a8de2d23b5c45229
CRC32 5FBF25A6
ssdeep 3:L4yW8MovSi+ZHL/W2TLZASSL4bICWyom1ZD1gwv:8zjybC7htAhcbLDoIZWwv
Yara None matched
VirusTotal Search for analysis
Name 0f165188621039c5_advanced006.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced006.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 cfb198404f718600f10d1e070f5522ce
SHA1 c6fe5dd4480f99d78d61a8bd590839fd8f6b5bda
SHA256 0f165188621039c5d9eb3865568f1404050faa57512b0d9d130770b8a3f57f72
CRC32 045CB79A
ssdeep 3:W5iFLVxTG8I1WKRZf/L1L5gL/tjQCIWxSyHLLNyS/MMv:W4xG8CF/f/LopYZ+MSZ
Yara None matched
VirusTotal Search for analysis
Name 256450fdab2c64a8_puzzle030.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle030.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 81c8a2ddfb291e4fe27092fd1e7d04b6
SHA1 2c5208902acb9c8039cc1fbb9e34cad4a137eaa7
SHA256 256450fdab2c64a823abf8e891731fa80202d9ce2a1dee85d0e1b46d7fb97edd
CRC32 709C0E81
ssdeep 3:gILouWJDyLYKQLWKc9oTe0LUXQVmLWpg1UcNQJvti1oan:g2ouWNyExLFc9olLUA0egrQZoB
Yara None matched
VirusTotal Search for analysis
Name 227164160ee4c8fa_colors7.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\colors7.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 bcbc7df5e4c5b5dced963161eec162c7
SHA1 583f7b9aa2d48ced3cff921ed16aa23240259a38
SHA256 227164160ee4c8fabe096e6554792b573382cc27e4b211c85e197ca49cc931e0
CRC32 B635692E
ssdeep 3:Nq6euLULUR1qILWi9YrLSQyRLL5MoEW6tLsT2fToZda:M7uLUgR1qIL/kmdeoExQoo6
Yara None matched
VirusTotal Search for analysis
Name 4d9c73297e497aef_puzzle020.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle020.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 b64908feb8661a995095bdd1a770ec74
SHA1 5b177ce5fc27f680e275d4543791debba049a1f7
SHA256 4d9c73297e497aef16842c31dd97fa9e110145210bcaa9a782107c902c74f1be
CRC32 7A506349
ssdeep 3:at3Lya7CdyY13ILWNLLv8rLq/LyQlF0QLWNWQLWUZsPLHZLXn:at7l7CUYBILC8y/eQUQLCWQuP9n
Yara None matched
VirusTotal Search for analysis
Name ca960f1a7373e7a3_multicolors018.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors018.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 e0bd213241cce03f2d094ed51bc19476
SHA1 9677e10fc5f886602a630ef086b49efae5022ade
SHA256 ca960f1a7373e7a3a9f17c4e243aaf5f3dfb0465b0d49a27a268fa202acef24c
CRC32 CF5C45F6
ssdeep 3:hoyJ1tAuqdI1WK4XmcZ/tch1nZ/mLWQFBcylLZSB8rZ0wv:SaedCF4XrBtcszYylLZSyrKwv
Yara None matched
VirusTotal Search for analysis
Name 189b1af95d661151_launcherlicense.txt
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Source\LauncherLicense.txt
Size 18.0KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type Pascal source, ASCII text, with CRLF line terminators
MD5 ffa10f40b98be2c2bc9608f56827ed23
SHA1 dc8f2e570bf431427dbc3bab9d4d551b53a60208
SHA256 189b1af95d661151e054cea10c91b3d754e4de4d3fecfb074c1fb29476f7167b
CRC32 A6D3A2F5
ssdeep 384:H4j2PmwE3b6k/iAVX/dUY2ZpEGMOZ77oPpDqHZ:H46uh1iYWrTXoPpDqHZ
Yara
  • contentis_base64 - This rule finds for base64 strings
  • embedded_pe - Contains an embedded PE32 file
VirusTotal Search for analysis
Name b4484d879d984506_swordfish014.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish014.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 aec8e9a290883cc90531bfdb82ea9033
SHA1 04d28be6cf39bb9db49066d09b7bc0412b244c17
SHA256 b4484d879d984506c834da72aec4e2af4ef4e4e9f0c0e423f5264ae2ac9ca1a1
CRC32 80E3DD98
ssdeep 3:eb25LLZT/kWZlL1zLWiVgLiLLvSXeT7QQCIWNLcL6yLoBt+ovWLDALTv:6G/aWbdL9VgLiLLKuoQLCoL6yLoBt+o3
Yara None matched
VirusTotal Search for analysis
Name 30bea22f377efafc_puzzle039.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle039.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 5043d36f2f1e7b503f17c27df90e9821
SHA1 dc847ddd03060a49150a641062f4968ec67068ab
SHA256 30bea22f377efafc052fee95bf8cb27d7afe0494eabeb005b1bb860d130960d2
CRC32 8587950C
ssdeep 3:VZLdTor1L5gTWKeC1WNRL5YetLm3RlBXLWCZazZLL5gMPrf:VZK8yK7Ct+DxLpmWM7
Yara None matched
VirusTotal Search for analysis
Name 7360dc7f4bc7a4d1_multicolors8.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors8.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 d79d735943d10fccaa10c30e8e375d09
SHA1 2eb0011dfcd8398a64bb3aaba1f89187cbfafd33
SHA256 7360dc7f4bc7a4d14fdb4b52452365139bb331ae6b3df63474e4168f1feeed0f
CRC32 E8AE1557
ssdeep 3:L+TRLWdZLLMs5moQCIW1CceLRLYw1/qL7WfLLdPLpQVURLL/ecvy:L+Nid1p4/qCceLRLHQL7MpL+qeca
Yara None matched
VirusTotal Search for analysis
Name ce7a80021f90f869_swordfish005.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish005.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 9279d864b673314b9f06c40ded557ec7
SHA1 ee1785b2cfa1e375b04771bbdc7df6236b87130c
SHA256 ce7a80021f90f869f62b0f64f248bfe122ad35387fde63fb4fc0b552229e5cb2
CRC32 20B4A7B2
ssdeep 3:n4L1LcovoZV4LtLLkLcI1WNRL5fTGdcqOvSNBXLWrF0TXdk7f:4VcyoitsLcCCnGdcqASrLYWBkz
Yara None matched
VirusTotal Search for analysis
Name 3da371a5226ead0d_x-wing4.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing4.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 f23689bf2720a660ad21b7095b3b4dac
SHA1 0d45d490f0d6de94345774be778205ffaccb5d2c
SHA256 3da371a5226ead0d67debfcd4a6b9fde7e526e9979b6952360b8a029bedf3440
CRC32 F2BD756C
ssdeep 3:LXnS1LLKTRLLb1LWfjLtLLcTrS16yDZLL8odCWsR0TRLLvp/81Ian:7n++NZLyjLt0XSMIEoEj0N+1Ia
Yara None matched
VirusTotal Search for analysis
Name df079383e74d072c_castellano.lang
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Castellano.lang
Size 8.2KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ISO-8859 text, with CRLF line terminators
MD5 dca2708eaf965e06c325200c7faf3032
SHA1 58428c22bf00b67c2e3eff32d52a8c32cf65963c
SHA256 df079383e74d072cfac4a21adcdb73b9c5513c7e593ec392ea4b44724a80538e
CRC32 5A33CBBD
ssdeep 96:vhwlcEfwvIpkWoM2R+fQt1BXp0zlQAxFgqQvp7Opkd3xNxxtxAcSuq1M2sY8hb7K:v+fwvI6b+fQt1pazRCps2VxbrZNe
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name 2786c57c7fbcc516_appinfo.ini
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\appinfo.ini
Size 518.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 9579d2558af56e396ab45f59a318e94b
SHA1 c5ee7872bdffb5310fb2a80851f102bac92a4c2d
SHA256 2786c57c7fbcc516d4eec5e83329efbc60b72e549be521a3286b3457c7b5e886
CRC32 AB31DFF9
ssdeep 12:k8NPr1wjzfO8kdr6PJMy42WvAU9xrHXLrqLm0VwTB:k8NP+jzGHdOKy4r9xr3HqaTB
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name a46f919c04fc6080_advanced008.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced008.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 1d61e4992172a072f2a1de6eccee7c97
SHA1 2fbe04d69877a77510aec25c4a4a45edb40dd20b
SHA256 a46f919c04fc60803d5c87134eb929fa90a41b8c30560d5d6836d0089aed4887
CRC32 0B827E22
ssdeep 3:M5tgTcLOciOtLZCIWp2xtRTyHIk1CW2LZLJBXomZe5pNLL51vyn:McYCcieZLeOtMHIk1CZL6mZePNPy
Yara None matched
VirusTotal Search for analysis
Name 8d2d49e447c804cc_x-wing018.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing018.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 f9e803ae7cec4acfc516dff4327c771d
SHA1 fbeef8da99890db1b570b72eca66c3be4f762c1f
SHA256 8d2d49e447c804ccf3fbed7863578139fe029629074975cdcdace1099c21cffe
CRC32 9B4FCF1B
ssdeep 3:FZL/yLB/Z/ZvgRy1I1WfLUvrw3htCIWuYyeL1pZwXQV3v:jL/yt5RgR/Mg+7LNYyUeA9v
Yara None matched
VirusTotal Search for analysis
Name 434c0b77b3856926_x-wing001.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing001.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 328a467f22398781ce5d5954e07f252a
SHA1 9168ceff75327201e573278f144b91549b83d3fd
SHA256 434c0b77b38569262028040b7cda35fab9bcb1b6c69473275d4ea7c515715ae9
CRC32 3F733E6A
ssdeep 3:MlBNxWLBcEbBXLWpDZSeBLZLioaRZFa1CWNSRgW5TtVp1gZLorn:MZQLKEdLeke9UoaRZs1CCSRZsZUr
Yara None matched
VirusTotal Search for analysis
Name b4c00bb2980fea3a_puzzle027.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle027.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 075dcfc7870064e4ceeb8353e3d7300a
SHA1 cc30ccf2e292133f53eb15eedd50891c610510f5
SHA256 b4c00bb2980fea3ae514269d53f3858b8abeb443ad187599df85eaaa5f6d9b5e
CRC32 79AB982E
ssdeep 3:AUjiZN/yTe9ZL1v8WNLLboyxRZcCt0QLWfLL56Q/pnEUTLBcwv:1ie69j8CMcUCt0QLM4Q+UHKwv
Yara None matched
VirusTotal Search for analysis
Name 803cc1e94264612a_multicolors2.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors2.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 77911e62292efc922716eae75bcde9a4
SHA1 61c031dc98e144998cd714867b4d3992a8587fee
SHA256 803cc1e94264612a89772d31c024a17d2475f8c30d683a8571eff7b22060cdda
CRC32 19F789A0
ssdeep 3:p9ULWcV1gF/PgQLWNLLKLcTldtRL5gQLWNLL5yTtLqf4vAa:4/VK6QLCYQdtUQLC00fG
Yara None matched
VirusTotal Search for analysis
Name 4eb270aa770743f3_x-wing004.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing004.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 fd7a9097a36d52b4ecc842c82edabc2e
SHA1 20b6d62d26214bdfb6196ca128a4bb51f10500e7
SHA256 4eb270aa770743f3474f8d1c848d13a7fce8d4db3357a3230586c1dbc425dea3
CRC32 2894046E
ssdeep 3:MA/SBeXndLLxTgcvILWpPimL1L5gLbd6CW0JTLoJLtLLbLtWscovov:M7BeDge8e6mLogCsFtTLtW9ovov
Yara None matched
VirusTotal Search for analysis
Name 93f994b217d58fb8_x-wing008.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing008.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 c6b8a3d4b36839132d1c6907d0fe981c
SHA1 6d3aa0db84c882de4161f4f478488c13d2cfcbb8
SHA256 93f994b217d58fb8d95436aae00d9b3ddfe175bcc2049c4fb7b4bb16cc617378
CRC32 ACC96ACF
ssdeep 3:LgP/qbLXDoX6IIIWKRZ44BLZLioaL7ZjQCIWuWBL1SyHQ9LpoNLL5gwv:0qbLXsX6CF/j9UoaLdYBL+Q9CNWwv
Yara None matched
VirusTotal Search for analysis
Name 1ceeac28b024fda5_puzzle013.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle013.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 047765293d2a6537c63e9dc33671ca85
SHA1 2897259c96332af7afce0862fd2296b649402c73
SHA256 1ceeac28b024fda565b32a187fa509d078a22e4c92e882c5731f7a475caaf465
CRC32 A9E52C4C
ssdeep 3:eCNcv/LZQ/qHa8WhicNLL5gTnfsCWXWReLoKS1LeLG7v:e3v/tQyHH8HWQCYWRX0C7v
Yara None matched
VirusTotal Search for analysis
Name 867ae91470b38942_puzzle001.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle001.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 89bfbd73d119a8e13805ef542e24dbb5
SHA1 c9a9f15a9ebc23e005041b7123eaf319f8c339c3
SHA256 867ae91470b38942469741c569f4f0ac5068ce405d928eeb59386fabb2d48301
CRC32 80B44DDB
ssdeep 3:v1X4vgTRU/1gQLWUetL/F/g1RZHtLUWaX11WNLLhbCoJuSZLX:xJd/QLMtRY1Ltg5LCt3F
Yara None matched
VirusTotal Search for analysis
Name f3797d221b1365a7_x-wing006.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing006.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 a14f70fc39248563996a91efd5dad205
SHA1 09b81b669518b4aae1a9e8940b1db182d1ce5c8b
SHA256 f3797d221b1365a7688030baaa5ab636d46855f1aee2f7d6b77e8dad22a30a2d
CRC32 C0F644F9
ssdeep 3:MlEgZLLtLgEuUxLWpDZSdovi/Fa1CWNSGX2L5MoeTZUrn:M9LCEuUxLekqvKs1CCSGo2qr
Yara None matched
VirusTotal Search for analysis
Name 9897a8847b6b3700_puzzle018.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle018.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 ed650982616ecebe2b3bc9d1df5a5a71
SHA1 9a0ea5a6016335fc5062b82d5b02590c91b65438
SHA256 9897a8847b6b370040ad13a53395d7ab34b961af65d218617a82d11097c3ebc6
CRC32 FF27AFE4
ssdeep 3:+1/oTT+DLyLyyILWrl+9TULUdLRvvC1WNXROcTSXqktmvLRLLeL/owv:N/+DLYyyILWUdBC1CoceXAFGvv
Yara None matched
VirusTotal Search for analysis
Name bd0c2cd5e0d65932_colors6.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\colors6.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 9b1671c78368be0a4ef35c336a7f0f26
SHA1 aed9b35c03f0818ba7d1801d84475858353b5f03
SHA256 bd0c2cd5e0d65932c8cec39b2a423c2c6d7ce215d279a0e2e6b5f66b4866f316
CRC32 0DBE3E04
ssdeep 3:DLeTLJgTRLLgLYCWUY1/YRWU/LZLL5aQLWfLLKdULSLMovLOKwv:DLeTLuNoLYCg/IWU/tMQLMOUmLMyLdwv
Yara None matched
VirusTotal Search for analysis
Name d4ffcdaa1adc0c19_moderate4.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\moderate4.ss
Size 101.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 1ea30feb9324fdb8ff996376a9d5fa06
SHA1 f9e728e1e1475da9da3387f380bc4517526f3413
SHA256 d4ffcdaa1adc0c19fb09553da7e52187ee45ff98300ec783488009fb8e691359
CRC32 BC2CD6F5
ssdeep 3:WLU/cL/QnDIdLYi1b/hIXo6LLdovvy:MU0MDgLYiHIXo6LLqva
Yara None matched
VirusTotal Search for analysis
Name fa56c84335d43787_multicolors020.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors020.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 c5ec076eb8fdf29dca086fae25aea8dc
SHA1 2407bc79f7f38ff24f446e43536d93844373f25b
SHA256 fa56c84335d43787add6cc112ec21784b41de27dcba30f6bf3f7a3183531b288
CRC32 65F1ECEB
ssdeep 3:kaDZLLh/iLLmy1I1WibtdRnLYXe/GUIIW6qmAX9Z0TyUs5:kwY/m/9BiSGU1k4GUs5
Yara None matched
VirusTotal Search for analysis
Name bb6221f438fba00e_multicolors011.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors011.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 14a82d48971bbe7273dda35f020a84ec
SHA1 68d3e7ad8204551640548c4a3946b7ea12b8b688
SHA256 bb6221f438fba00e5cb257b779d9375d371c5c3ea2d9e9af89f4d2979a222114
CRC32 30245CAA
ssdeep 3:pTovJxCLLZcXLy1CWQSLsQULL5gTo/LoXRLWmqvLXyHH5fOuLB3v:KvJULtcXe1CfLdW4kXVKTiHbRv
Yara None matched
VirusTotal Search for analysis
Name e05626280ef13c43_modern-header.bmp
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\modern-header.bmp
Size 100.2KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type PC bitmap, Windows 3.x format, 300 x 114 x 24
MD5 caa269b828bea7978b95ebe6f1ab0060
SHA1 d90b184552f9e9bdbc44e7a101f70acba2b87c6d
SHA256 e05626280ef13c43e23f376d2ed7836f5b398513934e76bc574736777d8b6780
CRC32 4756135C
ssdeep 96:TSSSSSSSSSjkTaBhm1E6VRs0nvP/0NeBaaaaaJC2K9XYn:TSSSSSSSSSfBXb0nf08aaaaasB9i
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name 86481ca9082b5a05_swordfish004.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish004.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 10fa10e6beda32c915840f250e65ff7c
SHA1 3fc5c0ef7e851be2a9780728872a4d7b2299e310
SHA256 86481ca9082b5a054e0fb0c6847ee79cdeb231b8c040e45ecf0cd2a297df2f53
CRC32 7DA0955C
ssdeep 3:MAoVUZFZLLcTKWLOvICIWKOLLyFvTy/RZ4QCIW2W1weFLLfLRiLcyov:MTCQVA8FkeI//PZRU3YLcyov
Yara None matched
VirusTotal Search for analysis
Name b4a2a59f43d032fc_swordfish2.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish2.ss
Size 101.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type X1 archive data
MD5 820df0ecc6c1faf7d4d90716c287694f
SHA1 2bec3222f97399c7309d04d00edb50b550856dfa
SHA256 b4a2a59f43d032fc1fde0e242a98b74e44e5dbd9c5d7747e9330fc53f82f5b5f
CRC32 CA07156A
ssdeep 3:21i0TClDT0cq9fofU9ovCS8BovPlvyan:6//cGfo89oWevPlvya
Yara None matched
VirusTotal Search for analysis
Name d8abc0b29d7d514e_help.html
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\help.html
Size 4.9KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type HTML document, ASCII text, with CRLF line terminators
MD5 76091da7763825a088725ba6b1b842c5
SHA1 af53c0a0c4a00bb81722e9caa6bf94858f1b7f54
SHA256 d8abc0b29d7d514e58db7f2652514ac62ceb6c8ae35c3d085502598c0a7b91f7
CRC32 6716222E
ssdeep 96:M7T3KeLV12hKyQCABwwdunsoRMyxyzvhcxB:M/3Pf2hKHCuC2cj
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name c5b7bbf37212cf8b_chineset.lang
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\ChineseT.lang
Size 7.2KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ISO-8859 text, with CRLF line terminators
MD5 260168943e2ff92b526e0edcfa8b917b
SHA1 4cc2dbdc7713cc779bae522c2ada170e31c1598e
SHA256 c5b7bbf37212cf8bcd2c67e51a5f1bd843067701c4380677c7667e48cd93503a
CRC32 2364E4DD
ssdeep 96:v1JrfVw0eQRimzc1oho1HM6NA9I82BMb3ij3y7MPj/9UMSOZ:vWdQRi+ol8qIpwPz91d
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name ea6fe3bf5a883c57_hard3.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\hard3.ss
Size 101.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 2b83c0285450ac07dea04957f8122543
SHA1 1cbb19b378da0132d7ada0cd3dc5b72dc70653da
SHA256 ea6fe3bf5a883c57724ffc60c1ac39923b9559c67b6e572a6e663934a3b0ab9e
CRC32 042BB4E6
ssdeep 3:3Skz3R6Kv9i9c9/WEZycf99AvSXT5zK4r:ikz3I09iqeW99AvSDNKM
Yara None matched
VirusTotal Search for analysis
Name 8618a2e4d1463bd6_puzzle046.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle046.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 472e5f9cbedde632329f25d91cbe5959
SHA1 c8af00c8e8e6d667cf65969502126656e04a3a9b
SHA256 8618a2e4d1463bd6df135c944199ab05acff6cdd75723234798f14d0873b74f8
CRC32 9F144879
ssdeep 3:LeYQLi+eWwI1WpJo5LXLbQ1rv1CW2LZdG/RovLoGcgwv:C9Lg9C7VXL05v1CZLC/AEGtwv
Yara None matched
VirusTotal Search for analysis
Name dd2cea5a27cc3b1c_multicolors9.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors9.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 4b6b18b495e4bc6b729ac7fb193da7a1
SHA1 0cd28c254db04d6c338fa8836e1998ff73b36f7e
SHA256 dd2cea5a27cc3b1cd32b3d7a0515ae631a2b4ab541e425dab3d329918356a0f7
CRC32 FE6BBA14
ssdeep 3:v1/j/MZ0TotMvLIWenyL6dgwLRu/yILWiVh/mtLLuDLLDa:i0stMv82xwLRuq89V8tmDL6
Yara None matched
VirusTotal Search for analysis
Name 62203b73258f5a39_triples2.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\triples2.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 6f3b6202bd21516f2f0d2bfff7d973f2
SHA1 3376f02a2a928b7b083ef3160f24919ca57e128b
SHA256 62203b73258f5a39d43d48a65a31fe9a28961a7b52779fd1db4f3bc3be413e1d
CRC32 F6852849
ssdeep 3:SqR0qpvILWlZtLwRLL5gTRLULw/WNLSJ/TwovoX/BWovyn:T0qB8ETMWNgLOBxTt9yy
Yara None matched
VirusTotal Search for analysis
Name fb495297cf3d324f_puzzle031.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle031.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 dbe1a069c286d4a9363e6e02a7c5a94e
SHA1 0fd823ee948d202851e305d095f189cd598d1ecf
SHA256 fb495297cf3d324f6da39c8612b20c190fe9cc4cb3dd83a28ea3d4027d0802a5
CRC32 3C2F0F96
ssdeep 3:yULZLccs13cRclZtXLWNLTeYkSNXRVLbLWyRkovoZwLZvLtZLQXVoan:ySZLDsNcRcD1LCrbLV5oZwLZvRZkXVoa
Yara None matched
VirusTotal Search for analysis
Name 07ed04a899f7580c_swordfish018.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish018.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 3c406e93c31b548f2194fd55f045cd67
SHA1 48dc02b6184e3e30353e48a842d12b69ed1c5482
SHA256 07ed04a899f7580cddf4b7dda0a6e4ff440bb2043de5fab414c17939aa48a0eb
CRC32 6494AA74
ssdeep 3:wL4/ZLHZ7j7bQCIWd/5dOovFAdI1WKoxQq4QZbUoTl1/owv:wUYSOoadCFoxQqdZwYlKwv
Yara None matched
VirusTotal Search for analysis
Name b02f432fdd5f12e7_x-wing2.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing2.ss
Size 101.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 a2c1ddb0ac7d852ed22673a46f21a63c
SHA1 f17cf2dd5490e2284540e415f69c4ecafa9c58b5
SHA256 b02f432fdd5f12e7955c891812d9c80bf50a37d6976a800d9574d84ae07c1660
CRC32 8CFD5581
ssdeep 3:aa9oX9ovKcOE97wE99x/fui8oPg9AvF9QoB9nKvy:noavKcOE97wc8w4AvwqnKa
Yara None matched
VirusTotal Search for analysis
Name e9d4ecaf9e042d4b_mensa003.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa003.ss
Size 208.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 a2c6fb717f1786bca4db96741f5e032e
SHA1 46bd3e7dad20e0e0aaf7cf947fb9efd9c8dab328
SHA256 e9d4ecaf9e042d4b43f69f0eb4443eb8627f20aefc413e5f29a84fc6add3380f
CRC32 F7DB7EA1
ssdeep 3:C6MR/ZLObebBcvWyj1BI10fE1iWdZDPOb0xvj1BI10VsW5vLZLY0DZn6v:C6Q/sbeGvWyj1a1D2bEb1MmVxsv
Yara None matched
VirusTotal Search for analysis
Name 653a9dc00b8687be_greek.lang
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Greek.lang
Size 8.4KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ISO-8859 text, with CRLF line terminators
MD5 b79fa2e48a4582a1d13e8af2375d35a6
SHA1 c1201a38422338ad5cc2b7ec313a4126d3e30c65
SHA256 653a9dc00b8687be679250d7795ca5bbef5bd1888200a6c7ee89db4bfd06a241
CRC32 52AE929C
ssdeep 96:v1IYu+685neHyHI/qIIcnOAI+ASR4jehm+nRwb51xCW+R630mbC29rdF63NTzJHN:veh+68NIbnOvis1xCFwXFopwBnYMs7
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name 9a5b454c450b401e_swordfish016.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish016.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 5536cc451ae5404af6ac5d4c459e8a36
SHA1 62ec2d9abf674ce3c9f0edc56faf853208e46626
SHA256 9a5b454c450b401e62c60bba9c735a41328803e6cc3fc9fe58a9e783c040e33a
CRC32 D9330B20
ssdeep 3:RFYLLZXLNLy/LZLUS1CQ11Wm1ZfiJWeDaX11Wseyd1LcOx0wv:g/ZE/tgwpLVdNLXLvBJiwv
Yara None matched
VirusTotal Search for analysis
Name d3fd9239fc3af1cb_ukrainian.lang
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Ukrainian.lang
Size 8.1KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ISO-8859 text, with CRLF line terminators
MD5 4f2db4d164555386262d653d123b44c1
SHA1 11b316c0751993488ba1cd874dc1435890f34644
SHA256 d3fd9239fc3af1cb5b8eca4e287f8dd38abd738444ba45071594e5d4c425835b
CRC32 7F57A75A
ssdeep 96:vjBJooJBlKGacBufOz/VtnzkdqreacBW1pNT6NS/gEFYhh+1e4GEIirF7/679pcV:vVbuq/cd0XB97RJkcG69LXl
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name f7e781723359df40_xy-wing1.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\xy-wing1.ss
Size 210.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 fc183ec0b7da7759ed08f88523a9d0f8
SHA1 903f7bd40affb17f7027db594c4e1fd45458ae93
SHA256 f7e781723359df409640f2771f42fed6c2ce793aa68ed301af617b051f2c1066
CRC32 3E7B2AA6
ssdeep 6:C6wmu/teerxMvq8dYMYcZWvYZ/uLYoyNxa:C6wmugS3pGZYY3NXa
Yara None matched
VirusTotal Search for analysis
Name e354c2611e16b59a_x-wing031.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing031.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 80e8c6dddd4dcbc7defb108524c36521
SHA1 8067666c6fad19da006a193bb88000b82270416a
SHA256 e354c2611e16b59a519c4d11453cf976d00fa0d6c047d00cd4bdc7e7f5b55a56
CRC32 B131EC89
ssdeep 3:bLEV5tLALLXLW1ZFysZYLytov8WNS6mUxhKuyy:GbuzLVsZYLv8CS6mur
Yara None matched
VirusTotal Search for analysis
Name 822236da21852c67_moderate3.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\moderate3.ss
Size 101.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 23f5d1fbf82d26a4a46eff034271fed4
SHA1 5e3f3601ff5b54ccd1db612f16a2a0a74704113b
SHA256 822236da21852c6731d6a3006beee186ecce1a6100f273598e0cdf63751a7967
CRC32 7A88CA79
ssdeep 3:Ec9ov59fK+UOT8u9tc9BvSAV+olX939ELW0ov:EMoxxUstcfvSo+uX9dRv
Yara None matched
VirusTotal Search for analysis
Name 9577360b2be31133_x-wing020.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing020.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 9d45d9d4115700683ccba7698684062f
SHA1 ed4f2ce5eda664ef47e4bcbe243bb07b62fac354
SHA256 9577360b2be31133fe1073eb341bc0dac7dc937459ecbdf1847304ca9fbf2a63
CRC32 5B9F0D12
ssdeep 3:pQ/cTcUWj90LEeILWKMxELdVLoTGZTibICW0gYhvY/ZXLm:C/3UWj7e8FM+wiIsCSYhvIC
Yara None matched
VirusTotal Search for analysis
Name 5d19fe68ae08b7a9_simplesudokuportable.ini
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\Launcher\SimpleSudokuPortable.ini
Size 1.0KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 3d8d2383cf3ac78583bd536ca0e99584
SHA1 a74cf9e0551380bda7c7ea452b5dabc0125f74f6
SHA256 5d19fe68ae08b7a9e25cadbb031dd744839b366ba925cd5d2d3539c4f8a26fce
CRC32 B12A9A7C
ssdeep 24:Jfjg09OYXrVJT5VQkrVJT5Fb1berVJT5iiVJT/qTvNb:JfEkOYXrTvQkrTnFerT5TAvNb
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name ca26f4a692b9e955_swordfish6.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish6.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 0999c53c47a9b0440a97fed532ae31f1
SHA1 157fc133c230efe14a4ebf15db9ea390df01ea28
SHA256 ca26f4a692b9e955138766ba80d5a9005aa9fbb775d8b3da98cbc8e73c47c7bb
CRC32 CC9526D5
ssdeep 3:eVL1yTGeHsLVLoQLW0GYplZLULO8WNLLb8tdLtcytwv:eVshK+QL4qgLO8CTSIF
Yara None matched
VirusTotal Search for analysis
Name 6893f0b7b7388e4a_puzzle010.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle010.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 38baf33c05b2e12fd8fbca4654478407
SHA1 9f33dc5b508bbdf4cd0f65e3fd111bf1d63908d5
SHA256 6893f0b7b7388e4ad2a78249a220552f6f559da0a80abcc47906dade63c916c2
CRC32 699A53F9
ssdeep 3:6bWpmbBLL5ULIW2LRUnRSVyI1WGtxgTE653:6XBO8TFURSYClcRp
Yara None matched
VirusTotal Search for analysis
Name 9428374f80151531_multicolors001.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors001.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 036436394d25c483cd75ce4ed4ae5435
SHA1 8b30e0c18cbf363fc097f7403093734c9676276f
SHA256 9428374f8015153124651fc27ef167028c9e12e45153c82c1fc8e51d93205e87
CRC32 C0D1A0A5
ssdeep 3:nAkQtL+P/91gQLWNLLKLcT3LOFRL5gQLWNLL5fTtLqxcEov:AkQtL+oQLCYsOFUQLCpYxzy
Yara None matched
VirusTotal Search for analysis
Name 4ad23ef9023f4abb_suomi.lang
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Suomi.lang
Size 7.9KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ISO-8859 text, with CRLF line terminators
MD5 ba13946f26afbb073d0e0ccaaa7d8b85
SHA1 cd7f94fe71896860e0456a1d6636537d09c2722c
SHA256 4ad23ef9023f4abb078ef84a5a7511b7f6a32c1cc4bf0bf13e84453b72eeea67
CRC32 B8B2813E
ssdeep 192:vbeytpZgIDpjgi9RBiJGohj3pfmfRnodXPm:Ky5gIDpybpfmoXPm
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name 6853ed818ffb03f8_x-wing025.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing025.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 c81095066701d2d99d9b8dd49d586eaf
SHA1 5195f9e12f1d6fcdce3d0ee0139ac16e1df4a648
SHA256 6853ed818ffb03f8ef0c0cd68842b7fa0dbf9128ed0065af835d1db18bd45143
CRC32 DAB550B3
ssdeep 3:o/PMZtL1i1Lq/eILWD6D16ozZcLsI1WNdLVcPHZ/MLUAxXMcvy:MMTL5/eILC6AozFCCQx0Uca
Yara None matched
VirusTotal Search for analysis
Name b40b879a98ead816_puzzle011.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle011.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 e35acba8f2cc11e99b245b2332aea8df
SHA1 698b3630206aeebce6afb8fd4a4b7aaa65c69373
SHA256 b40b879a98ead8160864156236d356efe2a6f0ae6ccb2d30a27d1becf31a5566
CRC32 729EF903
ssdeep 3:8/DZq5QLWiVBprLbX6Zv8WNLLqtmUL1LMmvov:uSQL9VbL6R8CStjLZvov
Yara None matched
VirusTotal Search for analysis
Name 72ce552438b6f3f1_swordfish020.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish020.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 493d8131913707e257c3f77455deedbb
SHA1 0549ada5bc3d13807ac55fb46386f46bf5150f96
SHA256 72ce552438b6f3f146a4df2f4b7d3cc8489a6cacc373071e8ee7a851b4fd9753
CRC32 D3AD54E8
ssdeep 3:UOyZ/iLg9bLWGFZTQLreKdOvLIWNcHQtupzEn:RyhxLHtLKdA8Ccro
Yara None matched
VirusTotal Search for analysis
Name 2ffe1ac2555e822b_findprocdll.dll
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\FindProcDLL.dll
Size 4.0KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 ba4c1dfe226d573d516c0529f263011e
SHA1 d726e947633ea75c09bba1cb6a14a79ce953be24
SHA256 2ffe1ac2555e822b4a383996168031e456f09f9cf3bb763fccee35be178cf58a
CRC32 B076F3F7
ssdeep 48:qv1AJiDhU8UsnL0C8EA4G1zkxU5NMsH7pWIa1B3yx3s2mRUyNi7ftUgwQagqlNt/:uJnQChA4nsNMg0I8GiR+Uget
Yara
  • IsPE32 -
  • IsDLL -
  • IsWindowsGUI -
  • HasRichSignature - Rich Signature Check
  • PEiD_00497_dUP_v2_x_Patcher_____www_diablo2oo2_cjb_net_ - [dUP v2.x Patcher --> www.diablo2oo2.cjb.net]
  • PEiD_01686_Petite_v2_2____www_un4seen_com_petite_ - [Petite v2.2 -> www.un4seen.com/petite]
  • Contains_PE_File - Detect a PE file inside a byte sequence
  • contentis_base64 - This rule finds for base64 strings
  • maldoc_suspicious_strings -
VirusTotal Search for analysis
Name 46a1d50a869dc7e2_help_logo_top.png
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Help\Images\Help_Logo_Top.png
Size 2.5KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type PNG image data, 229 x 47, 8-bit/color RGBA, non-interlaced
MD5 0f024e316973b9d87f3f4c3a1f33c448
SHA1 8ccaf998d7b14731829c0d1104d6fa7a1adc7247
SHA256 46a1d50a869dc7e2c0511cfbc77a15f0092ad9fba0b068736f1e512683a47ee4
CRC32 8F37D7F3
ssdeep 48:NaRbpMYHmHcRu3nh77X9/aoy/b1MUOgmLFu2J:YRbqHSI7TZ/RgSuI
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name b54b06702b3b53ab_appicon.ico
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\appicon.ico
Size 90.7KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type MS Windows icon resource - 8 icons, 48x48, 256-colors
MD5 0d376aa9a6ae07fa7a10af86fcad63bc
SHA1 6e463164aa6f7ec855e87dd879649263b209750f
SHA256 b54b06702b3b53ab449bfd11d509f79cda78bd05718129a93443afc27059403d
CRC32 2F8DB351
ssdeep 384:Jic0un4oPXXXHxNxNxNxtx1x1x1xsbYFNNNNNNu7E:B0voiYFNNNNNNuo
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name 88c0749cc9ca14cc_help_background_footer.png
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Help\Images\Help_Background_Footer.png
Size 168.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type PNG image data, 10 x 16, 8-bit/color RGB, non-interlaced
MD5 6af4a82693a403b0d0afde16972466f5
SHA1 1ab8a3d0cf22cde23173b6b41521377c0fdbeea8
SHA256 88c0749cc9ca14ccea1af39dffaccf7b7c35e5b5603b1e451fe7fce508252480
CRC32 8468EBFD
ssdeep 3:yionv//thPlHvtntCZRthwkBDsTBZtv9L//gbxCRQe1e//VHgNqUMwF/2g1p:6v/lhPo/nDspvmb8RQe1IgN1MwFdp
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name 99ec9291007aae85_advanced011.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced011.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 63afd02608edaad55283aab99481cc6f
SHA1 d298a02177a2629c4a02bdd320f6718123e895c2
SHA256 99ec9291007aae852f56972a24be4fe3f866eae2a938d553d78a874aada36a3b
CRC32 5A955B08
ssdeep 3:MAbtLdQyXQbTLtLQLZLedIIIWeZrKTeyLULLbCoQ11WuL9/LoThZXvSXtMv:Mu+yXYLtkL1edCBrKjLUeoQLBLOjKXyv
Yara None matched
VirusTotal Search for analysis
Name 52cc20334e2293d3_advanced002.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced002.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 1ad2599523da5b2e8dc0ae8f1bbe2ac5
SHA1 54c6f1b0d15d392a23f164480cf7cc11f70382eb
SHA256 52cc20334e2293d38d8a7bb351e549f4b958d668a789a31b684c6e3aa6bf8ae4
CRC32 585A50D4
ssdeep 3:MlAhvCZLLtLgE5dtCIWKRZuk1yL1RZjQCIW2LZSLt/XoZL5MoI1yZLorn:MO5aLCE5/LF/5QL1/YZLsR/4AonZUr
Yara None matched
VirusTotal Search for analysis
Name 3262eeeec1a9b51a_swordfish024.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish024.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 298d5d5a3429ede08cb53381a0829f2c
SHA1 b0bc285e95b5ae7f43349801cf75f0b6bb414151
SHA256 3262eeeec1a9b51a27221f20dea0a36a87665c35cd484f9ac770da9ba3301918
CRC32 47E2BDFB
ssdeep 3:wL/oFg1/F/5tLWpFxoo1SsLv3vC1WUeXU2STERoC/1/owv:wx1/FbLSfMqPEOU1TERtCwv
Yara None matched
VirusTotal Search for analysis
Name 368f5468cc45e7fd_swordfish006.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish006.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 63d40593ede8fde19ae02abdb093eb6c
SHA1 9ff718a8c9e2e0afd4e15a0cdbbf9e7140a09d29
SHA256 368f5468cc45e7fd8dd960303a2957ab86f640c9b87003da0e14ba11b8979615
CRC32 FE3FA28A
ssdeep 3:JdpB+Tg+cv8WNSlvt0mLo6cQLWXLSLZrLLmLPLD:aEv8CSlV08rLYmL5uLzD
Yara None matched
VirusTotal Search for analysis
Name ee13539f3d66cc05_modern-wizard.bmp
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\modern-wizard.bmp
Size 603.5KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type PC bitmap, Windows 3.x format, 328 x 628 x 24
MD5 4df53efcaa2c52f39618b2aad77bb552
SHA1 542de62a8a48a3ff57cf7845737803078062e95b
SHA256 ee13539f3d66cc0592942ea1a4c35d8fd9af67b1a7f272d0d791931e6e9ce4eb
CRC32 1CDF967B
ssdeep 1536:9Bn13fmACap7r33OCINrac3aKumetKPKqDjoo+1q7C3DNgbgNgLg7gRgeHRVAVVi:90aZr33XW1
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name 876247076c53d2b7_x-wing029.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing029.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 1e3065cd424f428997aa041cfba3210b
SHA1 9255ef640b7420421816e4fe145f4677493fe12a
SHA256 876247076c53d2b797467b597edacb6d14b0acc2ad2d572ede6f10691144bdf1
CRC32 EDD3E75E
ssdeep 3:kiov/L1LmL4tjdyILWQ+BJZS+1tQLW4Zzec/1gF/Mmf:kb/LQL4tjUILz+RSXXyHSmf
Yara None matched
VirusTotal Search for analysis
Name 0e2efee789e24c9e_swordfish5.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish5.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 3e3fa5739971a7d312cb64f42ecc0390
SHA1 daabcffab7bc82126f5d6d81983eb536c84c7c97
SHA256 0e2efee789e24c9eed55003234bb7676b13288d692bc1ebc4a785f755d32f260
CRC32 06C938A9
ssdeep 3:F1tJyj/RDtgdv1CW61LtWLeLRRcSZDovLlDZe8W4govAZZxtwv:MKdv1CpwLeLR6qDyxQ8CyYy
Yara None matched
VirusTotal Search for analysis
Name 69172f4c77a60afa_colors4.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\colors4.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 44aa0443abb0f662719b8e9e56cce247
SHA1 615efeb50afc1791f4b00bb19bed96be3eb4e2dd
SHA256 69172f4c77a60afa3c16b802e20b416280247d53883648aae2ae8c875a201724
CRC32 5975E001
ssdeep 3:TTvJQkULVdRsCWNLcLTy1y2ndLWHbZP5Aey:fJQOCCoLNydLWB5Af
Yara None matched
VirusTotal Search for analysis
Name 671e455162529432_simplesudoku.exe
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\simplesudoku.exe
Size 1.0MB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 5dcbf9e628b7fb4205dfefb58bee7f72
SHA1 ec472f6e00f493eeed4a651c7e3a53f91ccd7d3a
SHA256 671e455162529432d5334aa946e35cc9ca1e33de210f2559e25a36e2444944d3
CRC32 80D725BC
ssdeep 12288:Qeg9WDCvD2TwHR+SAfSoHpz/eFcZnd8d5m07PqXj+UeOKnNrt8ZFV8548JlVyP4q:Q3xvD2TbffN22Fg7Poj+USAe5pJlVRq
Yara
  • IsPE32 -
  • IsWindowsGUI -
  • borland_delphi - Borland Delphi 2.0 - 7.0 / 2005 - 2007
  • PEiD_00319_BobSoft_Mini_Delphi____BoB___BobSoft_ - [BobSoft Mini Delphi -> BoB / BobSoft]
  • PEiD_00351_Borland_Delphi_v6_0_ - [Borland Delphi v6.0]
  • PEiD_00810_FSG_v1_10__Eng_____dulek_xt_____Microsoft_Visual_C___6_0___7_0__ - [FSG v1.10 (Eng) -> dulek/xt -> (Microsoft Visual C++ 6.0 / 7.0)]
  • PEiD_01091_Microsoft_Visual_C___8_ - [Microsoft Visual C++ 8]
  • PEiD_01272_Neolite_v2_0_ - [Neolite v2.0]
  • PEiD_01628_PEQuake_V0_06____forgat_ - [PEQuake V0.06 -> forgat]
  • PEiD_01686_Petite_v2_2____www_un4seen_com_petite_ - [Petite v2.2 -> www.un4seen.com/petite]
  • PEiD_01693_pex_V0_99____params_ - [pex V0.99 -> params]
  • PEiD_02152_StarForce_V3_X_DLL____StarForce_Copy_Protection_System_ - [StarForce V3.X DLL -> StarForce Copy Protection System]
  • PEiD_02161_Stranik_1_3_Modula_C_Pascal_ - [Stranik 1.3 Modula/C/Pascal]
  • PEiD_03512_Xtreme_Protector_v1_05_ - [Xtreme-Protector v1.05]
  • Contains_PE_File - Detect a PE file inside a byte sequence
  • network_udp_sock - Communications over UDP network
  • network_tcp_listen - Listen for incoming communication
  • network_tcp_socket - Communications over RAW socket
  • network_dns - Communications use DNS
  • network_ssl - Communications over SSL
  • screenshot - Take screenshot
  • keylogger - Run a keylogger
  • win_registry - Affect system registries
  • win_private_profile - Affect private profile
  • win_files_operation - Affect private profile
  • win_hook - Affect hook table
  • contentis_base64 - This rule finds for base64 strings
  • Borland_Delphi_40_additional -
  • Microsoft_Visual_Cpp_v50v60_MFC -
  • Borland_Delphi_30_additional -
  • Borland_Delphi_30_ -
  • Borland_Delphi_Setup_Module -
  • Borland_Delphi_40 -
  • Borland_Delphi_v40_v50 -
  • BobSoft_Mini_Delphi_BoB_BobSoft_additional -
  • Borland_Delphi_v60_v70 -
  • Borland_Delphi_v30 -
  • Borland_Delphi_DLL -
  • CRC32_poly_Constant - Look for CRC32 [poly]
  • BASE64_table - Look for Base64 table
  • Delphi_Random - Look for Random function
  • Delphi_FormShow - Look for Form.Show function
  • Delphi_CompareCall - Look for Compare string function
  • Delphi_Copy - Look for Copy function
  • Delphi_StrToInt - Look for StrToInt function
  • Borland -
  • BobSoftMiniDelphiBoBBobSoft -
  • maldoc_function_prolog_signature -
  • maldoc_suspicious_strings -
  • Str_Win32_Winsock2_Library - Match Winsock 2 API library declaration
VirusTotal Search for analysis
Name 04cd8c45e67ce282_appicon_32.png
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\appicon_32.png
Size 668.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
MD5 cfb51a4ded250c9742e06ecded412506
SHA1 8e391f51ee7368d7a3e8860440176d5834e0ca05
SHA256 04cd8c45e67ce282e730795478081fd85aadac7873b51a025b2d44e3a0902a6e
CRC32 D6C5077B
ssdeep 12:6v/7i1XHkON4hQSWNL2l3L+JshnTyKw/BmkWLNjMlvJk8uNbtm5pNPZT3aVFO7:LlcHWNL2lbaCnTyKwQfqlCRJEBh+VFM
Yara None matched
VirusTotal Search for analysis
Name 0fa324a9999436b9_russian.lang
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Russian.lang
Size 8.1KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ISO-8859 text, with CRLF line terminators
MD5 d3de6ba5990ce668aa99c47e9f183ca6
SHA1 ed6cd7a64e640d5b269662000dc75efc4b44c5e5
SHA256 0fa324a9999436b9abb8ad189716169bfca9bca37a6f35a9c93c7082c7405847
CRC32 26B22FFD
ssdeep 96:vjSjMABEcWsC9ecnhsOyfa1pNT6NS1IPBGEtMA7pF9pNXpa6Y+rYK6hBChS9bMB:vQKcWsCkcJyfaXQGPA7drHYVKgChSW
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name 7b739aa0e5c2fa7b_puzzle008.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle008.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 be4dad85d0049065a4d00f1f9deca76b
SHA1 269b8cecf438b0e54a3f4ecf0889d3dc19de4a23
SHA256 7b739aa0e5c2fa7ba17efae406f33735ea2e2122051d42c72ff71fe0b695a1a6
CRC32 954FBE14
ssdeep 3:bRSLt1/jq8WqttERbUZ6tmLeILWpDZ9LToLRppqm0ov:b0Rw8UUZ6tmLe8e60ov
Yara None matched
VirusTotal Search for analysis
Name 4c01a9b57078a9a2_invalid_puzzle.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\invalid_puzzle.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 28c7e6d44a14f864facfff9ccdd85492
SHA1 1e4cf9b2d42eb11de904659d14e8f5158ce80ac0
SHA256 4c01a9b57078a9a291fad81a54ee2e3205205709189dc4f109036a357a98db41
CRC32 523C7940
ssdeep 3:eh99o9BoLoNLL5gQLWD81oov/LZchF/5ZbCIWNLL5gTBMeXgaEn:eho9SUWQLC8qov/LZcvLCWSeXgT
Yara None matched
VirusTotal Search for analysis
Name 7282a50c577f09dc_puzzle036.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle036.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 6dff8c805a912e902952834ee079e62d
SHA1 d96abdee707c4ac5698b0d95168c9a73cf3c2c80
SHA256 7282a50c577f09dc4e083cf0e691db7fe5c7ecf44107e007fce31d0818bf9122
CRC32 A52C1173
ssdeep 3:ZyLL5L5Sy6DJodCW2LZX5domoS1QeSNBi1I1WE3c5LtLgPo1g1oan:Zy/GzDJodCZL6molNe1CQCwiB
Yara None matched
VirusTotal Search for analysis
Name f25e012149009462_puzzle005.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle005.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 511f68dc4dfa2583a684361f0cbb3b90
SHA1 93c1ac75e3a6614e6e6f23aacf940703da675a22
SHA256 f25e0121490094625cc90986c33d7c973da686cd98724e78da7a6276af9f34c0
CRC32 D292223D
ssdeep 3:Yvc/1gPo1rCW61URyL3/sMmyLXYI1WNF7LgLacwv:CHwFCpUAzUMmyLoCWYLKv
Yara None matched
VirusTotal Search for analysis
Name 33219922122fafd3_multicolors016.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors016.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 fb47adde707c42740bf947dceabea331
SHA1 f5bdaa6331119e7ba8aef9e0a99f29656d29964b
SHA256 33219922122fafd3139b7b3affca998f9078a988ce319dba3d2d0804deb4838c
CRC32 368A057C
ssdeep 3:DRgK0+KXLWu/1LFWcrLLW7W9BvqHLSV0aa:D2K0H7bW2O7cBSHmo
Yara None matched
VirusTotal Search for analysis
Name eec9aae7b1693b96_hard1.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\hard1.ss
Size 97.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 79bd458381ecf010560b2b32cd2c44fc
SHA1 7b0ce40b2a1d6303a1bd859a6f75d3b20540fbaa
SHA256 eec9aae7b1693b96b25bd686276e21d85b096c3a4d39839848f30b24f69d352a
CRC32 37FFA1D4
ssdeep 3:ep/3ULcv6L5LOnU/W/w/noTLWlpv/4+Nn:ep/3Sh2wPYLWlpY+N
Yara None matched
VirusTotal Search for analysis
Name 52b7b567d07befd5_appicon_256.png
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\appicon_256.png
Size 1.6KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
MD5 c9cee688e4cf19981e6174a2680c601e
SHA1 ca0636796b220154e75ee49f67adfccdbabb026e
SHA256 52b7b567d07befd5971d90b7289814dd0db9f6dfccaba9c437e24469e0dec09a
CRC32 137FE3B1
ssdeep 24:3BRzf3ArDY0sPk7cjZ/IDkpMIosDGvdNHYzT15F9NlVyntJ:3r7QrcFc7cFpMILek15HNlYntJ
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name 20e626a68be34837_copyright.txt
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Copyright.txt
Size 251.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 62dbb3b05876a145e6ae7bfd2bbac5d6
SHA1 56478283d0d19d1a6eb5f86d6888fa965c83539d
SHA256 20e626a68be3483714db01c4615e6caaa95faa9d4172717516fe31d3e4c12e92
CRC32 AF79B4F3
ssdeep 6:1OdFIe2ZvKvDNkozCoXAKVB5PSuwUQe4jdd9VPsxgY+kn:1uFp9ZCiPTX0ddAxhh
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name cf7718e82afa1af0_readme.txt
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\Readme.txt
Size 185.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 9d3d2c85756ff419cec6da38bd89a37b
SHA1 2f722064cefd0d48c5f5d03956a7040900d7f8b1
SHA256 cf7718e82afa1af00882af5a9b80cb1640fbfadad56d218a78371b9bcb649170
CRC32 A50CC39C
ssdeep 3:SMbKyPXtH+XR5WOpH/VVJYMQr3MeMQxF+YEJRi6Xt2vGARFKGRjZUovQ3OSbmSWe:DdH+XR5WKo8zQDuJRPt6zKGRjjRumA
Yara None matched
VirusTotal Search for analysis
Name 93eb3ebbcb333f3f_simplesudoku.hlp
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\simplesudoku.hlp
Size 184.8KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type MS Windows 3.x help file
MD5 2f8a1ef0ed6217fb886cdbf09e88e3b0
SHA1 22cd17389c9042174727960986aa796eb4e2ecbb
SHA256 93eb3ebbcb333f3f40ce91850f02303af1dc0e11fe2b9fdf4409721cc8bf8b3c
CRC32 E26CE5F7
ssdeep 3072:gKYQEaY2VlYTBIHk6kPHO1nO525KBGOzF1wgMfnPsbr+CWtg:gNQE4Vliyk6WpepOzvMfnEbwg
Yara
  • PEiD_00810_FSG_v1_10__Eng_____dulek_xt_____Microsoft_Visual_C___6_0___7_0__ - [FSG v1.10 (Eng) -> dulek/xt -> (Microsoft Visual C++ 6.0 / 7.0)]
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name c0cf244045ded59c_mensa016.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa016.ss
Size 208.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 04cdf65dd95e6919a104f1d3c40605c6
SHA1 61c59a8515944a624c636e8f1a8aaebe8fb2f991
SHA256 c0cf244045ded59c07487dd01fe4966cb9b1874f07655e5d13c3789f0950a700
CRC32 18116624
ssdeep 3:C6fjLLZLULYZBLLL14YoLZLHBI10YZbTUDPObcZcko/01BI10eu8ZodZRP3U8ZvH:C6CLYZIYeTKZbwSbcZckoc16o1Nxv
Yara None matched
VirusTotal Search for analysis
Name 0b21013b3e4bb949_puzzle040.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle040.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 9778785cfa0479135e6a9c88483ac881
SHA1 25ef003634fe0f4e863ccc62a71fb2a774cfea20
SHA256 0b21013b3e4bb94912430933639faed9a1ee45627b62861fbaf2f398912b921b
CRC32 CD439D28
ssdeep 3:zLYRb3c9bLW2LZLt16uNy/kvLIWNdLVZvELTh+VwLoa:Y2xLZL0uNhv8CVdVwf
Yara None matched
VirusTotal Search for analysis
Name 73cfc75041d7e5d2_puzzle025.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle025.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 8a7049f37c0cdfbae3545c401b4e6d79
SHA1 07ca6bd36d8aa5b6267a50b93be1844af1adb861
SHA256 73cfc75041d7e5d2992795249e7b82a40701e6a2d8a001da4a848dbce2897fea
CRC32 04AC4A15
ssdeep 3:vucuy/5L5gTJWILWMBsI6LQWL/WNU6HLoHtLL5gL6aeLqv:mS/cAILUI6cM/CU6HLoHtWWaeLU
Yara None matched
VirusTotal Search for analysis
Name 8fb80b7cf75f69e1_x-wing027.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing027.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 ada3d4794d0e5a0084340dae66f7cdcb
SHA1 77638eb076ce554a58e320bd30836dd732b39981
SHA256 8fb80b7cf75f69e1ef241489740fd6ce895718b0c3f0407e92babdf5b730ecba
CRC32 DFCD314C
ssdeep 3:GMSLILLh/macvQ11WAZbcovmW/AztLmcQLWMVguLcqtgTWcTvn:GHIEXy1r4yZ/AjQLvzw6cj
Yara None matched
VirusTotal Search for analysis
Name 70217e257134604c_puzzle042.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle042.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 3ac6293a2779c66caea47704dbc857f6
SHA1 99e05daddbe558b6c334906c76e1c2412f69a6d1
SHA256 70217e257134604ccae68f675f73b7b62778deb569e320c85a53ee4cfca58802
CRC32 2349F7DF
ssdeep 3:SLZn/DoYJ1Zx1I1WNSR/Tovg/1d1yILWm+enLA5oJLtTLtxvyn:StcFCSR/kvAMILpnUoFt3y
Yara None matched
VirusTotal Search for analysis
Name b24e077e54d1e1f2_swordfish007.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish007.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 5f2b70102f052c9cc62cce6c6c571e9e
SHA1 656282cc5fc409b32f2a4c83453f722603347d52
SHA256 b24e077e54d1e1f2c1cf97d54a114dcfe8a2f964d58c52176e9d7d4f2ead3b8c
CRC32 69CB782D
ssdeep 3:idYKtExL5gQLWW/ZLXVLYb1SCWNLL5gFsoFtdcgpvy:aHtE0QLxpCCWeoFteL
Yara None matched
VirusTotal Search for analysis
Name 8297591b707a6e10_puzzle016.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle016.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 739ae3a6b91cf40555443478cdeb8709
SHA1 401019df32b91ffa114f7b16c4561f523967e442
SHA256 8297591b707a6e104c975991fb7456147c8fc143ceaf1d102b02004499077501
CRC32 0190674D
ssdeep 3:K/qcexW55hdIIIWL7LYRQ7ZDYRLULTsIIIW2LZL/1Lv/WvnBc8XZDTovov:DN2BI1JQdMgLTsCZLz/L8XZovov
Yara None matched
VirusTotal Search for analysis
Name 58053a49f7c9d07f_appnameportable.ini
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Source\AppNamePortable.ini
Size 244.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 8634c50b01d5ea4adc0d9eca692cbb5b
SHA1 ce39ebe17200463b7625a07288bae88c688f0ab8
SHA256 58053a49f7c9d07faceb35c298022d31da5b00b8840e611074475b41ceb9b7e9
CRC32 0A3AE46A
ssdeep 6:IQE7Em2VPVJSgBYlyGqMwIjAIMLyJQBABCXh5XMWJk/71NLyJQBAK:It2hrY8fjI8IMee2cXhX28e2K
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name 75945f44a6d46681_italiano.lang
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Italiano.lang
Size 8.0KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ISO-8859 text, with CRLF line terminators
MD5 ccaaf813f4ead6c34b3c004362642687
SHA1 968a6a4654c1e0ea77971ee90618c7ad98d28c26
SHA256 75945f44a6d46681b27d047dff8931368973bc36cb0ce92a4a51a776fcdeafb6
CRC32 954EBEA2
ssdeep 96:vIjnWanaOYS8lLnD3/10kKrwJWMDvdg3S6m9kXUbiTK7HKJt5Y3KKLrOU2zrlC:vEHnaOYS8Bz10kKGSS6eiZ8qJGBX
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name f1a2ee6a4952c750_multicolors4.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors4.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 74b9138d4dac91e75d548a769dc3d733
SHA1 cfb76ed6243075440f588417e25807ea4d1e6ee7
SHA256 f1a2ee6a4952c7509ccb3cac0ef57d379ea536ccef7fc98dc03a03e4b970a468
CRC32 7E65464F
ssdeep 3:iy3VxTIICWNTLLZ2TWtx3BeILWKpGpqNLYLVgowv:b3D8CM8GILbfNLYZqv
Yara None matched
VirusTotal Search for analysis
Name 52bb4ea84207782d_x-wing024.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing024.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 eb58097ffbb6ab2541cdbb395539f5e0
SHA1 3c458727966799fdedb7ef09bf319f07d6a035f5
SHA256 52bb4ea84207782d55ddba7dcee7a9cdab687ea9b8458c6ac0593bd43e18bb86
CRC32 69293023
ssdeep 3:FsT5b/SUv/LLlq1CW0h/ZGH/yLL1Z+bII1WzP1XTejvov:uTx/PXs1CrwqLL1sbLk18y
Yara None matched
VirusTotal Search for analysis
Name ab3a0f65a8b4e20f_swordfish023.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish023.ss
Size 559.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 037abd6be6941e19c9ab3c271c861c0b
SHA1 594581d6f78eb127f1f019237ff1950866608091
SHA256 ab3a0f65a8b4e20f84eb4ad94f6609221ae53defc8e941e363b9c7499f4693bb
CRC32 19547B79
ssdeep 12:wNQouVKFiN8rp9y3XXjjzP+miCN38608l/VsXyqvsVAsH/kZhj:wi0r2XL2C85AFrH4h
Yara None matched
VirusTotal Search for analysis
Name e3b0c44298fc1c14_nsq1.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name 3b6fc53ece419661_x-wing017.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing017.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 9b6cc42f61e3899bbea328b4813f0929
SHA1 b03ce2f9036195f89884ec83932ffe80f99d2d12
SHA256 3b6fc53ece419661924719dbe61955917c29513dd9fbd4efa81356fc05ea0dac
CRC32 B681F8BB
ssdeep 3:VyQClYI1WKz4y6bloTyL4UdI1WeZgUZC4y/tLUQZ0wv:XvCF0zJomLNdCBgUZcgMvv
Yara None matched
VirusTotal Search for analysis
Name 6041ab7aad664158_puzzle002.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle002.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 2c18bb11b7573335854be34b6af02cb1
SHA1 a45a4b3f2dbc4f2da15e8fe67c197e7e80724e9b
SHA256 6041ab7aad664158b68a69c4a5949cfbb50d9b431e2d36884206b02fe282206d
CRC32 8916756F
ssdeep 3:4LZNZelWuLlqkQICWNLL/wxcLBLdZKKQLWLTLe+4qrn:4talWuojCwaLt1QL+TKJqr
Yara None matched
VirusTotal Search for analysis
Name c1984a27622e16ec_multicolors014.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors014.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 48dc6731285137e24b1c7e8bb48fcec7
SHA1 5beafd68f84787723ef7b9887bfedd34e9c232b8
SHA256 c1984a27622e16ecd964abe1768aab9ee1cd6d6d0b435e85b1c2fb16464ec660
CRC32 AC2ACC75
ssdeep 3:4LZSt/cTqoZ3vXzwQLW2LZLjLy6q4ToBTyLIW61LtULOZXvLRLL/rn:4tU/c1tvXcQLZL5Rxo88pyL2vFXr
Yara None matched
VirusTotal Search for analysis
Name f727d2cf14007e5d_x-wing030.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing030.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 bcc31ec2d00c30b0a18437fad7628895
SHA1 42138e37eae22524018088be98ea13d0301ff9c1
SHA256 f727d2cf14007e5d558840a06c350b36b608581ca34184dab765f7cd716fbca8
CRC32 A8D4FC67
ssdeep 3:tLQqgYSFBTyJnx1I1Wn1dR3gTd7ZzQLWeZOZZoP/xLo9Bcwvn:OqgYC8JCIWR2Bqoxccwvn
Yara None matched
VirusTotal Search for analysis
Name 17ee7f49fa9b0bee_dansk.lang
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Dansk.lang
Size 8.0KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ISO-8859 text, with CRLF line terminators
MD5 985a95b4ba1a67acd5bb40cc96238401
SHA1 c244a633547ec392c3975cdea712cd8c5e87551b
SHA256 17ee7f49fa9b0bee56f70a54a2aefbe22ad81d8437feed567c2642dc6e5ea8fd
CRC32 5B14A925
ssdeep 96:vxvsB1h4qwQrZEPwD2dhFFfokSRxVoSOo+PGqN1+2/Si78d4bH3zcNW1p31lk:vxoX4qwckwkQh9cDNLXl3TK
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name a0549c4bf76ec366_xy-wing3.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\xy-wing3.ss
Size 210.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 f43ea5f977b8f54fcec80c67de7bd5bb
SHA1 89b2c08a58bc43d22040b411b82207ee7aa82647
SHA256 a0549c4bf76ec366ed36f731e0fff18d83207be24b260b51da2e4fd65f53a363
CRC32 918DDCE4
ssdeep 3:C6FOyF11tObcZL/sb1BI10SrtovPP9ZeNmoFZ1BI10DQLtyjDPeZoMvFZa:C6FOZbcZob1qn9j12LteCRXa
Yara None matched
VirusTotal Search for analysis
Name 54b4f4ba98a87dcc_puzzle017.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle017.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 578604d513161059bdf60b760d4fd0f8
SHA1 47b5ba51dff8bedfd62e2f374ba27e566cf5a78a
SHA256 54b4f4ba98a87dcc2354923c959026e6ef0d9decd8e18306d77141e5218c4d6a
CRC32 D2E10D4F
ssdeep 3:yiQtLoTLtLRiScCQLWAMvgPJtLvq8WNLLDdloZ/cTGtkovy:yiQstYRCQLXMvKJo8CbI0qtkyy
Yara None matched
VirusTotal Search for analysis
Name b5fcff16b5cb8d26_easy2.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\easy2.ss
Size 101.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 a096c7f6059a65dce72d5c63c5e5a6a3
SHA1 7d336249c2ae1068cfc161a4f04a693c41836675
SHA256 b5fcff16b5cb8d26c115bfba9b37fc5625375b8aa57eaac3bca9a827682478d2
CRC32 D8ADF83B
ssdeep 3:X4A9997Xo9d8Q96opyXlf99yckzcXdX90olS9/9fRvn:zfk/BUocVf99yckzcNuuuLv
Yara None matched
VirusTotal Search for analysis
Name 1357f7d42ed93df8_x-wing007.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing007.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 f41eb6355648ea8fc91515df90bad098
SHA1 7f7a087537b9da25cbe79184ac29f1ed0731bebe
SHA256 1357f7d42ed93df8a78f1d8ba15cefc1cabc59895d7d59ea97c3050deb86065f
CRC32 841A5A20
ssdeep 3:evXnoTE/cQLWpYBvvQLTW1io/LZ6ty1CWNLLHoNLLgLULLtWKLrn:wYw/cQLeYBvvUw6k1CCvIoLULLtWA
Yara None matched
VirusTotal Search for analysis
Name d678467025257721_cesky.lang
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Cesky.lang
Size 8.3KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type Non-ISO extended-ASCII text, with CRLF line terminators
MD5 d7feb52598f1940e85dd1e28a29aa51c
SHA1 d8c64f64f1527b71983e238d1b6e5888c2532b62
SHA256 d6784670252577214c7cea8eb43debc38c8f6fc1ccf0e272b3d5811f993bd3f9
CRC32 ED6B795F
ssdeep 192:vSpOy7ocSOIjTIaTSK89bdO2kkiuefVqMU2f:qr7NSOQIot89xOJHfVq4
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name 438b75c5d0ecf43a_moderate2.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\moderate2.ss
Size 97.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 59fed44404b2dd9e41e877a81abf4883
SHA1 99adf847ca85be668b704f6bceef902a4f606db4
SHA256 438b75c5d0ecf43aded9cb9eba99282b9ab3982f1a854116fdc4c637d48a3789
CRC32 B5452D95
ssdeep 3:I29CyctC9fxolRnh+9ov2xovQffxAvxfZ11W:IaCd9Lnh+9o+xovQGvxfU
Yara None matched
VirusTotal Search for analysis
Name 4f0f2793896f78da_xy-wing5.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\xy-wing5.ss
Size 210.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 98c93a28bf1c6084efccf70423c0f312
SHA1 34b697e858c11b446ab63c1bd0c90966f3a3dda8
SHA256 4f0f2793896f78da2efc8501da9c0d917d131048d59d318c9a348815f5909732
CRC32 C599849B
ssdeep 6:C6sJojwc3tYop0bK97lNapAiZZsb2TWC6a:C6a09fp0bsLapARbJa
Yara None matched
VirusTotal Search for analysis
Name 972d7e133f8f8cd4_puzzle003.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle003.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 227cac53a90336251403d0fa828052c2
SHA1 4ddcb59cd1afeff32e51ceb69ac32c1f3a2b3bfb
SHA256 972d7e133f8f8cd4dbca1d020e267bb69497cb320a4ccbcc82817e84a8b9e044
CRC32 39A4FC2A
ssdeep 3:r15yX/9vGK1WYjoTmTLLJpRc/yILWkiTv/LZRLgLLdiLr:reUE/joQ/aq8/G/LZyLsf
Yara None matched
VirusTotal Search for analysis
Name c498571eda48b4ab_advanced010.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced010.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 c7f13b2c121fae42129dbdbe6847c0c3
SHA1 09b72857a08c2f3279356ec49a5bd1318b84d70d
SHA256 c498571eda48b4ab9c2a2f38b800d50057bbaae24cc1628eae3721e9d67e55c8
CRC32 5EB33272
ssdeep 3:SFWoj9KyWEEPIIIWNRL5UmZEztLiZL/oQLWDoFno0t1eoTXhZT/rn:SFWoZhgI1CgmZ7ZPLCo4or
Yara None matched
VirusTotal Search for analysis
Name de16354b345c0931_puzzle012.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle012.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 5b594eaee9d31d9ffed85f267d693fe0
SHA1 12255241b1a9fb65da6a906395fa952b9adf8c6c
SHA256 de16354b345c093195a93655d1669c3a4f29d0b7f181c1e001fb2be1ce5a8cff
CRC32 4BB5B7EF
ssdeep 3:6/cF/pFRSL4I1W/c1X5dLZLL5eYX0SnoQ11WiKmlhTtL//eov:6/cnF0L4CV1TtMNSoQ1193cov
Yara None matched
VirusTotal Search for analysis
Name 491a623cf132d428_quads1.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\quads1.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 a7f52b991b259eb1a01c1af16dfeaeea
SHA1 e89bab99e2cc37823ec8c35455eef1098a8fbc79
SHA256 491a623cf132d428c9dc6af2293c2ec99b917a4208bdb4bb547d554017cab21a
CRC32 6676DB84
ssdeep 3:2XjLSYSR/t//WNWzWLrcGcLovFRUS1qILWpDZSzcZLHn7v:wiYoCWzW/cGDNywqILeEzcZnv
Yara None matched
VirusTotal Search for analysis
Name da9d80ab8a76f6e9_swordfish3.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish3.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 990ccbd3227794e1484128c73ed15555
SHA1 82c4b1928070778e9604188a81a953626ade7020
SHA256 da9d80ab8a76f6e9a814f522fa1d3a0c18af4f856ce28bec0c608508c2a786ac
CRC32 C7C40344
ssdeep 3:ZQxi82LtgQLWsLZL/oT/kLYLtLX3LbLWNLL5QovQLL1nB/Fiyovn:ux72LCQLTL1/owUrLCCoILnVy
Yara None matched
VirusTotal Search for analysis
Name 9bcb4eb2d2e65cb6_mensa010.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa010.ss
Size 208.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 e76f815dc2ebe62fcc5a2339148252e0
SHA1 6102240f2a0f4ef5a1260cd407efe88bc269c7b2
SHA256 9bcb4eb2d2e65cb6672f28ffa7f729fca8aa758f099febb5abd1a1382aed4b74
CRC32 2640B36D
ssdeep 3:C6cXZlbstBUZW1/F/yxBI10BLLLttZ4ERZFe0/LuvBI10g0jLQTZbavFZfRr1xv:C6mrwjUZVxT/gmwvgTgvj51xv
Yara None matched
VirusTotal Search for analysis
Name 6f5111b3e20b648a_very_hard2.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\very_hard2.ss
Size 97.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 1fa138209b838fafa4b55fee8c48de8a
SHA1 36c1b6793c4e914c1dc3fa2d606b28c131848753
SHA256 6f5111b3e20b648ab099e22f3eb5a08458f6788058aac2612271002c44000cbd
CRC32 1A754756
ssdeep 3:XhHSXs4tlIc9LILcvIL4gLmMSv:x0TPiLSOmMSv
Yara None matched
VirusTotal Search for analysis
Name 8effff783ccc40eb_x-wing021.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing021.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 568ae1ff4daf2bf073d4a600e452718a
SHA1 3d4b173cd363aa6d117a76f22d0dd3ef5b089686
SHA256 8effff783ccc40eb61df09dd0891cf34775d67b38e0a3feef3757795b8679188
CRC32 E6F4E507
ssdeep 3:qLRLLKt5CWYeSgZLLUvDsRALovC1W2LLaLFcTZoLt7v:qLRyt5CqSgZsvoRuoEZWLu1oNv
Yara None matched
VirusTotal Search for analysis
Name 276ca3f645bdc9ef_mensa013.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa013.ss
Size 208.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 5e9f2150cc2e3dffe81cda2f8344ba2f
SHA1 c365923776ef9bfa23fb47ff7ee8b55613eda65c
SHA256 276ca3f645bdc9ef791fa371c297874212f27fac921b5d4f1ad0b9b16a8cf18a
CRC32 9565C12F
ssdeep 3:C6Heckd/yETB2IBI10V16BoJZJALZL+kj1BI105MWYLZX+mZMLsNxv:C64DQIsHJj1huumZlNxv
Yara None matched
VirusTotal Search for analysis
Name 67907023ed9e0bb7_x-wing016.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing016.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 5643ef6f465427b27d1a8380342201b5
SHA1 b8b0ce06c513eecd8e44133d4de108de92710242
SHA256 67907023ed9e0bb7db849cdf9b0ae855de1aa8da3e413bb798ea03b02650af84
CRC32 6321B4F1
ssdeep 3:YLED/oRcZLgvLWKLWQAbLILL5gTl43LW2qxFclBUBav6oan:YYDw60XflWp43LSTcdioan
Yara None matched
VirusTotal Search for analysis
Name 81f50fadd8d1bd2f_puzzle024.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle024.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 2a302f50f8b4965a82f532ced8361116
SHA1 3b6e1f814c7a199599560d5c5371faec5ce81756
SHA256 81f50fadd8d1bd2fe5e5829e09365dedcf4aeb0fd0a7fc2c8100aacf5cbdbb28
CRC32 2F2C84A0
ssdeep 3:by/J5b8WqovIII1WKLkL6BZv/UqZCyI11WAZqZWTtSLjy:s5QBoQLNI2j/1AbLSosLjy
Yara None matched
VirusTotal Search for analysis
Name e722359ed48f92e0_simplesudoku.cnt
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\simplesudoku.cnt
Size 259.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 00a56292ba5032a59b9919e8b1a41ddd
SHA1 7a7b6f87e0dfc198049203e8ab43e572fc1d500c
SHA256 e722359ed48f92e05f0b8120df505afd61f821404ceb4a5b1dd2fb84f5df40c4
CRC32 A88D17A3
ssdeep 6:tVJSXdReSmGqNzEh1MKEF06dOoErSFEdQ3LVWXUqVVWFXbAfVVWX6y:JSXdRetEh1MKEGJr2V8B8GfV8Ky
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name 0ccd4433b9de23b0_francais.lang
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Francais.lang
Size 8.2KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ISO-8859 text, with CRLF line terminators
MD5 335c80b71a5098b5e6be403594160191
SHA1 ab4ca540f96f712e2aad5119aeed0c61da8e03c5
SHA256 0ccd4433b9de23b0ead6c05258961c7fd511d6a4a4382c0fb13c04d989707360
CRC32 14940660
ssdeep 96:vqiQhdNRxTsxod7FV+JmAhjOz1pNT6NScfE0tXlMZLzQ3+9t+YtL3xTSe8Dm3:vK/NRxs6V+g2jOzX83VjO9bBSu
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name d8ef283ef71333f8_x-wing026.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing026.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 63c6d76c22726e9cc64b31c888446241
SHA1 638634578b55d0b6d733f4faea9bd923c5458b21
SHA256 d8ef283ef71333f8619633c283803019c84e175f47cf13acdb2dd4e34e46f00d
CRC32 DC05398B
ssdeep 3:eMW9oTRLLFa1XtYCWQS1XcKG0mIW7LMZLSLyS1CTRdLdRrn:eXuNaoCzicKG+wo1S/oNp
Yara None matched
VirusTotal Search for analysis
Name 853acee6243cc3e7_moderate1.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\moderate1.ss
Size 101.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 151ab21f3f73a35804359d1846562673
SHA1 a4cbed61c50ee4e0e43292f1e9dccaca820a8716
SHA256 853acee6243cc3e787a2a10e44e4ba09c0d9b3a79085a8bc6b88107e688c8bc5
CRC32 F04FFECB
ssdeep 3:XV99ovxffyIN9y9hHR9Xd9u7yEDw9u0U9Ut99ovovn:qvxiM0cpwE0UKSvov
Yara None matched
VirusTotal Search for analysis
Name c964c28e5e3c3261_swordfish010.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish010.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 ce17887561b796a83243121a6b9d273e
SHA1 d211500d5bccd534ec74183b4b26594fd3b49311
SHA256 c964c28e5e3c3261b3c285e3ba8b380e6400b25fb99c396bf47058386acd07f2
CRC32 F5DCF393
ssdeep 3:+LtWLeQRL/1yT0Yt1CW4+L3Z/pLq4/Wkblo0vU/PLv/SVyovn:+LtWqXAYt1CELi2/JoWUb/ty
Yara None matched
VirusTotal Search for analysis
Name 87f723a1820be637_colors1.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\colors1.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 06a0918dd3f4c64a836211105f44803f
SHA1 ae6dea87e59be807c12d69ff988576b1ff6c7096
SHA256 87f723a1820be63789c766a7882c9430bc181da545004a2169d3d851cc9afc88
CRC32 C2AAFED2
ssdeep 3:SLZoLSZQLLo8tLLLoQLWCZDKTRTLc0LRLLmR7WNLXMp/W1/1S/R7Aa:StoLrLNt/cQLpDKN80FuR7C4p/P/6a
Yara None matched
VirusTotal Search for analysis
Name e4bf4c6bda5d7601_mensa009.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa009.ss
Size 208.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 9bcbe3f31508aa0397254f26642f8474
SHA1 c8f7a3014705c69e35c4096a947146afe61a3a3a
SHA256 e4bf4c6bda5d7601b287065051e3558d9c1b844bc8198c6743fe7b7a10c7403d
CRC32 24B9CC5C
ssdeep 3:C6aH1ObH1lZLTaCH01BI10wTiojOyUxdwGFZ1BI10ayb3Zqo8+1xv:C6aMb9LTjH01hfLdj1IybDf1xv
Yara None matched
VirusTotal Search for analysis
Name 12ac9242063273f0_very_hard3.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\very_hard3.ss
Size 101.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 226ad959a39024d35d12fc3a3b2c0f43
SHA1 4f097f0ec0a03d3d99c272bc6c2485a39b988236
SHA256 12ac9242063273f081f464988cc9d8cd133b21863c2fd7cea0c5a4c4394b7177
CRC32 821E21F5
ssdeep 3:I9DKlf/9oOIuPTXy7+9w99Vfov1fvv9RVolg9U+Owvn:I8B9bWWIQv1/9DX9U+Owvn
Yara None matched
VirusTotal Search for analysis
Name 10091609dcd47f4c_puzzle028.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle028.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 a2342cf47e7fec683fd6932fb09a1422
SHA1 9c97672a034a7740cad6ac12e83df49e4566f6f1
SHA256 10091609dcd47f4c2e33834d46f4589f9b02decb0793e4ff21cbb35e10808a29
CRC32 FC9F4E3F
ssdeep 3:nFxvjL6L/oTZXRbLWNLLl0M8//cQLWAZJZGoNLLqkeUxqy:PjL601XRbLCqaQLrJPSQoy
Yara None matched
VirusTotal Search for analysis
Name b5c9859b83b421f8_x-wing009.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing009.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 7a479567f7efd6247a14d73fd2b1c0ee
SHA1 951043a7850c7faee7c8c584ba0633197740e90b
SHA256 b5c9859b83b421f816fc1c95e305e1bab3e247110d4917967da402873786120d
CRC32 B3C0507D
ssdeep 3:WLSX9PL7Z/pLtLkXYI1WKS9oF/vTy/Li0CIWagJRQtpoMtMoLoa:MSX9PLvL6XYCFSh/uIQfQ0s
Yara None matched
VirusTotal Search for analysis
Name 86c8ee210e661138_nsdialogs.dll
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\nsDialogs.dll
Size 9.5KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 d2e45dd852a659e11897df573832f381
SHA1 19990ee627c95b6c18d3b5c5f0ec5c24791d0af5
SHA256 86c8ee210e6611383a634dcb8c60455063ddae3d7adccbeacf3adf7bf2a46676
CRC32 2D19696A
ssdeep 192:o18cSzvTyl4tgi8pPjQM0PuAg0YNyfIFtSP:8BSzm+t18pZ0WAg0RfIFg
Yara
  • IsPE32 -
  • IsDLL -
  • IsWindowsGUI -
  • HasRichSignature - Rich Signature Check
  • PEiD_00497_dUP_v2_x_Patcher_____www_diablo2oo2_cjb_net_ - [dUP v2.x Patcher --> www.diablo2oo2.cjb.net]
  • PEiD_01686_Petite_v2_2____www_un4seen_com_petite_ - [Petite v2.2 -> www.un4seen.com/petite]
  • PEiD_02152_StarForce_V3_X_DLL____StarForce_Copy_Protection_System_ - [StarForce V3.X DLL -> StarForce Copy Protection System]
  • Contains_PE_File - Detect a PE file inside a byte sequence
  • contentis_base64 - This rule finds for base64 strings
  • maldoc_function_prolog_signature -
VirusTotal Search for analysis
Name d535179572915556_multicolors7.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors7.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 f86b3eb87a4c3c175549de8fc62f651c
SHA1 d4d47707d51cb2875960f7cd8cea8ad141c1dc51
SHA256 d5351795729155562b366236f4e5dde4475c9f9dc41a7069e8d8485ce17cc7fb
CRC32 88C19D2E
ssdeep 3:N/51vjL9ZWSLILTDfI11WNLLfoTLcgZ8veoLtLgQLW20TvAoxZLL5Ua:xjLS4IULC3oH/sBR0QLm0ofSa
Yara None matched
VirusTotal Search for analysis
Name 57529c560e938d3a_swordfish013.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish013.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 0f57c18773a202710a2723e8c7e23a14
SHA1 18f1cc80c5834eb79f00152307100c7130fbc765
SHA256 57529c560e938d3a6c0d9b86b0a675d51fb5015249b8fb54e4fb273fb639eee1
CRC32 53F380A0
ssdeep 3:ez/URdL3cEj5Fv8WNLLeLmoFgZodQove/cQLWlZjVcy/Q1D/eLRTLLZcr:egCEjn8CGaoFbe/cQLYZ6y/wWFK
Yara None matched
VirusTotal Search for analysis
Name 68b9ac7db76992d4_swordfish002.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish002.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 e681813007d3d11960e2f89c88e4683a
SHA1 dacaede661924ccc2148a8447d526a70c3edb86b
SHA256 68b9ac7db76992d44ca6819a65783299c605d8d044e29053538d0840e065e614
CRC32 40C327FB
ssdeep 3:Mlc/5txcgTdSNICIWeZxLv/QZR6U4eb11W2W17oJZLWSYrn:MaawdSN8BZ/EJbLZsNr
Yara None matched
VirusTotal Search for analysis
Name 2fac83d15ddb13cc_hard4.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\hard4.ss
Size 101.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 b7a670acb96eb300c1def544fac933f4
SHA1 7c7ba4f3f3e28f69b86d4542a38f814942e843b7
SHA256 2fac83d15ddb13cc68c16c49f42e56f1cb0e0d0ff8b499e328d7e3abbf2f78b3
CRC32 1C426C84
ssdeep 3:3Mov13lW5dy9fXWblfxOYfVovdRV49uvEfX9:cotcWsJfEoCvTi9wEft
Yara None matched
VirusTotal Search for analysis
Name d013667ea5ccfd7d_nederlands.lang
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Nederlands.lang
Size 8.4KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ISO-8859 text, with CRLF line terminators
MD5 4884d29eac37048ce169b44ace413691
SHA1 4e2bf09eeb51e10fe9759749f7116a1b00de29d4
SHA256 d013667ea5ccfd7d538ef567383c7a282b3c12167e92774eeba2ebc7fc068f91
CRC32 51997646
ssdeep 96:vH178x+lOU7oZlm2t3yGHA116CQn39tGcCj+j+k+u+5Snhsdb8NlX13suxX9fWpq:vQ+AU6fsWH0ANWKFrPX
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name 61faf732eed5843d_deutsch.lang
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Deutsch.lang
Size 8.6KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ISO-8859 text, with CRLF line terminators
MD5 be1d8f34a70dbcf81bcaf63cbffb288a
SHA1 6d248d586f8d8718ca735291f6a00c7e5925d740
SHA256 61faf732eed5843d1ea46f5a95f327f998577edd65defd5dca3988954b5e95b5
CRC32 88F2B172
ssdeep 96:vGj0+AK6N0JWohXQvLlZXdaQc4Cl+KAlHGRWCrtWxgCgdUzf8ZZPP7bFUE8cdExd:vqxAHN0Jov5I3LIISSPUE8bxFRR
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name 91a4d26b01a39c10_puzzle006.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle006.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 a73687dfe6a3d3eea67d5d84c9541aa7
SHA1 d5792f1a6a34c154c71b66cca33d472c542fe537
SHA256 91a4d26b01a39c1022372e5125159784b1931f906d37a84fcd874bdf5994a2da
CRC32 EC5D16FB
ssdeep 3:EJUiLULtLL5hpHK1W05lLILL5gTl45TcbII1WHh/QgTM1SUyy:EJUiwLtdHErQWp4NcsI1cxm
Yara None matched
VirusTotal Search for analysis
Name f47770c73795aa15_x-wing002.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing002.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 c28bee8d5a3a361f4b66f4b0562643f8
SHA1 dbb3fcd17479808a7d9075247fe58c8904784ea5
SHA256 f47770c73795aa1566dbd746fffd85eef73ad7f45d37c9b776cdfd9ab9ea39eb
CRC32 7A305C95
ssdeep 3:M5th1vTL4/XLWp2vDZLL5gTIlq1CWNSRtLoTLpZS/9L911vyn:MTL4PLeIFWUq1CCSRtcHiny
Yara None matched
VirusTotal Search for analysis
Name c4e1faa45cd6af25_svenska.lang
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Svenska.lang
Size 7.8KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ISO-8859 text, with CRLF line terminators
MD5 048ce839f06fbbda0176425a2fc42326
SHA1 1fdc4f4782d8a5d1d8f236d4b81e924f161a4ca1
SHA256 c4e1faa45cd6af25acde3d186a1e49a346db1357d1effe8804c00f66fd7eb2e1
CRC32 E8086956
ssdeep 192:vKhEjd77F/3ggaH0ZXU88JvKfd81P8mg+:CC7p3o88hKfdWX9
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name 53bb519e32931649_w7tbp.dll
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\nsv3.tmp\w7tbp.dll
Size 2.5KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 9a3031cc4cef0dba236a28eecdf0afb5
SHA1 708a76aa56f77f1b0ebc62b023163c2e0426f3ac
SHA256 53bb519e3293164947ac7cbd7e612f637d77a7b863e3534ba1a7e39b350d3c00
CRC32 FF2B5710
ssdeep 24:etGS4R/39doyOzHaikQ7I9lYFxu3GUY1Bk5L2:64RVdojLJGWnWMi5L2
Yara
  • IsPE32 -
  • IsDLL -
  • IsWindowsGUI -
  • HasRichSignature - Rich Signature Check
  • PEiD_00497_dUP_v2_x_Patcher_____www_diablo2oo2_cjb_net_ - [dUP v2.x Patcher --> www.diablo2oo2.cjb.net]
  • PEiD_01686_Petite_v2_2____www_un4seen_com_petite_ - [Petite v2.2 -> www.un4seen.com/petite]
  • Contains_PE_File - Detect a PE file inside a byte sequence
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name 29323238e58c330b_very_hard4.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\very_hard4.ss
Size 101.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 1a56ac9aec749966f7c998ab8477dc08
SHA1 c36c2e6609b2a02f2d85fe5f3971a348112f6df8
SHA256 29323238e58c330baa263cfdd06f501e689a941abe7e9fbf8ffb0f46dd78659b
CRC32 BF84FF04
ssdeep 3:Et+ov39svk96cTkkeMWLQ990L0SX9b9ovc989Py:Et+y3evk96qeXLo9ktWvcqPy
Yara None matched
VirusTotal Search for analysis
Name dd829115081434cd_advanced005.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced005.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 e093475fa05a84d85e627dcc39baca32
SHA1 5528d163073427e8f961fd88fdddbd3515ad4e0c
SHA256 dd829115081434cdb504f8b9c2c6a2e4813897dbd3c0ddec51a801b8967bc9b0
CRC32 0FCC0695
ssdeep 3:M56BcZxUyDbBXLWNLLKRvv/MLklQLWNSRgeWOv4Lv1lyn:MIyxUmtLCCvv/PlQLCSRc/y
Yara None matched
VirusTotal Search for analysis
Name 5a38a579e2e19009_multicolors006.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors006.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 cb324447201a7f45f528d3d3c469e237
SHA1 40a48c102d390351b563ebfbfad93ca8e8c8059c
SHA256 5a38a579e2e19009cf3de471b9572ea86e004d7c3caa40dee484e3a9a36f62d1
CRC32 EC6193C9
ssdeep 3:MZdHYLLZXL0kv8Zv8Wg9EdTQLYyoQl1WDY/yLW3BL7v:MjHmtvc8rEyfoUCYqi3Rv
Yara None matched
VirusTotal Search for analysis
Name 9abc52858ae4ddda_donation_button.png
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Help\Images\Donation_Button.png
Size 1.7KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type PNG image data, 110 x 23, 8-bit/color RGBA, non-interlaced
MD5 bab4268c0bc3b3051ff38b21dbe35a44
SHA1 ea7adbbd731bb1747afc9da72340a0444b29abbe
SHA256 9abc52858ae4ddda224ee9d229cb38d252ae9ba46633da4ac14fada25dd489c6
CRC32 F486C53D
ssdeep 24:aoPfexW3T0UjeA2fijjxMhDnUcO7QLgYNw69rFbyQCwbozK8yxkxuE3u5F3pKXTP:aw3T0GeA2yMhocrVN5uXwNF0FGpU
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name d496b811ab85dec6_multicolors017.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\multicolors017.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 9c84c0c1e61dcdb75c0b7fcae0d36f6c
SHA1 48a052b3092ef043a61d54cdf8fc50223a262816
SHA256 d496b811ab85dec6e2df370e9f35bdd7dc23c9635b3412ce5d0f9fabb3be90b8
CRC32 3D5D12B4
ssdeep 3:6/bTtRdUSRiC1WNXLCkHTLLsbILWibHBySLtqZLLcLTyov:6//G4i8C+knQbIL97ByS4/c6ov
Yara None matched
VirusTotal Search for analysis
Name 9bd488de81f7e287_unins000.dat
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\unins000.dat
Size 7.5KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type data
MD5 e8e8cbe154024aa64763f2149e93a0de
SHA1 0213767323da4c9f514e8b92173398103f4f0081
SHA256 9bd488de81f7e2875148985d59a7cc648e370bfe6bacc522a94d1b7ee594fe4e
CRC32 D03C9F74
ssdeep 96:cA9FWJORviRJbnGoQ0xZOA5QyRf6JceWiRoWFTfRBE7dRd9iMi:coF6Vm6zwX
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name 9009eb583c0e84f0_x-wing013.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing013.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 27923a91dc25809d2a587018408aec74
SHA1 d8695783e3ce7d099f95031768e84e492a5a7e01
SHA256 9009eb583c0e84f0188b5d56a36d3e7d6d3474e2f46c9bbd8830745e996199ec
CRC32 0FD99A6F
ssdeep 3:MlE5LbLLH1X6IIIWNLSQZSvFSLov/RZDgQLWuLiILLMJL/yS/TZUrn:MqLL96CCmMcku//DgQLBLiI/MJWSrqr
Yara None matched
VirusTotal Search for analysis
Name 83d3d64b4e11ee11_installer.ini
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\installer.ini
Size 56.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 8eb890b7495e9108077a781e3388cfe8
SHA1 84f381c5c89dfd92d71b11f6bedaa669aa2c5f6f
SHA256 83d3d64b4e11ee1168ea19a17d63c5c7f7593fecc26940178c0a845d3603bd72
CRC32 04E17FCC
ssdeep 3:PBolsS9BkxrUGQtRov:5oduUHfy
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name 4b67c69903932329_mensa006.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa006.ss
Size 208.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 b20125a1c8004caf7a9ed5850266d39b
SHA1 16930151f4bfc2f7237b4568f3afa8bdb04e2a80
SHA256 4b67c69903932329e2608b1c2c8e056c4109857228e98d6f6b3ec84a1cf15d3c
CRC32 851C77E4
ssdeep 3:C6oVQyEU/Wb3S1Nj1BI10e8ZLrPw/bLp/Z/dZXIBI10voFZDbAodiLLZL3XLWXv:C6ouPb3S1f1ZfI/bPIxojgo4RP2v
Yara None matched
VirusTotal Search for analysis
Name c3d12a5ba1a41ffb_x-wing011.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing011.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 4655897176c6b6f0dd31ce883e7e6144
SHA1 2da0efadc42023866450509349a7b0f5beb09b8a
SHA256 c3d12a5ba1a41ffb6b276ad1615461a3032731989e8a505f503f08b81233f3d0
CRC32 50CE0248
ssdeep 3:MAoLLyXG/pLyRDILWCZ/Ltv/QZLz3vC1W0o0RRQtjvLLLtEcyov:MT/yWRLyRD81Dd/yEa0HQxHmcyov
Yara None matched
VirusTotal Search for analysis
Name 7eb61ddd5a05ae3a_very_easy1.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\very_easy1.ss
Size 101.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 a1dd356b31c5ea0c1b931e58a805c964
SHA1 b054ceba325d519c109652504b960f1507764915
SHA256 7eb61ddd5a05ae3a8d3de93fa3b38dab338083f45607c2560207597f9f9ef5da
CRC32 46FA0B1D
ssdeep 3:gaXZovF9col9lovMEO/E/ZT9Kvwf99ovVJf2k:Ev8u9loUESv9vfX
Yara None matched
VirusTotal Search for analysis
Name f97ef77dcb3953f8_advanced007.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\advanced007.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 e640c003a4a6ad19e61d0ddb8cf56ad7
SHA1 84a387107753f193b94a08e119094fe8a9a9e366
SHA256 f97ef77dcb3953f8e46646740b547126a4153e0886081fa664ff64ad58928c62
CRC32 5C413DF6
ssdeep 3:LLoP/nZtTLtLQTZQbCIWKlqmLWa/FjQCIW2WsJKThZVoNLLi7v:g7LtkTW/Fk8WS+ZNkGN0v
Yara None matched
VirusTotal Search for analysis
Name c8622f95ed7e5f58_puzzle004.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle004.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 a478be13981096202e83f6ef060a415c
SHA1 b9eeb42c2a6e986556a4fdf830d6131071711741
SHA256 c8622f95ed7e5f5858d53e706179667fc6119e56e74e7858f8b03d7747a0d550
CRC32 FB7EE77A
ssdeep 3:sLtSLZO9oT2EqILW+dt/d11/kLTYK1WNW3LILSLh5Zer:qtSA9ocILKvCW3UmLf8
Yara None matched
VirusTotal Search for analysis
Name 56fae97cf42286b7_puzzle032.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle032.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 19312fa03329639dc527e4633497e99a
SHA1 13a65459eedfbd17945f4985bb74a5b476fdb3b1
SHA256 56fae97cf42286b7136d482714b7a6f616e304066fe0e66eb03664abd671b72e
CRC32 5266438C
ssdeep 3:hRLdLYRLL5gM/AZL4WfcReyXLGQiHLQtWWmIWXLULZYoZL5gTRTLcR:hRLSWMo14McsnQiHa/YgLUN8R
Yara None matched
VirusTotal Search for analysis
Name 0a5efbe04d2ffd52_mensa015.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa015.ss
Size 208.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 9d061c62210c4641b9de3f07c8da5bf4
SHA1 02965df88e1f85e1b9a489065a8691be2ef76d61
SHA256 0a5efbe04d2ffd52a3fa43aad3213217e7a886970061a7294db7044ec44b64f3
CRC32 CCB69A54
ssdeep 3:C6HP4YHwLZpkFZYZiUb1BI10NLZ24TSb4cyxBI10VsXuc3Z/Q1Ls3tPONxv:C6QYQtpkjYZrb1HYJbGxMXuc2BsMNxv
Yara None matched
VirusTotal Search for analysis
Name 22aafe314bc2b3cb_swordfish003.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish003.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 1b59c34c46fb2f90f792b72e1a9cf4e5
SHA1 10f26216d6b3fe47fc8b6aedaab52b270b21180e
SHA256 22aafe314bc2b3cb6ae46e818e8820e9d2f4eedd1dc45c99e6d9aab3884218bd
CRC32 26397558
ssdeep 3:M5up9PLhcqLLtLLkXYI1WKYLcTE6UgcpQCIWagToJSf9MPvyn:MUp9PLKqLLtsXYCFmDgcyQsJS4y
Yara None matched
VirusTotal Search for analysis
Name 3959381aab454359_help_background_header.png
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Help\Images\Help_Background_Header.png
Size 269.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type PNG image data, 10 x 42, 8-bit/color RGB, non-interlaced
MD5 a1eaee3ccb8169b680415d713720a2fa
SHA1 8cf2eff4faa05a34bfb0b641b8765773c7ac2ed6
SHA256 3959381aab4543593fa69fa7980946dbf0b0bab25924c8b38f6e88f7f69b9c19
CRC32 D14F00B1
ssdeep 6:6v/lhPTnDspO68hvS6IBe0ZZUngZlq+2dp:6v/7Uk68FS6c3UngZlq+2z
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name 658a907377a50239_puzzle026.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle026.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 dde41d6b493ffc6a15b838f6e14543f1
SHA1 3f2cef3359027caf25b5172a0b07f5871a41d389
SHA256 658a907377a50239ac8621e0e8fcd9e6ac68bd26657bb4cda932e908d4a8b09b
CRC32 BC678540
ssdeep 3:T6LLL3qILW4ZIwvqZLO+TIWNUccGKteLoa:OLLeILXXvqg+ECUYKt4
Yara None matched
VirusTotal Search for analysis
Name 52591f0cd8ec5a5b_x-wing1.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing1.ss
Size 99.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 9aee34153b7a005d9e264e5f9cf7d516
SHA1 7a4c9bffe51e1a2f8d31a9a9f114e2f93220c6bc
SHA256 52591f0cd8ec5a5b8c98cc7bb5f2d4f3b74c8147153b736098d1f49e26068190
CRC32 ADACFD7A
ssdeep 3:qULcvQMXyvILovXScdWUbWWSZTLJLynmTMe:hLcIUyeyXScdTbSLlTD
Yara None matched
VirusTotal Search for analysis
Name b1270e7256cddb50_x-wing023.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing023.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 9081a6b3f6b565931feaa1989293d801
SHA1 627a96ba5812d877fb9b04c31cee8d8d8d7a3cac
SHA256 b1270e7256cddb50c61cbbeac77582e97220d3630bdc9691d76a26b48292ed4f
CRC32 57B3F2C5
ssdeep 3:F1eZLbvwLRvvcgkbCIWmK/5yLWQ+dI1WDE5ykwovEOlovyn:O1bIB/k/xKQiJCCEpEoovy
Yara None matched
VirusTotal Search for analysis
Name 9085d4e23cd2584a_x-wing3.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing3.ss
Size 99.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 897e6997dee4f2c16d2d7c05b343b840
SHA1 28e6e58526edd118cb70b534e5617437389d69ba
SHA256 9085d4e23cd2584a42514317d6492b245d0d36f968e4b5af9c7c5f611e912e83
CRC32 6286E2CA
ssdeep 3:XbFQdLWATEY5y/i/yLLvo/XnxvtL9Lo0De:JQYATEY5m3/vSptL9cme
Yara None matched
VirusTotal Search for analysis
Name 58d6adf9f30d2b17_x-wing022.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\x-wing022.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 0861b9f2d427108030e4b563f87322a1
SHA1 c8515f6241163d414ea0fdce02213f65d74d442c
SHA256 58d6adf9f30d2b17e429eb4f262b339cb81be4612f89934544dd36735af040a3
CRC32 08A6686B
ssdeep 3:eBcIRcLR1LTmL1LOyC1W0PLP/B5tTULSI11W/ZXLVLoJRdLQZxv/LZLR5Tv:eKI6baQ/b5DULSILepL+feZxv/LZnv
Yara None matched
VirusTotal Search for analysis
Name a73fdf71708e079f_hidden_quads.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\hidden_quads.ss
Size 210.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 f1ee4e7d4d26745cab3e6bcde8bee431
SHA1 55628df2b000bd01dc5b067b0cf72ed3b9be38e4
SHA256 a73fdf71708e079f56582383bf883240626ce61b610b8757a96a7826898e73a1
CRC32 E9B95911
ssdeep 6:C68gRe8zZWdppCy0SbYZk6Y1JSb+FeUZvXa:C6XeykpCSbYU1JSb+FeU1a
Yara None matched
VirusTotal Search for analysis
Name 548ef49a787f043a_pac_installer_log.ini
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\AppInfo\pac_installer_log.ini
Size 548.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 4edb16cf5f853543dbb4959db13cca8e
SHA1 25cddb40cfd7453043019fe517e7735644c95709
SHA256 548ef49a787f043afda1fb7d56aaa156c38b8586b33df9f4ca1ec1a5a181a7ef
CRC32 E4172E41
ssdeep 12:EpXSg0uU/DA5WV9ARjUR0PXFj02PXFxxBAh9jAqK6oILH1eKiAWKyL6TXK5jyl:E5SZ+WoUuvR02vL+jLK61VexD6b+q
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name 597732e55808b597_puzzle035.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle035.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 ac6ceb2aef16c0fe409256b21451be93
SHA1 1d61d7562f5270da57dc3d69525340470d434d78
SHA256 597732e55808b597073648787f64df18be0bfaf60d3d5c9fa2a4244314ff751e
CRC32 B50A7694
ssdeep 3:QLLonzjEXLJZ2QLWDwLZFmH1lBcI1W1rZLRRJ4yLB0wv:QL91LCwtFmqCqrZLRRJ4yLywv
Yara None matched
VirusTotal Search for analysis
Name 98f8ac0f6da6ce2f_swordfish001.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish001.ss
Size 549.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 6b18cc576e1f76609db70cc80029a83b
SHA1 d75a39028754841f1947b0ec3c836b08e47957d4
SHA256 98f8ac0f6da6ce2f6781481d248758bd78eb42f5abe43ef2f89205f8afebb820
CRC32 744FB8DA
ssdeep 12:d1UVFkF2ZN0cC9wwKbvyI9zn70Lm024S6Uerav/q:dOkmx7vGI9Hqw42e+a
Yara None matched
VirusTotal Search for analysis
Name 9290ccb989778885_puzzle033.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle033.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 3c76ef5966518c9fde7c9d8e25765e31
SHA1 01f64c4684c30c5947dbd51db0ed0d31ae6d9ab4
SHA256 9290ccb989778885c2cca53fbf2a8c3c9e9f6d36ad48bab562cec81c4138609b
CRC32 8334C25B
ssdeep 3:F1EZXLO/XhcQLW9sLNLTtxP/LRxv8WNLLeLbn3yeMv:gy/6QLjLNntF8CGS
Yara None matched
VirusTotal Search for analysis
Name c48102681a308a26_puzzle044.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\puzzle044.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 24d616363c689f09861c8eff91ab9cf7
SHA1 c06d8efbbe89096a4700b0ba4cfa59cf2548c64a
SHA256 c48102681a308a261059aa82c32efbb1e05e2e4cacdde9393858833effd87ddd
CRC32 5F4F1708
ssdeep 3:4c1YdLeFXLVLoJRLLb9TIWe/eWYXyLwR1IW4TLZ/vv/L1LeL/oTgSovn:4cydqFyfiRWWmysRCnTx/Lcqy
Yara None matched
VirusTotal Search for analysis
Name b06b53681ea0ba09_favicon.ico
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\Other\Help\Images\Favicon.ico
Size 1.1KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type MS Windows icon resource - 1 icon
MD5 049a352aabb8ced245ceecb94c0a0b2d
SHA1 775b5b199e8312e18f0655daa7b25844fd768602
SHA256 b06b53681ea0ba09ddaa8f8066c990cf5a7c01e65a1910e687a993ac375d1781
CRC32 CE59ADD9
ssdeep 12:GxtRygJlM7LVtY7YMCQrCE+4hoJbmLbJk:ARvl0VaoQr8ntGJk
Yara None matched
VirusTotal Search for analysis
Name 8b9e4b955773c4d8_turkce.lang
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\Turkce.lang
Size 8.0KB
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ISO-8859 text, with CRLF line terminators
MD5 baffa6803707557d09d6c3f6ea67e31b
SHA1 13e610d20cc75ccc8918388a039e6a2f3dc13a39
SHA256 8b9e4b955773c4d8b6257b3711e4e7428898a3bf3637f2df443e403814ebcff1
CRC32 65423583
ssdeep 192:vq/1k6rcS40IlV92kWvOZdQuxPU18x5bY:SnclPWOZdQqY6c
Yara
  • contentis_base64 - This rule finds for base64 strings
VirusTotal Search for analysis
Name 2f2a4795f1c39df5_swordfish012.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\swordfish012.ss
Size 145.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 f2ad5e68a80969030f5890eb71627420
SHA1 4508891a68e3cc2def622b20c6d4ddf1d401bf2c
SHA256 2f2a4795f1c39df56d074c56f962ff9d006de141661c14f9f9b66207d92e8be4
CRC32 70A30657
ssdeep 3:kL1TkLtLLh/w1e1CWKZL/yLvSWgAICIWUBZScBt0Tege:kNCtS17hWeWp8XQcBt06
Yara None matched
VirusTotal Search for analysis
Name df4a5feceb15170b_mensa002.ss
Filepath C:\Documents and Settings\zamen\Local Settings\Temp\SimpleSudokuPortable\App\SimpleSudoku\mensa002.ss
Size 208.0B
Processes 1440 (SimpleSudokuPortable_4.2n.paf.exe)
Type ASCII text, with CRLF line terminators
MD5 77cea9fa59ff6f46ec7e89e0f1a6ee40
SHA1 74d7bb3ea8922daed70f0f116483312c918521c2
SHA256 df4a5feceb15170ba7d9bca23a76dade072552fdb4cdc03d65c6f30a5bd609d9
CRC32 349F5CA6
ssdeep 3:C6tLLL1MojMkLTZy3QMZ1BI10ViLtLOb6Q1LLqLjcc/01BI100/WLZdc8/1t9v1p:C6gojMCVyVZ1CLtSb7QLQcc1IYt9Xv
Yara None matched
VirusTotal Search for analysis
Name 18984ab3e640e8bd_xy-wing6.ss