Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'edzv-1.25.27.0-upd-setup.exe'

malicious

Threat Score: 65/100 AV Detection: 20% Labeled as: Win/grayware_confidence_60%

edzv-1.25.27.0-upd-setup.exe

This report is generated from a file or URL submitted to this webservice on December 13th 2017 10:30:55 (UTC)
Guest System: Windows 7 32 bit, Home Premium, 6.1 (build 7601), Service Pack 1
Report generated by Falcon Sandbox v7.20 © Hybrid Analysis

Overview Sample unavailable Re-analyze Hash Seen Before Show Similar Samples Report False-Positive Request Report Deletion

Incident Response

Risk Assessment

Spyware: Accesses potentially sensitive information from local browsers
Fingerprint: Reads the active computer name
Spreading: Opens the MountPointManager (often used to detect additional infection locations)

Indicators

Not all malicious and suspicious indicators are displayed. Get your own cloud service or the full version to view all details.

Malicious Indicators 2
External Systems
- Detected Emerging Threats Alert
  
  details
  
  Detected alert "ET POLICY PE EXE or DLL Windows file download HTTP" (SID: 2018959, Rev: 3, Severity: 1) categorized as "Potential Corporate Privacy Violation"
  
  source
  
  Suricata Alerts
  
  relevance
  
  10/10
General
- The analysis extracted a file that was identified as malicious
  
  details
  
  1/86 Antivirus vendors marked dropped file "System.dll" as malicious (classified as "Unsafe" with 1% detection rate)
  
  source
  
  Binary File
  
  relevance
  
  10/10

Suspicious Indicators 18
Anti-Detection/Stealthyness
- Queries the internet cache settings (often used to hide footprints in index.dat or internet cache)
 
 details
 
 "<Input Sample>" (Access type: "QUERYVAL"; Path: "HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS"; Key: "DISABLECACHINGOFSSLPAGES"; Value: "00000000040000000400000000000000")
 
 source
 
 Registry Access
 
 relevance
 
 3/10
Environment Awareness
- Reads the active computer name
 
 details
 
 "<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\COMPUTERNAME\ACTIVECOMPUTERNAME"; Key: "COMPUTERNAME")
 
 source
 
 Registry Access
 
 relevance
 
 5/10
External Systems
- Found an IP/URL artifact that was identified as malicious by at least one reputation engine
  
  details
  
  1/66 reputation engines marked "http://nsis.sf.net" as malicious (1% detection rate)
  
  source
  
  External System
  
  relevance
  
  10/10
General
- Reads configuration files
 
 details
 
 "<Input Sample>" read file "%TEMP%\nsk8D9C.tmp\custom_text.ini"
 "<Input Sample>" read file "%TEMP%\nsk8D9C.tmp\custom_text_button.ini"
 "<Input Sample>" read file "%TEMP%\nsk8D9C.tmp\custom_setting.ini"
 "<Input Sample>" read file "C:\Users\desktop.ini"
 "<Input Sample>" read file "%LOCALAPPDATA%\Microsoft\Windows\History\desktop.ini"
 
 source
 
 API Call
 
 relevance
 
 4/10
- Requested access to a system service
 
 details
 
 "<Input Sample>" called "OpenService" to access the "ServicesActive" service requesting "SERVICE_QUERY_CONFIG" (0X1) access rights
 "<Input Sample>" called "OpenService" to access the "WSearch" service
 
 source
 
 API Call
 
 relevance
 
 10/10
- Sent a control code to a service
 
 details
 
 "<Input Sample>" called "ControlService" and sent control code "0X24" to the service "WSearch"
 "<Input Sample>" called "ControlService" and sent control code "0XDC" to the service "WSearch"
 
 source
 
 API Call
 
 relevance
 
 10/10
Installation/Persistance
- Drops executable files
  
  details
  
  "nsDialogs.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
  "System.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
  "nsWeb.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
  
  source
  
  Binary File
  
  relevance
  
  10/10
Network Related
- Found potential IP address in binary/memory
 
 details
 
 Heuristic match: "1.25.0.0, ..., 1.25.26.0"
 "1.25.27.0"
 Heuristic match: "edzv-1.25.27.0-upd-setup.exe"
 Heuristic match: "(1.25.27.0)"
 Heuristic match: ":1.25.27.0"
 Heuristic match: " ( 1.25.27.0) ( 08.12.2017)"
 Heuristic match: " ( 1.25.26.0) ( 29.11.2017)"
 Heuristic match: " ( 1.25.25.0) ( 14.11.2017)"
 Heuristic match: " ( 1.25.24.0) ( 27.10.2017)"
 Heuristic match: " ( 1.25.23.0) ( 12.10.2017) "
 Heuristic match: " ( 1.25.22.0) ( 28.09.2017) "
 Heuristic match: " ( 1.25.21.0) ( 30.08.2017) "
 Heuristic match: " ( 1.25.20.0) ( 11.08.2017) "
 Heuristic match: " ( 1.25.19.0) ( 31.07.2017) "
 Heuristic match: " ( 1.36.19.0) ( 31.07.2017) "
 Heuristic match: " ( 1.36.18.0) ( 10.07.2017) "
 Heuristic match: " ( 1.36.17.0) ( 22.06.2017) "
 Heuristic match: " ( 1.36.16.0) ( 13.06.2017) "
 Heuristic match: " ( 1.36.15.0) ( 31.05.2017) "
 Heuristic match: " ( 1.36.14.0) ( 28.04.2017) "
 Heuristic match: " ( 1.36.13.0) ( 14.04.2017) "
 Heuristic match: " ( 1.36.12.0) ( 30.03.2017) "
 Heuristic match: " ( 1.36.11.0) ( 10.03.2017) "
 Heuristic match: " ( 1.36.10.0) ( 14.02.2017) "
 Heuristic match: " ( 1.36.9.0) ( 31.01.2017) "
 Heuristic match: " ( 1.36.8.0) ( 12.01.2017) "
 Heuristic match: " ( 1.36.7.0) ( 22.12.2016) "
 Heuristic match: " ( 1.36.6.0) ( 13.12.2016) "
 Heuristic match: " ( 1.36.5.0) ( 29.11.2016) "
 Heuristic match: " ( 1.36.4.0) ( 03.11.2016) "
 Heuristic match: " ( 1.36.3.0) ( 11.10.2016) "
 Heuristic match: " ( 1.36.2.0) ( 26.09.2016) "
 Heuristic match: " ( 1.36.1.0) ( 20.09.2016) "
 Heuristic match: "D_BEGIN>01102015</D_BEGIN><D_END /></row><row num="253"><CODE>1.3.14.07</CODE><NAME>�"
 
 source
 
 File/Memory
 
 relevance
 
 3/10
Spyware/Information Retrieval
- Accesses potentially sensitive information from local browsers
 
 details
 
 "<Input Sample>" had access to "%APPDATA%\Microsoft\Windows\Cookies\index.dat" (Type: "FileHandle")
 "<Input Sample>" had access to "%LOCALAPPDATA%\Microsoft\Windows\History\History.IE5\index.dat" (Type: "FileHandle")
 "<Input Sample>" had access to "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017030120170302" (Type: "FileHandle")
 "<Input Sample>" had access to "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017121320171214" (Type: "FileHandle")
 "<Input Sample>" had access to "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017121320171214\index.dat" (Type: "FileHandle")
 
 source
 
 Touched Handle
 
 relevance
 
 7/10
System Destruction
- Marks file for deletion
 
 details
 
 "C:\dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe" marked "%TEMP%\nsa8D0E.tmp" for deletion
 "C:\dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe" marked "C:\Users\%USERNAME%\AppData\Local\Temp\nsk8D9C.tmp" for deletion
 "C:\dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe" marked "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017022820170301\index.dat" for deletion
 "C:\dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe" marked "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017022820170301" for deletion
 "C:\dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe" marked "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017030120170302\index.dat" for deletion
 "C:\dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe" marked "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017030120170302" for deletion
 
 source
 
 API Call
 
 relevance
 
 10/10
- Opens file with deletion access rights
 
 details
 
 "<Input Sample>" opened "%TEMP%\nsa8D0E.tmp" with delete access
 "<Input Sample>" opened "%TEMP%\nsk8D9C.tmp" with delete access
 "<Input Sample>" opened "%LOCALAPPDATA%\Microsoft\Windows\History\History.IE5\MSHist012017022820170301\index.dat" with delete access
 "<Input Sample>" opened "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017022820170301\" with delete access
 "<Input Sample>" opened "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017030120170302\index.dat" with delete access
 "<Input Sample>" opened "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017030120170302\" with delete access
 
 source
 
 API Call
 
 relevance
 
 7/10
System Security
- Modifies proxy settings
 
 details
 
 "<Input Sample>" (Access type: "DELETEVAL"; Path: "HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP"; Key: "PROXYBYPASS")
 "<Input Sample>" (Access type: "DELETEVAL"; Path: "HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP"; Key: "PROXYBYPASS")
 
 source
 
 Registry Access
 
 relevance
 
 10/10
- Queries sensitive IE security settings
 
 details
 
 "<Input Sample>" (Path: "HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SECURITY"; Key: "DISABLESECURITYSETTINGSCHECK")
 
 source
 
 Registry Access
 
 relevance
 
 8/10
Unusual Characteristics
- Imports suspicious APIs
 
 details
 
 RegDeleteKeyA
 RegCloseKey
 RegOpenKeyExA
 RegDeleteValueA
 RegCreateKeyExA
 RegEnumKeyA
 GetFileAttributesA
 CopyFileA
 GetModuleFileNameA
 LoadLibraryA
 LoadLibraryExA
 GetFileSize
 CreateDirectoryA
 DeleteFileA
 GetCommandLineA
 GetProcAddress
 GetTempPathA
 CreateThread
 GetModuleHandleA
 FindFirstFileA
 WriteFile
 GetTempFileNameA
 FindNextFileA
 CreateProcessA
 Sleep
 CreateFileA
 GetTickCount
 ShellExecuteA
 FindWindowExA
 VirtualProtect
 VirtualAlloc
 
 source
 
 Static Parser
 
 relevance
 
 1/10
- Reads information about supported languages
 
 details
 
 "<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\LOCALE"; Key: "00000409")
 
 source
 
 Registry Access
 
 relevance
 
 3/10
Hiding 3 Suspicious Indicators
- All indicators are available only in the private webservice or standalone version

Informative 16
Anti-Reverse Engineering
- PE file contains zero-size sections
  
  details
  
  Raw size of ".ndata" is zero
  
  source
  
  Static Parser
  
  relevance
  
  10/10
Environment Awareness
- Reads the registry for installed applications
 
 details
 
 "<Input Sample>" (Path: "HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\OUTLOOK.EXE")
 "<Input Sample>" (Path: "HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\OUTLOOK.EXE"; Key: "PATH"; Value: "00000000010000005800000043003A005C00500072006F006700720061006D002000460069006C00650073005C004D006900630072006F0073006F006600740020004F00660066006900630065005C004F0066006600690063006500310034005C000000")
 "<Input Sample>" (Path: "HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\DC583861887565C620EE25038FCDFFBCEC2AF9C852EC8015A185F5D90CD58271.EXE")
 "<Input Sample>" (Path: "HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\DC583861887565C620EE25038FCDFFBCEC2AF9C852EC8015A185F5D90CD58271.EXE")
 
 source
 
 Registry Access
 
 relevance
 
 10/10
External Systems
- Detected Emerging Threats Alert
  
  details
  
  Detected alert "ET INFO EXE IsDebuggerPresent (Used in Malware Anti-Debugging)" (SID: 2015744, Rev: 4, Severity: 3) categorized as "Misc activity"
  
  source
  
  Suricata Alerts
  
  relevance
  
  10/10
- Sample was identified as clean by Antivirus engines
  
  details
  
  0/66 Antivirus vendors marked sample as malicious (0% detection rate)
  
  source
  
  External System
  
  relevance
  
  10/10
General
- Contains PDB pathways
 
 details
 
 "mi_exe_stub.pdb"
 
 source
 
 File/Memory
 
 relevance
 
 1/10
- Creates a writable file in a temporary directory
 
 details
 
 "<Input Sample>" created file "%TEMP%\nsa8D91.tmp"
 "<Input Sample>" created file "C:\Users\%USERNAME%\AppData\Local\Temp\nsk8D9C.tmp\custom_text.ini"
 "<Input Sample>" created file "C:\Users\%USERNAME%\AppData\Local\Temp\nsk8D9C.tmp\custom_text_button.ini"
 "<Input Sample>" created file "C:\Users\%USERNAME%\AppData\Local\Temp\nsk8D9C.tmp\custom_setting.ini"
 "<Input Sample>" created file "C:\Users\%USERNAME%\AppData\Local\Temp\nsk8D9C.tmp\System.dll"
 "<Input Sample>" created file "C:\Users\%USERNAME%\AppData\Local\Temp\nsk8D9C.tmp\System.dll"
 "<Input Sample>" created file "C:\Users\%USERNAME%\AppData\Local\Temp\nsk8D9C.tmp\find_comp_error.bmp"
 "<Input Sample>" created file "C:\Users\%USERNAME%\AppData\Local\Temp\nsk8D9C.tmp\find_comp_ok.bmp"
 "<Input Sample>" created file "C:\Users\%USERNAME%\AppData\Local\Temp\nsk8D9C.tmp\blockError.bmp"
 "<Input Sample>" created file "C:\Users\%USERNAME%\AppData\Local\Temp\nsk8D9C.tmp\modern-header.bmp"
 "<Input Sample>" created file "C:\Users\%USERNAME%\AppData\Local\Temp\nsk8D9C.tmp\modern-wizard.bmp"
 "<Input Sample>" created file "C:\Users\%USERNAME%\AppData\Local\Temp\nsk8D9C.tmp\nsDialogs.dll"
 "<Input Sample>" created file "C:\Users\%USERNAME%\AppData\Local\Temp\nsk8D9C.tmp\nsDialogs.dll"
 
 source
 
 API Call
 
 relevance
 
 1/10
- Creates mutants
 
 details
 
 "\Sessions\1\BaseNamedObjects\Local\ZonesCounterMutex"
 "\Sessions\1\BaseNamedObjects\Local\ZoneAttributeCacheCounterMutex"
 "\Sessions\1\BaseNamedObjects\Local\ZonesCacheCounterMutex"
 "\Sessions\1\BaseNamedObjects\Local\ZonesLockedCacheCounterMutex"
 "\Sessions\1\BaseNamedObjects\Local\!PrivacIE!SharedMemory!Mutex"
 "\Sessions\1\BaseNamedObjects\Local\_!MSFTHISTORY!_"
 "\Sessions\1\BaseNamedObjects\Local\c:!users!im6esd0!appdata!local!microsoft!windows!temporary internet files!content.ie5!"
 "\Sessions\1\BaseNamedObjects\Local\c:!users!im6esd0!appdata!roaming!microsoft!windows!cookies!"
 "\Sessions\1\BaseNamedObjects\Local\c:!users!im6esd0!appdata!local!microsoft!windows!history!history.ie5!"
 "\Sessions\1\BaseNamedObjects\_!SHMSFTHISTORY!_"
 "\Sessions\1\BaseNamedObjects\Local\c:!users!im6esd0!appdata!local!microsoft!windows!history!history.ie5!mshist012017121320171214!"
 "\Sessions\1\BaseNamedObjects\Local\WininetStartupMutex"
 "\Sessions\1\BaseNamedObjects\Local\WininetConnectionMutex"
 "\Sessions\1\BaseNamedObjects\Local\WininetProxyRegistryMutex"
 "Local\ZoneAttributeCacheCounterMutex"
 "_!SHMSFTHISTORY!_"
 "Local\c:!users!im6esd0!appdata!local!microsoft!windows!history!history.ie5!mshist012017121320171214!"
 "Local\WininetConnectionMutex"
 "Local\!PrivacIE!SharedMemory!Mutex"
 "Local\WininetProxyRegistryMutex"
 
 source
 
 Created Mutant
 
 relevance
 
 3/10
- Drops files marked as clean
 
 details
 
 Antivirus vendors marked dropped file "nsDialogs.dll" as clean (type is "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"), Antivirus vendors marked dropped file "nsWeb.dll" as clean (type is "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows")
 
 source
 
 Binary File
 
 relevance
 
 10/10
- Loads rich edit control libraries
 
 details
 
 "<Input Sample>" loaded module "%WINDIR%\System32\riched20.dll" at 6C250000
 
 source
 
 Loaded Module
- Scanning for window names
 
 details
 
 "<Input Sample>" searching for class "MS_AutodialMonitor"
 "<Input Sample>" searching for class "MS_WebCheckMonitor"
 "<Input Sample>" searching for class "#32770"
 "<Input Sample>" searching for class "HTML Application Host Window Class"
 
 source
 
 API Call
 
 relevance
 
 10/10
Installation/Persistance
- Connects to LPC ports
 
 details
 
 "<Input Sample>" connecting to "\ThemeApiPort"
 
 source
 
 API Call
 
 relevance
 
 1/10
- Dropped files
 
 details
 
 "nsDialogs.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
 "System.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
 "nsWeb.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
 "find_comp_ok.bmp" has type "PC bitmap Windows 3.x format 29 x 26 x 24"
 "modern-header.bmp" has type "PC bitmap Windows 3.x format 150 x 57 x 24"
 "custom_setting.ini" has type "ISO-8859 text with CRLF line terminators"
 "modern-wizard.bmp" has type "PC bitmap Windows 3.x format 164 x 314 x 24"
 "find_comp_error.bmp" has type "PC bitmap Windows 3.x format 29 x 26 x 24"
 "Iådåëiê çìií òà äîïîâíåíü-install.htm" has type "HTML document Non-ISO extended-ASCII text with very long lines with CRLF line terminators"
 "custom_text.ini" has type "ISO-8859 text with CRLF line terminators"
 "blockError.bmp" has type "PC bitmap Windows 3.x format 450 x 227 x 24"
 "custom_text_button.ini" has type "ASCII text with CRLF line terminators"
 
 source
 
 Binary File
 
 relevance
 
 3/10
- Touches files in the Windows directory
 
 details
 
 "<Input Sample>" touched file "C:\Windows\Globalization\Sorting\SortDefault.nls"
 "<Input Sample>" touched file "C:\Windows\System32\en-US\setupapi.dll.mui"
 "<Input Sample>" touched file "%LOCALAPPDATA%\Microsoft\Windows\Caches"
 "<Input Sample>" touched file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\Caches\cversions.1.db"
 "<Input Sample>" touched file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000000c.db"
 "<Input Sample>" touched file "C:\Windows\System32\en-US\msctf.dll.mui"
 "<Input Sample>" touched file "C:\Windows\Fonts\StaticCache.dat"
 "<Input Sample>" touched file "C:\Windows\System32\en-US\user32.dll.mui"
 "<Input Sample>" touched file "C:\Windows\System32\oleaccrc.dll"
 "<Input Sample>" touched file "C:\Windows\System32\en-US\ieframe.dll.mui"
 "<Input Sample>" touched file "C:\Windows\System32\en-US\mlang.dll.mui"
 "<Input Sample>" touched file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\Temporary Internet Files"
 "<Input Sample>" touched file "C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Cookies"
 "<Input Sample>" touched file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\History"
 "<Input Sample>" touched file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat"
 "<Input Sample>" touched file "C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Cookies\index.dat"
 "<Input Sample>" touched file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat"
 "<Input Sample>" touched file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\History\desktop.ini"
 "<Input Sample>" touched file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017121320171214"
 
 source
 
 API Call
 
 relevance
 
 7/10
Network Related
- Found potential URL in binary/memory
 
 details
 
 Pattern match: "http://nsis.sf.net/NSIS_Error"
 Heuristic match: "%y`wzQ;M<.VN"
 Heuristic match: "B$WLg}S(.MN"
 Heuristic match: "~Z'S,Erh.aw"
 Pattern match: "http://schemas.microsoft.com/SMI/2005/WindowsSettings"
 Pattern match: "http://www.usertrust.com1"
 Pattern match: "crl.usertrust.com/UTN-USERFirst-Object.crl05"
 Pattern match: "http://ocsp.usertrust.com0"
 Pattern match: "http://crl.thawte.com/ThawtePCA.crl0"
 Pattern match: "http://ocsp.thawte.com0"
 Pattern match: "http://th.symcb.com/th.crl0"
 Pattern match: "https://www.thawte.com/cps0/"
 Pattern match: "https://www.thawte.com/repository0W"
 Pattern match: "http://th.symcd.com0&"
 Pattern match: "http://th.symcb.com/th.crt0"
 Pattern match: "https://d.symcb.com/cps0%"
 Pattern match: "https://d.symcb.com/rpa0"
 Pattern match: "http://sv.symcb.com/sv.crl0W"
 Pattern match: "http://sv.symcd.com0&"
 Pattern match: "http://sv.symcb.com/sv.crt0"
 Pattern match: "http://s2.symcb.com0"
 Pattern match: "http://www.symauth.com/cps0"
 Pattern match: "http://www.symauth.com/rpa00"
 Pattern match: "http://s1.symcb.com/pca3-g5.crl0"
 Pattern match: "http://sfs.gov.ua/podatki-ta-zbori/zagalnoderjavni-podatki/podatok-na-dodanu-vartist/listi/2017-rik/318052.html"
 Pattern match: "http://www.w3.org/2001/XMLSchema"
 
 source
 
 File/Memory
 
 relevance
 
 10/10
System Security
- Opens the Kernel Security Device Driver (KsecDD) of Windows
 
 details
 
 "<Input Sample>" opened "\Device\KsecDD"
 
 source
 
 API Call
 
 relevance
 
 10/10
Unusual Characteristics
- Matched Compiler/Packer signature
  
  details
  
  "dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin" was detected as "Nullsoft PiMP Stub -> SFX"
  "nsWeb.dll" was detected as "Borland Delphi 3.0 (???)"
  
  source
  
  Static Parser
  
  relevance
  
  10/10

File Details

All Details:

edzv-1.25.27.0-upd-setup.exe

Filename: edzv-1.25.27.0-upd-setup.exe
Size: 8.5MiB (8944728 bytes)
Type: peexe executable
Description: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
Architecture
: WINDOWS
SHA256
: dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271
MD5
: dac8ec1706b9427e44920c5bb4e4979b
SHA1
: 49869879e471639dbde9c8ef34147c29496277ea
ssdeep
: 196608:EdjLQ/gtZJqQtdxS9TxtmZELMI1qSmXJTKXUFE:Ed/+UqQtdxQy811qSmZCME
imphash
: 099c0646ea7282d232219f8807883be0
authentihash
: 93a7fa30573694e044956bc8218747323023c394d34e41f6b554325fa8a6000c
Compiler/Packer
: Nullsoft PiMP Stub -> SFX
PDB Pathway

Resources

Language
: ENGLISH
Icon

Visualization

Input File (PortEx)

Version Info

LegalCopyright: . . , .
FileVersion: 1.25.27.0
CompanyName: -
Comments: [ ] 1.25.0.0, ..., 1.25.26.0 1.25.27.0
FileDescription: [] EDZV - [_]
OriginalFilename: edzv-1.25.27.0-upd-setup.exe
Translation: 0x0422 0x04e3

Classification (TrID)

94.8% (.EXE) NSIS - Nullsoft Scriptable Install System
3.4% (.EXE) Win32 Executable MS Visual C++ (generic)
0.7% (.DLL) Win32 Dynamic Link Library (generic)
0.5% (.EXE) Win32 Executable (generic)
0.2% (.EXE) Generic Win/DOS Executable

File Sections

Details	Name	Entropy	Virtual Address	Virtual Size	Raw Size	MD5	Characteristics
Name .text Entropy 6.41769823686 Virtual Address 0x1000 Virtual Size 0x5a5a Raw Size 0x5c00 MD5 0bc2ffd32265a08d72b795b18265828d	.text	6.41769823686	0x1000	0x5a5a	0x5c00	0bc2ffd32265a08d72b795b18265828d	-
Name .rdata Entropy 5.18162709925 Virtual Address 0x7000 Virtual Size 0x1190 Raw Size 0x1200 MD5 f179218a059068529bdb4637ef5fa28e	.rdata	5.18162709925	0x7000	0x1190	0x1200	f179218a059068529bdb4637ef5fa28e	-
Name .data Entropy 4.70902740305 Virtual Address 0x9000 Virtual Size 0x1af98 Raw Size 0x400 MD5 975304d6dd6c4a4f076b15511e2bbbc0	.data	4.70902740305	0x9000	0x1af98	0x400	975304d6dd6c4a4f076b15511e2bbbc0	-
Name .ndata Entropy 0 Virtual Address 0x24000 Virtual Size 0x1a000 Raw Size 0x0 MD5 d41d8cd98f00b204e9800998ecf8427e	.ndata	0	0x24000	0x1a000	0x0	d41d8cd98f00b204e9800998ecf8427e	-
Name .rsrc Entropy 3.64788489132 Virtual Address 0x3e000 Virtual Size 0x2930 Raw Size 0x2a00 MD5 dd4b15716691320dbb07141e058e1d83	.rsrc	3.64788489132	0x3e000	0x2930	0x2a00	dd4b15716691320dbb07141e058e1d83	-

File Resources

Details	Name	RVA	Size	Type	Language
Name RT_BITMAP RVA 0x3e2b0 Size 0x666 Type data Language English	RT_BITMAP	0x3e2b0	0x666	data	English
Name RT_ICON RVA 0x3e918 Size 0x10a9 Type data Language English	RT_ICON	0x3e918	0x10a9	data	English
Name RT_ICON RVA 0x3f9c8 Size 0x128 Type data Language English	RT_ICON	0x3f9c8	0x128	data	English
Name RT_DIALOG RVA 0x3faf0 Size 0x120 Type data Language English	RT_DIALOG	0x3faf0	0x120	data	English
Name RT_DIALOG RVA 0x3fc10 Size 0x158 Type data Language English	RT_DIALOG	0x3fc10	0x158	data	English
Name RT_DIALOG RVA 0x3fd68 Size 0x200 Type data Language English	RT_DIALOG	0x3fd68	0x200	data	English
Name RT_DIALOG RVA 0x3ff68 Size 0xf8 Type data Language English	RT_DIALOG	0x3ff68	0xf8	data	English
Name RT_DIALOG RVA 0x40060 Size 0xee Type data Language English	RT_DIALOG	0x40060	0xee	data	English
Name RT_GROUP_ICON RVA 0x40150 Size 0x22 Type MS Windows icon resource - 1 icon, 32x32 Language English	RT_GROUP_ICON	0x40150	0x22	MS Windows icon resource - 1 icon, 32x32	English
Name RT_VERSION RVA 0x40178 Size 0x3f8 Type data Language Ukrainian	RT_VERSION	0x40178	0x3f8	data	Ukrainian
Name RT_MANIFEST RVA 0x40570 Size 0x3be Type XML 1.0 document, ASCII text, with very long lines, with no line terminators Language English	RT_MANIFEST	0x40570	0x3be	XML 1.0 document, ASCII text, with very long lines, with no line terminators	English

File Imports

RegCloseKey

RegCreateKeyExA

RegDeleteKeyA

RegDeleteValueA

RegEnumKeyA

RegEnumValueA

RegOpenKeyExA

RegQueryValueExA

RegSetValueExA

ImageList_AddMasked

ImageList_Create

ImageList_Destroy

CreateBrushIndirect

CreateFontIndirectA

DeleteObject

GetDeviceCaps

SelectObject

SetBkColor

SetBkMode

SetTextColor

CloseHandle

CompareFileTime

CopyFileA

CreateDirectoryA

CreateFileA

CreateProcessA

CreateThread

DeleteFileA

ExitProcess

ExpandEnvironmentStringsA

FindClose

FindFirstFileA

FindNextFileA

FreeLibrary

GetCommandLineA

GetCurrentProcess

GetDiskFreeSpaceA

GetExitCodeProcess

GetFileAttributesA

GetFileSize

GetFullPathNameA

GetLastError

GetModuleFileNameA

GetModuleHandleA

GetPrivateProfileStringA

GetProcAddress

GetShortPathNameA

GetSystemDirectoryA

GetTempFileNameA

GetTempPathA

GetTickCount

GetVersion

GetWindowsDirectoryA

GlobalAlloc

GlobalFree

GlobalLock

GlobalUnlock

LoadLibraryA

LoadLibraryExA

lstrcatA

lstrcmpA

lstrcmpiA

lstrcpynA

lstrlenA

MoveFileA

MulDiv

MultiByteToWideChar

ReadFile

RemoveDirectoryA

SearchPathA

SetCurrentDirectoryA

SetErrorMode

SetFileAttributesA

SetFilePointer

SetFileTime

Sleep

WaitForSingleObject

WriteFile

WritePrivateProfileStringA

CoCreateInstance

CoTaskMemFree

OleInitialize

OleUninitialize

SHBrowseForFolderA

ShellExecuteA

SHFileOperationA

SHGetFileInfoA

SHGetPathFromIDListA

SHGetSpecialFolderLocation

AppendMenuA

BeginPaint

CallWindowProcA

CharNextA

CharPrevA

CheckDlgButton

CloseClipboard

CreateDialogParamA

CreatePopupMenu

CreateWindowExA

DefWindowProcA

DestroyWindow

DialogBoxParamA

DispatchMessageA

DrawTextA

EmptyClipboard

EnableMenuItem

EnableWindow

EndDialog

EndPaint

ExitWindowsEx

FillRect

FindWindowExA

GetClassInfoA

GetClientRect

GetDC

GetDlgItem

GetDlgItemTextA

GetMessagePos

GetSysColor

GetSystemMenu

GetSystemMetrics

GetWindowLongA

GetWindowRect

InvalidateRect

IsWindow

IsWindowEnabled

IsWindowVisible

LoadBitmapA

LoadCursorA

LoadImageA

MessageBoxIndirectA

OpenClipboard

PeekMessageA

PostQuitMessage

RegisterClassA

ScreenToClient

SendMessageA

SendMessageTimeoutA

SetClassLongA

SetClipboardData

SetCursor

SetDlgItemTextA

SetForegroundWindow

SetTimer

SetWindowLongA

SetWindowPos

SetWindowTextA

ShowWindow

SystemParametersInfoA

TrackPopupMenu

wsprintfA

GetFileVersionInfoA

GetFileVersionInfoSizeA

VerQueryValueA

Screenshots

Loading content, please wait...

Hybrid Analysis

Tip: Click an analysed process below to view more details.

Analysed 1 process in total (System Resource Monitor).

Input Sample (PID: 2152)

Logged Script Calls	Logged Stdout	Extracted Streams	Memory Dumps
Reduced Monitoring	Network Activityy	Network Error	Multiscan Match

Network Analysis

DNS Requests

No relevant DNS requests were made.

Contacted Hosts

No relevant hosts were contacted.

HTTP Traffic

No relevant HTTP requests were made.

Memory Forensics

String	Context	Stream UID
http://nsis.sf.net/nsis_error	Domain/IP reference	00009956-00002152-52592-55-00402C72

Suricata Alerts

Event	Category	Description	SID
194.9.24.78 -> local:49163 (TCP)	Potential Corporate Privacy Violation	ET POLICY PE EXE or DLL Windows file download HTTP	2018959
194.9.24.78 -> local:49163 (TCP)	Misc activity	ET INFO EXE IsDebuggerPresent (Used in Malware Anti-Debugging)	2015744

ET rules applied using Suricata. Find out more about proofpoint ET Intelligence here.

Extracted Strings

Download All Memory Strings (88KiB)

! ^zj9uB^2

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~

Ansi based on PCAP Processing (network.pcap)

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~

Ansi based on PCAP Processing (network.pcap)

!"=wn5Yv8?

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

!#%GDpu_K

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

!'}`E>#yND+W

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

!.W!o8iaq

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

!2L6eCjd{

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

!9HR6Agc

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

!:MEDAK9D

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

!]zZxW0}\

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

!`= ID`V"+A]

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

!a(Wd.;t

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

!COMODO SHA-1 Time Stamping Signedr1Z

Ansi based on PCAP Processing (network.pcap)

!https://www.thawte.com/repository0W

Ansi based on PCAP Processing (network.pcap)

!iAr,9(*c

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

!J6b<%<?M

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

!NPF/N8_y

Ansi based on PCAP Processing (network.pcap)

!This program cannot be run in DOS mode.$

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

!WrOdC_js

Ansi based on PCAP Processing (network.pcap)

!x\DX>Wb'*

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

!zLRllA&e}

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

" minOccurs="0" maxOccurs="1"/> TABLE ï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

" minOccurs="0"/><xs:element name="R01G18" type="DGdecimal2" nillable="true" minOccurs="0"/><xs:element name="R01G19" type="DGdecimal2" nillable="true" minOccurs="0"/><xs:element name="R01G20" type="DGdecimal2" nillable="true" minOccurs="0"/>

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

" type="DGCodeWaterBody2"/><xs:element name="R07G3" type="DGdecimal3" nillable="true" minOccurs="0"/><xs:element name="R08G3" type="DGdecimal3" nillable="true" minOccurs="0"/><xs:element name="R081G3" type="DGdecimal3" nillable="true" minOccurs=

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

" type="DGHSTI"/><xs:element name="HRESULT" type="xs:string"/><xs:element name="HDATE" type="DGDate"/><xs:element name="HTIME" type="xs:time"/><xs:element name="HNUMREG" type="xs:nonNegativeInteger" nillable="true" minOccurs="0"/><xs:e

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

""'Q[L.m@

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

",usemap:"useMap",frameborder:"frameBorder",contenteditable:"contentEditable"},prop:function(e,n,r){var i,o,a,s=e.nodeType;if(e&&3!==s&&8!==s&&2!==s)return a=1!==s||!b.isXMLDoc(e),a&&(n=b.propFix[n]||n,o=b.propHooks[n]),r!==t?o&&"set"in o&&(i=o.set(e,r,n))!==t

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

"/><xs:element name="C_STI_ORIG" type="DGc_dpi"/><xs:element name="C_DOC_STAN" type="DGSTAN"/><xs:element name="LINKED_DOCS" nillable="true" minOccurs="0"><xs:complexType><xs:sequence><xs:element name="DOC" maxOccurs="unboun

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

"0" maxOccurs="999999"/><xs:element name="R0100G3" type="DGdecimal0" nillable="true" minOccurs="0"/><xs:element name="R0100G4" type="DGdecimal0" nillable="true" minOccurs="0"/><xs:element name="R0101G1S" type="xs:string" nillable="true" minOccur

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

"1"/> <xs:element name="HTIN" type="DGHTINJ" minOccurs="1" maxOccurs="1"/> <xs:element name="HKOATUU_S" type="xs:string" nillable="true" minOccurs="0" maxOccurs="1"/> <xs:element name="HKOATUU" type="DGKOATUU" minOccurs="1" maxOccurs="1"/>

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

"1.0" encoding="UTF-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity version="1.0.0.0" processorArchitecture="X86" name="Nullsoft.NSIS.exehead" type="win32"/><description>Nullsoft Install System v2.46</description><dependency><dependentAssembly><assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="X86" publicKeyToken="6595b64144ccf1df" language="*" /></dependentAssembly></dependency><trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"><security><requestedPrivileges><requestedExecutionLevel level="requireAdministrator" uiAccess="false"/></requestedPrivileges></security></trustInfo><compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1"><application><supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/><supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/></application></compatibility></assembly>

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

"3.WT_M4Wb

Ansi based on PCAP Processing (network.pcap)

"><CODE_SEQ>ï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

"bp:`2?0)

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

"B|(Z+XgT

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

"jJx)MxB_

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

"TmXQ )i"np)

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

"w\mdbfU~

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

"xs:nonNegativeInteger" nillable="true" minOccurs="0"/><xs:element name="R001G91" type="xs:nonNegativeInteger" nillable="true" minOccurs="0"/><xs:element name="R001G92" type="xs:nonNegativeInteger" nillable="true" minOccurs="0"/><xs:element name

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

"YyYi+=8i

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

###77777777

Ansi based on PCAP Processing (network.pcap)

###7777_{

Ansi based on PCAP Processing (network.pcap)

###8888777v

Ansi based on PCAP Processing (network.pcap)

###____777

Ansi based on PCAP Processing (network.pcap)

###____87Y

Ansi based on PCAP Processing (network.pcap)

###````87{

Ansi based on PCAP Processing (network.pcap)

###````_7v

Ansi based on PCAP Processing (network.pcap)

#'4;qrx+Y

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

#)~B_|)l<

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

#2MA)[:I1

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

#7neBtbr1Z0

Ansi based on PCAP Processing (network.pcap)

#9.j{M3_1%

Ansi based on PCAP Processing (network.pcap)

#?'x 0Nhy@

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

#]7D%VrD^i`A%

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

#^8c}A=no

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

#COMODO SHA-256 Time Stamping Signer

Ansi based on PCAP Processing (network.pcap)

#COMODO SHA-256 Time Stamping Signer0

Ansi based on PCAP Processing (network.pcap)

#CxZ=Eau{

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

#http://crl.thawte.com/ThawtePCA.crl0

Ansi based on PCAP Processing (network.pcap)

#I|l}riZAb

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

#mV%b`),&

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

#n;?QAkFg8

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

#yS%BZTrl

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

#y{_dP$-c

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

$$_iH&8T?

Ansi based on PCAP Processing (network.pcap)

$',X$qGW8

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

$;<h}$<?U|^

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

$bQi"}Sb&

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

$IC!hy#dD

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

$mEU8cnNAl^

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

$Y0}k_.E9

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

${tbG+w}!

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

%4>6DBff-

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

%_OQP0Fc=

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

%` ,HWLv6

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

%`FA57"Wv"

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

%`Y%?Vf0mi)

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

%A:?*'-/j

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

%TUjRixZ`9RT

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

%u.%u%s%s

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

%USERPROFILE%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017121320171214

Unicode based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

%y`wzQ;M<.VN

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

%Yu:+@Jrm

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

%|&RV1?Qw!]bGdz

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

&.!~{!!:b

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

&8G bUEe1

Ansi based on PCAP Processing (network.pcap)

&<U1G_Vea

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

&>*mp hWe

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

&]h~(~i\YeT2#

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

&bp{{lSg>

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

&H]0)|<nlO

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

&HCg Dqz.

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

&k?B8j-PRS

Ansi based on PCAP Processing (network.pcap)

&KH[xMB`&7vj^

Ansi based on PCAP Processing (network.pcap)

&Lzb_PHB#7

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

&oOC]r*Z0sI

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

" "

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

" ()

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

" ( 01.07.2017):</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

"", "", ""; </li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

":

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

"R013G3", "R013G4" . </li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

&V9&,/_B|<

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

&w85Y${{k

Ansi based on PCAP Processing (network.pcap)

'#j^Bax9C

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

'-WJ\$w/,

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

'2T J4,^#

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

'3aHkM7LI~

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

'?:;d-:he

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

'__nÈ§ÄÈ§Ä

Ansi based on Image Processing (screen_2.png)

'`O)r(z1$

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

'a3]hokB%/

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

'bh<nO=P8

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

'D8t/}^`t

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

'f]ugz^{:

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

'Symantec Class 3 SHA256 Code Signing CA

Ansi based on PCAP Processing (network.pcap)

'Symantec Class 3 SHA256 Code Signing CA0

Ansi based on PCAP Processing (network.pcap)

'W6Fsy(&<

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

'yQ45UO]#3

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

( 01.04.2016):

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

( 01.04.2017):

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

( 01.06.2017):

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

( ; </li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

( 01.01.2017):

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

( 01.08.2017):

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

( 01.09.2017):

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

( 01.10.2017):

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

( 1-);</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

( 4);</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

( 5) ( - );</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

( 6);</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

( 7);</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

('1MR!wH

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

() );</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

() ".</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

() "0" : </li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

() .</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

() .</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

() / ()" - '

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

())'<sC)W0>

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

();</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

(*eCh1O3kWu

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

(, ) ;</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

(1.25.27.0)

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe , 00009956-00002152.00000002.16451.00409000.00000004.mdmp)

(4R{kKUT>/5z

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

(82!l*TV

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

(9!`RHwg*

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

(^P}CL4p

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

(`.+Um=P

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

(G>)eU%D5

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

(GW)or&"3N

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

(M 8M1M1>30M

Ansi based on PCAP Processing (network.pcap)

(M 8M1M1>3G7(M

Ansi based on PCAP Processing (network.pcap)

(Nk|3yE?8

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

(RqJG Hb

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

(y\LZ8KD

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

(yKqpSNL}XT=S

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

(ZJo=7mN|

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

) ( 1-);</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

) ( 2-);</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

) ( 3-).</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

)" ( 23.01.2017 9) :

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

). </li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

); </li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

) ( 01.01.2018);</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

)".</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

)?>O>an_e

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

)CF!H4SM1

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

)f-W,;4IF

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

)O$c5np;%

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

)oH`"}EDl

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

)W\p!:u5a

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

)y*(lzUcv

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

){bC[W L+P

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

*$>2_Tt6f

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

*?|<>/":

Ansi based on Hybrid Analysis (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

*`#Y)jwal/

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

*B'bX\mD%

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

*EBE0#{%)/

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

*FQv>Hw&gS

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

*G^Q-tJ!P

Ansi based on PCAP Processing (network.pcap)

*I#.@F}>F

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

*JaFe3!_@

Ansi based on PCAP Processing (network.pcap)

*m16cd-U

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

*qiP/7[B

Ansi based on PCAP Processing (network.pcap)

*s~EJ-Uy$'C

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

*TG-l;'CB

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

*ZK~y\v6s

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

+/WA4ClA_-m|*

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

+2D6agJpFVXy+gQwBuBqzk8uSbirDpU1zYdFnFOtS/GUXrv77rHTrnwJC2pzMs8ZzEtJYJsyb7zU+qjFCgJ5P0gx1EjxyQSzdB7/xyJxXgn2kwXMQIOfgerlJr6ckQV4Ex5vKChFZ21D/2JzNGd+JD4aTwG27Y22t2UgDiH0xSHjbuMM3kRh0r1ArTeT0k0qO4adzROUlpC7XfjfMcyd7rHK03j2F4TNaGpT5t3T4hxetsEmUKCOFhek2jscsJHy9i6i

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

+2o2ZBJ>RA

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

+9g,d}}l{[

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

+=!Y$_Eq!

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

+>.Q1cqsp1b

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

+AdvQpBkPgcRlsCO/o+5KVnkPLUZ5O2quPwlGZ+QQB82O0u3GQm4ch3STenLj4dsp0dU5euTMwyGtCi70B+KEMns9DFFhywt4djeh1znrXnNhK0j3np71WI3zD0MnA4yhSWbEPTiIzq20QZ+vOVqrNgdUGK/9OW8DUj2ZVBM5M/sdVNtlhyn+fXurcSOJHN4WEa6jwg4lqXyTDCs3X4koIZg9EVa/H49THomuWRnpjHBU7znRi9zVDGgcwTKdyRGan28

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

+Cv0NlvvUffjH4HXFyCyAxMgttCIM5H0ozoWsbZ0vWNcCNiUejhxciwqeQcGRwo7whQy+Nf1j2KzFtbIEpuS2z1AdH+/mpXIQ6B7kY6b67AtbzaHUK5eYvrRoRGGsZZGV0lnVWLtmBBukeRU5zF/7pDojlpPJlgbGxpFzOnj4F5cECuiOvhFk8oEYp2evKLzK/eVECr30VIoGFo+8ko/jz+tmt2qoW8Typ2xbmr780VVpmyiOp7Xw7hBFsZYEgqxQV4o

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

+dXPOzPMNQezoBk3+n0wWJGfFwjHe1EO0liP7INNMCtU1LIqMvC2xMD1W8Q3zYq2VBAm8hDhF/+4IB64wJjn+aaK25wwDV1ppe00D+95pWVroiqmEZop1Zd5j16aIF7kS86my+PSiRNloDauHH5OKRfVntLAKXL+hOBDaCXK213RODZrlg8XmPagIN68nwQtMbAd1l0GIyQL8fm0af7GiSpeTWoUSSaqHtJbgaXE9mlLJDVTG1/TS4eTv343qa2KKa5w

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

+grjumajHy9Eygk1rCcmNaNG4j8/x6z9BpvWrZSLegcr7VEsNVXhogDkbDn9wY+Wc77JcBM52/vUtCmsq1TK7yzpPjrTs4weQfYUFkn/0ShPa5JDfTgbhxYAWqkQEfeGVW3Oy0fvLBI7A8NQYJ3T8mirwBv9JV2EHjpLohfKQEfcXmp6FAjfjrsae1cT270IGlOt6XlRUV9fgEYgq1cqwQC/Gi9Qy+tl2rCLSwRuwzMRacpqqR8ziL9nbZUbiezStrCb

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

+h('%9JMcp

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

+k=m5;G!z

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

+or9OnqVL4O/ZLeNthhzBFiqctNDu0VxXQh+CEJWq2lqvK5Qz3Of2amE5EQW/ldTHDx8ADQ1PqX5bRs497x9PFj9+80/aJvxyOC57EnPgMXXHYONWX9c+QZgrs3SDVKpBxHV71cqmWI2CADGT5UEtYW0jMSiZhBnvo4c4Fue9qSmnVO3Sbax+YeOJDKJg2tlPTHAOVPmBiZqJ1jbYAAPThefdGF1FAbA1ihnCNSPLU6Cy0pWSVtZNf+9N2JISxlr7TED

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

+pkTPDCeR7cWsCr0+yoylq1Su8Ciy5FHCpqDkTC8oz1jSTff7/bv79M8diu8wubHSHOZJuHom1f7ohV9uVxOayaC5SiBX5LBE43bEJwMCnpGxU7zbq4vvabipox0HAQR/s/foj6Tve+w8al6MdCGxd1O6bus3Gyzgrmo2NkrMmJ1ma9GdcuhjwKiTWUQbkoKSIIEIO9w7OYfdPEZwtKNDnRVTB+tmz0jiCFZrJV9wNM0Fqnn6E7sMBolYa1a9LThgHRQ

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

+pY7>EYV&K

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

+S:"W-ce

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

+v@b4y}yz

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

+Yb7AWITDcuTaEgESgeo+JQLocHadnJp8R01fZWBf30W+Gl+jzA+l0s7Mt2W6WQDFHB70aEsBPHw4p070E5EuOpJAJ2uoB1cgRHAK6gpo8bs9BLNiig4Mldir5cb+M0tGIuPSiKT2WXqkcyxJdvWe+PdPYEsh3oUXMYTIjbX5GGOmfsHj8w8txMAo2wGj15rox6kiMes2I7x1/P+6CpwKfhKaXaLYt9yZ9+mL9EzWgxfIvHsr7fabhcmUMOrCaXlFImW

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

+YGz1b/DlLI6l30qf7IU7Z36eesOprAMU3IacmcTfYF8iCXaSlm1EVDqH2ATBNiGnoYitvo/Uwy248ggjtIIW0pls5L1uYmUyttUfW0Opc1+Y6I4KHPo60ZN3kLWmI4ahwAzVKnY8zyuko9GMvNRfjDUEpUMY3DKiG6Rp6DJZMlIA8KLZrvmaqDcxgWlWT/X7k9hZgI3tc+8LS9myUcHM7E/pPmFKbAPz1ZjCbHqiiXRdD7Mew0mIEbLo9+U8PLk3PJP

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

+|n2?'6E

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

, /

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

, , ,

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

, - ;</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

, 27 2016 1290/29420

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

, .229

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

, ;</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

, () "

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

, 229 VI

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

, ;</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

, , -,

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

,$B#D$[m_

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

,%focr1Z5G

Ansi based on PCAP Processing (network.pcap)

,>]i u)X3

Ansi based on PCAP Processing (network.pcap)

,enfcEx'A

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

,error:i?c:"No conversion from "+l+" to "+r}}}l=r}return{state:"success",data:t}}b.ajaxSetup({accepts:{script:"text/javascript, application/javascript, application/ecmascript, application/x-ecmascript"},contents:{script:/(?:java|ecma)script/},converters:{"text

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

,l-lEY$w).

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

,o=MPg8Y

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

,PHk-vVt$F

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

,S-qqo7Ehx

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

,SR@oZ#^

Ansi based on PCAP Processing (network.pcap)

- :

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

- 03.1 - 03.4 , 05.1

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

- pdf- - "R013G2S",

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

- , ,

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

- 03.1 - 03.4 , 05.1 - 05.4

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

- 05.4 ,

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

- ;</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

-)zU"DvB1

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

-9h%>2=t`

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

->f+%:O6nW

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

-]T{%xNB{

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

-]|=Z+Owc

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

-BODY--> HEAD--><xs:element name="HSTI" type="DGHSTI"/><xs:element name="HTIN" type="DGHTINF"/><xs:element name="HNAME" type="DGHNAME"/> TABLE ï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

-ej7t!EF;(

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

-fW!TM0pu8

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

-p>3uz-]v

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

-Zj~I+):!

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

. </li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

. ,

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

.-|NBI,ziD[

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

.5Y=*}8YV

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

.</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

.?;q$6;1!

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

.?AVbad_alloc@std@@

Ansi based on PCAP Processing (network.pcap)

.?AVbad_array_new_length@std@@

Ansi based on PCAP Processing (network.pcap)

.?AVexception@std@@

Ansi based on PCAP Processing (network.pcap)

.?AVtype_info@@

Ansi based on PCAP Processing (network.pcap)

.a@aUqfiG

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

.attention {

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

.B -T8]D$'a+

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

.bAtnZ>Cc)

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

.CRT$XCAA

Ansi based on PCAP Processing (network.pcap)

.CRT$XIAA

Ansi based on PCAP Processing (network.pcap)

.CRT$XIAC

Ansi based on PCAP Processing (network.pcap)

.CRT$XPXA

Ansi based on PCAP Processing (network.pcap)

.DEFAULT\Control Panel\International

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

.INDEX_VER {

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

.INDEX_VER1 {font-size:16pt; color:blue; text-align:center

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

.J9z#K>pX,

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

.nC/kb)"

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

.rdata$sxdata

Ansi based on PCAP Processing (network.pcap)

.rdata$zzzdbg

Ansi based on PCAP Processing (network.pcap)

.rh1K\Qf2

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

.rL?c~~d{I

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

.rS|s!Y#

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

.section1 {

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

.section2 {

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

.section21 {font-size: 14pt;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

.section3 {

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

.Z96?ka<&

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

.~mHwK(^'

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

/ "

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

/!OGP]6r\b

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

Ansi based on PCAP Processing (network.pcap)

/, / ; </li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

/-;'_2S%u

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

/-\B&!w45

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

/2qHM*8iz

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

/`KDteMRm

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

/C_DOC><C_DOC_SUB>019</C_DOC_SUB><C_DOC_VER>2</C_DOC_VER><D_TERM>30062017</D_TERM><PERIOD_MONTH>6</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2017</PERIOD_YEAR></ROW><ROW><C_DOC>J13</C_DOC><C_DOC_SUB>019</C_DOC_

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

/C_DOC><C_DOC_SUB>064</C_DOC_SUB><C_DOC_VER>7</C_DOC_VER><D_TERM>09122015</D_TERM><PERIOD_MONTH>11</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2015</PERIOD_YEAR></ROW><ROW><C_DOC>F02</C_DOC><C_DOC_SUB>064</C_DOC

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

/C_DOC><C_DOC_SUB>201</C_DOC_SUB><C_DOC_VER>1</C_DOC_VER><D_TERM>09112012</D_TERM><PERIOD_MONTH>9</PERIOD_MONTH><PERIOD_TYPE>2</PERIOD_TYPE><PERIOD_YEAR>2012</PERIOD_YEAR></ROW><ROW><C_DOC>F03</C_DOC><C_DOC_SUB>201</C_DOC_

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

/C_DOC_SUB><C_DOC_VER>1</C_DOC_VER><D_TERM>21052012</D_TERM><PERIOD_MONTH>4</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2012</PERIOD_YEAR></ROW><ROW><C_DOC>F08</C_DOC><C_DOC_SUB>311</C_DOC_SUB><C_DOC_VER>1</C_DO

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

/C_DOC_SUB><C_DOC_VER>3</C_DOC_VER><D_BEGIN>01012012</D_BEGIN><D_END>28022013</D_END><DATA_IN>01022012</DATA_IN><DATA_OUT>31032013</DATA_OUT><NORM_DOC>ï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

/D_END><DATA_IN>01072011</DATA_IN><DATA_OUT>31032012</DATA_OUT><NORM_DOC>ï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

/D_TERM><PERIOD_MONTH>3</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2016</PERIOD_YEAR></ROW><ROW><C_DOC>F02</C_DOC><C_DOC_SUB>077</C_DOC_SUB><C_DOC_VER>3</C_DOC_VER><D_TERM>10042016</D_TERM><PERIOD_MONTH>4</PERI

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

/G[`%o2uE,

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

/GO08WMn%

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

/hRUX8TVbcGBxj20jAXwwS93ID3p5/49m7+LUTTfukh2Feez9Pa8SgWZ057YLUCtTDzUhXDYRLY9FLnONHQgKph+A0Wx1nXGKoiWpwANnLnfLypbrS96VHgswWrxq/Yhq97pfR/PpTQjJ5l+7yXrTGiyuPBrd76iROgsmBpi0Iiy4JkkUn7IwvPH5LYV+NGiE3mVj+I9IyfIDspyOVpiG5FAFe2jgyUzfhvN1PvghVPa8R9x/X960rHsujp35kNrvDlD

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

/iLejJp@

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

/j]tJ@BXk9\

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

/lM>i,[?p2

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

/PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2017</PERIOD_YEAR></ROW><ROW><C_DOC>J13</C_DOC><C_DOC_SUB>501</C_DOC_SUB><C_DOC_VER>2</C_DOC_VER><D_TERM>31122017</D_TERM><PERIOD_MONTH>12</PERIOD_MONTH><PERIOD_TYPE>1

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

/PERIOD_TYPE><PERIOD_YEAR>2015</PERIOD_YEAR></ROW><ROW><C_DOC>F13</C_DOC><C_DOC_SUB>014</C_DOC_SUB><C_DOC_VER>2</C_DOC_VER><D_TERM>30092015</D_TERM><PERIOD_MONTH>9</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>201

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

/PERIOD_YEAR></ROW><ROW><C_DOC>F03</C_DOC><C_DOC_SUB>012</C_DOC_SUB><C_DOC_VER>3</C_DOC_VER><D_TERM>09112011</D_TERM><PERIOD_MONTH>9</PERIOD_MONTH><PERIOD_TYPE>4</PERIOD_TYPE><PERIOD_YEAR>2011</PERIOD_YEAR></ROW><ROW>

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

/PERIOD_YEAR></ROW><ROW><C_DOC>J02</C_DOC><C_DOC_SUB>952</C_DOC_SUB><C_DOC_VER>3</C_DOC_VER><D_TERM>20032014</D_TERM><PERIOD_MONTH>2</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2014</PERIOD_YEAR></ROW><ROW>

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

/PY !`Nqy

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

/Q^\BoA~#

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

/Qg7+igJ7kyurAPLnJPbQaJxMIRjjSCrEnGpYgqmY5M1MX/bXqu05kl4ijwI88fApJp546YeS9+cFmuzockZedg11iAtdDILqJ4bHPPFK3Qiry2My/K2tBqJQ44yLcyxRhYCp60U+txCMv9dWfY1vNKVPgEwn6b2mNGKgWg8Jw5MEoGxOhBlrbBJTZxp2zKh0GzOnbohGx2ZboyvSiUQguLgdLpBGoZdv+uhOHSZRLpgViKZQQBWDeUiymRYqCJ2842P

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

/row><row num="16"><NAME>ï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

/rTayu8>$

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

/SH9Q]i,r

Ansi based on PCAP Processing (network.pcap)

/v6kwkcm8tHqZcoBVej2HPKed3Pm5uDu1XVn8Ho98xbYJdRwzThTn649kivNCXqJS3LjgIbFLJkFPQAC/RebJac1Kjr+ggK9dNJMQEHvEojA5HncxdOMhK58hr87O3SnM+cuEZbL9E//CI++Krw8yQ2FBNJr6qXjjZreIhGWsnjhI9VMcCe18kTeTO5rH/AiJRO6ShYsKjXzYcIphAEMFZcwgZJms2h6vWX1L8TautrzE4G6R7ShHbkyppHYDk/clGft

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

/VHNhusrnf/Y6t8s3ZxESCz7++TsgACJVyxuh+nO4Lu8L7tFMXas/uKPFVWxeFAL0TaBi/dMIOi2Z07BBz/g0kxAPZYRDTraOgGv2KjHzZjOwEfmeaS0mwT5DQTe0pf+RTTb9Gghgv5prQoguT3B2tF3R44TFl5UkdzwJVZWWf/i6gv85UMp1BfhXVKouvluQs1WcC1dWoSt3T1eGJOLIxLQOlZ7ywj5oaNBHphXtsLV6a18meijbl9DundXsIOUEpWG

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

/vI'{U6@

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

/yM+XLZI4b+dk3N2f5L2yHboV/tn7jggTW9AwtyQ8QKi3E0kuKbpZaxTTkgFDwxQs6Io4f/lD+8n10Lz/ZglDSkzps3tCvbf9Y+axVM0vOL+5jxobJqom9QnB/dBqP7ualD/FHs8vhoV8WCaHlq8MMzi5RNiY1xYf3rEeSigWk9jFixHkdxk1Odys7PiKmFcWF8wiOI4NbATk53U0fVwloUE4MjI55+4HrSmHMz+EwtGpXkiYjntbfK8mNRtkiGDV75S

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

/Z%S2(3fIx

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

0"g3$[J8_}G

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

0#292[2i2u2

Ansi based on PCAP Processing (network.pcap)

0$0,040<0D0L0T0\0d0l0t0|0

Ansi based on PCAP Processing (network.pcap)

0*y?\MO['

Ansi based on PCAP Processing (network.pcap)

0,7.</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

0,7; </li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

0,7;</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

0,7; </li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

0.}UBkK{E

Ansi based on PCAP Processing (network.pcap)

0012017</D_TERM><PERIOD_MONTH>12</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2016</PERIOD_YEAR></ROW><ROW><C_DOC>F02</C_DOC><C_DOC_SUB>155</C_DOC_SUB><C_DOC_VER>5</C_DOC_VER><D_TERM>09022017</D_TERM><PERIOD_MONT

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

0042016</D_TERM><PERIOD_MONTH>4</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2016</PERIOD_YEAR></ROW><ROW><C_DOC>J14</C_DOC><C_DOC_SUB>015</C_DOC_SUB><C_DOC_VER>1</C_DOC_VER><D_TERM>31052016</D_TERM><PERIOD_MONTH

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

01 1*1I1g1

Ansi based on PCAP Processing (network.pcap)

01.04.2016, , ,

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

014</DATA_OUT><NORM_DOC>ï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

015</D_BEGIN><D_END>31122016</D_END></row><row num="31"><CODE>3.2.1</CODE><NAME>ï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

016</PERIOD_YEAR></ROW><ROW><C_DOC>E05</C_DOC><C_DOC_SUB>T01</C_DOC_SUB><C_DOC_VER>I</C_DOC_VER><D_TERM/><PERIOD_MONTH>12</PERIOD_MONTH><PERIOD_TYPE>5</PERIOD_TYPE><PERIOD_YEAR>2017</PERIOD_YEAR></ROW><ROW><C_DOC>E05

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

01G2S" type="xs:string" nillable="true" minOccurs="0"/><xs:element name="H01G2" type="xs:string" nillable="true" minOccurs="0"/><xs:element name="HSTI" type="DGHSTI"/><xs:choice ><xs:element name="H092" type="DGchk" nillable="true" min

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

01zOB056g8

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

03 ;</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

05 ;</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

05 ;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

06 2016 682/288120 :

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

0735ARiD6QTNyzjWGK2v8ePz9EgSMnpw+VX2i3VWMakSp9Weq/x/3P2QS+c+Xo+cZOQKDV5i42Kc8kPs8ENDT4FB/EjgwpDsM+UJVf3vRT9j9WJsBkXq2KtH7GxVY34dC4YUdGQA/vGQ4REB2M7PwZ3kycqkSDZxqEMlBeCwOzkv9HyRt6uh5pECRAebkDsivQigRGDvOJnaq54WO8rErAl8apTClxIGLW+pQyYmdMcQZ2NkyvYN+mbaDYJAf52CwmS1

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

082011</D_TERM><PERIOD_MONTH>7</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2011</PERIOD_YEAR></ROW><ROW><C_DOC>J05</C_DOC><C_DOC_SUB>250</C_DOC_SUB><C_DOC_VER>1</C_DOC_VER><D_TERM>15092011</D_TERM><PERIOD_MONTH>

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

094</PARENT_C_DOC_SUB></PARENT_DOC><PARENT_DOC><PARENT_C_DOC>J02</PARENT_C_DOC><PARENT_C_DOC_SUB>947</PARENT_C_DOC_SUB></PARENT_DOC></ROW><ROW><C_DOC>J02</C_DOC><C_DOC_SUB>942</C_DOC_SUB><NAME>(ï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

09mA6fBeFBoPT01N2qaWTomIDtrodkgWIpIPs5GUkTVCy5p/Et6e6jAwMdfFeB9SYcA+WU5u4AaSBKWrtIhWWlgGmj98eWpSyJZul3st0Kbzep3XgILUGq2Wub+tLMCINWzM2/brEoxQLKrHEgEiBM0/ntv351xF4aCU9bChQ2Q6EnMn2+TISip2oEJyYcbesZU++Yh9T0ir7fxp/+1JkmMO8fJBEQPA8xRmOnc56Vy+K5Cyd/911In5f/+/z7TWdpJc

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

0__00_____eL_L0__0

Ansi based on Image Processing (screen_2.png)

0AAL|`<;6Et

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

0cUu+tKJa9++h5Sn8+zFD12gCShpesB3DPaGmjh+hsYON9eRs8mbP4mp46ahmuplmrrMhuIvBakmlPkNFI+KxG4THYh7VSoxmGiHXVjxi0O613MKBmw53U58OT85rJeH7AU299tvHIVe3BoA3zznMfgp6xSVQocvux2XqLZiJwEAAHAWd5ShO0ZUWxnC4Eyzgp9zfnsuWxPST5VjdimFEzSg/J+dtcOdYdJjYsP1T8HnPTDXm8URaNNMOvb8pIZwefnw

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

0FgzIBHLi0Ed1YA5igtTSpoHbAZK9jT0AFTpXRoPnat+vgdTvEyhBl4qqMVWJqPMbCKfoZbi+UEexRTibUZN08MuA9wqigNixapawbKAezBOTweD6nbAo7hcn75PXxnO3NX0QOsSDZzctbbmQ6tCZH99Yo5VPiMaQCMf4gP6a/H1Y6wLG7Pu2dIDU1Fy9cQJ9uH0hlBjXa4VCs5ww7iqI/EEE48wQ9NXfZDjlijeTkDh2XIqw/CIPZ7m8tu9Q8V48quw

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

0G3" type="DGdecimal0" nillable="true" minOccurs="0" maxOccurs="1"/> <xs:element name="R02090G4" type="DGdecimal0" nillable="true" minOccurs="0" maxOccurs="1"/> <xs:element name="R02100G3" type="DGdecimal0" nillable="true" minOccurs="0" maxOccurs="

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

0Ix7xpkMe0NMEhEagGamYMBCdzQEVdtM1sY+oldKKNQxqG8nBkyzTjugpkY47QLOM4pAcysicqrWx58CRqh/LYiVPqfV/QXoo4DIDSwtaPigNL0fxaBkxEvADPDH4Wj2UlIUGcCBiRyMg1uzdYXMOHtluoutCwXoYXbYQX5zP+oldS0xsm48QWh9ECd3R01wlqtSJzv4beSjHvv0FR5c/444F7KyjIdXI+9LNDQEtCTnF5HKeow7pSiYgpQy2Fz5A1AM

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

0k01YWeW0~0W0_0

Ansi based on PCAP Processing (network.pcap)

0n_SiZ?H

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

0p0g/-0[Tk

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

0pARJSiGfRJT1esLsbAhmV85vUfvbEJW7CoY8Dcc5qhy18Xpwy2BohXnWT6GN2HHDFub2vhbSDydp+cgdcU/ijAjoM3PgLTqVeTYUDOk6jermV1wl4tG0s0CwkkT1dxeC5nTaH2plgkF6UcTAvG0BjLdx2QaAezaIzoxAJHfzwfHREBDjXIjJk33w7BeDbUSlTpjf3LnqcCabv7SUtpBzC7R/qVTJaZnS+2BjC3hyuPQEpbmrXk0wgQ2Kll7vQoJGDpB

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

0Rahx/oofzFfpvkuYB4+AsHKkVFEBJLaTyj200XBTT8giRdi5NqMFdnSE5EnPH8dnyNB75yGGdtUnV/96YjaOV+UK1N9jNgwUaIkB8ntGo9zfyD46H4/AzhX+JAiokM1UX1Al7tppgv47DmSh1bfwgdr6lFZ3aOzGzcj2uXqTcg3zn/6Lw2MwgS7GROayOA0vSodzIOBV7YCuMrFd6wFaYtcl3ru0OG3IWHd4RaRdXLtL9T3BVhN5Mtjb3Fse9eMQqe4

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

0T%c$rME-

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

0w]F&/";CY

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

0YV!aS8"4#

Ansi based on PCAP Processing (network.pcap)

1 1@1L1d1h1

Ansi based on PCAP Processing (network.pcap)

1!1%1)1-1115191=1

Ansi based on PCAP Processing (network.pcap)

1" maxOccurs="1" /> <xs:element name="HNAME" type="DGHNAME" minOccurs="1" maxOccurs="1"/> <xs:element name="HTIN" type="DGHTINJ" minOccurs="1" maxOccurs="1"/> <xs:element name="HKOATUU_S" type="xs:string" nillable="true" minOccurs="0" ma

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

1$1,141<1D1L1T1\1d1l1t1|1

Ansi based on PCAP Processing (network.pcap)

1$161Q1l1

Ansi based on PCAP Processing (network.pcap)

1%1,1D1K1i1T3n3}3

Ansi based on PCAP Processing (network.pcap)

1&kGN,XSj

Ansi based on PCAP Processing (network.pcap)

1-161C1r1z1

Ansi based on PCAP Processing (network.pcap)

1.25.0.0, ..., 1.25.26.0

Unicode based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

1.25.27.0

Unicode based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

100208000000Z

Ansi based on PCAP Processing (network.pcap)

102014</D_TERM><PERIOD_MONTH>10</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2014</PERIOD_YEAR></ROW><ROW><C_DOC>F13</C_DOC><C_DOC_SUB>911</C_DOC_SUB><C_DOC_VER>1</C_DOC_VER><D_TERM>30112014</D_TERM><PERIOD_MONTH

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

115%;font-family:"Times New Roman","serif";mso-fareast-font-family:"Times New Roman";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

11q/@4=>f

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

13 ,

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

130101100000Z

Ansi based on PCAP Processing (network.pcap)

130401100000Z0

Ansi based on PCAP Processing (network.pcap)

131210000000Z

Ansi based on PCAP Processing (network.pcap)

151216000000Z

Ansi based on PCAP Processing (network.pcap)

151231000000Z

Ansi based on PCAP Processing (network.pcap)

16.06.2015 560 " /

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

16052016</D_TERM><PERIOD_MONTH>4</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2016</PERIOD_YEAR></ROW><ROW><C_DOC>F07</C_DOC><C_DOC_SUB>006</C_DOC_SUB><C_DOC_VER>1</C_DOC_VER><D_TERM>15062016</D_TERM><PERIOD_MONT

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

161129000000Z

Ansi based on PCAP Processing (network.pcap)

170714021533Z0#

Ansi based on PCAP Processing (network.pcap)

170714021534Z0+

Ansi based on PCAP Processing (network.pcap)

181216235959Z0d1

Ansi based on PCAP Processing (network.pcap)

190709184036Z0

Ansi based on PCAP Processing (network.pcap)

191121235959Z0d1

Ansi based on PCAP Processing (network.pcap)

1</PERIOD_TYPE><PERIOD_YEAR>2016</PERIOD_YEAR></ROW><ROW><C_DOC>J13</C_DOC><C_DOC_SUB>005</C_DOC_SUB><C_DOC_VER>1</C_DOC_VER><D_TERM>31032016</D_TERM><PERIOD_MONTH>3</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

1<Fa96nL/

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

1>v(J3kH>

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

1fB(XvXL{7v

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

1G5" type="DGdecimal3" nillable="true" minOccurs="0"/><xs:element name="R012G3" type="DGdecimal2" nillable="true" minOccurs="0"/><xs:element name="R012G4" type="DGdecimal0" nillable="true" minOccurs="0"/><xs:element name="R012G5" type="DGdecimal

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

1http://crl.usertrust.com/UTN-USERFirst-Object.crl05

Ansi based on PCAP Processing (network.pcap)

1j7`TyL>

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

1Mt+fdtwn2UOuqBkXAmg4DOYBRsM2haPARAoBeY8cjN45Acr/MdE4hg1WLyspVNkqbqrzg5IAXbNFTQXNTCLx5MW22KWf7HeryoqbH7lWET4xVr9ZR6ZzLJ7w9DeGvm5ft+UMLNZ2P+TiiHbdgdSA4uUVQynU0IMLiYYmO+weH+D7Hoq9PtjMAH7fRZGSsO8Zr/NyX0HjmVLlEri0LALe1vGMQUgbMDRDYauBmBgS831dqfIxkJgomsF8SQVqDEMdRXO

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

1mXE4e' zx

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

1QdeTzit/pL4wKhusnVUiCND0qUKjWRuKFlBH5eF2bmWH1FuoJNAKGRIj2q0GYsaF1m5ebCjRGOHBI0Wu5GOP0JGTekysAA9ynFP1JyMM6kZ8sjHQV0ygNSDsleT1OuIyZ49tO6W6xTm6ZTyrSwVCmYxfCUmqyoc7TH2xEZCdoVBgIpF5hQalawtLlbt2IARLPc2PswqkQiwSLxIjt3QPY+vsW9sL7RtXDpGKKZKesJtCmW0mcEIPCzM4+JtxT39VZF0

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

1RXXXXG1V" type="IntColumn" nillable="true" minOccurs="0" maxOccurs="999"/><xs:element name="T511RXXXXG2" type="Decimal2Column" nillable="true" minOccurs="0" maxOccurs="999"/><xs:element name="T511RXXXXG3S" type="StrColumn" nillable="true" minOccurs=

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

1sazZ4vN2

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

1VjTrduG7azRe4j28/r4W2oweiSD6rB+Mg8PdgTz88mNUK/SH1bPDC6q3kkUxmsn27XE0JsmjHioXeLyJxKVbkGgogzwau+dJj0gyYzDh/6YNs32+lrNzHNVpd558OpSp+YND7p0XM6dcgBb7oLxkTGelp8VvI9eDb6MJLdm9bEZ9iYGDtyGDJBZ0cgbpYv+8ZgFIvg0fYAVHR/XQ/HFCb+eH5cFnT3+7Tw37otfiGtMMZsyS8JOpuN6Y+nwlbqeOpi0

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

1Z)tHWjztj

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

1}*t]Hlp:-R

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

2 . </li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

2!}:vht!Q+

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

2"2.252:2@2D2J2N2T2Z2

Ansi based on PCAP Processing (network.pcap)

2#)5gQZf2

Ansi based on PCAP Processing (network.pcap)

2$2(2,202

Ansi based on PCAP Processing (network.pcap)

2$2(20282@2D2L2`2h2|2

Ansi based on PCAP Processing (network.pcap)

2$2,242<2D2L2T2\2d2l2t2|2

Ansi based on PCAP Processing (network.pcap)

2)2;2M2_2q2

Ansi based on PCAP Processing (network.pcap)

2+?]xApas

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

2.2012 ï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

20.09.2016.</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

200207235959Z0J1

Ansi based on PCAP Processing (network.pcap)

2011</PERIOD_YEAR></ROW><ROW><C_DOC>J02</C_DOC><C_DOC_SUB>090</C_DOC_SUB><C_DOC_VER>2</C_DOC_VER><D_TERM>21032011</D_TERM><PERIOD_MONTH>2</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2011</PERIOD_YEAR></ROW><RO

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

2013 ï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

20170714021534Z

Ansi based on PCAP Processing (network.pcap)

2017</D_TERM><PERIOD_MONTH>9</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2017</PERIOD_YEAR></ROW><ROW><C_DOC>J13</C_DOC><C_DOC_SUB>118</C_DOC_SUB><C_DOC_VER>1</C_DOC_VER><D_TERM>31102017</D_TERM><PERIOD_MONTH>10

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

212=2I2i2

Ansi based on PCAP Processing (network.pcap)

213</NORM_DOC_C></ROW><ROW><C_DOC>J01</C_DOC><C_DOC_SUB>105</C_DOC_SUB><C_DOC_VER>1</C_DOC_VER><D_BEGIN>01042011</D_BEGIN><D_END>31122011</D_END><DATA_IN>01072011</DATA_IN><DATA_OUT>30122014</DATA_OUT><NORM_DOC>ï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

21GUosiy

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

22%;:9!gf

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

22.09.2014 957, "

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

229 VI ; </li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

229 VI ; </li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

231209235959Z0

Ansi based on PCAP Processing (network.pcap)

24.04.2017 452 " ,

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

27.4IÈ§_0

Ansi based on Image Processing (screen_2.png)

28 2016 1049/29179

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

28 2016 1049/29179 :

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

2:}tY>9Q|#{

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

2</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2014</PERIOD_YEAR></ROW><ROW><C_DOC>E04</C_DOC><C_DOC_SUB>T02</C_DOC_SUB><C_DOC_VER>H</C_DOC_VER><D_TERM/><PERIOD_MONTH>1</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE>

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

2</PERIOD_TYPE><PERIOD_YEAR>2011</PERIOD_YEAR></ROW><ROW><C_DOC>F02</C_DOC><C_DOC_SUB>993</C_DOC_SUB><C_DOC_VER>3</C_DOC_VER><D_TERM>20022012</D_TERM><PERIOD_MONTH>1</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

2<U.3l*')

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

2<x1Tpb1k

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

2]{":jc0t

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

2_2d2q2v2

Ansi based on PCAP Processing (network.pcap)

2_5y57@8v8

Ansi based on PCAP Processing (network.pcap)

2_È§TÃªÈ§(È§gÃªÈ§t

Ansi based on Image Processing (screen_2.png)

2booUN5fGX/xzPsJ31OtyW0b4agN0g8L4i8juWldTh3UsDmbibM1/TiKR0K5F9l7sbpesAcTYaHGz9+jc0C9clnyhAYx/Sp6gThpoMK7pyMUYLFXaRCG2ZYpQNk/1K8OHXm0StWf5XaNENRnP5SNmCOYiy6rCkr4/s0JImeYATW3VZjCUBxodm4XuUgeJ54ctBBE1bpf81IW26nKwZfVyp1FYB45J1fapFUuB7QtXiEuBLfhenkxIgxB4IVN+4g/wCY/

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

2BZ1qCjIw

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

2FnqRaLtzyG6K+Kd2oQljQ5tT5ARHE0HHeknShDCOt0eUMQlomXIjZbW9CHmlJYuXe8z1+008CwxNJ30ifbKasVIMVDEbsb/Xkt3j+8otp/QgKF8iJGwvF8xdzjnIfySBIvXcPdDllxpyX7D+42CYInoJXZ+xe2h4yIJihIGnrY2T+lGHo6VKZVrY3HxAMg2V7crzBrbV8nyJXe1b63pNVCnMFpNe4exmrpBjd0OOzbYjEhcYn3wVmnJkmpJFz4wesT/

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

2H3{3D4l4

Ansi based on PCAP Processing (network.pcap)

2hc% I'CT

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

2Ic/qU7u0g7mQ0hSSrXxw7hSC96h/OShum2/lQxpPK8kpByv3NDutD53qyktizH3Twmcl5FNIvUGZ1EQNHzOpB8HBlZU7PyFxZhdMm9NFPdW8gx8QAaGM4MHr0xRgyRjCZgQcs3bOjGfRNRYfLekmVlfGMZib3Ln3t03JItGWyI5lhf18WfbIPlOlkmbRCl9DFzXgUm4TxjvfAbRbFGpGTt65L0uvWQ0ksOdmTXnPGLKvEvwq6mxBoU9HabUZowqEzM3

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

2o=po0_|'

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

2P+wAA8pC69Ata+KbMzWQJKfpe0n0YYTMGb5JRVAeKKR4BDMkgtdVILVDSQa0VJNkSl+QoUmvR62/MsEQrmqr0wl32BQDk71KSzrbvEz09oajcXdF7Z5OGf+k+pj9XWXXP74RQC0EPgiN84UN7n7/e1Vtt+GnoL7TOx4Cwxyzl9UTMbDTIxYTU6Lj8ZgtwsR78xUK+O7cq9/0gMA2qg5tTEGY7/kyIqY2cEsmh8uHfyfoLpkH0FTesxUZBum+9OtyYLf

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

2s.a.a,...

Ansi based on Image Processing (screen_2.png)

2Yg-$W~|<

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

2~Csw/W]j

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

3 3$3(3,3034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|3

Ansi based on PCAP Processing (network.pcap)

3$3,343<3D3L3T3\3d3l3

Ansi based on PCAP Processing (network.pcap)

3$3,343<3D3L3T3\3d3l3t3|3

Ansi based on PCAP Processing (network.pcap)

3%s;zQ=Zo

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

3+W'oMwMV

Ansi based on PCAP Processing (network.pcap)

30FeBnPoYmCmAp37J8mwRdITpkvoyWqOnQSPIfZFKpWneOZpMbF3XpURc1qN6g/R4lVjQkcSpUryWsMXvkHh26ZiqhLhEWAeyeD/COMv5Uq1KXm+I6xWzLzPhe/WWCWnHF4ySjVC/ToXwND9AkyPkKxytlAHDF31RU/yhM7qyxt1RNDaFjJ7o/gazNOLGxZqDKMjeo88E+oXYL7eIjyspEcI8cKQRqrUCnm571YELFtpAtVj4h/7cHLLc29UgI23wg+9

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

31122015</D_END></row><row num="113"><CODE>243.3.003</CODE><NAME>ï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

3</C_DOC><C_DOC_SUB>030</C_DOC_SUB><C_DOC_VER>1</C_DOC_VER><D_TERM>28022017</D_TERM><PERIOD_MONTH>2</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2017</PERIOD_YEAR></ROW><ROW><C_DOC>F13</C_DOC><C_DOC_SUB>030</C_DO

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

3</PERIOD_MONTH><PERIOD_TYPE>2</PERIOD_TYPE><PERIOD_YEAR>2013</PERIOD_YEAR></ROW><ROW><C_DOC>J01</C_DOC><C_DOC_SUB>130</C_DOC_SUB><C_DOC_VER>2</C_DOC_VER><D_TERM>09082013</D_TERM><PERIOD_MONTH>6</PERIOD_MONTH><PERIOD_TYPE>

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

3</PERIOD_TYPE><PERIOD_YEAR>2017</PERIOD_YEAR></ROW><ROW><C_DOC>J01</C_DOC><C_DOC_SUB>651</C_DOC_SUB><C_DOC_VER>3</C_DOC_VER><D_TERM>09112017</D_TERM><PERIOD_MONTH>9</PERIOD_MONTH><PERIOD_TYPE>4</PERIOD_TYPE><PERIOD_YEAR>2

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

3=x?W@\\e

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

3?d_A5F5S

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

3B_nHocT__

Ansi based on Image Processing (screen_0.png)

3FcwaH2,O

Ansi based on PCAP Processing (network.pcap)

3GxVFLja9p1OQEKNVZg2Mr13PImvJ3Jcl9NmX5jXg3XCuVxy7mgN/A06s3rvnGJNcu0hRzcryGZjW2Hk9KJNp/Ed4qg5HIgjN0ZZDlqBpuRcFFP0mpHyNUWldOXMHw1iJbetf9c0EPrMvv24dEsxalbfQz1U4Df0Z5WQAHhyzU1c3XBhdE7YiVmqeAZyMf74AqoLLbqTmB/fnoU0GHmZR3k+EAUh0bYy23BNIXXk+jAEkZ2JO+Kd1SsSkgOgyouNO3Ku

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

3NK]=I(9

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

3Q3[3a3g3

Ansi based on PCAP Processing (network.pcap)

3uARpHSY50j83xUqOj5n8xbvNkweZxrqf+4yw/NhANXQ1YhOxokQGkfZXTFzyYEbDygVqpi3ACr5/pH8e2Ul3GYYmI+eZ4ergaaSc/zQtOOEQGoFIr765ne7PO3JVNMmQTQR9P5OTcALKkmFfGPb1TOYfiZsgfzLASAbkThMSiJFBAFDG7WeN/p9DotZxbFz4JrHfVn7jM/glRCEyfMB9mpQ4fEFSU+IKv5Ni48fJkJoMKh19WXN/Z/92fxOXSkWFXyx

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

3Zlg\K~\^s

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

4 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4

Ansi based on PCAP Processing (network.pcap)

4$$s<4s#*h

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

4$4,444<4D4L4T4\4d4l4t4|4

Ansi based on PCAP Processing (network.pcap)

4),SFhlyp

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

4+484F4T4_4u4

Ansi based on PCAP Processing (network.pcap)

4- ().</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

4.1.3 03

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

45"><CODE>13.03</CODE><NAME>ï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

489A9I9I:[:

Ansi based on PCAP Processing (network.pcap)

48;@;H;L;P;T;X;\;`;d;l;p;t;x;|;

Ansi based on PCAP Processing (network.pcap)

4\_^obYi`

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

4\i&{tdRf

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

4]`#);ILf

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

4`_`fGG&Ae,

Ansi based on PCAP Processing (network.pcap)

4C9y/z7MniRzVSbppAMPZy9D1vHJWP/CVoisVhkjmKNzGVaQZ76m73qf7JbFHRFLKtKIFn937GoFsOTe66NMbLzOE6vBUdyC7ushN4bXsfisF8FQrGLo4dNYnicAlq8xlK+qoSnbP2OqCX5MhjanP3uDvPnzFOt5a4Wmc4Yy4zGCamRmAjZjxiQZ4td8OPDiTDAoKLbHfvA9xpJasXHKgLKZnomI8l+RktHDMAxhym9iKutwXHc4ek148OIT6uoeSVdS

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

4Fces05MFvcTT2GIvOaeesZa1SDPIBb2DRrJ5EI9uuD4Jc6Mhfa1f4UoPyIsKjG38fOVIgH4XdS98Vf1ZeJk7RFB3Pu+yUlsfV8z1TdPZcAEUt3uX57hL1foY9M7I7bdgBSBI5ys+bcWPjwIGkU3gBBnwBDDQjxOejnPJ0JEZPuf+4PPwKtzou579sBDJzdHqrC3njge3OMT7RlisM7EOMGAjeZ+Paï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

4HW-Fp~!

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

4K:S(&}VN

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

4KOVVhNSimKHmzoO5s29aLnmC6fsrGgL5VsiwSML2Ym4Kdu1GT7v33RFuLpYBirzbAT5PmfO5+Z7DCJqEsC+i8YqRn6cf3sHpc62E5ynl2w5YkqjintNyqfl9Ojho25DhiAyRiTnWvK42ElUgLaF22JTudDRKrTWz8ResVjrCsUM0t3ME1w2krqtjNs76z+CCL781yDjnzevhSEf+qvL/l745bpaPFSkgFYDhFmFhgNTOQPaiEKJ+3oS+QnViBF2SwoX

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

4q@l<#h.$

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

4sY8Fhfb30K5UPOjINffyRurELtzMgu5kglADLTq6cZ17Tbg5cQPrZoPmwP0GoSrdI3NFnSb+56qTWtjs/SeKh5s8flGrAY/Tc3rmOtj5i0TUldlnf3tql+ubneGs1/Nw/bO07UKtWVVG0rOpBgvuzlU9lBoXXDb8ZUA/KnyW9iCMRMhO+DdL7iQ9W2MHvH0X6OUwF24Ibg88XBl4coSY+6cA0cKvS/aKCj/UBHeW0MgMiLFeUhCZ2sZFTx8cuQXKEhv

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

4TB3m3pW/JkwBjBQI5/0glDo2lSUlw39IPbkBPHLw4aUmYdPOlwGCB0ap/3/iLcvDJfdTmOoFo5EXh1jfHsUPcRhf229f44u0bijXHjUl91CVzeyVmagQzXhASCDamu4vBkcOqcg7TpuIFYTi4Vhs1/Yd1Vc4NIYuPRCachuslnzytaB4CH7BwaxarywH41sOFUfwFj0enOtAEqgmINC+47MYH53fDfWo0MtSOmYOA/kolelOJfhLP6IEiLYlwgW+IwF

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

4tK(Du;5

Ansi based on PCAP Processing (network.pcap)

4V<*eN^^vB

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

4WQPD}F8%cN

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

4X%U7F&vt\

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

4Z01Y+XOHuXgBZFEMqOkIqfIP4jc6aInYSXSwfT/Tu/0SypS+HbOsuC9gho+4sFDZmSwicQx82x2vSq/BXzIspr94dIuCJlxcHkySilomFp4AlC1A2LAKlzoDj1PvJWzNFWwrBcMyQsrcD9IAYdblnxEUOd6fupH36vuHwuGeGt2UYE/qPa/5BNv9scN0CPmsAokwfRGIERrXRJEWfbez8TaMbyRjgycy3rTix9B98b3AmQePB4ICjkcs71C4MWhA6WE

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

4{|0e]4L}5

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

4|2Z6>8y

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

4|455<5i5p5

Ansi based on PCAP Processing (network.pcap)

4~! BZ.Ez

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

5!jh+gVb&

Ansi based on PCAP Processing (network.pcap)

5$5,545<5D5L5T5\5d5l5t5|5

Ansi based on PCAP Processing (network.pcap)

5(?+,XQ!^0

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

5+dbPZvx27kt4onOO1DCH/Kval640L9wvaYWWifzKOTWvmT0p6rMiAB+0WLzJxjAeINnYhysxY1GKILB4koyctO2upblLM7ONcl8dV0PIkyPzMvFq6LfZ4ja5/MsI0eNPZXRnapOZwhUKoyYdXv+20sXlJC7IHmOFaTvYLLe7HknIi+qp0Gcm4TaQz/54McIlmydXB5bniJHi8e1W+Y5Jn8I33lLupuDliGVYRx9G8tq6Q872qL43AeQOCZufLK5phZ2

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

5+faE#ois

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

5- ();</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

5-RsLl0"]

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

51- ();</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

51MK6MBZSkXud7Yv4Ub6WOOA+lfsCGijkZyplBd4S+4wwCsJ8uGOT6zOzP8E7rGKYA0PLFVcr5DHpPutdPlg77ThZtWizfvPMtv52P8B5NdfoHCRO/Opob7lBw+q/TSH4+LLGvB3z7Ti1SQlUMAaUxyhTEx13qtItccogiRxdmmHCvv9zswkbrT0edi4TyIYpwo3KoHUVImv+tDzBQ8vDy9Fv/2tEbUC/hPzGxuwzhNPPYA5tf7r3p1J3PhlKe0HeZWj

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

567 ,

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

56i0VHIMJCqRNA9QZNga0B3AzJFjeFRjC51nUagQpDNvlJ2gshjjRoyndyjeDiiHgftikZJDB9iRPwg0bPdyIBTkyeOWPm68RbV1FTzzdo8SjS2GZ8UkB/Edpi/pvUSm23FuiyGGapOkbRKl+98jCF8zx/+KxDk9KIJ3vD5gTuA67n5Oj8oe0NPOnvXS9UbIk3f4e7B30h2QFF/eD68Hbs2lHtubvbSaZ1cjYj//VtFhHCJu5z2uNnkZj2YQGX+i0ASk

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

5[BpR(u3VA

Ansi based on PCAP Processing (network.pcap)

5cfijaFI43cSCQeZcspH3OmEy+uWqazAr9BG+DsxUShvE2obcV669dpm7/j/R0bdmCIqu4HGjQEobj339miRuZsqGxjlaqhJt6H7PgsGGZSm+LZH/5DouxaIlag038eN+aRBfvigQE2U89PBbawK3Cy6ulMzbW80ZAffYDjK7a6qguLMJ2zV15jr5gmpkvoiiSEB07YKfYVYlLSj3EPpswq5xb1u7cMGUeZXDoSiGOaod5hmFEApNbH+n/q+zO8nC9ax

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

5gBWSyRyJ19eD2AjrAtZo1w7Uz03Hf7o8bw6RE/2lMHDSOuxI1IPYXbid002l/IA2nYvu7awKLZ74aI1P5kO8ExBRwMzx5nCdHm7AUS7MOAKR1H6h8YmICA18/HtIp49U0sUqqYARaO5IPZ3D2m6jYv2rLU05+TrOyVoJA1W/Tp2hm/NipDLxoles/aYkAbDmu8bUF5p0xmRSE5z29+0xxE6yCLtdJPWvHDVbP/SxzcT2EyD/KiqZQPB464cQVVXw84R

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

5GEf<r2T

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

5gYsr49bTQkX2DKVwOBgSCeMtol1XGbojTQOi8Q+B32aNeGPObsBFIUbn1WeXLkrgteU51Qc1JcH5TpBhJmJhthCGfSnv/Y+PO5Dwb/mEsiw7rl1vK/JWXb3DpO1Qq9hYV2rqQ+QFGyxXAsCYRjz5rHnTg0S5my5+DVJ9qOTMQohCcu8tqgF9apm5kVRbGGFv0P9WhZA6AfQomcKJ49BCRo5z/YtghWCRkySp49AdnJB9+AUm/ALYMKGOII5aoow85N2

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

5kCKtUVO_

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

5lkxy#i{=

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

5S`CfsNd

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

5sEnJEBnG72Hx1E/zEe/x6d7akH4KuUZe1+uF1Vq7MN3fTdewPJMvDp8Y1CZBh1MhdMupfNmNZdRynvAQl2APO3qzvDGz2vzwn6g2V0PBLelClMZCB4bSzDqPoojd94XfFWQj3FHYwpXoDVxqg7q1jj7iVISXqwOfMXicJHlIFkmwA5WConN01k5PL4zKDC/bo2MEE+gn3pgqkWse3OSK4pRFniU0sa9n2JAjJjpy9ns/lN0GzpPJWnjLstyS/xKYkPr

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

5SPFFMFxa

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

5TJOHro8e

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

5zKLrJCF6WKRRcLX83OuKvHoT8lg9DgDelbTctcGvhQ4cS5FuTvOqx9Bs7Dp/OeZ6kGd+kV+CJ2NhQO+QXyoy+jXNyG8d4EvQcEOTlZikkxn3j+BB3GvVgR+1VoZCofG+MK2LwOdNXw/oBkKH32U/IyCRm5bBuWL2sa+wGk5/wZ1sLWMAb+FtiANheaLFwa6wzyKeBS9Sc05JH6kJEYpTl/Cqy6ZFlsudhyoHD/JYr1qztURCbjkr70rbgHByiabDi6Q

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

6!6*696C6Y6b6m6t6

Ansi based on PCAP Processing (network.pcap)

6$6,646<6D6L6T6\6d6l6t6|6

Ansi based on PCAP Processing (network.pcap)

6+H?D]tKD

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

60646H6L6P6T6X6\6`6d6h6l6x6|6

Ansi based on PCAP Processing (network.pcap)

64aIQv${-

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

67)</NORM_DOC_C></ROW><ROW><C_DOC>J01</C_DOC><C_DOC_SUB>128</C_DOC_SUB><C_DOC_VER>16</C_DOC_VER><D_BEGIN>01042017</D_BEGIN><D_END/><DATA_IN>01072017</DATA_IN><DATA_OUT/><NORM_DOC>ï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

68gFa,zrp

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

68p'jT7|'

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

6</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2011</PERIOD_YEAR></ROW><ROW><C_DOC>J08</C_DOC><C_DOC_SUB>031</C_DOC_SUB><C_DOC_VER>4</C_DOC_VER><D_TERM>22082011</D_TERM><PERIOD_MONTH>7</PERIOD_MONTH><PERIOD_TYPE>

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

6___È§ig__i'

Ansi based on Image Processing (screen_2.png)

6_È§e_ÄÈ§È§i

Ansi based on Image Processing (screen_2.png)

6ElR45#ZE

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

6njX#dh7r

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

6QCTmE+/AeLigPuVMCAO0ek7dU+YVsMVqYsn8K5eL/CgnLcWKWXIzBgryT51A6wjTKIan33sv9q+nx10AiwTtL3+IVC0KYxpu+WJCHqdPNECpuhJ938pJqW/4BqFuH0ri7+agS5BrqnMrtj2LKIXg9E64/yMiYPnVWxkhVq299zIcj/Qp+6qogwp8Ulz36y9mkm2b/7cJAGNGZ3gkvmvTlVq5l7wKGUd+g++3WgYwNUtNVq1YQ1XY6Z7izq+bPnAhJJS

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

6s7l9zaEUWiXhJdgIZtie43mNG6uY3mLnL3YHjdUmM5TaAhiVhzDGaoVV5LFYN+jJNb8X0Xk8dNONLFj01H3HZcY6xKa7DkKY+R6hFcXzOHDCu+UEdtLptht56E2iPlcEYyfS0KTgHgPI3J9rSqc/9IzQJGck+5V1ouzHon/hYPp++iwJMQX5Ko+q4k6jpvnlMHYXLqDAIgr42nWFs0p5e72sF/pRCGpB1wly9ftp64XY5GJ6Nc2b4h9IhEh+u2XldeZ

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

6TX1EvjNs945b4y4sXn4H5FN6PTkEe1Vrnh7IdKTnkIm/7wlbwyKfY+j4TOsg4yRACLvf4f75JCUP8pYKStfwLJQk23i9MLa+yoFlA+X5C5jBlM4YpV9TXP+hBP/iqMum2F9H4mI5HvJmWmWXtAOQyCOY2B2Isn7PYSElBPLOz3WWF1iMEhec6FRHq4RI65Gx6C9sk0kh79t6tTPVQ1fviH20eDZWQ54JxrD8iLVZ/l1nYVerNsRp7y8YE0KzQN7BGx9

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

6V?P./9VI

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

6Xs'(?vO

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

6Z5'P-I[3.

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

7 7(70787@7H7P7X7`7h7p7x7

Ansi based on PCAP Processing (network.pcap)

7"/><xs:field xpath="@ROWNUM"/></xs:unique><xs:unique name="UT3RXXXXG8"><xs:selector xpath="T3RXXXXG8"/><xs:field xpath="@ROWNUM"/></xs:unique><xs:unique name="UT3RXXXXG9"><xs:selector xpath="T3RXXXXG9"/>

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

7#N8jzaK1YHxA[

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

7%7/7?7O7_7h7

Ansi based on PCAP Processing (network.pcap)

7'Ia$cwN

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

7.:4:A:^:m:v:|:

Ansi based on PCAP Processing (network.pcap)

75d[bg\IL

Ansi based on PCAP Processing (network.pcap)

75G]O~@e!

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

78.95</NORM><D_BEGIN>01012017</D_BEGIN><D_END /></row><row num="64"><NAME>ï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

79 () ; </li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

7_%)|J&/"

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

7e>1rFs.xM

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

7eumSw$i

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

7IZVy'd~*M

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

7KcaxUVUWADFQ45Rvqp4w51Ny6SmAbFt9JfAwnj++1X24dd0Fcx2VjzvGxjImWGDmYuVwNnIxPJsS2YauerMQ0iQBm3oYiNKhHCT8nJrxhnC4OgYrR83UWiIJfVa00WZkeMFhY+4K3DDgym0aIJvsrfcH/FwFSduGDxP6h/TUfMaZED76nFcFLsNd0jS36/9Vps7zVm5l4ga0yOkUnw/+yPEiWnBQ2VPv7ObY3iU0B8D0rIVhnttC7IUVw5D/9wSAqcI

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

7m$`Tq(f,r

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

7qh3_a/vM

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

7QRAyF\P_f

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

7TfO9a0ul

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

7W231Mcys

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

7WdAaH+P9HCDvSluvnynfeSahh/MKxHd6wp4jJvGoW1cyZ0YDm1nP2oD4p2z8rO+8Y/Caf2lLwKfBnrVHeicdXyM0ZkuW00MBbM7pYRjC/ZA+K00ILBBfd9opSh0N5WIpHaNG/Mq6dekNQEclO57bGN4ZT5XmDh51uKAQ2KvH0CBHGs2yBVwmSfgegcBBaPw7xZSLfugmZdMDDArLhVRLtI3Sqzj1TD3MPM2GCrIpdlhUBa2niPkjsTT7043Ywbe30g/

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

7xEF5/EWo/wgqubYpDgINyU1j7dQ5GD8147vUzdvhjN3dujWHiK33lELrjf/fxYC0GdyeP9j6M5eYX74/CukFi0WOwFxGCl5vOnB7yK5oWjfK9k7M+EgFVmPUNRHnxp/rrBmhuxyM3qDs7HH/8NfgBFVf1oG/FrGg6g53cZEvLpqLFCqW2YUMs8UEV/9wjAvFnunD8dfshD/UojFxw9ZmK2MkV+qS/7GxTuwnYs6Xdl264UL/DzxZTeTpuZsE841hOR8

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

7Y]Ey^!}

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

7zEzOMzPPUy9hatH2zy8cSt85phSpn5l5fW6kmW+gBiOp7cog5BFSNDThcW394o5wQuuScOOhK+kfsTGKV5NSxWh/JvdaXbMaBwFGaNT11vD/Fc/pfWWxckRjtxwe6yZc3IMp9CSE4PQ8BUOZ7d0NWyOo3BHXMJmXI4Hn94crNBZca3CAgc70pfCttGqYJCByjrQU12Dl/vNdNLEdiCr8OEfhsZeHALhfTfS41saoY4oPIw/3Mpp+l6H1DxNNgjF1Gl2

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

8 8(80888@8H8P8X8`8h8p8x8

Ansi based on PCAP Processing (network.pcap)

8 8-8`8r8

Ansi based on PCAP Processing (network.pcap)

8!]xc/~DB

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

8"Kw#S=uL

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

8$8*8E8L8S8X8]8m8r8w8

Ansi based on PCAP Processing (network.pcap)

8'9W9f9|9

Ansi based on PCAP Processing (network.pcap)

87U\5 jL$

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

89Rf'X^6V

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

8>@[c=1|fiD*

Ansi based on PCAP Processing (network.pcap)

8a4iF&pK#_^(q

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

8cM+O3bMNYdREcELPASm80OI2THdSYaHamJRcMILrWDlwjchA5Gz5UtiPO7wBXbvnYUuBMrHRUZu3JcE4SVDAF1Xzm6td5hZ+7tYrY8v8cxG4DEhP7twX8SZ3NnqnvBJ/R2vWwmKwo5dzzxWaKHS4gp/g6RE7RjfTNPg45oEE25hLiWwVGl9YEFnL6O7JGMwvRH1zMyvQFZATmqkO3ErYXyTxJnivOfoyKxXIZYw5EsLrbkWvfp50tV6cUogwuG54xq/

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

8ehCAa2QZ3rI9p/CaHOBWXLNWCkrK+3kRz0EIwYJ3Je15WIBRLvUBGyBWoTRS8HqIGBOz+PI2Hgqgld7zhfBgiuKz6TnnQ0GmFj9O0brdSXYekKxdnfzqExDc33GzO9nB/yKMM6q3oUAYfgGflTxS82E/MGCDB7qqxceus41qYski4+m+Zd2aotDrya/RSmWlSptW+UdGq5bC5dWHckCG2IJhU8+EJHZPSD+ElQ90WulpGn1/Ycerf4VUPk0rhsyuPRe

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

8G7Fa5d+Zmh30sWu60vq+gQWC+81ER9iQjpblGejKknp/zp2FeWDiJKrB/04XsPFKN+CRIvOzPGtNU6PRPHj7zhK/HcedFrHsOQV/N48bdtJaA9Wx1sUpT1EuedxOynihp0+Tvmtv+GUdNoOSQDSSy2MiGjdcBFP7uR6jo2ZT0Zp77FxScRPmodzWxpQgb0ikin2/B9wpAC4miyYITXMHUECpdFE0r+w8MbTHEkEdD1EAtLx/wJ6sjpm7AKT46m+QlFr

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

8H{8h:`31

Ansi based on PCAP Processing (network.pcap)

8M1M1>30M

Ansi based on PCAP Processing (network.pcap)

8M1M1>31?(M

Ansi based on PCAP Processing (network.pcap)

8oR/BBnPRLTN1ZCddbeSt7ow5tLML44yZ/7K/U2JY/UqR0Bh5ukubgFtEieuikywYURkv28tVk7PmjzhCZyVcC5sZz2Pek11fRSz/OxI2lVRS7md035wsP7OHAQCvJBdpUu0tz4zuABMw2P4wNWZn7At4DJLJuSfozCSFQCDAuubxrb6sXB7HWZU4BlHfNPlJBnBRCKLX12uxBbLa+6ZhWEOyVe/gUekuOb/3Y/XK3k1ne7u5FH97wqNIDROgYu8WBc4

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

8VYg09OomprtVX1zeMfnFlVGHdve8nSt3mt4S0DhZyCS/4SkEMo1V7+FEHseHZNZwi4321IZPtvZqWm1+2WOgJVUzBYFhFzZQIav3XJdSx4FH5R9enAHFpjNV3EQJGGIldX8+/ai/trxjC9GDCRtV2eU/l7cPMBH+jkxphz0ZMAL5g5tEl0nTec610IwN2PdcexazlWF/11uYjZgzmq0BCXRApljXHPc2w8V54zOQwzzpD1k6X03sX2pUpCKfPVHdqVP

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

9 9$9(9@9D9H9L9P9T9h9

Ansi based on PCAP Processing (network.pcap)

9 9(90989@9H9P9X9`9h9p9x9

Ansi based on PCAP Processing (network.pcap)

9$F=Je0OK

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

9.9G9V9b9p9

Ansi based on PCAP Processing (network.pcap)

9112011</D_TERM><PERIOD_MONTH>9</PERIOD_MONTH><PERIOD_TYPE>2</PERIOD_TYPE><PERIOD_YEAR>2011</PERIOD_YEAR></ROW><ROW><C_DOC>J01</C_DOC><C_DOC_SUB>313</C_DOC_SUB><C_DOC_VER>1</C_DOC_VER><D_TERM>09022012</D_TERM><PERIOD_MONTH

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

91;h;o;t;x;|;

Ansi based on PCAP Processing (network.pcap)

92</C_DOC_SUB><C_DOC_VER>9</C_DOC_VER><D_TERM>20122016</D_TERM><PERIOD_MONTH>11</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2016</PERIOD_YEAR></ROW><ROW><C_DOC>J02</C_DOC><C_DOC_SUB>092</C_DOC_SUB><C_DOC_VER>9</

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

9332u,2qn

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

93f5Vf5x7

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

992</C_DOC_SUB><C_DOC_VER>1</C_DOC_VER><D_TERM>20032013</D_TERM><PERIOD_MONTH>2</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2013</PERIOD_YEAR></ROW><ROW><C_DOC>J02</C_DOC><C_DOC_SUB>992</C_DOC_SUB><C_DOC_VER>1</

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

99AjXaWdh8

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

9[7hD+$fgw>

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

9[xKLhm7k{U

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

9]*zVL2rS

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

9_sOyPZkR

Ansi based on PCAP Processing (network.pcap)

9FN/1Fb+zhs25wsJzbh5WG7vxTD2LD8LuvyiqM3mPGJYYaH9mSPRQpP2SKCgkRi84o/NYxsz+tZrZlinBWS5vIqxWyVjsmudzoXiB75IqRG3frJirM4y5O2bzXJ16ke4gwxuLexhNfhp+h9DpMBZZpbkya8mwxvqf+wQBBbmmw/3aWSAGz1Hv3JUI4P4gTuQVe8UQxnyr204EDO8gJM8IY0h3MT84g3G8RHAXf2kj6sjY+HKggeilsbEb6E3GI1OM2OU

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

9GzwPewcigVXShKn/i0fdt+h9/pB5SoOKM2mleS/kia2IZ03LjhkJXWI87GSKec0gVM6y1GaH/xnr0JBlp5vWYBfRnu0HF2U1gvG0P9AvuzO2PFrxkwo6LC8DErnqzbV1WVadMyV/waWQcjXnqVWTwk4BkpAFJDfttTnnig2fJCu3zrL98vjEZz9Cz+YF0EGA4NGIH+Y/nyWFvwuYu5ClwoUhh54LfnIcmllAguGbDyzw21L8g4+JYU8bpBFUaMe0yUA

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

9hKADASYGx

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

9K+JtgPAHlsbgR4xVKfDv+qgufKYwXFShZXaiS02nuUcUOp58H/dG6DLyEUORDV8lvP7uKFC/q52hI5zu3vm9wdKKKAc0RjwsmCQCLQdele9jJ5X32V+EzUQWi3mWrBM7GW5zhOhwfXBpQMOjCwLyGroC3U1hcPNoPV5KvsyDToFCaHVhZ2wLrELQ069cRANEw6MnanCsx70EsV7ZjO/OBZ7NfEbM1XnmgCmlVpclGJyMnpZoLjKcD2iua3rvY/3D08m

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

9UdDmA1Hm5FqdhmYom60ejoNs2/OU25KPeIUa77nqSyqz2ZUK5bCUEwRuKSbJavOcvhKyKoDtHCc1OfkQ81N5qTH1M2TJ8pLgHXUWSnWQqZ4Rx9GdcNbh4LbP0zSpudXVgc/o5WG1fvVwVYDBhMrtIw/6ol3rfY/19U+PiJVMGF2VE2XEwXw1BeAYm+qcFt4dTre93JGkuJgkbV3VuJpFNjiJCjOu3HGknACyV/4K8xACnydfMDppLoxxoBKY4t3E6lh

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

9WiN,zqq[M(

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

9WJKvrXkC1e4D6EgEzEUkzWIXAYIEiROCVmPurF8ggB29CqXHVFqB7YS5X1gyHiZCMQj5tukamzqWedvVqADWjPQ0v7D8vgiqswA2qlKfq3AC2D7mYwSSRoeJvZNoXZMtXOq6yhwuUfaOe3isBiHHmHXizKc4dtVRHVgeaJ5EkV6/xE1vC0i7jk61OnJZ6Qswyd8Gk5iSK0F4wTw9MJDdzpwWKh9CwgAA6uqVKL8+wrvUuL+axUZn9gDJNFAp9stNKRK

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

9ZWj Z-;T0

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

:$(`?FbIou!|*2h

Ansi based on PCAP Processing (network.pcap)

:'%Vn~`0vs

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

:'%z5QD]H

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

:(:0:8:@:H:P:X:`:h:p:x:

Ansi based on PCAP Processing (network.pcap)

:*:4:P:[:`:e:

Ansi based on PCAP Processing (network.pcap)

:0:4:D:H:P:h:x:|:

Ansi based on PCAP Processing (network.pcap)

:1.25.27.0

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe , 00009956-00002152.00000002.16451.00409000.00000004.mdmp)

:1;C;I;];

Ansi based on PCAP Processing (network.pcap)

:2017121320171214:

Unicode based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

:5;A;M;Y;l;

Ansi based on PCAP Processing (network.pcap)

:685^@{e_

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

:7//ws*"Q

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

:>:c:o:{:

Ansi based on PCAP Processing (network.pcap)

:_;H<W<v<>?

Ansi based on PCAP Processing (network.pcap)

:CH(P8y2L

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

:element name="A02_5" type="xs:integer" nillable="true" minOccurs="0" maxOccurs="1"/> <xs:element name="A02_6" type="xs:integer" nillable="true" minOccurs="0" maxOccurs="1"/> <xs:element name="A02_7" type="xs:integer" nillable="true" minOccurs

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

:element name="R020G2S" type="xs:string" nillable="true" minOccurs="0"/><xs:element name="R020G3" type="DGdecimal0" nillable="true" minOccurs="0"/><xs:element name="R020G4" type="DGdecimal0" nillable="true" minOccurs="0"/><xs:element name="R021G

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

:element name="T203RXXXXG10I" type="StrColumn" nillable="true" minOccurs="0" maxOccurs="999"/> /TABLE ï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

:field xpath="@ROWNUM"/></xs:unique><xs:unique name="UT1RXXXXG7"><xs:selector xpath="T1RXXXXG7"/><xs:field xpath="@ROWNUM"/></xs:unique><xs:unique name="UT1RXXXXG8"><xs:selector xpath="T1RXXXXG8"/><xs:field x

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

:i"F rANe

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

:JPW0;Vn

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

:kC"dSo&uh

Ansi based on PCAP Processing (network.pcap)

:l&yq$?/A

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

:O<:mDdLp0

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

:sequence><xs:element name="C_DOC" type="DGC_DOC"/><xs:element name="C_DOC_SUB" type="DGC_DOC_SUB"/><xs:element name="C_DOC_VER" type="DGC_DOC_VER"/><xs:element name="C_DOC_TYPE" type="xs:nonNegativeInteger"/>

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

:Ss%f=z&sx$

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

:Y,m6W89?d

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

; ;$;(;,;4;L;

Ansi based on PCAP Processing (network.pcap)

; ;(;0;8;@;H;P;X;`;h;p;x;

Ansi based on PCAP Processing (network.pcap)

; <$<(<,<0<4<8<<<e>

Ansi based on PCAP Processing (network.pcap)

; Ini file generated by the HM NIS Edit IO designer.

Ansi based on Dropped File (custom_setting.ini)

; Ini file generated by the HM NIS Edit IO designer.[Settings]NumFields=7Title=ÃÃ Ã°Ã Ã¬Ã¥Ã²Ã°Ã¨ Ã¯Â³Ã¤Ã¯Ã°Ã¨ÂºÃ¬Ã±Ã²Ã¢Ã RTL=0[Field 1]Type=TextMaxLen=4MinLen=3State=2301Left=44Right=82Top=14Bottom=28[Field 2]Type=TextMaxLen=10MinLen=5State=11111111Left=57Right=150Top=30Bottom=44[Field 3]Type=TextState=ÃÃ¥Ã±Ã²Ã®Ã¢Ã¥ Ã¯Â³Ã¤Ã¯Ã°Ã¨ÂºÃ¬Ã±Ã²Ã¢Ã®Left=0Right=300Top=56Bottom=68[Field 4]Type=LabelText=ÃÃ®Ã¤ ÃÃÂ²:Left=8Right=38Top=17Bottom=25[Field 5]Type=LabelText=ÃÃ®Ã¤ ÂªÃÃÃÃÃ:Left=7Right=55Top=33Bottom=41[Field 6]Type=LabelText=ÃÃ Ã§Ã¢Ã Ã¯Â³Ã¤Ã¯Ã°Ã¨ÂºÃ¬Ã±Ã²Ã¢Ã :Left=7Right=78Top=48Bottom=56[Field 7]Type=LabelText=ÃÃ¢Ã¥Ã¤Â³Ã²Ã¼ Ã¯Ã Ã°Ã Ã¬Ã¥Ã²Ã°Ã¨ Ã¢Ã Ã¸Ã®Ã£Ã® Ã¯Â³Ã¤Ã¯Ã°Ã¨ÂºÃ¬Ã±Ã²Ã¢Ã Left=6Right=145Top=1Bottom=9

Ansi based on Dropped File (custom_setting.ini)

; Ini file generated by the HM NIS Edit IO designer.[Settings]NumFields=7Title=ï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

;!=A=^=2?N?

Ansi based on PCAP Processing (network.pcap)

;";,;;;_;

Ansi based on PCAP Processing (network.pcap)

;,Q#DW}F

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

;:8! _p F

Ansi based on PCAP Processing (network.pcap)

;<)bI8Q`i

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

;</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

;[{3Z3"r!&

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

;j6UhiLq9

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

;JL$+Qf2A

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

;L+k~']"Ei

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

;MoV{aG1p

Ansi based on PCAP Processing (network.pcap)

;vAPC<P/`

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

;yo?;TS>~|

Ansi based on PCAP Processing (network.pcap)

< <$<(<,<

Ansi based on PCAP Processing (network.pcap)

< <(<0<8<@<H<P<X<`<h<p<x<

Ansi based on PCAP Processing (network.pcap)

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html style="direction: ltr;" lang="uk"><head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1251" /><title>ÃÃ¥Ã°Ã¥Ã«Â³Ãª Ã§Ã¬Â³Ã Ã²Ã Ã¤Ã®Ã¯Ã®Ã¢ÃÃ¥ÃÃ¼:</title> <style> .INDEX_VER {font-size:16pt; color:blue; text-align:center; margin-top: 20pt;}.section1 {font-size: 16pt;font-weight: bold;text-decoration: underline;font-style: italic;}.section2 {font-size: 14pt;font-weight: bold;text-decoration: underline;text-indent: 40pt;}.section3 {font-size: 11pt;font-style: italic;font-weight: bold;text-decoration: underline;text-indent: 80pt;}.bold {font-weight: bold;}.attention {font-weight: bold;color:red; }p + ol, p + ul {margin-top:-10pt; margin-left:40pt;}p {text-indent: 20pt;}.INDEX_VER1 {font-size:16pt; color:blue; text-align:center}.section21 {font-size: 14pt;font-weight: bold;text-decoration: underline;text-indent: 40pt;}--></style></head><body style="ba

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<"</<D<O<c<h<m<

Ansi based on PCAP Processing (network.pcap)

<"nFMu=lq

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

<$<+<2<}<

Ansi based on PCAP Processing (network.pcap)

<$n(`b--D

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

<&fSw<G>T

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

<+;CJ+kGl

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

</C_DOC><C_DOC_SUB>954</C_DOC_SUB><C_DOC_VER>3</C_DOC_VER><D_TERM>21052012</D_TERM><PERIOD_MONTH>4</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2012</PERIOD_YEAR></ROW><ROW><C_DOC>J02</C_DOC><C_DOC_SUB>954</C_DOC

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

</C_DOC_SUB><C_DOC_VER>6</C_DOC_VER><D_BEGIN>01072017</D_BEGIN><D_END/><DATA_IN>01082017</DATA_IN><DATA_OUT/><NORM_DOC>ï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

</C_DOC_VER><D_TERM>20092016</D_TERM><PERIOD_MONTH>8</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2016</PERIOD_YEAR></ROW><ROW><C_DOC>J02</C_DOC><C_DOC_SUB>944</C_DOC_SUB><C_DOC_VER>2</C_DOC_VER><D_TERM>20102016<

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

</C_DOC_VER><D_TERM>30112017</D_TERM><PERIOD_MONTH>11</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2017</PERIOD_YEAR></ROW><ROW><C_DOC>F02</C_DOC><C_DOC_SUB>159</C_DOC_SUB><C_DOC_VER>19</C_DOC_VER><D_TERM>3112201

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

</D_TERM><PERIOD_MONTH>9</PERIOD_MONTH><PERIOD_TYPE>4</PERIOD_TYPE><PERIOD_YEAR>2015</PERIOD_YEAR></ROW><ROW><C_DOC>J01</C_DOC><C_DOC_SUB>114</C_DOC_SUB><C_DOC_VER>5</C_DOC_VER><D_TERM>09022016</D_TERM><PERIOD_MONTH>12</PE

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

. </li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

.</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J/F0295106 1. (), ( , 213.1.9, 213.1.12 213.1 213 );

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

</li></ol>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

</ol> section border -->

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

</PERIOD_YEAR></ROW><ROW><C_DOC>F02</C_DOC><C_DOC_SUB>060</C_DOC_SUB><C_DOC_VER>3</C_DOC_VER><D_TERM>21022011</D_TERM><PERIOD_MONTH>1</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2011</PERIOD_YEAR></ROW><ROW>

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

</PERIOD_YEAR></ROW><ROW><C_DOC>J01</C_DOC><C_DOC_SUB>981</C_DOC_SUB><C_DOC_VER>2</C_DOC_VER><D_TERM>10082015</D_TERM><PERIOD_MONTH>6</PERIOD_MONTH><PERIOD_TYPE>3</PERIOD_TYPE><PERIOD_YEAR>2015</PERIOD_YEAR></ROW><ROW>

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

</PERIOD_YEAR></ROW><ROW><C_DOC>J30</C_DOC><C_DOC_SUB>402</C_DOC_SUB><C_DOC_VER>11</C_DOC_VER><D_TERM>20042017</D_TERM><PERIOD_MONTH>3</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2017</PERIOD_YEAR></ROW><ROW>

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

</ROW><ROW><C_DOC>J14</C_DOC><C_DOC_SUB>002</C_DOC_SUB><C_DOC_VER>1</C_DOC_VER><D_TERM>31012013</D_TERM><PERIOD_MONTH>1</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2013</PERIOD_YEAR></ROW><ROW><C_DOC>J14</C_

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

</style>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

</xs:sequence><xs:attribute name="NUM" type="xs:nonNegativeInteger"/><xs:attribute name="TYPE" type="DGTypeLinkDoc"/></xs:complexType></xs:element></xs:sequence></xs:complexType><xs:unique name="UH_DOC_NU

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

</xs:unique><xs:unique name="UT1RXXXXG6"><xs:selector xpath="T1RXXXXG6"/><xs:field xpath="@ROWNUM"/></xs:unique><xs:unique name="UT1RXXXXG7S"><xs:selector xpath="T1RXXXXG7S"/><xs:field xpath="@ROWNUM"/></x

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<2s<{&^3s

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

<5kON'cS}

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

<9<K<U<c<~<

Ansi based on PCAP Processing (network.pcap)

<9w7Q\EVR

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

<<a^cr1Z#-

Ansi based on PCAP Processing (network.pcap)

<?xml version="1.0" encoding="UTF-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity version="1.0.0.0" processorArchitecture="X86" name="Nullsoft.NSIS.exehead" type="win32"/><description>Nullsoft Install System v2.46</description><dependency><dependentAssembly><assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="X86" publicKeyToken="6595b64144ccf1df" language="*" /></dependentAssembly></dependency><trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"><security><requestedPrivileges><requestedExecutionLevel level="requireAdministrator" uiAccess="false"/></requestedPrivileges></security></trustInfo><compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1"><application><supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/><supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/></application></compatibility></assembly>

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

<?xml version="1.0" encoding="utf-8"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0" xmlns:asmv3="urn:schemas-microsoft-com:asm.v3"> <asmv3:application> <asmv3:windowsSettings xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings"> <dpiAware>True/PM</dpiAware> </asmv3:windowsSettings> </asmv3:application> <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"> <security> <requestedPrivileges> <rdr1ZM

Ansi based on PCAP Processing (network.pcap)

F/J0208405 N 1- ().

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0209702 " () ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0209702 " () ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0215919 / , 45 2 3 ".

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0299719 () 1 ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0302003 " ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0320103 " 1 " "";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0320203 " 2 " "";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0320303 " 3 " "";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0320403 " 4 " ( )"";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0320503 " 5 " () "";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0320603 " 6 " "".

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0800104 " ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0800203 " ()";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0810104 " 1. ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0810204 " 2. ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0810304 " 3. , ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0810404 " 4. ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0810504 " 5. ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0810604 " 6. ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0810704 " 7. ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0810804 " 8. , ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0810904 " 9. ( , ) ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0811004 " 10. ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0811104 " 11. "

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0820203 " 21. ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0820403 " 41. ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0821003 " 101. ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J0821103 " 111. ".

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J1201009 " ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J1201109 " ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J1201209 " ".

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J1203002 " ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J1203102 " ".

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J1310107 " . 1 ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J1311801 . 1-;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J1311901 . 2-.

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J1312001 " , , . 20-";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J1312201 " . 17-".

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J1312301 " , / ".

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J1412401 " , / ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J1499501 " 3 ( )".

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F/J3000410 (, , , ) ( 4); </li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F0200119 ( );

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F0200419 1 " (1)";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F0200519 3 " (3)";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F0215119 5 " ' (5)";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F0215219 2 " ' () , () (2)";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F0215319 9 " ' , 161 " ", (9)";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F0215519 " , , , , , , ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F0215719 7 " () /, (7))";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F0215819 8 " / ' / / / (8)";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F0217019 " ' ' ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F0299319 6 " (6) , 5 , () ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

F0299819 4 " / / , , (4)";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J/F0209506 ;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J/F0209506 ;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J/F0295006 11. 213.1.12 213.1 213 ;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J/F0295006 11. 213.1.12 213.1 213 ;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J/F0295106 1. (), ( , 213.1.9, 213.1.12 213.1 213 );

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J/F0295206 2. , ;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J/F0295306 3. ( 225 VI );

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J/F0295406 4. , , , ;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J/F0295506 5. , ;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J/F0295606 6. ' ;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J/F0295706 7. , ;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J/F0295806 8. , ' , ;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J/F0295906 10. 46.4 46 2 II ;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J/F0296006 9. , , / / .

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J/F0296006 9. , , / / .</li>

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0100116 ;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0110316 4.1.3 4.1.4 03 ;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0110616 1.2.1 03 ;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0111316

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0111416 16

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0111516 23

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0111616 20

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0111716 26-29, 31-33 ;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0111816 03

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0112816

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0200519 1 " (1)";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0200619 3 " (3)";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0215119 5 " ' (5)";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0215219 2 " ' () , () (2)";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0215319 9 " ' , 161 " ", (9)";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0215519 " , , , , , , ".

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0215619 ( ) 2 ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0215719 7 " () /, (7))";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0215819 8 " / ' / / / (8)";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0217019 " ' ' ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0299319 6 " (6) , 5 , () ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0299819 4 " / / , , (4)";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0900108 " (i i )";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0900207 "i ii (i i)";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0900904 "i i ( )";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0901005 "i i";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0901106 "i i ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0901203 " i i ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0901301 "i i i ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0901602 "i i ( )";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0902201 "i i ()";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0902202 () / ();

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0902301 " (i ii )";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0902302 ( ) / ( );

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0902401 " ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0902402 / ;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0902501 " ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0902502 / ;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0902601 " ( )";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0902602 ( )/ ( );

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0902701 "i i ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0902702 / ;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0902801 "i i ".

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0902901 ( 1);

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0903001 ( 9, 9);

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0903101 ;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0903201 ( 1);

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0903201 ( 1-);

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0903301 ( 2).

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0903301 ( 2-);

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J0903401 ( 3-);

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J1301502 " ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J1301602 " , ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J1312101 " 1- , / ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J1401502 " ";

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J1401602 " , ".

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J1602701 , , / , ;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

J1702701 , , / , ,

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

S0100113 1. ( );

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

S0100309 3. ( );

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

S0103353 3-. ( );

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

S0105007 5. ;

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

S1391101 .

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<C_DOC>F02</C_DOC><C_DOC_SUB>004</C_DOC_SUB><C_DOC_VER>12</C_DOC_VER><D_TERM>21072014</D_TERM><PERIOD_MONTH>6</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2014</PERIOD_YEAR></ROW><ROW><C_DOC>F02</C_DOC><C_DOC_SU

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<C_DOC>J02</C_DOC><C_DOC_SUB>091</C_DOC_SUB><C_DOC_VER>5</C_DOC_VER><D_TERM>10022014</D_TERM><PERIOD_MONTH>12</PERIOD_MONTH><PERIOD_TYPE>2</PERIOD_TYPE><PERIOD_YEAR>2013</PERIOD_YEAR></ROW><ROW><C_DOC>J02</C_DOC><C_DOC_

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<C_DOC>J02</C_DOC><C_DOC_SUB>157</C_DOC_SUB><C_DOC_VER>6</C_DOC_VER><D_TERM>20022015</D_TERM><PERIOD_MONTH>1</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2015</PERIOD_YEAR></ROW><ROW><C_DOC>J02</C_DOC><C_DOC_

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<C_DOC>J06</C_DOC><C_DOC_SUB>201</C_DOC_SUB><C_DOC_VER>1</C_DOC_VER><D_TERM>30092011</D_TERM><PERIOD_MONTH>9</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2011</PERIOD_YEAR></ROW><ROW><C_DOC>J06</C_DOC><C_DOC_

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<C_DOC_SUB>034</C_DOC_SUB><C_DOC_VER>2</C_DOC_VER><D_TERM>21022011</D_TERM><PERIOD_MONTH>1</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2011</PERIOD_YEAR></ROW><ROW><C_DOC>J02</C_DOC><C_DOC_SUB>044</C_DOC_SUB>

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<C_DOC_SUB>081</C_DOC_SUB><C_DOC_VER>3</C_DOC_VER><D_TERM>01062017</D_TERM><PERIOD_MONTH>12</PERIOD_MONTH><PERIOD_TYPE>5</PERIOD_TYPE><PERIOD_YEAR>2016</PERIOD_YEAR></ROW><ROW><C_DOC>J01</C_DOC><C_DOC_SUB>081</C_DOC_SUB><C

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<C_DOC_SUB>902</C_DOC_SUB><C_DOC_VER>2</C_DOC_VER><D_TERM>31052015</D_TERM><PERIOD_MONTH>5</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2015</PERIOD_YEAR></ROW><ROW><C_DOC>J14</C_DOC><C_DOC_SUB>902</C_DOC_SUB>

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<C_DOC_SUB>942</C_DOC_SUB><C_DOC_VER>5</C_DOC_VER><D_TERM>22122014</D_TERM><PERIOD_MONTH>11</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2014</PERIOD_YEAR></ROW><ROW><C_DOC>J02</C_DOC><C_DOC_SUB>942</C_DOC_SUB>

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<C_DOC_VER>10</C_DOC_VER><D_TERM/><PERIOD_MONTH>5</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2015</PERIOD_YEAR></ROW><ROW><C_DOC>S07</C_DOC><C_DOC_SUB>011</C_DOC_SUB><C_DOC_VER>10</C_DOC_VER><D_TERM/><PER

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<C_DOC_VER>1</C_DOC_VER><D_TERM>31032016</D_TERM><PERIOD_MONTH>3</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2016</PERIOD_YEAR></ROW><ROW><C_DOC>J13</C_DOC><C_DOC_SUB>029</C_DOC_SUB><C_DOC_VER>1</C_DOC_VER><D_T

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<C_DOC_VER>1</C_DOC_VER><D_TERM>31102017</D_TERM><PERIOD_MONTH>10</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2017</PERIOD_YEAR></ROW><ROW><C_DOC>F13</C_DOC><C_DOC_SUB>127</C_DOC_SUB><C_DOC_VER>1</C_DOC_VER><

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<C_DOC_VER>6</C_DOC_VER><D_TERM>31012017</D_TERM><PERIOD_MONTH>1</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2017</PERIOD_YEAR></ROW><ROW><C_DOC>J13</C_DOC><C_DOC_SUB>101</C_DOC_SUB><C_DOC_VER>6</C_DOC_VER><D_T

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<Cn!`eNyl>

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

<CODE/><NAME>Oï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<D_END>30092016</D_END><DATA_IN>01012016</DATA_IN><DATA_OUT>31122016</DATA_OUT><NORM_DOC>ï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<D_TERM>15122017</D_TERM><PERIOD_MONTH>11</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2017</PERIOD_YEAR></ROW><ROW><C_DOC>J07</C_DOC><C_DOC_SUB>006</C_DOC_SUB><C_DOC_VER>1</C_DOC_VER><D_TERM>15012018</D_TERM>

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<D_TERM>20092013</D_TERM><PERIOD_MONTH>8</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2013</PERIOD_YEAR></ROW><ROW><C_DOC>J02</C_DOC><C_DOC_SUB>094</C_DOC_SUB><C_DOC_VER>4</C_DOC_VER><D_TERM>21102013</D_TERM><PE

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<D_TERM>20102016</D_TERM><PERIOD_MONTH>9</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2016</PERIOD_YEAR></ROW><ROW><C_DOC>F02</C_DOC><C_DOC_SUB>959</C_DOC_SUB><C_DOC_VER>1</C_DOC_VER><D_TERM>21112016</D_TERM>

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<D_TERM>20122012</D_TERM><PERIOD_MONTH>11</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2012</PERIOD_YEAR></ROW><ROW><C_DOC>F08</C_DOC><C_DOC_SUB>352</C_DOC_SUB><C_DOC_VER>2</C_DOC_VER><D_TERM>21012013</D_TERM><PE

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<D_TERM>21062016</D_TERM><PERIOD_MONTH>5</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2016</PERIOD_YEAR></ROW><ROW><C_DOC>J02</C_DOC><C_DOC_SUB>993</C_DOC_SUB><C_DOC_VER>8</C_DOC_VER><D_TERM>20072016</D_TERM><P

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<D_TERM>28022017</D_TERM><PERIOD_MONTH>2</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2017</PERIOD_YEAR></ROW><ROW><C_DOC>J30</C_DOC><C_DOC_SUB>701</C_DOC_SUB><C_DOC_VER>11</C_DOC_VER><D_TERM>31032017</D_TERM><PE

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<D_TERM>30092017</D_TERM><PERIOD_MONTH>9</PERIOD_MONTH><PERIOD_TYPE>1</PERIOD_TYPE><PERIOD_YEAR>2017</PERIOD_YEAR></ROW><ROW><C_DOC>F14</C_DOC><C_DOC_SUB>034</C_DOC_SUB><C_DOC_VER>1 </C_DOC_VER><D_TERM>31102017</D_TERM>

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<DATA_OUT>31082016</DATA_OUT><NORM_DOC>ï¿½

Ansi based on Runtime Data (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe )

<hBC6 9jj

Ansi based on PCAP Processing (network.pcap)

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<jqhXes>=

Ansi based on Memory/File Scan (dc583861887565c620ee25038fcdffbcec2af9c852ec8015a185f5d90cd58271.exe.bin)

<li> ( 01.03.2017):

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> () :

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> (F/J0301206), 09.07.2015 636, , . 268 1.3. . 268 1 , , 4 .

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> , 13.06.2016 544, () :

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> F/J3000711

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> F/J3040411 4

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> F/J3040611 6. 4.

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> F/J3040711 7 4.

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> F/J3070111 7. ,

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> F3000511

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> F3000611 ,

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> F3005111

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> F3050111 1 5.

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> F3050211 2 5.

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> F3050411 4 5.

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> F3051311 3 5.

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> F3051411 4 5.

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> F3060111 1 6. ,

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> F3060211 2 6.

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> F3060311 3 6.

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> J3040211 2. '

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> J3040311 3

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> J3040811 8 4. ,

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> J3040911 9 4. ,

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> , 02 2015 859, 26 2015 1298/27743 , , 15 2016 821

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> F/J3040111 1 4.

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> :

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> J3040210 2 4.

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> J3040810 8 4. ,

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 29.03.2016 108 :

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> :

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> :

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> , 28.04.2017 467 :

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 13.06.2017

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> ,

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> , () . 46.2 . 46

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> , 06.06.2017 557 :

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 23 2017 275 ( 01.04.2017):

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 28.04.2017 469

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 08.07.2016 585 "

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 1- 1- , 11.02.2016 49 ( 10 2016 943, 01 2017 282/30150) :

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 17.08.2015 719 " " 03 2015 . 1051/27496, , 07 2016 927, 28 1539//29669 :

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 21.12.2016 1797 "

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 24 2017 452 , , , () , , , () :

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 31.12.2016 3107 " " ( 23 2017 276) ( 01.03.2017):

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 7 2016 813

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 9 2013 806

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> , 17.08.2015 715 ( 28.12.2016 1177) :

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 03.07.2017 621

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 08.07.2016 585 "

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 11 2016 441

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 13.06.2016  544

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 17.06.2016  553

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 17.08.2015 715 ( 28.12.2016 1177, 26 2017 116/29984) , 13 2017 495, 30 675/30543

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 19.06.2015 578 ( 17 2017 369, 10 2017 478/30346) ( 01.10.2017):

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 21.01.2016 21 ( 23 2017 276)

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 28.04.2017 468

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 28.10.2016 911, 28.10.2016 101 - :

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 9 2013 806

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> , :

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 17 2015 719, 03 2015 1051/27496 , , 31 2017 545, 21 778/30646 ( 01.10.2017):

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 18 2017 776 ( 01.10.2017):

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 19.06.2015 578 ( 17 2017 369) :

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 20.10.2015 897 ( 28 2017 467, 19 2017 642/30510) ( 01.10.2017):

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 17.10.2013 N314 16 2015 N331 ( 01.10.2017):

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 21.12.2016 1125 ( 01.03.2017):

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> 16.07.2015 643-VIII "

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> :

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> , ( 01.01.2017):

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> , 01.04.2016 ,

Ansi based on Dropped File (Iådåëiê çìií òà äîïîâíåíü-install.htm)

<li> J0902202 "