General Info

File name

EyeFrame_Setup.exe

Full analysis
https://app.any.run/tasks/efd90e99-c133-4b3f-a677-9814eb78f190
Verdict
Malicious activity
Analysis date
2/10/2019, 13:52:42
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Tags:

installer

Indicators:

MIME:
application/x-dosexec
File info:
PE32 executable (GUI) Intel 80386, for MS Windows
MD5

af0a8d7b919bd522dace18f859174732

SHA1

8a6f805dd52f5ae812468737f69879dc31f77130

SHA256

5003db0da0323bdb3247ea903377808c3c71d6f1987f3503ec9c8ccdcd461892

SSDEEP

196608:NS6eHktjUtzAmcnrMX9DSW1V5rAKSTS7oh+J68B1jUNtfdD9yiRc/8eDAc51f:cktj/BYzDrIIo81AffJ9/Rc/h0Yf

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
300 seconds
Additional time used
240 seconds
Fakenet option
off
Heavy Evaision option
on
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
off

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (68.0.3440.106)
  • Google Update Helper (1.3.33.17)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.6.1 (4.6.01055)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (14.15.26706.0)
  • Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (14.15.26706)
  • Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (14.15.26706)
  • Mozilla Firefox 61.0.2 (x86 en-US) (61.0.2)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO
Application was dropped or rewritten from another process
  • EyeFrame.exe (PID: 3460)
  • EyeFrame.exe (PID: 3344)
Loads dropped or rewritten executable
  • SearchProtocolHost.exe (PID: 336)
Modifies the open verb of a shell class
  • EyeFrame_Setup.tmp (PID: 2832)
Executable content was dropped or overwritten
  • EyeFrame_Setup.exe (PID: 2436)
  • EyeFrame_Setup.exe (PID: 4004)
  • EyeFrame_Setup.tmp (PID: 2832)
Loads dropped or rewritten executable
  • EyeFrame_Setup.tmp (PID: 2832)
Application was dropped or rewritten from another process
  • EyeFrame_Setup.tmp (PID: 2832)
  • EyeFrame_Setup.tmp (PID: 2740)
Creates a software uninstall entry
  • EyeFrame_Setup.tmp (PID: 2832)
Creates files in the program directory
  • EyeFrame_Setup.tmp (PID: 2832)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Static information

TRiD
.exe
|   Inno Setup installer (71.1%)
.exe
|   Win32 Executable Delphi generic (9.1%)
.scr
|   Windows screen saver (8.4%)
.dll
|   Win32 Dynamic Link Library (generic) (4.2%)
.exe
|   Win32 Executable (generic) (2.9%)
EXIF
EXE
MachineType:
Intel 386 or later, and compatibles
TimeStamp:
1992:06:20 00:22:17+02:00
PEType:
PE32
LinkerVersion:
2.25
CodeSize:
40448
InitializedDataSize:
17920
UninitializedDataSize:
null
EntryPoint:
0xa5f8
OSVersion:
1
ImageVersion:
6
SubsystemVersion:
4
Subsystem:
Windows GUI
FileVersionNumber:
1.8.1.0
ProductVersionNumber:
1.8.1.0
FileFlagsMask:
0x003f
FileFlags:
(none)
FileOS:
Win32
ObjectFileType:
Executable application
FileSubtype:
null
LanguageCode:
Neutral
CharacterSet:
Unicode
Comments:
This installation was built with Inno Setup.
CompanyName:
Tin2tin
FileDescription:
EyeFrame Converter Setup
FileVersion:
1.8.1
LegalCopyright:
GLP
ProductName:
EyeFrame Converter
ProductVersion:
1.8.1
Summary
Architecture:
IMAGE_FILE_MACHINE_I386
Subsystem:
IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date:
19-Jun-1992 22:22:17
Detected languages
Dutch - Netherlands
English - United States
Comments:
This installation was built with Inno Setup.
CompanyName:
Tin2tin
FileDescription:
EyeFrame Converter Setup
FileVersion:
1.8.1
LegalCopyright:
GLP
ProductName:
EyeFrame Converter
ProductVersion:
1.8.1
DOS Header
Magic number:
MZ
Bytes on last page of file:
0x0050
Pages in file:
0x0002
Relocations:
0x0000
Size of header:
0x0004
Min extra paragraphs:
0x000F
Max extra paragraphs:
0xFFFF
Initial SS value:
0x0000
Initial SP value:
0x00B8
Checksum:
0x0000
Initial IP value:
0x0000
Initial CS value:
0x0000
Overlay number:
0x001A
OEM identifier:
0x0000
OEM information:
0x0000
Address of NE header:
0x00000100
PE Headers
Signature:
PE
Machine:
IMAGE_FILE_MACHINE_I386
Number of sections:
8
Time date stamp:
19-Jun-1992 22:22:17
Pointer to Symbol Table:
0x00000000
Number of symbols:
0
Size of Optional Header:
0x00E0
Characteristics
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_RELOCS_STRIPPED
Sections
Name Virtual Address Virtual Size Raw Size Charateristics Entropy
CODE 0x00001000 0x00009D30 0x00009E00 IMAGE_SCN_CNT_CODE,IMAGE_SCN_MEM_EXECUTE,IMAGE_SCN_MEM_READ 6.63177
DATA 0x0000B000 0x00000250 0x00000400 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ,IMAGE_SCN_MEM_WRITE 2.75182
BSS 0x0000C000 0x00000E8C 0x00000000 IMAGE_SCN_MEM_READ,IMAGE_SCN_MEM_WRITE 0
.idata 0x0000D000 0x00000950 0x00000A00 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ,IMAGE_SCN_MEM_WRITE 4.43073
.tls 0x0000E000 0x00000008 0x00000000 IMAGE_SCN_MEM_READ,IMAGE_SCN_MEM_WRITE 0
.rdata 0x0000F000 0x00000018 0x00000200 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ,IMAGE_SCN_MEM_SHARED 0.204488
.reloc 0x00010000 0x000008C4 0x00000000 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ,IMAGE_SCN_MEM_SHARED 0
.rsrc 0x00011000 0x00002C00 0x00002C00 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ,IMAGE_SCN_MEM_SHARED 4.50679
Resources
1

2

3

4

4089

4090

4091

4093

4094

4095

11111

MAINICON

Imports
    kernel32.dll

    user32.dll

    oleaut32.dll

    advapi32.dll

    comctl32.dll

Exports

    No exports.

Screenshots

Processes

Total processes
47
Monitored processes
7
Malicious processes
3
Suspicious processes
0

Behavior graph

+
drop and start start drop and start eyeframe_setup.exe eyeframe_setup.tmp no specs eyeframe_setup.exe eyeframe_setup.tmp searchprotocolhost.exe no specs eyeframe.exe no specs eyeframe.exe no specs
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
336
CMD
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
Path
C:\Windows\System32\SearchProtocolHost.exe
Indicators
No indicators
Parent process
––
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Windows Search Protocol Host
Version
7.00.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\windows\system32\searchprotocolhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\tquery.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\msshooks.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\msidle.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\mssprxy.dll
c:\windows\system32\mssph.dll
c:\windows\system32\mapi32.dll
c:\windows\system32\authz.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\shell32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\propsys.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\profapi.dll
c:\windows\system32\version.dll
c:\users\admin\desktop\eyeframe_setup.exe
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\slc.dll
c:\users\admin\desktop\eyeframe converter\dvdauthor.exe
c:\users\admin\desktop\eyeframe converter\dcraw.exe
c:\users\admin\desktop\eyeframe converter\unins000.exe
c:\windows\system32\notepad.exe
c:\users\admin\desktop\eyeframe converter\ffmbc.exe
c:\users\admin\desktop\eyeframe converter\iconv.dll
c:\users\admin\desktop\eyeframe converter\ffplay.exe
c:\users\admin\desktop\eyeframe converter\raw2dng.exe
c:\users\admin\desktop\eyeframe converter\mkisofs.exe
c:\users\admin\desktop\eyeframe converter\mediainfo.dll
c:\windows\system32\ieframe.dll
c:\users\admin\desktop\eyeframe converter\eyeframe.exe
c:\windows\system32\linkinfo.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\mlang.dll
c:\windows\system32\actxprxy.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\netutils.dll

PID
4004
CMD
"C:\Users\admin\Desktop\EyeFrame_Setup.exe"
Path
C:\Users\admin\Desktop\EyeFrame_Setup.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Tin2tin
Description
EyeFrame Converter Setup
Version
1.8.1
Modules
Image
c:\users\admin\desktop\eyeframe_setup.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\shell32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\temp\is-hb5os.tmp\eyeframe_setup.tmp

PID
2740
CMD
"C:\Users\admin\AppData\Local\Temp\is-HB5OS.tmp\EyeFrame_Setup.tmp" /SL5="$6010C,11909208,56832,C:\Users\admin\Desktop\EyeFrame_Setup.exe"
Path
C:\Users\admin\AppData\Local\Temp\is-HB5OS.tmp\EyeFrame_Setup.tmp
Indicators
No indicators
Parent process
EyeFrame_Setup.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Description
Setup/Uninstall
Version
51.52.0.0
Modules
Image
c:\users\admin\appdata\local\temp\is-hb5os.tmp\eyeframe_setup.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\mpr.dll
c:\windows\system32\version.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\propsys.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll

PID
2436
CMD
"C:\Users\admin\Desktop\EyeFrame_Setup.exe" /SPAWNWND=$30192 /NOTIFYWND=$6010C
Path
C:\Users\admin\Desktop\EyeFrame_Setup.exe
Indicators
Parent process
EyeFrame_Setup.tmp
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Tin2tin
Description
EyeFrame Converter Setup
Version
1.8.1
Modules
Image
c:\users\admin\desktop\eyeframe_setup.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\shlwapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\shell32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\temp\is-oq9br.tmp\eyeframe_setup.tmp

PID
2832
CMD
"C:\Users\admin\AppData\Local\Temp\is-OQ9BR.tmp\EyeFrame_Setup.tmp" /SL5="$4019C,11909208,56832,C:\Users\admin\Desktop\EyeFrame_Setup.exe" /SPAWNWND=$30192 /NOTIFYWND=$6010C
Path
C:\Users\admin\AppData\Local\Temp\is-OQ9BR.tmp\EyeFrame_Setup.tmp
Indicators
Parent process
EyeFrame_Setup.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Description
Setup/Uninstall
Version
51.52.0.0
Modules
Image
c:\users\admin\appdata\local\temp\is-oq9br.tmp\eyeframe_setup.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\mpr.dll
c:\windows\system32\version.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\profapi.dll
c:\users\admin\appdata\local\temp\is-lj9r3.tmp\_isetup\_shfoldr.dll
c:\windows\system32\shfolder.dll
c:\windows\system32\rstrtmgr.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\imageres.dll
c:\windows\system32\clbcatq.dll
c:\program files\common files\microsoft shared\ink\tiptsf.dll
c:\windows\system32\riched20.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\propsys.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\slc.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netutils.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\linkinfo.dll
c:\users\admin\desktop\eyeframe converter\eyeframe.exe
c:\users\admin\desktop\eyeframe converter\unins000.exe

PID
3344
CMD
"C:\Users\admin\Desktop\EyeFrame Converter\EyeFrame.exe"
Path
C:\Users\admin\Desktop\EyeFrame Converter\EyeFrame.exe
Indicators
No indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Description
Version
3, 3, 8, 1
Modules
Image
c:\users\admin\desktop\eyeframe converter\eyeframe.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\nsi.dll
c:\windows\system32\version.dll
c:\windows\system32\winmm.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\mpr.dll
c:\windows\system32\wininet.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\psapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\propsys.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\apphelp.dll
c:\program files\filezilla ftp client\fzshellext.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\slc.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll

PID
3460
CMD
"C:\Users\admin\Desktop\EyeFrame Converter\EyeFrame.exe"
Path
C:\Users\admin\Desktop\EyeFrame Converter\EyeFrame.exe
Indicators
No indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Description
Version
3, 3, 8, 1
Modules
Image
c:\users\admin\desktop\eyeframe converter\eyeframe.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\nsi.dll
c:\windows\system32\version.dll
c:\windows\system32\winmm.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\mpr.dll
c:\windows\system32\wininet.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\psapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\propsys.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\apphelp.dll
c:\program files\filezilla ftp client\fzshellext.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\slc.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll

Registry activity

Total events
962
Read events
926
Write events
35
Delete events
1

Modification events

PID
Process
Operation
Key
Name
Value
336
SearchProtocolHost.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\5F\52C64B7E
LanguageList
en-US
336
SearchProtocolHost.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\5F\52C64B7E
@C:\Windows\system32\notepad.exe,-469
Text Document
336
SearchProtocolHost.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\5F\52C64B7E
@C:\Windows\System32\ieframe.dll,-912
HTML Document
336
SearchProtocolHost.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\5F\52C64B7E
@C:\Windows\System32\ieframe.dll,-10046
Internet Shortcut
2832
EyeFrame_Setup.tmp
write
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
Owner
100B00001A7D5D943FC1D401
2832
EyeFrame_Setup.tmp
write
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
SessionHash
C162086E7CCD4A29CA63CD0FFF7BEC1C1DA7EBC81E12121BCA9662487185C8E5
2832
EyeFrame_Setup.tmp
write
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
Sequence
1
2832
EyeFrame_Setup.tmp
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\5F\52C64B7E
LanguageList
en-US
2832
EyeFrame_Setup.tmp
write
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
RegFiles0000
C:\Users\admin\Desktop\EyeFrame Converter\EyeFrame.exe
2832
EyeFrame_Setup.tmp
write
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
RegFilesHash
B834ED97C0C9D34921F840D89D295727F8C9CE7B7D22E8184F51EACCDCF465EA
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.efc
EyeFrame Converter Files
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\EyeFrame Converter Files
EyeFrame Converter Files
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\EyeFrame Converter Files\Shell\Open\Command
"Eyeframe.exe" "%1"
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\EyeFrame Converter Files\DefaultIcon
C:\Users\admin\Desktop\EyeFrame Converter\EyeFrame.exe,0
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DAEA793F-1378-45D1-A4AD-8ED944AA1F76}_is1
Inno Setup: Setup Version
5.5.3 (a)
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DAEA793F-1378-45D1-A4AD-8ED944AA1F76}_is1
Inno Setup: App Path
C:\Users\admin\Desktop\EyeFrame Converter
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DAEA793F-1378-45D1-A4AD-8ED944AA1F76}_is1
InstallLocation
C:\Users\admin\Desktop\EyeFrame Converter\
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DAEA793F-1378-45D1-A4AD-8ED944AA1F76}_is1
Inno Setup: Icon Group
EyeFrame Converter
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DAEA793F-1378-45D1-A4AD-8ED944AA1F76}_is1
Inno Setup: User
admin
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DAEA793F-1378-45D1-A4AD-8ED944AA1F76}_is1
Inno Setup: Selected Tasks
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DAEA793F-1378-45D1-A4AD-8ED944AA1F76}_is1
Inno Setup: Deselected Tasks
desktopicon,quicklaunchicon
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DAEA793F-1378-45D1-A4AD-8ED944AA1F76}_is1
Inno Setup: Language
english
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DAEA793F-1378-45D1-A4AD-8ED944AA1F76}_is1
DisplayName
EyeFrame Converter 1.8.1
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DAEA793F-1378-45D1-A4AD-8ED944AA1F76}_is1
UninstallString
"C:\Users\admin\Desktop\EyeFrame Converter\unins000.exe"
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DAEA793F-1378-45D1-A4AD-8ED944AA1F76}_is1
QuietUninstallString
"C:\Users\admin\Desktop\EyeFrame Converter\unins000.exe" /SILENT
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DAEA793F-1378-45D1-A4AD-8ED944AA1F76}_is1
Publisher
Tin2tin
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DAEA793F-1378-45D1-A4AD-8ED944AA1F76}_is1
URLInfoAbout
http://www.eyeframe.tk/
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DAEA793F-1378-45D1-A4AD-8ED944AA1F76}_is1
HelpLink
http://www.eyeframe.tk/
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DAEA793F-1378-45D1-A4AD-8ED944AA1F76}_is1
URLUpdateInfo
http://www.eyeframe.tk/
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DAEA793F-1378-45D1-A4AD-8ED944AA1F76}_is1
NoModify
1
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DAEA793F-1378-45D1-A4AD-8ED944AA1F76}_is1
NoRepair
1
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DAEA793F-1378-45D1-A4AD-8ED944AA1F76}_is1
InstallDate
20190210
2832
EyeFrame_Setup.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DAEA793F-1378-45D1-A4AD-8ED944AA1F76}_is1
EstimatedSize
40286
2832
EyeFrame_Setup.tmp
delete key
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000

Files activity

Executable files
13
Suspicious files
0
Text files
58
Unknown types
3

Dropped files

PID
Process
Filename
Type
4004
EyeFrame_Setup.exe
C:\Users\admin\AppData\Local\Temp\is-HB5OS.tmp\EyeFrame_Setup.tmp
executable
MD5: a2c4d52c66b4b399facadb8cc8386745
SHA256: 6c0465ce64c07e729c399a338705941d77727c7d089430957df3e91a416e9d2a
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\mkisofs.exe
executable
MD5: 4249143f4023f044a79ae53286465476
SHA256: cbb635d157f0959889fb8212e46ea64554ec2e8c9d3ccf9b88523f618062551a
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\dvdauthor.exe
executable
MD5: 38943fd785315a4a79dc5115fdc9251d
SHA256: e2ed238a1a0e61b92e72928a91920fd672e005f6e96c85a2019f621f0394a71b
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\dcraw.exe
executable
MD5: d62f000738b0c856abbb1a7c185b4343
SHA256: 1c11f0f569a30ba9bbca626adbfc9efb4ae8439c11b1e4b4afbf0da99e067b0c
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\ffplay.exe
executable
MD5: efac5b07bf5d9c18b8a476b93b572b05
SHA256: 5c3fb786c1c24f825df114f5fbdc2c6d5e271d9f615507a8d1a8e8d37e0055d7
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\unins000.exe
executable
MD5: 6873adb538df47f95f7419bd67d1bf76
SHA256: 43fc3beadb460998fe3b2362b9e26bba75c699803bee1eca394b2b14080df0ca
2832
EyeFrame_Setup.tmp
C:\Users\admin\AppData\Local\Temp\is-LJ9R3.tmp\_isetup\_shfoldr.dll
executable
MD5: 92dc6ef532fbb4a5c3201469a5b5eb63
SHA256: 9884e9d1b4f8a873ccbd81f8ad0ae257776d2348d027d811a56475e028360d87
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\raw2dng.exe
executable
MD5: 1adba1b283210008233a627f55339421
SHA256: 445f15c93fd658171bf189c9fd5c827cd06ef2425fc68f5b060bd1a443293704
2436
EyeFrame_Setup.exe
C:\Users\admin\AppData\Local\Temp\is-OQ9BR.tmp\EyeFrame_Setup.tmp
executable
MD5: a2c4d52c66b4b399facadb8cc8386745
SHA256: 6c0465ce64c07e729c399a338705941d77727c7d089430957df3e91a416e9d2a
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\ffmbc.exe
executable
MD5: a1447f0dc0456f73c4eb29d1cc7f7dfd
SHA256: a0f3dd9d2384fe4787df8a802b20cda13e6fa0d59d63ec1ccded68a587aa5f30
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\iconv.dll
executable
MD5: e4341fb69cb24cf63e9063f4d8967ebf
SHA256: bbc4abb71425c749a80e2e0ea30a2151068e9a674049c3b564d5737031727292
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\MediaInfo.dll
executable
MD5: 48c48612d2e09d1b7da94ccde30a0f45
SHA256: a26c07bcc25fa01a40e6888d02eabd59aa8db2abf6f5195481228d3a91d04441
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\EyeFrame.exe
executable
MD5: 3a149ebb7f8a060aafb3504e8f15478a
SHA256: 9c1395b382f0f0e685c9e52b1a506fdfebdeecdabf54ef0c605d25801b82d14b
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\ProRes HQ + Embed TC & RN - Proxy.txt
text
MD5: 08aa13051be7e72d1f56db9b4d4817fa
SHA256: d390abb787b9284b8c0a0073d7fbdceaf3da985a3f2023862a49d32745880036
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\ProRes HQ + Embed TC & RN - Proxy Quarter Size.txt
text
MD5: 22d0bfa7badda6afb3fe2a587a070472
SHA256: 159090de5497d56cc9c3346b865c1b6c08adb2bc9f9c1fce2f086e196cadbef0
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\Quicktime PNG Lossless + Embed TC & RN - Proxy Quarter Size.txt
text
MD5: 3382c6b2f1a71d3ac9192fbb7769602c
SHA256: bb35e0ddd106a93db8c019b24da166290f4dc3c49a3402005390e269551d1a8d
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\Rewrap to MOV - Proxy DVSD - Source AVCHD.txt
text
MD5: a2841f399af8fbc9dd1d7e96cb53c366
SHA256: 882489860ccfa69a44ba5f55dd1f1c49e42765df9efc607ca26e86a1f914a4b5
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-PQKFS.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-GGO5G.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-GBM4F.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-IE1L3.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-42DMM.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\Mpeg2 I-Frame HD Short Clips AVI - Proxy Quarter Size.txt
text
MD5: 3c51ad5785271a9d5d0b006ff43cce83
SHA256: df5f4678b752a07375181be296ba005d553c4f1d39c00cc42aaf8cf64c664650
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\Mpeg2 I-Frame HD - Proxy Quarter Size - Source CanonDSLR.txt
text
MD5: a43ad90987f8d7e5cbeb7b6a5cd29d8e
SHA256: 01eb5e06e9764ec96ee08cf920a4149104eda02bb4a6c171168dd111a3b1c6d7
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\Mpeg2 I-Frame HD MP4 + Deinterlace - Proxy Quarter Size.txt
text
MD5: f6ecd3c49b39e97979c32680a8d0e3ab
SHA256: e60ec35ac6044526ba989f5482dfd5f48264b209ebc7f23a7bb074a2ecc97699
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-GGK9R.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-2O0CB.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-FVG4S.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\Mpeg2 I-Frame HD - Proxy Quarter Size.txt
text
MD5: 08e9aaf401b543378607017909c3f937
SHA256: 814b46a7d45079d3788f096137a0b890f6d1357305144940b3d29d844a868e1b
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\Mpeg2 I-Frame HD - Proxy Quarter Size - Short Clips.txt
text
MD5: 18c094484e9b1c243fdbae913b161991
SHA256: 03b205610bc6f8ad840f8423acb84ee4469a89d6ac9067629622f446dfeb8972
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\Mpeg2 I-Frame HD - Proxy Quarter Size - Source CanonDSLR.txt
text
MD5: a43ad90987f8d7e5cbeb7b6a5cd29d8e
SHA256: 01eb5e06e9764ec96ee08cf920a4149104eda02bb4a6c171168dd111a3b1c6d7
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-2E7IE.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-0BNLJ.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-DV1V9.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\Mpeg2 I-Frame HD - Proxy Quarter Size - Deinterlace.txt
text
MD5: f6ecd3c49b39e97979c32680a8d0e3ab
SHA256: e60ec35ac6044526ba989f5482dfd5f48264b209ebc7f23a7bb074a2ecc97699
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\MJPEG HD + Embed TC & RN - Proxy Quarter Size.txt
text
MD5: dce49308a539c60a3ccce9ad507c0a96
SHA256: dc41fb1c2c91309da94834a8ad89ca594b9baf8f53bd754612f568f9a793e261
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-3KPJL.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-GJF4D.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\MJPEG HD + Embed TC & RN - Proxy Quarter Size - Source CanonDSLR.txt
text
MD5: f35e0535270bd6965e74061ea23b5d7a
SHA256: d8d8b0c9f00b4a17e4603b4b58d65d0c0defeec2b1e4ba764da1212de849fe0f
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\H264 - AAC - Proxy Quarter Size.txt
text
MD5: ab02ecbf636bca97ad62f18e48f8f0d4
SHA256: 5e13e708115a14daf94b53d98c7b73d407fe818b2531aecdeeb552bc6e7d6d8f
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-HB390.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\DVCPRO100 + Embed TC & RN - Proxy Quarter Size.txt
text
MD5: f98bfbc0044bfe6d4457df0195319bf6
SHA256: 0a3565f2833bd489d9a8a91625cd35442fa043dba6d1525fd871ff66f56f7b2f
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\DPX Img Seq - Proxy Quarter Size.txt
text
MD5: 8f7e3f649ee2345225524069cfee0eda
SHA256: befb98d6d406eb8436d3c52216f086b9417f4c11261cc5d1da399d7b31e67544
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-QMPGI.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-8RFBN.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-F8J1Q.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\DNxHD 36 + Embed TC & RN - No Proxy - Source CanonDSLR.txt
text
MD5: 5cf4cdf2c811578effea332514ed70ca
SHA256: a222c69d1ec6ca29b523c372b5e844989a996a3f8440c819ddea1c8f4932a3bf
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\DNxHD 36 + Embed TC & RN - No Proxy.txt
text
MD5: 66f121d325a9fbb7ac8c63e2a5de1291
SHA256: 3c295144e12c52aa5f1e44697ab019d52f96a6c92e8c0c7b78f709effd774caa
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-ON589.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-1487D.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\DNxHD 120 + Embed TC & RN - Proxy 36.txt
text
MD5: 59a6e76df9b74c2272b92f8985b2cbae
SHA256: db676d9676b07ba8a2ff658b3705074b68a21d59c562592547f0784ff57d6f03
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\DNxHD 185 + Embed TC & RN - Proxy 36 - Source CanonDSLR.txt
text
MD5: 521aeadd733d2c79e96f12fca83f1f48
SHA256: 0975c2785aff791a2eb14a029cb1f5dee81a2bfce7bd213eb515e47d589bc166
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\DNxHD 185 + Embed TC & RN - Proxy 36.txt
text
MD5: ce1c4bb842f3ad2b836ef17992dfc6fc
SHA256: 5e0ed356dcc38b0f8b810566213b0b60d5c9cc37a02653be483ec0d1ea51c771
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-4SSR9.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-7IDJT.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-G0QRM.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\WebM 1920x1080.txt
text
MD5: c647940791ab6d5572722f81926ae3f9
SHA256: 245bbe986472e66d620d92e135a7d9d5dff3a77c0231d322855003eeca195c4f
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\MPEG 4x3 - AC3 Audio - for PAL DVD.txt
text
MD5: 42e69c064a4f4bab68a9804b3e538999
SHA256: bdfcd48bdb808a644b0f553af6a2c0c5b7754dcd788effb1dc000d2264452edf
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\WebM 1280x720.txt
text
MD5: 8e0ffd05e163f97a71cd096d3520e0f1
SHA256: 3df2096de9a1fac4f8371e7017dd219acb80037cfff11fa9dc0e7e4cbcbde061
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\DNxHD 120 + Embed TC & RN - Proxy 36 - Source CanonDSLR.txt
text
MD5: ac8600308528f55d27e3dc323e8fe8a6
SHA256: 7e3754476cd9c9e18abb19d0b9223e6689b1e427599bc3cbf2c2c7eb9f97c7d4
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\MPEG 4x3 - AC3 Audio - for NTSC DVD.txt
text
MD5: 4c87e3d9be57455ee8a7e4ea5a1a6ee4
SHA256: e25df0e3f30ae64bc03002a7124a6f6f3ff670806538c0553e2cffbfc2659874
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-MTBV3.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\is-CHPKK.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\is-TEEO0.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\is-53IFG.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\is-0FP6S.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\MPEG 16x9 - AC3 Audio - for NTSC DVD.txt
text
MD5: 75beeb1e0c313eb5bf22ca8a56a423a7
SHA256: 927299b66b3c1758653435669a200eab4e0d9f7d07eab1a45ad6ab8d6acbef9f
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\MPEG 16x9 - AC3 Audio - for PAL DVD.txt
text
MD5: b7f24bf9ced380fef5ff624a86d114be
SHA256: 0b37ca46b1982763661ae46911ff384e45296839e2c261f574d34820bbd7d3bb
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\H264 MP4 Profile [email protected] - Downscale to 720P.txt
text
MD5: 692955605159aa50a9ad9ef0cf0c41fb
SHA256: dc1797c67c0febcac5ce0d3a9a6a4430e966d806f2349fcc56a76408c3e6695e
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\H264 MP4 Profile [email protected]
text
MD5: 4adb70fd9a39d69e21deaf80f93e0c19
SHA256: 04c78bb0268b66963d4217b4a595481258568098926e1f4b3c3b35ff8bcf1b14
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\H264 MP4 Profile High.txt
text
MD5: 8f0d30f62f83b3e55985109db40b0c26
SHA256: 62ba2c9de330c2272b079efe006b15c0800f866b20544ce86e793f0bc677d653
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\is-GMRE0.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\is-3A5V8.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\is-RSL1V.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\is-AGDJV.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\is-MI81J.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\H264 MP4 Profile Baseline.txt
text
MD5: ab02ecbf636bca97ad62f18e48f8f0d4
SHA256: 5e13e708115a14daf94b53d98c7b73d407fe818b2531aecdeeb552bc6e7d6d8f
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\H264 FLV.txt
text
MD5: 16adaddca0a4315de5de259709d22e8e
SHA256: 8270ce05997e49cbb21b369fe8010b65c9365e889f85e1594c121f48606e8493
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\DVD PAL 4x3.txt
text
MD5: e14b788c89617cb9ae55913ba2a89cfc
SHA256: cbd22d26295644ebd9aefdbd8c91efce6b5a4e0c487b29719e4a01f687c96045
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\DVD NTSC 4x3.txt
text
MD5: cc88062f12b6cde1380be403ec23b141
SHA256: 089eb65feefdc90f1ff4e260f2b267277c1b35a0b96d978f835090e8e1795ab3
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\DVD PAL 16x9.txt
text
MD5: a210911dbf2a630f58cfcfa9af064019
SHA256: 66c7a795b78583de62298dd9e7bafe5b15a762ce3f03d02f9633c960710b7545
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\is-DDF0D.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\is-9NCEV.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\is-3PF7K.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\is-0I2TA.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\is-7Q7DO.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\dcraw.ini
text
MD5: 71fed19fdb0dce27b1503defa1f2e615
SHA256: 530b5286adc7f80b808b271a99b0bf019128b97732576bac5064c5a3910ae3ca
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\DVD NTSC 16x9.txt
text
MD5: 1bedb7c31d6b06fbf9fe06fa8527f118
SHA256: b78f3aeca0f9daf80610258c027650d82dbb7a9da37d0f14cd6c4585bd495606
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\icons\upload.ico
image
MD5: d8a2612aeaaa7b3998882caa1b8d4d3d
SHA256: ecf5b8e417b998437070a5165b80afb02a2e8968bd743d4147d222502e91ea6c
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\is-H5S34.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Format for upload\is-NQ03P.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\icons\is-FCLKK.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\icons\Swap.ico
image
MD5: f1d3a3eaceeda6b09c2f7f0d7160e3ec
SHA256: feb90e135951199926c3aa8b642770adb38726fab2de9fd9bd015ec85b2e9ec0
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\icons\favicon.ico
image
MD5: 30f585a6d1f83836d30f662488d72c22
SHA256: cec64465a8c8e9ea5705c14ab1e3493ba3d62a068fd9d8a110a708c60eef5bb2
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\icons\is-E7O0P.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\icons\is-L6C3L.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\icons\edit_cl.ico
image
MD5: dc6280786416e18eae06691ecbf781a3
SHA256: 6286495891116d905bd279ebba286c08256bde21c0ae195175eafbd59aaf1273
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\icons\is-A6EJM.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\tile.bmp
image
MD5: 424a61a59ae2c47038529b2850d7bf36
SHA256: dcc4221c5d5ce0eb9af30ed939549652bfa5589109a53c957b56117326194295
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\tile_sm.bmp
image
MD5: 61be7b9c5b5b909899f7740d53e8281a
SHA256: 69841c25bb7ca9de4d99aacfd611282902b009c953d832d834663b0a256d8b8e
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\icons\edit.ico
image
MD5: 2c0e753f6a2afdf4a4dc47f3fae7ab8d
SHA256: f31e355508c3dde075cb13a77ec8d66ec32d4022e03ea9e89c09642d545a0453
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\icons\is-V7KSI.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\is-1GPHC.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\unins000.dat
dat
MD5: 7e20749ad5ea182744425f264c5c81d7
SHA256: efc45b725f2e884961371c61770f05bb085e80441f7fd066344562ad10724133
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\is-KKICJ.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\is-8H8T6.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\MediaInfo_ReadMe.txt
text
MD5: 77c6cc5d4fc1c7ee71f2565976994617
SHA256: 04607945785898012fc0a2e79f46b7481638e0d657b05684407aaa6ecd2c6b88
2832
EyeFrame_Setup.tmp
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EyeFrame Converter\EyeFrame Converter on the Web.url
text
MD5: c225a6be6dc11194ac2473efbe1fad11
SHA256: ab942d309665c77c65fc1e218b5e20f9f3548e0cd921c6cfe9042f055fbe0794
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\is-3IVFN.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\is-QAN7D.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EyeFrame Converter\EyeFrame Converter.lnk
lnk
MD5: 8f70f19041b33cca80aee8e423fc6425
SHA256: d2da0ca740fd14b694bbead7678df9b983d5ff8f6d8ebfb35ce766ef1a1d1a32
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\is-DOLKJ.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\WAV PCM16 - Audio Only.txt
text
MD5: 892a8beaa8c605841a5aa7c0a38c03d3
SHA256: 60306c7c433dbf958a2cc156b3b941ff3aaba55cfdddcb1c7cce83fbf76f455c
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\LICENSE.txt
text
MD5: 6aada0bd4834ac1e66ff984e9a82f8bb
SHA256: c90cfd6d46f435353ac97bc145772dd8f61d40070fc7e1e050d118583423ffcc
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\info.txt
text
MD5: c3ce94c8d1e37b8fa65432575cc115de
SHA256: 635abdef48b083a4bd7d53838f1fb23fd14175ee5380cfc18f59f8ddbfd12a88
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\is-AJ5L3.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\is-GAPSE.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\is-A4GC5.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\Rewrap to MP4 - Proxy Quater Size.txt
text
MD5: 96e747754b350c8355a3698fd9b5649c
SHA256: c12a37a544b33dc210ba83c21688c86b78e3581fed05f3138c7b3e9ada8e8947
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\is-PFGI5.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-E26GP.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\ffmbc_README.txt
text
MD5: d4b77b34d3b1438867c101d85b9da33c
SHA256: 4060eddf311ed7b9e22cfe1aacb4d962108b4eb16143151f0bcb007ab92faea0
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\is-NOJ8D.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\is-SR4KT.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\EyeFrame_README.html
html
MD5: 5a574f5c248c9d9d496840e6e56465b2
SHA256: 2f8c0c51b8cad2e0e1baffbb2fba0b087bbae716bd30653c66ed96f20b3c0285
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\is-4C9SR.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\is-P7P23.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\EyeFrame source 142_fix.au3
text
MD5: f1641f4be790270122df21c2142e705a
SHA256: 03f7de79604a86bd8e65f261dbbb8a932eb02d1c8f0208702c13b324fba4adf4
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\Rewrap to MOV - Proxy MJPEG - Source AVCHD.txt
text
MD5: 363cea2ead2072bd26165e104eb3bf2c
SHA256: 587da79f4cd578773f2e0d2c1638dc00e0cd4822bd89fc517c17cdfe55cfaaf5
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\EFC_Inno.iss
text
MD5: 8b7688e4135dd95e4c46de087963aaa6
SHA256: 9014be0b336b87262bf8fd5568f2595bd1f208a50cd86f7ad4e0de27f108a439
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\is-DTCLP.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\is-ASEFC.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\is-NEOAO.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\Rewrap to MOV - Proxy ProRes - Source AVCHD.txt
text
MD5: a88fbfb8c20803d613a18e27ec75f8ea
SHA256: aa00fa7570c5a207da9f65b0663a41a31ca7fea2af2bc64c96f8f3d026e37550
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\is-O5HKL.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-Q2DC9.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\is-7040G.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-46D8D.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\admin\Desktop\EyeFrame Converter\is-T1664.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\is-UC4U3.tmp
––
MD5:  ––
SHA256:  ––
2832
EyeFrame_Setup.tmp
C:\Users\Public\Documents\EyeFrame Data\Formats for edit\ProRes 444 HQ + Embed TC & RN - Proxy.txt
text
MD5: 0b3680bf3b7a63ef3bc92362aa5ea11c
SHA256: 71411d4bda5b6da2f3189224b0582216c863839de77e14a2f091fa070acb492d
2832
EyeFrame_Setup.tmp
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EyeFrame Converter\Uninstall EyeFrame Converter.lnk
lnk
MD5: 197a5104efb5d7d6f1542d031faa3c0d
SHA256: 6568d877923cd8cb97bd1176bafc3bc7fb1f44c080a72ce3f1357bd3815488dc

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
0
TCP/UDP connections
0
DNS requests
0
Threats
0

No network activity.

Debug output strings

No debug info.