Report Overview

  1. Visited public
    2025-04-09 09:27:39
    Tags
  2. URL

    specials.pcwelt.de/PCWELT_Tools/ESDFileConverter_v3.2.zip

  3. Finishing URL

    about:privatebrowsing

  4. IP / ASN
    3.164.230.16

    #16509 AMAZON-02

    Title
    about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
28

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
specials.pcwelt.de491298unknown2016-03-212025-04-09

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    specials.pcwelt.de/PCWELT_Tools/ESDFileConverter_v3.2.zip

  2. IP

    143.204.55.13

  3. ASN

    #16509 AMAZON-02

  1. File type

    Zip archive data, at least v2.0 to extract, compression method=store

    Size

    7.0 MB (7023803 bytes)

  2. Hash

    aca31b9bbb18c185adc93d7050e7725e

    90f7257b06bba4e9788277756a4937d9aab69b94

  1. Archive (203)

    2. FilenameMd5File type
    ESDFileConverter.exe
    6af80f81cbf26e1514bfacd95f1cbed3
    		PE32 executable (GUI) Intel 80386, for MS Windows, 11 sections
    BOOTICEx64_2016.06.17_v1.3.4.0.exe
    7ddd108c095016b0e2e8d6b5b04f93b8
    		PE32+ executable (GUI) x86-64, for MS Windows, 3 sections
    BOOTICEx86_2016.06.17_v1.3.4.0.exe
    fe222560c98a9e276845e453b75693ce
    		PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections
    readme.txt
    7a70999f19336bf1c474867a085c2012
    		ASCII text, with CRLF line terminators
    7z.dll
    23a37370f275aa63255dfcc703951c37
    		PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections
    7z.exe
    f17d0d9999ec81f734af19d721c8da96
    		PE32+ executable (console) x86-64, for MS Windows, 5 sections
    AllowUpgrades.bat
    7b6d22e4029c74351ea91cac32b7b576
    		ASCII text, with CRLF line terminators
    AllowUpgrades.reg
    991c89ac4bce9bd3fe30b0ca9be3588b
    		Windows Registry text (Win2K or above)
    bypass.reg
    e748e5323b5baaad8360da1a888fd4aa
    		Windows Registry text (Win2K or above)
    bypass_standard_system.reg
    d9908ead3699ab67b5fdadb33d576b03
    		Windows Registry text (Win2K or above)
    Bypass_Upgrade_Check.reg
    a920e8e0631aa457a492d9e8d9a2fc1d
    		ASCII text
    Bypass_Upgrade_Check_24H2.reg
    7c025affa1bbfe313e8bfd61c3167254
    		Windows Registry text (Win2K or above)
    LICENSE
    1ebbd3e34237af26da5dc08a4e440464
    		ASCII text
    mkisofs.exe
    d2ce72d8d4d8c7a7954dd27f5034de70
    		PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, 8 sections
    mk_bypass_iso_reg.bat
    8c3800865741725885c4ffc59b18d59f
    		DOS batch file, ISO-8859 text, with CRLF line terminators
    mk_bypass_iso_unatt.bat
    46c4a856c5828345b5e459b5ce38add6
    		DOS batch file, ISO-8859 text, with CRLF line terminators
    README.md
    46cda02c6941998afc6fd0e3cba7e363
    		Unicode text, UTF-8 text, with very long lines (390)
    unattend_x64_template.xml
    c4afda0497071b6fef1cd00d2dfb25e7
    		XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
    unattend_x64_template_logonpasswordchg.xml
    94c98e5abf47310d041b467ed7a9580f
    		XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
    convertESD.bat
    1e5ae4be9206eb208303a5d40de15ce2
    		DOS batch file, ASCII text, with CRLF line terminators
    convertESD_wimlib.bat
    8e4a1e17f5573e04b6b9d3f71ce85f96
    		DOS batch file, ASCII text, with CRLF line terminators
    mkisofs.exe
    d2ce72d8d4d8c7a7954dd27f5034de70
    		PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, 8 sections
    mk_iso.bat
    c6d03e95008947bb0c1167328f080373
    		DOS batch file, ASCII text, with CRLF line terminators
    Remove-MS-Store-Apps-LICENSE
    52aea8faa87963c85d6dbcba09030a1e
    		ASCII text
    Remove-MS-Store-Apps-README.md
    e7715c1c0071710f471daa8fbfee139f
    		Unicode text, UTF-8 text
    Remove-MS-Store-Apps.ps1
    8efd8d2a8132245cab9ad42981279180
    		Unicode text, UTF-8 (with BOM) text
    w10-21H2-apps-provisioned.txt
    71c99a1452424cb1cc43899a1ba62338
    		ASCII text
    w11-21H2-apps-provisioned.txt
    8a989acececb13584559af6b9732a0e2
    		Unicode text, UTF-16, little-endian text, with CRLF line terminators
    w11-22H2-apps-provisioned.txt
    ecefb25b56c562efa95ab920db89f9da
    		Unicode text, UTF-16, little-endian text, with CRLF line terminators
    COPYING.GPLv3.txt
    e62637ea8a114355b985fd86c9ffbd6e
    		ASCII text, with CRLF line terminators
    COPYING.LGPLv3.txt
    dae0fac54ab5edcf401e1899911450e4
    		ASCII text, with CRLF line terminators
    COPYING.libdivsufsort-lite.txt
    abb74b069bb0f471dffa023b965368d2
    		ASCII text, with CRLF line terminators
    COPYING.txt
    3f8a9cdaa5694b4face30aa112462a51
    		ASCII text, with CRLF line terminators
    libwim.lib
    cbeabc5434aa63c1a1793bc6599babd7
    		current ar archive
    wimlib.h
    d404493cb7a3c150aac3a441fc15b766
    		HTML document, ASCII text
    wimappend.pdf
    0719fef9d724c92de4776ad4e169090b
    		PDF document, version 1.4, 10 page(s)
    wimapply.pdf
    5dba2e018a1502df4c114d4e809b8cd4
    		PDF document, version 1.4, 6 page(s)
    wimcapture.pdf
    e8cad0062dfdedaadaa2d24817891eb7
    		PDF document, version 1.4, 10 page(s)
    wimdelete.pdf
    04ef8c542712cd9b205637850df888bb
    		PDF document, version 1.4, 1 page(s)
    wimdir.pdf
    333b5166f9a4b4d51653005b20a451bd
    		PDF document, version 1.4, 1 page(s)
    wimexport.pdf
    fb7664ac0c101984cdd3ee07c251ef2e
    		PDF document, version 1.4, 3 page(s)
    wimextract.pdf
    2675ae067eed0ddf8fb2ca75beae25df
    		PDF document, version 1.4, 3 page(s)
    wiminfo.pdf
    aa74f65e4164c620eda254429573a7c6
    		PDF document, version 1.4, 1 page(s)
    wimjoin.pdf
    39b8ccabb11a25e4a7b06aefa4f09f27
    		PDF document, version 1.4, 1 page(s)
    wimlib-imagex.pdf
    0fbb8fd2a21d4ec374b4e6fdf4442dd1
    		PDF document, version 1.4, 4 page(s)
    wimoptimize.pdf
    53c9cd1c698357e68d36b933e4b8c41b
    		PDF document, version 1.4, 2 page(s)
    wimsplit.pdf
    a2939cc9f68298e07c10eaeb100b2b29
    		PDF document, version 1.4, 1 page(s)
    wimupdate.pdf
    3a410b01168524a92891947350f82dc3
    		PDF document, version 1.4, 4 page(s)
    wimverify.pdf
    7bbc40f07a0d1d5e24fdb43398281c88
    		PDF document, version 1.4, 1 page(s)
    libwim-15.dll
    9abce30396b5dfe99460283b727622d0
    		PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows, 12 sections
    NEWS.txt
    d8c011f045e97fb74d1323178c5d4c78
    		ASCII text, with CRLF line terminators
    README.txt
    d7f15aba2f1cf716f539955ca430fe4e
    		ASCII text, with CRLF line terminators
    README.WINDOWS.txt
    c75b375ba2efe7f029b2f8d35a5c8960
    		ASCII text, with CRLF line terminators
    wimappend.cmd
    b631b67dd85aca52b3bfab7ea4c75f93
    		DOS batch file, ASCII text, with CRLF line terminators
    wimapply.cmd
    c48fe89c3197910b9cd1012156bc8e90
    		DOS batch file, ASCII text, with CRLF line terminators
    wimcapture.cmd
    c2b3a641480817722921c970723f8080
    		DOS batch file, ASCII text, with CRLF line terminators
    wimdelete.cmd
    d378aaa0211f3b2362ac40a9943d9002
    		DOS batch file, ASCII text, with CRLF line terminators
    wimdir.cmd
    3c1cf33d8e76d36284528dd1401b83ea
    		DOS batch file, ASCII text, with CRLF line terminators
    wimexport.cmd
    215f16c6ebce1177ae3ba11b35e8885a
    		DOS batch file, ASCII text, with CRLF line terminators
    wimextract.cmd
    4606441572e4acfeadfb7504b29695f8
    		DOS batch file, ASCII text, with CRLF line terminators
    wiminfo.cmd
    a51aa8a781cc0a9c108d929c053882be
    		DOS batch file, ASCII text, with CRLF line terminators
    wimjoin.cmd
    8e20b9ef45ee82a22ebee391b012d60e
    		DOS batch file, ASCII text, with CRLF line terminators
    wimlib-imagex.exe
    a9f8b061a59cc092ccb99f7da527dc61
    		PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows, 11 sections
    wimoptimize.cmd
    bfc83c0422bf04af4b786d6ee132d9b1
    		DOS batch file, ASCII text, with CRLF line terminators
    wimsplit.cmd
    3ff1b60eb903f1833d3359a48755a68d
    		DOS batch file, ASCII text, with CRLF line terminators
    wimupdate.cmd
    60d6dffe5af6436774a8d23768247df2
    		DOS batch file, ASCII text, with CRLF line terminators
    wimverify.cmd
    d0f829553df759abdd6527af44a44e10
    		DOS batch file, ASCII text, with CRLF line terminators
    COPYING.GPLv3.txt
    e62637ea8a114355b985fd86c9ffbd6e
    		ASCII text, with CRLF line terminators
    COPYING.LGPLv3.txt
    dae0fac54ab5edcf401e1899911450e4
    		ASCII text, with CRLF line terminators
    COPYING.libdivsufsort-lite.txt
    abb74b069bb0f471dffa023b965368d2
    		ASCII text, with CRLF line terminators
    COPYING.txt
    3f8a9cdaa5694b4face30aa112462a51
    		ASCII text, with CRLF line terminators
    libwim.lib
    a1735eefa61903f847dba7af7a9f4e85
    		current ar archive
    wimlib.h
    d404493cb7a3c150aac3a441fc15b766
    		HTML document, ASCII text
    wimappend.pdf
    97e35f84be5db67fe50928f1c3767b55
    		PDF document, version 1.4, 10 page(s)
    wimapply.pdf
    36fdf64124aec95fc729f6759e5328eb
    		PDF document, version 1.4, 6 page(s)
    wimcapture.pdf
    9062cce0eb5846692cb085ce83a0f0d4
    		PDF document, version 1.4, 10 page(s)
    wimdelete.pdf
    644a15c5bb321ca630b10c4a8e1ba928
    		PDF document, version 1.4, 1 page(s)
    wimdir.pdf
    1449560e1ba4fd326d173659f78bbd4b
    		PDF document, version 1.4, 1 page(s)
    wimexport.pdf
    320d6c027987d96dab1dc8f640f34c45
    		PDF document, version 1.4, 3 page(s)
    wimextract.pdf
    9865518d04398fad0a0d306f5dcba679
    		PDF document, version 1.4, 3 page(s)
    wiminfo.pdf
    b91891a31df5496c463dc7f7afa2a925
    		PDF document, version 1.4, 1 page(s)
    wimjoin.pdf
    349a67481e6d1dae8dc1e09b0a3c1a7f
    		PDF document, version 1.4, 1 page(s)
    wimlib-imagex.pdf
    a5d6e54b05f064130f9fe08107ccd1ee
    		PDF document, version 1.4, 4 page(s)
    wimoptimize.pdf
    b8bb6ee4ef97468825f452458cd7be41
    		PDF document, version 1.4, 2 page(s)
    wimsplit.pdf
    864d3e2f8ddef78ba7cb045888e33f0c
    		PDF document, version 1.4, 1 page(s)
    wimupdate.pdf
    5982bc5f86be1d6675c2f064b0105360
    		PDF document, version 1.4, 4 page(s)
    wimverify.pdf
    fe351228ad5ac7b488d291de4c747bf4
    		PDF document, version 1.4, 1 page(s)
    libwim-15.dll
    4e71ef838b6a107d3f24c520484ceb25
    		PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 10 sections
    NEWS.txt
    d8c011f045e97fb74d1323178c5d4c78
    		ASCII text, with CRLF line terminators
    README.txt
    d7f15aba2f1cf716f539955ca430fe4e
    		ASCII text, with CRLF line terminators
    README.WINDOWS.txt
    c75b375ba2efe7f029b2f8d35a5c8960
    		ASCII text, with CRLF line terminators
    wimappend.cmd
    b631b67dd85aca52b3bfab7ea4c75f93
    		DOS batch file, ASCII text, with CRLF line terminators
    wimapply.cmd
    c48fe89c3197910b9cd1012156bc8e90
    		DOS batch file, ASCII text, with CRLF line terminators
    wimcapture.cmd
    c2b3a641480817722921c970723f8080
    		DOS batch file, ASCII text, with CRLF line terminators
    wimdelete.cmd
    d378aaa0211f3b2362ac40a9943d9002
    		DOS batch file, ASCII text, with CRLF line terminators
    wimdir.cmd
    3c1cf33d8e76d36284528dd1401b83ea
    		DOS batch file, ASCII text, with CRLF line terminators
    wimexport.cmd
    215f16c6ebce1177ae3ba11b35e8885a
    		DOS batch file, ASCII text, with CRLF line terminators
    wimextract.cmd
    4606441572e4acfeadfb7504b29695f8
    		DOS batch file, ASCII text, with CRLF line terminators
    wiminfo.cmd
    a51aa8a781cc0a9c108d929c053882be
    		DOS batch file, ASCII text, with CRLF line terminators
    wimjoin.cmd
    8e20b9ef45ee82a22ebee391b012d60e
    		DOS batch file, ASCII text, with CRLF line terminators
    wimlib-imagex.exe
    cfaa1882a9499340dbcf32c317915f2f
    		PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, 9 sections
    wimoptimize.cmd
    bfc83c0422bf04af4b786d6ee132d9b1
    		DOS batch file, ASCII text, with CRLF line terminators
    wimsplit.cmd
    3ff1b60eb903f1833d3359a48755a68d
    		DOS batch file, ASCII text, with CRLF line terminators
    wimupdate.cmd
    60d6dffe5af6436774a8d23768247df2
    		DOS batch file, ASCII text, with CRLF line terminators
    wimverify.cmd
    d0f829553df759abdd6527af44a44e10
    		DOS batch file, ASCII text, with CRLF line terminators
    win10-apps-1809.txt
    119618ae5953109b2daa6691dac0a034
    		ASCII text
    win10-apps-190x.txt
    119618ae5953109b2daa6691dac0a034
    		ASCII text
    win10-apps-2004.txt
    d18aeec30c940c1ced4ec7a5f202c9ac
    		ASCII text
    Changelog.txt
    4bb79bddd664bd73447b1b9a2cc0d4cf
    		ASCII text, with CRLF line terminators
    WimBootCompress.ini
    c31c1180e9be8f115f2ca27af1faa6b5
    		Generic INItialization configuration [PrepopulateList]
    BIOS.txt
    9a34853e744b0c84d59c93737cb4cbdc
    		ASCII text, with CRLF line terminators
    UEFI.txt
    0878e4b7937bebda3e7efd8c9c34e216
    		ASCII text, with CRLF line terminators
    BIOS.txt
    1c192a1d87c5e85d52d7f61dec39a959
    		ASCII text, with CRLF line terminators
    Sample.ini
    3fb99c22a72b538155f060b075fd451b
    		Generic INItialization configuration [DisableFeature]
    de-DE.dll
    3671c6b66743a4d24a37f7435267a124
    		PE32 executable (DLL) (console) Intel 80386, for MS Windows
    es-MX.dll
    465c5d869dba3899086274fb05025e84
    		PE32 executable (DLL) (console) Intel 80386, for MS Windows
    fr-FR.dll
    b2fe5cd0efeb5ddced4597880272deef
    		PE32 executable (DLL) (console) Intel 80386, for MS Windows
    it-IT.dll
    a0200cd089db3b34d0d6a90e268475a5
    		PE32 executable (DLL) (console) Intel 80386, for MS Windows, 6 sections
    ko-KR.dll
    1f81208587d34776d44752d2e62ca75f
    		PE32 executable (DLL) (console) Intel 80386, for MS Windows
    pt-BR.dll
    5939df7777fff145f408ad514d9ee6a3
    		PE32 executable (DLL) (console) Intel 80386, for MS Windows
    ru-RU.dll
    9a234307d69f1226a129bc06e8d82d8a
    		PE32 executable (DLL) (console) Intel 80386, for MS Windows
    tr-TR.dll
    86e89545ae91057e31f0fa191829189d
    		PE32 executable (DLL) (console) Intel 80386, for MS Windows
    uk-UA.dll
    2d2e26f62372818c54b76a8c39ba81e0
    		PE32 executable (DLL) (console) Intel 80386, for MS Windows
    zh-CN.dll
    3a55630566ac0f71709a068fbda587b3
    		PE32 executable (DLL) (console) Intel 80386, for MS Windows
    zh-TW.dll
    aa7c7e38e679ccddb98ece59b5e80b35
    		PE32 executable (DLL) (console) Intel 80386, for MS Windows
    AntiLog.ini
    ffa13864d796480b3f5f0b86ac1b2a3c
    		Microsoft HTML Help Project
    AntiLog.reg
    6b4d1b828eedf012258e03353d8ebf3b
    		Windows Registry text (Win2K or above)
    Options.ini
    beb4679f4724cc9408f805b1047c9421
    		Microsoft HTML Help Project
    Explorer_LaunchTo.reg
    034a48b1ca6ed904962637f70ab33bcd
    		Unicode text, UTF-16, little-endian text, with CRLF line terminators
    GameDVR.reg
    426796970af067da446e2df5fb853de0
    		Unicode text, UTF-16, little-endian text, with CRLF line terminators
    Remove_Gallery.reg
    3fa78d8343c0f7a62eb12495cd0d9e9a
    		Unicode text, UTF-16, little-endian text, with CRLF line terminators
    Restore_Photo_Viewer_Windows_10.reg
    f20307429e49d4ae9c9173c25f31a28e
    		Unicode text, UTF-16, little-endian text, with CRLF line terminators
    ShippedWithReserves.reg
    0336e3b46d90cbc76a84e67970bb6412
    		Unicode text, UTF-16, little-endian text, with CRLF line terminators
    StuckRects3-Win10-200X.reg
    6c2143d12e9af127fdee7939bc1da61b
    		Unicode text, UTF-16, little-endian text, with CRLF line terminators
    SysTray_ClassicVolumeControl.reg
    65c07daefffbc2a6756920f35ed8b589
    		Unicode text, UTF-16, little-endian text, with CRLF line terminators
    SysTray_Network_Flyout.reg
    52af0727764f3404b37fd5682476ce0f
    		Windows Registry little-endian text (Win2K or above)
    Taskbar.reg
    7eda4bb7149c965adf787b847522ded2
    		Unicode text, UTF-16, little-endian text, with CRLF line terminators
    UserSignedIn.reg
    ab24991d7d8e966b0899b3106555cf28
    		Unicode text, UTF-16, little-endian text, with CRLF line terminators
    Active Setup.reg
    14c47a68966b4d778ad6175e3f50198f
    		Windows Registry little-endian text (Win2K or above)
    Defender.reg
    783df74207682b151953da1d5c5bd9ee
    		Windows Registry text (Win2K or above)
    Defender.txt
    a996744f2ab509a5b4920a4dc71b1ba0
    		ASCII text, with CRLF line terminators
    DrvStore_Inf.txt
    16a7daf0cb272f16ff38870c968fd6cf
    		ASCII text, with CRLF line terminators
    Edge.reg
    5973e6637c6f517e8ac2da0570369364
    		Windows Registry text (Win2K or above)
    Edge.txt
    fd872ef2ce187adaf5b510eede5ea9b1
    		ASCII text, with CRLF line terminators
    Fonts.txt
    56e8d4f5f1c425ebf3e85650bd451321
    		ASCII text, with CRLF line terminators
    Installed.txt
    8d5d7e1cd543b63e42b24e20dbc9848a
    		ASCII text, with CRLF line terminators
    Languages.txt
    b99d25b63876f014d928f882c46f8ceb
    		ASCII text, with CRLF line terminators
    Media.txt
    7265a8adf5ab144a65022e58d5689111
    		ASCII text, with CRLF line terminators
    NetFX.txt
    115ef7c2c59ea4dd2db5c949321a8ebf
    		ASCII text, with CRLF line terminators
    NetFX_Keep.txt
    68386cb40a4c892fae36b0af6290df0a
    		ASCII text, with CRLF line terminators
    OneDrive.txt
    5c4d2fe8548d3ef9a318f55bd64f3e5c
    		ASCII text, with CRLF line terminators
    ProgramFiles.txt
    4d5c2fcc273685b60fa9c0cf1fd44988
    		ASCII text, with CRLF line terminators
    Speech.txt
    7669151975cf88145ca4a4cfcb7aef51
    		ASCII text, with CRLF line terminators
    System32-DLL.txt
    a6b655334239353c41cf650d8b975fb4
    		ASCII text, with CRLF line terminators
    System32.txt
    e1007249e239e132d94d3db39cae5fa8
    		ASCII text, with CRLF line terminators
    SySWoW.txt
    7cbcb5c3a0aed91517c7ad6d4fbbe6ff
    		ASCII text, with CRLF line terminators
    Windows.txt
    e8d841c7aa4bdab88e5d34fa826bd880
    		ASCII text, with CRLF line terminators
    Windows11.txt
    8080d247323e2f15154334b8f5baf2c4
    		ASCII text, with CRLF line terminators
    WindowsApps.txt
    2e138e8407c66c6035a74f381fe77d63
    		ASCII text, with CRLF line terminators
    WindowsPowerShell.txt
    3fa7f12fc5085be995240fa685f2ba08
    		ASCII text, with CRLF line terminators
    WinSAT.txt
    312894bd852a4f22351d3765f1039ca1
    		ASCII text, with CRLF line terminators
    WMP.txt
    1dbb1e2eb35d482c1b4bdcc30a2db24b
    		ASCII text, with CRLF line terminators
    WSearch.reg
    f23af77c551f1ea3d304160a47e4c426
    		Windows Registry text (Win2K or above)
    WUAU.reg
    00ae326ca1cbabde2ab752d79474c42f
    		Windows Registry text (Win2K or above)
    WUAU.txt
    c0d9b4de3736fd978366d06414010287
    		ASCII text, with CRLF line terminators
    XBOX.reg
    f2bba158e3f07879cce1c4844b7a6080
    		Windows Registry text (Win2K or above)
    XBOX.txt
    ead97849c013ba9c8f7d5b8780be86c9
    		ASCII text, with CRLF line terminators
    XPS.txt
    c2e9bac3a00f144d2259b63535ad85e4
    		ASCII text, with CRLF line terminators
    Services.ini
    8dc12e210db9591cf48e48c67b06918a
    		Generic INItialization configuration [Delete]
    Tasks.ini
    c644cb8c37a4c1adac7a248e98e2dfa4
    		ASCII text, with CRLF line terminators
    WinSxS.ini
    5d4910ed3566cf4ad512174bad6b4fcf
    		ASCII text, with CRLF line terminators
    ReadMe.txt
    e66c4dafc4aa1017343961db532c801e
    		ASCII text, with CRLF line terminators
    ReadMechs.txt
    85eb52cdcc128d8bf227a6c47507dd1b
    		ISO-8859 text, with CRLF line terminators
    NT6Only.txt
    d41d8cd98f00b204e9800998ecf8427e
    NT6Only.txt
    d41d8cd98f00b204e9800998ecf8427e
    NT5Only.txt
    d41d8cd98f00b204e9800998ecf8427e
    CATTrim.ini
    a4742ff448db61deefdfd03a5a5a73f9
    		ASCII text, with CRLF line terminators
    imdisk.cpl
    a19a0f76956805a157281a3998f06a29
    		PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 5 sections
    imdisk.sys
    85e0e6a2e0ff7c2ea46a0ebc9af0e628
    		PE32+ executable (native) x86-64, for MS Windows, 7 sections
    MergeIDE_2600.ini
    c838c51ef3ea0e8572d5778a81cb77c1
    		Windows Registry text (Win2K or above)
    MergeIDE_7600.ini
    bb3e0008c8ab841498c88d9b8f6f9f7c
    		Windows Registry text (Win2K or above)
    MergeIDE_9200.ini
    cb554a4b61036af4a5bcdf4bfb796fee
    		Windows Registry text (Win2K or above)
    nativevhdboot_x64.dll
    893c137479848a119677a251c390c63b
    		PE32+ executable (DLL) (console) x86-64, for MS Windows, 2 sections
    nativevhdboot_x86.dll
    2090bd824412787b0dfdaf045857941a
    		PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections
    Win10Builds.ini
    c4cbb71154ce3aa4f0fcc74122afa8c1
    		Microsoft HTML Help Project
    ReadMe.txt
    04b1c15090f4efdb80205fb054649c6d
    		ASCII text, with CRLF line terminators
    Win7USBBoot.ini
    e28ee51c898e15366e0e2c38f1570f8e
    		Generic INItialization configuration [options]
    BOOTICE.dll
    3ecf8aa3a478b3ac073d52af388a5ca6
    		PE32+ executable (DLL) (console) x86-64, for MS Windows, 4 sections
    BootICE.ini
    f69d460c8338295c786e1a268aafb0ea
    		Microsoft HTML Help Project
    BOOTICEx64.exe
    dd8ed5f1611d5860e44c8e7cd0a19c78
    		PE32+ executable (GUI) x86-64, for MS Windows, 3 sections
    de-DE.dll
    811d94c40141559d766cd20fa8b65e14
    		PE32 executable (DLL) (console) Intel 80386, for MS Windows
    en-US.dll
    e2b10b1d2a60901cba1752ac66490a21
    		PE32 executable (DLL) (console) Intel 80386, for MS Windows
    ru-RU.dll
    24a421018cefead4d68c4ddb675c6c66
    		PE32 executable (DLL) (console) Intel 80386, for MS Windows
    ReadMe.txt
    8b8a264cd3f8563d9917b5a139a76fc9
    		ASCII text, with CRLF line terminators
    MSSTMake.exe
    64d41e1e1a0410bf669c1d0820ed4c1f
    		PE32+ executable (console) x86-64, for MS Windows, 5 sections
    offreg.dll
    c01eaffb542126a5a702cadc03d5c8e9
    		PE32+ executable (DLL) (console) x86-64, for MS Windows, 8 sections
    WIMHost.exe
    1b811b68390dd17a60a9a3bee977fdff
    		PE32+ executable (GUI) x86-64, for MS Windows, 4 sections
    wimlib.dll
    834db85f8cadc30f8de15a3676f9faa3
    		PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows, 12 sections
    ReadMe.txt
    0c4ca86e0797dfb7c0ac5043a5f6c934
    		ASCII text, with CRLF line terminators
    Win7-11-Select.xml
    dba320e90ff7652c8d93e8992f89a06c
    		XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
    WimScript.ini
    fdcd3c4ee285d446bcf4ad90690be968
    		Generic INItialization configuration [CompressionExclusionList]
    WinNTSetup.ini.txt
    17d64784747b37b7004757385cb8ac5e
    		ASCII text, with CRLF line terminators
    WinNTSetup_x64.exe
    348e68df651661f92526a810dd3d5e7a
    		PE32+ executable (GUI) x86-64, for MS Windows, 5 sections

    Detections

    AnalyzerVerdictAlert
    YARAhub by abuse.chmalware
    Detect pe file that no import table
    YARAhub by abuse.chmalware
    Detect pe file that no import table
    YARAhub by abuse.chmalware
    Detect pe file that no import table
    YARAhub by abuse.chmalware
    Detect pe file that no import table
    YARAhub by abuse.chmalware
    Detect pe file that no import table
    YARAhub by abuse.chmalware
    Detect pe file that no import table
    YARAhub by abuse.chmalware
    Detect pe file that no import table
    YARAhub by abuse.chmalware
    Detect pe file that no import table
    YARAhub by abuse.chmalware
    Detect pe file that no import table
    YARAhub by abuse.chmalware
    Detect pe file that no import table
    YARAhub by abuse.chmalware
    Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen
    YARAhub by abuse.chmalware
    signed_sys_with_vulnerablity
    YARAhub by abuse.chmalware
    Detect pe file that no import table
    YARAhub by abuse.chmalware
    Detect pe file that no import table
    YARAhub by abuse.chmalware
    Detect pe file that no import table
    YARAhub by abuse.chmalware
    Detect pe file that no import table
    YARAhub by abuse.chmalware
    Detect pe file that no import table
    VirusTotalsuspicious
    VirusTotal - Scan result 9/66

JavaScript (0)

HTTP Transactions (1)

URLIPResponseSize
specials.pcwelt.de/PCWELT_Tools/ESDFileConverter_v3.2.zip
143.204.55.13200 OK7.0 MB