Overview

overview

9

Static

static

1

2024-04-28...er.exe

windows7-x64

9

2024-04-28...er.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    142s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28-04-2024 05:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-04-28_1c8abfbd35ffd0cbfddc93be61765e4a_magniber.exe

  • Size

    48.4MB

  • MD5

    1c8abfbd35ffd0cbfddc93be61765e4a

  • SHA1

    199a6fcc19294a8f8ec512cbc930b68e1cc48246

  • SHA256

    078b64078a5dc8d14b5a4223a6425e4ab650ff38eaf298cd64d8bd9284a4868d

  • SHA512

    b6b1dce16f2bc212d4e9d3f99211c079e95133ae243d1668cf63d02da312433fd247f4f42b46f386e1b5e8154899f3ea504e649312b7f03375ba1e4fc4f1efa3

  • SSDEEP

    786432:81uku651ufXEtPCpa2KWGuU/atU6Q25xKRdQ1VcpYtMwubtJSfDEdwd/:83Fzucaw2NGJ0U6HxSMKprvUEdw/

Score
9/10
bootkitevasionpersistencetrojan

Malware Config

Signatures

  • Identifies VirtualBox via ACPI registry values (likely anti-VM) 2 TTPs 1 IoCs
    evasion
  • Checks BIOS information in registry 2 TTPs 2 IoCs

    BIOS information is often read in order to detect sandboxing environments.

  • Identifies Wine through registry keys 2 TTPs 1 IoCs

    Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    evasion
  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence
  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Drops file in Windows directory 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 34 IoCs
  • Modifies registry class 8 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-28_1c8abfbd35ffd0cbfddc93be61765e4a_magniber.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-28_1c8abfbd35ffd0cbfddc93be61765e4a_magniber.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2060
    • C:\Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\InstallerGUI.exe
      C:\Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\InstallerGUI.exe "--distrib-name=C:\Users\Admin\AppData\Local\Temp\2024-04-28_1c8abfbd35ffd0cbfddc93be61765e4a_magniber.exe"
      2⤵
      • Identifies VirtualBox via ACPI registry values (likely anti-VM)
      • Checks BIOS information in registry
      • Identifies Wine through registry keys
      • Checks whether UAC is enabled
      • Writes to the Master Boot Record (MBR)
      • Suspicious use of NtSetInformationThreadHideFromDebugger
      • Drops file in Windows directory
      • Executes dropped EXE
      • Loads dropped DLL
      • Modifies registry class
      • Suspicious behavior: AddClipboardFormatListener
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of SetWindowsHookEx
      PID:2488

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

2
T1497

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Credential Access

Discovery

Query Registry

3
T1012

Virtualization/Sandbox Evasion

2
T1497

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\BrowserUtil.dll
    Filesize

    93KB

    MD5

    6bfe93d9c106d43e083223ee0f35c4ac

    SHA1

    62da2c5d2924ab3c970941c5278fa2f91ae1dd96

    SHA256

    75cc8d1f7fc8dac55520eab0741f7b06a6cee64a54b92eb4c3bb4cc0f055254a

    SHA512

    5ad6af127a6a80b31b4c4d91c94808ebfe5d622c4324ef0712cf0ec09199af196a1efd793d04b5ad8bb8d37b98f259fcb5a5090460c93c039ab3911999fe6843

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\CoreInt.dll
    Filesize

    719KB

    MD5

    b8955f3f81776d6978c1d432e5ea064d

    SHA1

    9a614943f3fd39429f441f357ca3b992dcbb2806

    SHA256

    90a65b62745a4942aa321b3c53f0e235f2dc003baed8cd9cc838e87b3834962f

    SHA512

    085bd2b5bc139b32dcd60f7552db2100f9bbd647b44480f1a7f2b66f8ae9898825bc2eb01c9b7f3e2376de9e0b8623e6e5706a68b394a33b31c8669892345b0c

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\InstallerGUI.exe
    Filesize

    1.4MB

    MD5

    46e0f9bf770182454ab6c199e46f2d07

    SHA1

    68f45ec8394224f486f950a95550fb5cdee9d83d

    SHA256

    c289be917f2c77208102ef72ba1e8064a73640fb8d229885c2d9f76e404087ac

    SHA512

    1473cd1554cef1bc2351a53f08c61ae5d3ff4587ac91c83148983668f3aabf55c74c27d0d2106caa3ad85fcb481afd97d38da04e27a7cc80e5738ce28a3ba142

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\MQtUtil.dll
    Filesize

    418KB

    MD5

    7d059c51ca8f5650ffdf98309070d1c5

    SHA1

    e2f92ab999d14522598b206c7eae362d60202263

    SHA256

    424f683cef15fc3582d9a0402e5219bcaf14abe03ccf066af8dd7d2367d0e9e4

    SHA512

    6b0ae3cbed38fd6c85fa5cb7913529a3dd69369625927a20bc560937db7ef3648b43db2d3ef17a297e39bdb4a95e4e70a0aa3cf3bc57f9330365deb962438446

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\Qt5Core.dll
    Filesize

    4.4MB

    MD5

    17d745269902475305853a3b583e20ae

    SHA1

    9439507228af63ddcf7df093d58132e88669ad7b

    SHA256

    73ec1c1fb79ef848a9a3fd095d02793a21566b5ab4b5d7b8a03d8c94ef54ae7b

    SHA512

    4eedc373c0ec2daea38ba53d9fdab115e93e5f3ed485effca05f26aa5c5266661bf6f702c649c233daf47722811284a7ae94e0e0f8fb4353e9ab1f59f6158d39

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\Qt5Gui.dll
    Filesize

    4.8MB

    MD5

    011b04791b1b59de4b04d4daf7032c37

    SHA1

    6fd5e7d7d56b1694c002411b59bd99d2e1db9dee

    SHA256

    662907e8f43bdac54e732eb2f34e3fcf4ebfbbf5f40f5f08abdc91d6adb01ea6

    SHA512

    cfbcb5c16e52e1598e7b9a0475faedd2c4087df4bc2b5eceb0be3418ea9c19013a3d1755b646cc031e26dfef8405aef40ab857040037cc0c25063e0c8d737714

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\Qt5Widgets.dll
    Filesize

    4.2MB

    MD5

    7e1a15004a2ba982d3b72070b81dc2da

    SHA1

    b714e3a077ff0014470e3e68a69d55a96432b5c4

    SHA256

    30f136ff7469e7a78fec7e42e91fda2f251d79db1e4fbab26ec73a3934069ef8

    SHA512

    bde6b4ca2b733c93279a6eab0e46a3c307c47214368795dbb5a149e1c58887dd65e4944e3c9c76c5a35b7ca7603a21f764853458734f8288f8e7fd0280c073ea

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\api-ms-win-core-file-l1-2-0.dll
    Filesize

    18KB

    MD5

    f6d1216e974fb76585fd350ebdc30648

    SHA1

    f8f73aa038e49d9fcf3bd05a30dc2e8cbbe54a7c

    SHA256

    348b70e57ae0329ac40ac3d866b8e896b0b8fef7e8809a09566f33af55d33271

    SHA512

    756ee21ba895179a5b6836b75aeefb75389b0fe4ae2aaff9ed84f33075094663117133c810ab2e697ec04eaffd54ff03efa3b9344e467a847acea9f732935843

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\api-ms-win-core-file-l2-1-0.dll
    Filesize

    18KB

    MD5

    bfb08fb09e8d68673f2f0213c59e2b97

    SHA1

    e1e5ff4e7dd1c902afbe195d3e9fd2a7d4a539f2

    SHA256

    6d5881719e9599bf10a4193c8e2ded2a38c10de0ba8904f48c67f2da6e84ed3e

    SHA512

    e4f33306f3d06ea5c8e539ebdb6926d5f818234f481ff4605a9d5698ae8f2afdf79f194acd0e55ac963383b78bb4c9311ee97f3a188e12fbf2ee13b35d409900

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\api-ms-win-core-localization-l1-2-0.dll
    Filesize

    20KB

    MD5

    3b9d034ca8a0345bc8f248927a86bf22

    SHA1

    95faf5007daf8ba712a5d17f865f0e7938da662b

    SHA256

    a7ac7ece5e626c0b4e32c13299e9a44c8c380c8981ce4965cbe4c83759d2f52d

    SHA512

    04f0830878e0166ffd1220536592d0d7ec8aacd3f04340a8d91df24d728f34fbbd559432e5c35f256d231afe0ae926139d7503107cea09bfd720ad65e19d1cdc

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\api-ms-win-core-processthreads-l1-1-1.dll
    Filesize

    18KB

    MD5

    c2ead5fcce95a04d31810768a3d44d57

    SHA1

    96e791b4d217b3612b0263e8df2f00009d5af8d8

    SHA256

    42a9a3d8a4a7c82cb6ec42c62d3a522daa95beb01ecb776aac2bfd4aa1e58d62

    SHA512

    c90048481d8f0a5eda2eb6e7703b5a064f481bb7d8c78970408b374cb82e89febc2e36633f1f3e28323fb633d6a95aa1050a626cb0cb5ec62e9010491aae91f4

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\api-ms-win-core-synch-l1-2-0.dll
    Filesize

    18KB

    MD5

    f6b4d8d403d22eb87a60bf6e4a3e7041

    SHA1

    b51a63f258b57527549d5331c405eacc77969433

    SHA256

    25687e95b65d0521f8c737df301bf90db8940e1c0758bb6ea5c217cf7d2f2270

    SHA512

    1acd8f7bc5d3ae1db46824b3a5548b33e56c9bac81dcd2e7d90fdbd1d3dd76f93cdf4d52a5f316728f92e623f73bc2ccd0bc505a259dff20c1a5a2eb2f12e41b

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\api-ms-win-core-timezone-l1-1-0.dll
    Filesize

    18KB

    MD5

    a20084f41b3f1c549d6625c790b72268

    SHA1

    e3669b8d89402a047bfbf9775d18438b0d95437e

    SHA256

    0fa42237fd1140fd125c6edb728d4c70ad0276c72fa96c2faabf7f429fa7e8f1

    SHA512

    ddf294a47dd80b3abfb3a0d82bc5f2b510d3734439f5a25da609edbbd9241ed78045114d011925d61c3d80b1ccd0283471b1dad4cf16e2194e9bc22e8abf278f

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\api-ms-win-crt-convert-l1-1-0.dll
    Filesize

    22KB

    MD5

    5245f303e96166b8e625dd0a97e2d66a

    SHA1

    1c9ed748763f1ff5b14b8c791a4c29de753a96ab

    SHA256

    90a63611d9169a8cd7d030cd2b107b6e290e50e2beba6fa640a7497a8599aff5

    SHA512

    af51f341670f925449e69c4b5f0a82f4fc4eb32913943272c32e3f3f18ee43b4afb78c0d7d2f965c1abe6a0f3a368616dd7a4fb74d83d22d1b69b405aef1e043

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\api-ms-win-crt-environment-l1-1-0.dll
    Filesize

    18KB

    MD5

    45c54a21261180410091cefb23f6a5ae

    SHA1

    80eee466d086d30c61eaefc559d57e5e64f56f61

    SHA256

    2b0fea07db507b7266346eab3ca7ede3821876aadc519daf059b130b85640918

    SHA512

    4962f85c94162fe2e35979fff4e4b3752f322c61d801419769916f5e3a0e0c406284d95c22709c690212d4572eb688d9311a8f85f17c4f5d1a5a9f00e732808c

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\api-ms-win-crt-filesystem-l1-1-0.dll
    Filesize

    20KB

    MD5

    ab8734c2328a46e7e9583befeb7085a2

    SHA1

    b4686f07d1217c77eb013153e6ff55b34be0af65

    SHA256

    921b7cf74744c4336f976db6750921b2a0960e8aa11268457f5ed27c0e13b2c8

    SHA512

    fd7e828f842deabf2dcdcea3e947dc3aa909c0b6a35c75fd64edc63c359ab97020876e6c59ad335a2a166437fa65f57433f86c1c2fe10a34b90d15d8592fe911

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\api-ms-win-crt-heap-l1-1-0.dll
    Filesize

    19KB

    MD5

    39d81596a7308e978d67ad6fdccdd331

    SHA1

    a0b2d43dd1c27d8244d11495e16d9f4f889e34c4

    SHA256

    3d109fd01f6684414d8a1d0d2f5e6c5b4e24de952a0695884744a6cbd44a8ec7

    SHA512

    0ef6578de4e6ba55eda64691892d114e154d288c419d05d6cff0ef4240118c20a4ce7f4174eec1a33397c6cd0135d13798dc91cc97416351775f9abf60fcae76

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\api-ms-win-crt-locale-l1-1-0.dll
    Filesize

    18KB

    MD5

    e70d8fe9d21841202b4fd1cf55d37ac5

    SHA1

    fa62fb609d15c8ad3b5a12618bcc50f0d95cdea3

    SHA256

    e087f611b3659151dfb674728202944a7c0fe71710f280840e00a5c4b640632d

    SHA512

    bd38bdf80defd4548580e7973d89ed29e1edd401f202c367a3ba0020678206da3acc9b4436c9a122e4efc32e80dbb39eb9bf08587e4febc8f14ec86a8993bcc8

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\api-ms-win-crt-math-l1-1-0.dll
    Filesize

    28KB

    MD5

    d0d380af839124368a96d6aa82c7c8ae

    SHA1

    e2ac42f829085e0e5beea29fcff09e467810a777

    SHA256

    06985d00bf4985024e95442702bbdb53c2127e99f16440424f3380a88883f1a5

    SHA512

    daf3997922e18c0be088a15209c9f01cc1dda90972a6aadcf76de867b85d34483ad5e138e3fa321c7140bf8e455c2b908d0a4db6a9e35011786398656b886479

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\api-ms-win-crt-multibyte-l1-1-0.dll
    Filesize

    26KB

    MD5

    809bc1010eaf714cd095189af236ce2f

    SHA1

    10dbc383f7c49de17fc50e830e3cb494cc873dd1

    SHA256

    b52f2b9de19d12b0e727e13e3dde93009e487bfb2dd97fd23952c7080949d97e

    SHA512

    f72ec10a0005e7023187ef6ccedf2af81d16174e628369fb834af78e4ef2f3d44bf8b70e9b894abc6791d7b9720c62c52a697ff0ade0edddcaa52b6f14630d1d

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\api-ms-win-crt-runtime-l1-1-0.dll
    Filesize

    22KB

    MD5

    ae3fa6bf777b0429b825fb6b028f8a48

    SHA1

    b53dbfdb7c8deaa9a05381f5ac2e596830039838

    SHA256

    66b86ed0867fe22e80b9b737f3ee428be71f5e98d36f774abbf92e3aaca71bfb

    SHA512

    1339e7ce01916573e7fdd71e331eeee5e27b1ddd968cadfa6cbc73d58070b9c9f8d9515384af004e5e015bd743c7a629eb0c62a6c0fa420d75b069096c5d1ece

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\api-ms-win-crt-stdio-l1-1-0.dll
    Filesize

    24KB

    MD5

    32d7b95b1bce23db9fbd0578053ba87f

    SHA1

    7e14a34ac667a087f66d576c65cd6fe6c1dfdd34

    SHA256

    104a76b41cbd9a945dba43a6ffa8c6de99db2105d4ce93a717729a9bd020f728

    SHA512

    7dad74a0e3820a8237bab48f4962fe43e5b60b00f003a5de563b4cf61ee206353c9689a639566dc009f41585b54b915ff04f014230f0f38416020e08c8a44cb4

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\api-ms-win-crt-string-l1-1-0.dll
    Filesize

    24KB

    MD5

    5e72659b38a2977984bbc23ed274f007

    SHA1

    ea622d608cc942bdb0fad118c8060b60b2e985c9

    SHA256

    44a4db6080f6bdae6151f60ae5dc420faa3be50902e88f8f14ad457dec3fe4ea

    SHA512

    ed3cb656a5f5aee2cc04dd1f25b1390d52f3e85f0c7742ed0d473a117d2ac49e225a0cb324c31747d221617abcd6a9200c16dd840284bb29155726a3aa749bb1

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\api-ms-win-crt-time-l1-1-0.dll
    Filesize

    20KB

    MD5

    1fa7c2b81cdfd7ace42a2a9a0781c946

    SHA1

    f5b7117d18a7335228829447e3eccc7b806ef478

    SHA256

    cafdb772a1d7acf0807478fdba1e00fd101fc29c136547b37131f80d21dacffd

    SHA512

    339cdaf8de445cf05bc201400d65bb9037ea7a3782ba76864842adb6fbe5445d06863227dd774ab50e6f582b75886b302d5dd152aff1825cf90e4f252398ace0

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\api-ms-win-crt-utility-l1-1-0.dll
    Filesize

    18KB

    MD5

    d6abf5c056d80592f8e2439e195d61ac

    SHA1

    33f793fd6a28673e766ad11ee1cf8eb8ef351bc0

    SHA256

    8858d883d180cea63e3bf4a3f5bc9e0f9fa16c9a35a84c4efe65308cea13a364

    SHA512

    6678f17f2274aabba5279ba40a0159ff8a54241d811845a48d845172f4aa6f7397cfd07bf2368299a613df1f3ff12e06c0e62c26683dfb08d82122609c3a3f62

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\boost_chrono-vc140-mt-1_60.dll
    Filesize

    35KB

    MD5

    84cd4f830ee48b0be3f9bf0c4a7de03d

    SHA1

    63adcffe5a9da72ae794ca356a5cde8265e33f48

    SHA256

    68bbd434fbbd12956476b28355110d39a3883596e04d2d2315671ad60e70b1b4

    SHA512

    baff34b9955bdb5748d0ec1a4ff4fc187f2ff505f6443fd75d4551b9a4485066f31d8f0421acea9bde1fb000af866ada0a31c347aedffa9a922f0776c948ed8c

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\boost_filesystem-vc140-mt-1_60.dll
    Filesize

    125KB

    MD5

    bf94e8a932581857a1e3c885ba13c898

    SHA1

    16d230570ef83a7a9da918b06c7505ec28cafd3d

    SHA256

    d98c9f232b81b4e2176172f9fdbb886fdafdd57343b59013fda1e74c60f44e28

    SHA512

    e199d7c85e1525f26c602ffb65b7df8c47d2c095f4b78febbf64538447b48658f97c065b8ebc1bbc3a02610ddad7002b3ebd7fc85e73366e99a854786755abda

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\boost_system-vc140-mt-1_60.dll
    Filesize

    26KB

    MD5

    982b2fff5d1db04862ccd8932ce230b5

    SHA1

    6dfa62f807d99cbbb783afcd198753a8f2cf055b

    SHA256

    29c7399604fad770a738c3b6021679e3c1ac4f713e5a9542d545fb2e205d23bd

    SHA512

    5d4dff7b5cc45912526f77624cc75575eac08db0981518c3d8e7edd9427c5f2f53e3b4f573c6605a629efbe213fc33071c23f3efd0ec7ba5ddcaa66c3a98a6c4

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\glog.dll
    Filesize

    93KB

    MD5

    fdecdbc5683b78ec1be4ae9388a0b1c2

    SHA1

    5193b2866e629825a55386fd381fbc9ece8bc261

    SHA256

    28ddc84cd20f7b8f530649cc291a5c7ccc27a0fe60a874b2c423ca9897d68cfb

    SHA512

    ef9bf925d48d2927286f0ee9934e1ee9dc19068ccce17a1515d9eabd4d0705534661fc654123daebf90ec36e3d33e17c8acce727f0e915e2235742f9c54a0a8f

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\msvcp140.dll
    Filesize

    429KB

    MD5

    d25c3ff7a4cbbffc7c9fff4f659051ce

    SHA1

    02fe8d84d7f74c2721ff47d72a6916028c8f2e8a

    SHA256

    9c1dc36d319382e1501cdeaae36bad5b820ea84393ef6149e377d2fb2fc361a5

    SHA512

    945fe55b43326c95f1eee643d46a53b69a463a88bd149f90e9e193d71b84f4875455d37fd4f06c1307bb2cdbe99c1f6e18cb33c0b8679cd11fea820d7e728065

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\ucrtbase.dll
    Filesize

    879KB

    MD5

    3e0303f978818e5c944f5485792696fd

    SHA1

    3b6e3ea9f5a6bbdeda20d68b84e4b51dc48deb1d

    SHA256

    7041885b2a8300bf12a46510228ce8d103d74e83b1baf696b84ff3e5ab785dd1

    SHA512

    c2874029bd269e6b9f7000c48d0710c52664c44e91c3086df366c3456b8bce0ed4d7e5bcfe4bdd3d03b11b8245c65f4b848b6dc58e6ea7b1de9b3ca2fb3348bc

    Download Submit
  • \Users\Admin\AppData\Local\Temp\Movavi-installer-1714283457\vcruntime140.dll
    Filesize

    81KB

    MD5

    a2523ea6950e248cbdf18c9ea1a844f6

    SHA1

    549c8c2a96605f90d79a872be73efb5d40965444

    SHA256

    6823b98c3e922490a2f97f54862d32193900077e49f0360522b19e06e6da24b4

    SHA512

    2141c041b6bdbee9ec10088b9d47df02bf72143eb3619e8652296d617efd77697f4dc8727d11998695768843b4e94a47b1aed2c6fb9f097ffc8a42ca7aaaf66a

    Download Submit
  • memory/2488-145-0x00000000735F0000-0x0000000073CCA000-memory.dmp
    Filesize

    6.9MB

    Download
  • memory/2488-149-0x00000000735F0000-0x0000000073CCA000-memory.dmp
    Filesize

    6.9MB

    Download
  • memory/2488-152-0x00000000735F0000-0x0000000073CCA000-memory.dmp
    Filesize

    6.9MB

    Download
  • memory/2488-157-0x00000000735F0000-0x0000000073CCA000-memory.dmp
    Filesize

    6.9MB

    Download
  • memory/2488-158-0x00000000735F0000-0x0000000073CCA000-memory.dmp
    Filesize

    6.9MB

    Download