Overview

overview

8

Static

static

roccat_pow...61.exe

windows7_x64

8

roccat_pow...61.exe

windows10_x64

8

Analysis

  • max time kernel
    149s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7v20210410
  • submitted
    08-05-2021 23:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    roccat_power_grid_setup-0461.exe

  • Size

    38.9MB

  • MD5

    e99d42cca1cf1ed4250bf0101243a920

  • SHA1

    c6e9fd7c706ad38e88897cd52bef57e148845a88

  • SHA256

    585a96b6b2c04a60b7f085046851f60040bc9c52139a1c5e443a22293bd80ba1

  • SHA512

    eb54e218596108c6cd17b8131f0b6fc61abb0fac53060478ecd769d282c9c30cda5d0b7864768ca71e2d7f248f617c53ffe017eadd9ab3ae816430b017825c8f

Score
8/10
discoverymacroxlm

Malware Config

Signatures

  • Executes dropped EXE 4 IoCs
  • Suspicious Office macro 1 IoCs

    Office document equipped with 4.0 macros.

    macroxlm
  • Loads dropped DLL 26 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Enumerates connected drives 3 TTPs 24 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Drops file in System32 directory 18 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 7 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies data under HKEY_USERS 3 IoCs
  • Modifies registry class 38 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 25 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\roccat_power_grid_setup-0461.exe
    "C:\Users\Admin\AppData\Local\Temp\roccat_power_grid_setup-0461.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1688
    • C:\Users\Admin\AppData\Local\Temp\is-8M8HP.tmp\roccat_power_grid_setup-0461.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-8M8HP.tmp\roccat_power_grid_setup-0461.tmp" /SL5="$3011A,40134475,441856,C:\Users\Admin\AppData\Local\Temp\roccat_power_grid_setup-0461.exe"
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Drops file in Program Files directory
      • Modifies registry class
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of WriteProcessMemory
      PID:1792
      • C:\Users\Admin\AppData\Local\Temp\is-IPGSB.tmp\vcredist_x86.exe
        "C:\Users\Admin\AppData\Local\Temp\is-IPGSB.tmp\vcredist_x86.exe" /q
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • Suspicious use of WriteProcessMemory
        PID:1624
        • \??\c:\aead7823e5d3374e1556461f47ddb3\Setup.exe
          c:\aead7823e5d3374e1556461f47ddb3\Setup.exe /q
          4⤵
          • Executes dropped EXE
          • Loads dropped DLL
          • Checks processor information in registry
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious use of AdjustPrivilegeToken
          PID:1500
      • C:\Program Files (x86)\ROCCAT\Power-Grid\ROCCATPowerGrid.exe
        "C:\Program Files (x86)\ROCCAT\Power-Grid\ROCCATPowerGrid.exe"
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of SetWindowsHookEx
        PID:1492
  • C:\Windows\system32\msiexec.exe
    C:\Windows\system32\msiexec.exe /V
    1⤵
    • Enumerates connected drives
    • Drops file in System32 directory
    • Drops file in Windows directory
    • Modifies data under HKEY_USERS
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1796

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

3
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files (x86)\ROCCAT\Power-Grid\LIBEAY32.dll
    MD5

    ffea025783bf5f1be427ce8f0a21e51e

    SHA1

    f09a73e7895924ca74be7de4252190dc0c7f6089

    SHA256

    7d4fb85d427c6b62ebcc582bb04a237e3fb376462282b330f7d057da471112b7

    SHA512

    69f39bb21c217a1939f3c03adf42c0562c6c41e79fa8dc01cd9624d2ed8373c6b75ec88c30ad47fb363ab292907e5b6c29b48e178db6aed0d0b2c8da5cd07ad1

    Download Submit
  • C:\Program Files (x86)\ROCCAT\Power-Grid\QtCore4.dll
    MD5

    593313a0839e916a4da2f0180e145d39

    SHA1

    e8b3acc6199a645383c431a6bbeb0f2503c1cfcd

    SHA256

    2d6f2e93d6e6a16f974debd878ee5953e70ac75482c83f47831a928378402846

    SHA512

    e3422ace03e62893c134cbae57df8fb17673eb59f885cc7e1305bae88cc6c194b355bdbd65bc3cd69a3f3c7125cba64e06de354d898b56cd01007e9f66076b09

    Download Submit
  • C:\Program Files (x86)\ROCCAT\Power-Grid\QtGui4.dll
    MD5

    62e2f045bcd3d9f8060062e2fc40c4f1

    SHA1

    d50092ad6b9a8a737cf08af7cf893a16f7814ae8

    SHA256

    9e4b5d153fd6b1ffad6f8585d74e4ebffd38ba45454e5bbe169acc5e5929f8bd

    SHA512

    541d9242198b5890b13635eac8962ff0989518ec5a24fccb32908b2e5fbc642aa275f615f6890bf7be3de850f71ea8def9181dfcaa0b55d8b9ea5034cb1a2e1b

    Download Submit
  • C:\Program Files (x86)\ROCCAT\Power-Grid\QtMultimedia4.dll
    MD5

    b8c49175d5eeee35873630176c287a5e

    SHA1

    0bed14bf9fecb2235112c193d47d073c4ec8a561

    SHA256

    aecc3e74f6d1888d449ed48e432b96ca3484032ad66240d6883562bcfa588634

    SHA512

    74dcab0cb9def3b5e283670364073af6206d41c86fbac85ae09e5f6abc9b4cfeb4344791f5560b4c6a23c22a00786e8d778a14e2133899961024ceb08919de10

    Download Submit
  • C:\Program Files (x86)\ROCCAT\Power-Grid\QtNetwork4.dll
    MD5

    252abad1e1c55b55e7075345e1983620

    SHA1

    5ed5e975b2c99afae4fa9cef0532d1cdcc7620f1

    SHA256

    d5723c58e349e855e6eb6235ffb298f6357aa01c4a825e686891f6b5bf24a53b

    SHA512

    f601ba0364a73374e2ed211b93aeefc3bc2a2dbd675e855bf4f4d5ebdaa68797c340700d0d07164a15ab2d358e8904496c521fd076647a9fc745f8b268dd3859

    Download Submit
  • C:\Program Files (x86)\ROCCAT\Power-Grid\QtScript4.dll
    MD5

    6dcccf40fa2e547d1afb11f6333202aa

    SHA1

    0a5a50c7280b89c5c1c05ba9973a20c0c8f94ef4

    SHA256

    8c6ebf6688b67f42d15bda314a75dfbc29a3d546f78671d029cc70ea0b679961

    SHA512

    57a956e1ff2793841799f43eb76cd5b40bd9ec2ba8cbdc2b6dd4f65d3582601b52ad770939d2ea0fd32e7894402117c3bd24c502daafa0b9a36fd5fcda7f648e

    Download Submit
  • C:\Program Files (x86)\ROCCAT\Power-Grid\QtWebKit4.dll
    MD5

    1748285bc09edfcaca2c0a36569c8ca3

    SHA1

    6a712edea6c14bf55ec46b8d2c5362ca61b6d9d8

    SHA256

    a916c90bd7245649710ad73c3e2801bc461196e9315462b77225864a12d0cd9d

    SHA512

    511cbdd09e0543edce8d2561aaa999087f60cea9b4ebebcf66d0da6f08949dd4907f2387a33681251135be3509c5c0263dbf41677e79e1f892cdc27f63dd5a3b

    Download Submit
  • C:\Program Files (x86)\ROCCAT\Power-Grid\QtXml4.dll
    MD5

    75875421256475ae13e069dc5560d363

    SHA1

    d86b9fb42853487d369cd4d2fc02f2be81d9fa45

    SHA256

    5f39e16aaabbfa67e470cf1bf214159ac9c16265af148e5973cd140bb846c4ac

    SHA512

    9e351545af28eb9cc05c38ad5c3cff50867685d10dc235d0dca235c2df57abb816e5c36d268757cc0a3c73299e55ebfb371f32fa012182911be456206d1dc3cd

    Download Submit
  • C:\Program Files (x86)\ROCCAT\Power-Grid\ROCCATPowerGrid.exe
    MD5

    4dd52f6be59ad922501ee2aeee88465f

    SHA1

    4dff6c77b7b0f20c61dc1d30611b9638dd279b1c

    SHA256

    f519f59ee0c91547716d71ad51a542d7bbd003c45e9be6cf809f30a62f7e9831

    SHA512

    91ee99cc6e4ea2725972fbb3aab5333a8c6d798b424a019c91c67521473cd2fee7b988c2b534eaa02ad147ac4f60d5cd3993913e5b196c4c751d863d4f2af3f5

    Download Submit
  • C:\Program Files (x86)\ROCCAT\Power-Grid\imageformats\qgif4.dll
    MD5

    fff3366804374fe2de49856e9c15c0d3

    SHA1

    97154d42ad6d7d471bb486a1a0b877e084223cfc

    SHA256

    4079cd32b279af51ace7df73ee6c01c09b0226ca300caf8d7e8f1494d5dce293

    SHA512

    cce2fc317e4a16ab8ee0bacb49bbd9703a7127ae0de2ca6ad52f8df17f1c79489feb3de76e654a06ccdadaf6db6cf7dfde67703a657d81edd732ad1e39dd036a

    Download Submit
  • C:\Program Files (x86)\ROCCAT\Power-Grid\imageformats\qjpeg4.dll
    MD5

    523d0d98ae3e1a8c0c995f85b47062a5

    SHA1

    a0d8ff0ca271920e7c33bb8608830a4a52ea377d

    SHA256

    dbdb33dfc25755ae20245c1233af97e49c07bc881a5a9507824096198da43acb

    SHA512

    a67cd523a2c9024ff7f4cb0ec18a384a764b16c3b2c117325bb940a52fbf29dc8cb8b1ca92f4ee1fbe6503db14ca4631864e79f11dc267463664a8f53e11105b

    Download Submit
  • C:\Program Files (x86)\ROCCAT\Power-Grid\quazip.dll
    MD5

    758f2819e54859ffb843183c01c2658e

    SHA1

    000edce1058d50c2de9f7c344051f46c6726a3a9

    SHA256

    3c696fc08138f3c9e23113601f36124d7e6ed1aeca13fb471bf194b35fb436db

    SHA512

    19050ededf95e5aafb674da7eb57176a39c0579d7c1be6fb2d44abbdc6c7e09c14fab512e09efb605fa994e27ecad52a936d2bd832b7d2f84fbb887efbed99ba

    Download Submit
  • C:\Program Files (x86)\ROCCAT\Power-Grid\ssleay32.dll
    MD5

    ed2e41946744ec4355edbc119000f21b

    SHA1

    8e6c18eddf3ae0c16e58419457af079001a1f6c1

    SHA256

    85c71f748377e072cd50a345c3e26db71944a06d6f04139ed3e8cba0fb228361

    SHA512

    0722ebfdbac62ce86be85618752302eef477c8ab77382d78516c1f38946980d06bed51d6137d5ddc4db85601e297649c4c7f3e50ed7a5faf3e0c405c80e5a219

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20210508_235632105-MSI_vc_red.msi.txt
    MD5

    8d7a4d1ce57b5b5163aa63df9cb46262

    SHA1

    b7bfd19bd78d8274b932e721d0fa9f3be59acc9b

    SHA256

    8521c5ae01180b35be18ef73ddc7c0e11d9bf803d4ed91891cb53e875b95f767

    SHA512

    9a8b8e0c44e1712574b65ca3e9a8958b43777a2dc5b85937ef0be9d13bc16371ebd7306e8b4610715e3d686ff53357232e7abd69f3224e835e8b461d8f40dadf

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\is-8M8HP.tmp\roccat_power_grid_setup-0461.tmp
    MD5

    7b9ee740752651db10185d0fe95e14fd

    SHA1

    7ff129b0711b9893599545b2845cad732741d55e

    SHA256

    694255b73a502979b8ddc774fcec6f8cf57eebb8b30c864025ecadb4676ccd08

    SHA512

    c95615723c48d027ae4cc5fa7d180c268ad122385eec8ac53b48802f73a41fb5990940128c75d97bf704c1c78e50e5beff8ac62f1b1d609d28987bd0faa31425

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\is-8M8HP.tmp\roccat_power_grid_setup-0461.tmp
    MD5

    7b9ee740752651db10185d0fe95e14fd

    SHA1

    7ff129b0711b9893599545b2845cad732741d55e

    SHA256

    694255b73a502979b8ddc774fcec6f8cf57eebb8b30c864025ecadb4676ccd08

    SHA512

    c95615723c48d027ae4cc5fa7d180c268ad122385eec8ac53b48802f73a41fb5990940128c75d97bf704c1c78e50e5beff8ac62f1b1d609d28987bd0faa31425

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\is-IPGSB.tmp\vcredist_x86.exe
    MD5

    cede02d7af62449a2c38c49abecc0cd3

    SHA1

    b84b83a8a6741a17bfb5f3578b983c1de512589d

    SHA256

    66b797b3b4f99488f53c2b676610dfe9868984c779536891a8d8f73ee214bc4b

    SHA512

    d2d99e06d49a5990b449cf31d82a33104a6b45164e76fbeb34c43d10bcd25c3622af52e59a2d4b7f5f45f83c3ba4d23cf1a5fc0c03b3606f42426988e63a9770

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\is-IPGSB.tmp\vcredist_x86.exe
    MD5

    cede02d7af62449a2c38c49abecc0cd3

    SHA1

    b84b83a8a6741a17bfb5f3578b983c1de512589d

    SHA256

    66b797b3b4f99488f53c2b676610dfe9868984c779536891a8d8f73ee214bc4b

    SHA512

    d2d99e06d49a5990b449cf31d82a33104a6b45164e76fbeb34c43d10bcd25c3622af52e59a2d4b7f5f45f83c3ba4d23cf1a5fc0c03b3606f42426988e63a9770

    Download Submit
  • C:\Windows\SysWOW64\MSVCP100.dll
    MD5

    e3c817f7fe44cc870ecdbcbc3ea36132

    SHA1

    2ada702a0c143a7ae39b7de16a4b5cc994d2548b

    SHA256

    d769fafa2b3232de9fa7153212ba287f68e745257f1c00fafb511e7a02de7adf

    SHA512

    4fcf3fcdd27c97a714e173aa221f53df6c152636d77dea49e256a9788f2d3f2c2d7315dd0b4d72ecefc553082f9149b8580779abb39891a88907f16ec9e13cbe

    Download Submit
  • C:\Windows\SysWOW64\MSVCR100.dll
    MD5

    bf38660a9125935658cfa3e53fdc7d65

    SHA1

    0b51fb415ec89848f339f8989d323bea722bfd70

    SHA256

    60c06e0fa4449314da3a0a87c1a9d9577df99226f943637e06f61188e5862efa

    SHA512

    25f521ffe25a950d0f1a4de63b04cb62e2a3b0e72e7405799586913208bf8f8fa52aa34e96a9cc6ee47afcd41870f3aa0cd8289c53461d1b6e792d19b750c9a1

    Download Submit
  • C:\aead7823e5d3374e1556461f47ddb3\Setup.exe
    MD5

    9a1141fbceeb2e196ae1ba115fd4bee6

    SHA1

    922eacb654f091bc609f1b7f484292468d046bd1

    SHA256

    28563d908450eb7b7e9ed07a934e0d68135b5bb48e866e0a1c913bd776a44fef

    SHA512

    b044600acb16fc3be991d8a6dbc75c2ca45d392e66a4d19eacac4aee282d2ada0d411d832b76d25ef505cc542c7fa1fdb7098da01f84034f798b08baa4796168

    Download Submit
  • \??\c:\aead7823e5d3374e1556461f47ddb3\1028\LocalizedData.xml
    MD5

    7fc06a77d9aafca9fb19fafa0f919100

    SHA1

    e565740e7d582cd73f8d3b12de2f4579ff18bb41

    SHA256

    a27f809211ea1a2d5224cd01101aa3a59bf7853168e45de28a16ef7ed6acd46a

    SHA512

    466dcc6a5fb015be1619f5725fa62ca46eb0fb428e11f93fd9d82e5df61c3950b3fb62d4db7746cc4a2be199e5e69eaa30b6f3354e0017cfa14d127fad52f8cf

    Download Submit
  • \??\c:\aead7823e5d3374e1556461f47ddb3\1031\LocalizedData.xml
    MD5

    b83c3803712e61811c438f6e98790369

    SHA1

    61a0bc59388786ced045acd82621bee8578cae5a

    SHA256

    2aa6e8d402e44d9ee895b18195f46bf90259de1b6f44efd46a7075b110f2dcd6

    SHA512

    e020f93e3a082476087e690ad051f1feb210e0915924bb4548cc9f53a7ee2760211890eb6036ce9e5e4a311abc0300e89e25efbbb894c2a621ffbc9d64cc8a38

    Download Submit
  • \??\c:\aead7823e5d3374e1556461f47ddb3\1033\LocalizedData.xml
    MD5

    d642e322d1e8b739510ca540f8e779f9

    SHA1

    36279c76d9f34c09ebddc84fd33fcc7d4b9a896c

    SHA256

    5d90345ff74e177f6da8fb6459c1cfcac080e698215ca75feb130d0d1f2a76b9

    SHA512

    e1e16ae14bc7cc1608e1a08d3c92b6d0518b5fabd27f2c0eb514c87afc3d6192bf7a793a583afc65f1899f03dc419263b29174456e1ec9ab0f0110e0258e0f0d

    Download Submit
  • \??\c:\aead7823e5d3374e1556461f47ddb3\1036\LocalizedData.xml
    MD5

    e382abc19294f779d2833287242e7bc6

    SHA1

    1ceae32d6b24a3832f9244f5791382865b668a72

    SHA256

    43f913ff28d677316f560a0f45221f35f27cfaf5fc5bd645974a82dca589edbf

    SHA512

    06054c8048cade36a3af54f9a07fd8fa5eb4f3228790996d2abea7ee1ee7eb563d46bd54ff97441f9610e778194082c44e66c5f566c9c50a042aba9eb9cae25e

    Download Submit
  • \??\c:\aead7823e5d3374e1556461f47ddb3\1040\LocalizedData.xml
    MD5

    0af948fe4142e34092f9dd47a4b8c275

    SHA1

    b3d6dd5c126280398d9055f90e2c2c26dbae4eaa

    SHA256

    c4c7c0ddaa6d6a3a1dc260e9c5a24bdfaa98c427c69e8a65427dd7cac0a4b248

    SHA512

    d97b5fe2553ca78a3019d53e33d2db80c9fa1cf1d8d2501d9ddf0576c7e6ea38dab754fe4712123abf34b97e10b18fb4bbd1c76d3dacb87b4682e501f93423d9

    Download Submit
  • \??\c:\aead7823e5d3374e1556461f47ddb3\1041\LocalizedData.xml
    MD5

    7fcfbc308b0c42dcbd8365ba62bada05

    SHA1

    18a0f0e89b36818c94de0ad795cc593d0e3e29a9

    SHA256

    01e7d24dd8e00b5c333e96d1bb83813e02e96f89aad0c2f28f84551d28abbbe2

    SHA512

    cd6f912a037e86d9e1982c73f0f8b3c4d5a9a6b5b108a7b89a46e6691e430a7cb55718de9a0c05650bb194c8d4a2e309ad6221d638cfca8e16aa5920881ba649

    Download Submit
  • \??\c:\aead7823e5d3374e1556461f47ddb3\1042\LocalizedData.xml
    MD5

    71dfd70ae141f1d5c1366cb661b354b2

    SHA1

    c4b22590e6f6dd5d39e5158b831ae217ce17a776

    SHA256

    cccda55294aeb4af166a8c0449bca2189ddf5aa9a43d5e939dd3803e61738331

    SHA512

    5000d62f3de41c3fb0ed8a8e9c37dbf4eb427c4f1e3ad3823d4716c6fe62250bac11b7987a302b8a45d91aabcf332457f7aff7d99f15edeffe540639e9440e8a

    Download Submit
  • \??\c:\aead7823e5d3374e1556461f47ddb3\1049\LocalizedData.xml
    MD5

    0eeb554d0b9f9fcdb22401e2532e9cd0

    SHA1

    08799520b72a1ef92ac5b94a33509d1eddf6caf8

    SHA256

    beef0631c17a4fb1ff0b625c50c6cb6c8ce90a1ae62c5e60e14bf3d915ad509c

    SHA512

    2180e46a5a2ea1f59c879b729806ca02a232c66660f29c338c1fa7fbee2afa4b13d8777d1f7b63cf831eb42f3e55282d70aa8e53f40616b8a6e4d695c36e313d

    Download Submit
  • \??\c:\aead7823e5d3374e1556461f47ddb3\2052\LocalizedData.xml
    MD5

    52b1dc12ce4153aa759fb3bbe04d01fc

    SHA1

    bf21f8591c473d1fce68a9faf1e5942f486f6eba

    SHA256

    d1735c8cfd8e10ba019d70818c19fa865e7c72f30ab6421a3748408f85fb96c3

    SHA512

    418903ae9a7baebf73d055e4774ff1917fbaab9ee7ed8c120c34bb10e7303f6dd7b7dae701596d4626387a30ae1b4d329a9af49b8718b360e2ff619c56c19623

    Download Submit
  • \??\c:\aead7823e5d3374e1556461f47ddb3\3082\LocalizedData.xml
    MD5

    5397a12d466d55d566b4209e0e4f92d3

    SHA1

    fcffd8961fb487995543fc173521fdf5df6e243b

    SHA256

    f124d318138ff084b6484deb354cca0f72296e1341bf01169792b3e060c89e89

    SHA512

    7708f5a2ad3e4c90c4c216600435af87a1557f60caf880a3dd9b5f482e17399af9f0b9de03ff1dbdd210583e0fec5b466e35794ac24d6d37f9bbc094e52fc77b

    Download Submit
  • \??\c:\aead7823e5d3374e1556461f47ddb3\DHTMLHeader.html
    MD5

    cd131d41791a543cc6f6ed1ea5bd257c

    SHA1

    f42a2708a0b42a13530d26515274d1fcdbfe8490

    SHA256

    e139af8858fe90127095ac1c4685bcd849437ef0df7c416033554703f5d864bb

    SHA512

    a6ee9af8f8c2c7acd58dd3c42b8d70c55202b382ffc5a93772af7bf7d7740c1162bb6d38a4307b1802294a18eb52032d410e128072af7d4f9d54f415be020c9a

    Download Submit
  • \??\c:\aead7823e5d3374e1556461f47ddb3\ParameterInfo.xml
    MD5

    46db5d342d306778cab61e413a84fece

    SHA1

    d0885ae1f706e014015cacb0cd67ca786d0962c2

    SHA256

    227bd903261486663665ba232b753781bafd7afba68b5614ad93d6d1f5a1e16b

    SHA512

    5de734ce86888ae41db113be13b8b6652f67de8e7ff0dc062a3e217e078ccafacf44117bbfff6e26d6c7e4fa369855e87b4926e9bdfa96f466a89a9d9c67a5bc

    Download Submit
  • \??\c:\aead7823e5d3374e1556461f47ddb3\Setup.exe
    MD5

    9a1141fbceeb2e196ae1ba115fd4bee6

    SHA1

    922eacb654f091bc609f1b7f484292468d046bd1

    SHA256

    28563d908450eb7b7e9ed07a934e0d68135b5bb48e866e0a1c913bd776a44fef

    SHA512

    b044600acb16fc3be991d8a6dbc75c2ca45d392e66a4d19eacac4aee282d2ada0d411d832b76d25ef505cc542c7fa1fdb7098da01f84034f798b08baa4796168

    Download Submit
  • \??\c:\aead7823e5d3374e1556461f47ddb3\SetupEngine.dll
    MD5

    a030c6b93740cbaa232ffaa08ccd3396

    SHA1

    6f7236a30308fbf02d88e228f0b5b5ec7f61d3eb

    SHA256

    0507720d52ae856bbf5ff3f01172a390b6c19517cb95514cd53f4a59859e8d63

    SHA512

    6787195b7e693744ce3b70c3b3ef04eaf81c39621e33d9f40b9c52f1a2c1d6094eceaebbc9b2906649351f5fc106eed085cef71bb606a9dc7890eafd200cfd42

    Download Submit
  • \??\c:\aead7823e5d3374e1556461f47ddb3\UiInfo.xml
    MD5

    4f90fcef3836f5fc49426ad9938a1c60

    SHA1

    89eba3b81982d5d5c457ffa7a7096284a10de64a

    SHA256

    66a0299ce7ee12dd9fc2cfead3c3211e59bfb54d6c0627d044d44cef6e70367b

    SHA512

    4ce2731c1d32d7ca3a4f644f4b3111f06223de96c1e241fcc86f5fe665f4db18c8a241dae4e8a7e278d6afbf91b235a2c3517a40d4d22d9866880e19a7221160

    Download Submit
  • \??\c:\aead7823e5d3374e1556461f47ddb3\sqmapi.dll
    MD5

    3f0363b40376047eff6a9b97d633b750

    SHA1

    4eaf6650eca5ce931ee771181b04263c536a948b

    SHA256

    bd6395a58f55a8b1f4063e813ce7438f695b9b086bb965d8ac44e7a97d35a93c

    SHA512

    537be86e2f171e0b2b9f462ac7f62c4342beb5d00b68451228f28677d26a525014758672466ad15ed1fd073be38142dae478df67718908eae9e6266359e1f9e8

    Download Submit
  • \??\c:\aead7823e5d3374e1556461f47ddb3\vc_red.cab
    MD5

    c580a38f1a1a7d838076a1b897c37011

    SHA1

    c689488077d1c21820797707078af826ea676b70

    SHA256

    71c0acc75eecdf39051819dc7c26503583f6be6c43ab2c320853de15bece9978

    SHA512

    ea3a62bd312f1ddeebe5e3c7911eb3a73bc3ee184abb7e9b55bc962214f50bbf05d2499caf151d0bd00735e2021fbea9584bf3e868a1d4502b75ec3b62c7ff56

    Download Submit
  • \??\c:\aead7823e5d3374e1556461f47ddb3\vc_red.msi
    MD5

    3ff9acea77afc124be8454269bb7143f

    SHA1

    8dd6ecab8576245cd6c8617c24e019325a3b2bdc

    SHA256

    9ecf3980b29c6aa20067f9f45c64b45ad310a3d83606cd9667895ad35f106e66

    SHA512

    8d51f692747cfdd59fc839918a34d2b6cbbb510c90dea83ba936b3f5f39ee4cbd48f6bb7e35ed9e0945bf724d682812532191d91c8f3c2adb6ff80a8df89ff7a

    Download Submit
  • \Program Files (x86)\ROCCAT\Power-Grid\QtCore4.dll
    MD5

    593313a0839e916a4da2f0180e145d39

    SHA1

    e8b3acc6199a645383c431a6bbeb0f2503c1cfcd

    SHA256

    2d6f2e93d6e6a16f974debd878ee5953e70ac75482c83f47831a928378402846

    SHA512

    e3422ace03e62893c134cbae57df8fb17673eb59f885cc7e1305bae88cc6c194b355bdbd65bc3cd69a3f3c7125cba64e06de354d898b56cd01007e9f66076b09

    Download Submit
  • \Program Files (x86)\ROCCAT\Power-Grid\QtGui4.dll
    MD5

    62e2f045bcd3d9f8060062e2fc40c4f1

    SHA1

    d50092ad6b9a8a737cf08af7cf893a16f7814ae8

    SHA256

    9e4b5d153fd6b1ffad6f8585d74e4ebffd38ba45454e5bbe169acc5e5929f8bd

    SHA512

    541d9242198b5890b13635eac8962ff0989518ec5a24fccb32908b2e5fbc642aa275f615f6890bf7be3de850f71ea8def9181dfcaa0b55d8b9ea5034cb1a2e1b

    Download Submit
  • \Program Files (x86)\ROCCAT\Power-Grid\QtMultimedia4.dll
    MD5

    b8c49175d5eeee35873630176c287a5e

    SHA1

    0bed14bf9fecb2235112c193d47d073c4ec8a561

    SHA256

    aecc3e74f6d1888d449ed48e432b96ca3484032ad66240d6883562bcfa588634

    SHA512

    74dcab0cb9def3b5e283670364073af6206d41c86fbac85ae09e5f6abc9b4cfeb4344791f5560b4c6a23c22a00786e8d778a14e2133899961024ceb08919de10

    Download Submit
  • \Program Files (x86)\ROCCAT\Power-Grid\QtNetwork4.dll
    MD5

    252abad1e1c55b55e7075345e1983620

    SHA1

    5ed5e975b2c99afae4fa9cef0532d1cdcc7620f1

    SHA256

    d5723c58e349e855e6eb6235ffb298f6357aa01c4a825e686891f6b5bf24a53b

    SHA512

    f601ba0364a73374e2ed211b93aeefc3bc2a2dbd675e855bf4f4d5ebdaa68797c340700d0d07164a15ab2d358e8904496c521fd076647a9fc745f8b268dd3859

    Download Submit
  • \Program Files (x86)\ROCCAT\Power-Grid\QtScript4.dll
    MD5

    6dcccf40fa2e547d1afb11f6333202aa

    SHA1

    0a5a50c7280b89c5c1c05ba9973a20c0c8f94ef4

    SHA256

    8c6ebf6688b67f42d15bda314a75dfbc29a3d546f78671d029cc70ea0b679961

    SHA512

    57a956e1ff2793841799f43eb76cd5b40bd9ec2ba8cbdc2b6dd4f65d3582601b52ad770939d2ea0fd32e7894402117c3bd24c502daafa0b9a36fd5fcda7f648e

    Download Submit
  • \Program Files (x86)\ROCCAT\Power-Grid\QtWebKit4.dll
    MD5

    1748285bc09edfcaca2c0a36569c8ca3

    SHA1

    6a712edea6c14bf55ec46b8d2c5362ca61b6d9d8

    SHA256

    a916c90bd7245649710ad73c3e2801bc461196e9315462b77225864a12d0cd9d

    SHA512

    511cbdd09e0543edce8d2561aaa999087f60cea9b4ebebcf66d0da6f08949dd4907f2387a33681251135be3509c5c0263dbf41677e79e1f892cdc27f63dd5a3b

    Download Submit
  • \Program Files (x86)\ROCCAT\Power-Grid\QtXml4.dll
    MD5

    75875421256475ae13e069dc5560d363

    SHA1

    d86b9fb42853487d369cd4d2fc02f2be81d9fa45

    SHA256

    5f39e16aaabbfa67e470cf1bf214159ac9c16265af148e5973cd140bb846c4ac

    SHA512

    9e351545af28eb9cc05c38ad5c3cff50867685d10dc235d0dca235c2df57abb816e5c36d268757cc0a3c73299e55ebfb371f32fa012182911be456206d1dc3cd

    Download Submit
  • \Program Files (x86)\ROCCAT\Power-Grid\ROCCATPowerGrid.exe
    MD5

    4dd52f6be59ad922501ee2aeee88465f

    SHA1

    4dff6c77b7b0f20c61dc1d30611b9638dd279b1c

    SHA256

    f519f59ee0c91547716d71ad51a542d7bbd003c45e9be6cf809f30a62f7e9831

    SHA512

    91ee99cc6e4ea2725972fbb3aab5333a8c6d798b424a019c91c67521473cd2fee7b988c2b534eaa02ad147ac4f60d5cd3993913e5b196c4c751d863d4f2af3f5

    Download Submit
  • \Program Files (x86)\ROCCAT\Power-Grid\ROCCATPowerGrid.exe
    MD5

    4dd52f6be59ad922501ee2aeee88465f

    SHA1

    4dff6c77b7b0f20c61dc1d30611b9638dd279b1c

    SHA256

    f519f59ee0c91547716d71ad51a542d7bbd003c45e9be6cf809f30a62f7e9831

    SHA512

    91ee99cc6e4ea2725972fbb3aab5333a8c6d798b424a019c91c67521473cd2fee7b988c2b534eaa02ad147ac4f60d5cd3993913e5b196c4c751d863d4f2af3f5

    Download Submit
  • \Program Files (x86)\ROCCAT\Power-Grid\imageformats\qgif4.dll
    MD5

    fff3366804374fe2de49856e9c15c0d3

    SHA1

    97154d42ad6d7d471bb486a1a0b877e084223cfc

    SHA256

    4079cd32b279af51ace7df73ee6c01c09b0226ca300caf8d7e8f1494d5dce293

    SHA512

    cce2fc317e4a16ab8ee0bacb49bbd9703a7127ae0de2ca6ad52f8df17f1c79489feb3de76e654a06ccdadaf6db6cf7dfde67703a657d81edd732ad1e39dd036a

    Download Submit
  • \Program Files (x86)\ROCCAT\Power-Grid\imageformats\qgif4.dll
    MD5

    fff3366804374fe2de49856e9c15c0d3

    SHA1

    97154d42ad6d7d471bb486a1a0b877e084223cfc

    SHA256

    4079cd32b279af51ace7df73ee6c01c09b0226ca300caf8d7e8f1494d5dce293

    SHA512

    cce2fc317e4a16ab8ee0bacb49bbd9703a7127ae0de2ca6ad52f8df17f1c79489feb3de76e654a06ccdadaf6db6cf7dfde67703a657d81edd732ad1e39dd036a

    Download Submit
  • \Program Files (x86)\ROCCAT\Power-Grid\imageformats\qjpeg4.dll
    MD5

    523d0d98ae3e1a8c0c995f85b47062a5

    SHA1

    a0d8ff0ca271920e7c33bb8608830a4a52ea377d

    SHA256

    dbdb33dfc25755ae20245c1233af97e49c07bc881a5a9507824096198da43acb

    SHA512

    a67cd523a2c9024ff7f4cb0ec18a384a764b16c3b2c117325bb940a52fbf29dc8cb8b1ca92f4ee1fbe6503db14ca4631864e79f11dc267463664a8f53e11105b

    Download Submit
  • \Program Files (x86)\ROCCAT\Power-Grid\imageformats\qjpeg4.dll
    MD5

    523d0d98ae3e1a8c0c995f85b47062a5

    SHA1

    a0d8ff0ca271920e7c33bb8608830a4a52ea377d

    SHA256

    dbdb33dfc25755ae20245c1233af97e49c07bc881a5a9507824096198da43acb

    SHA512

    a67cd523a2c9024ff7f4cb0ec18a384a764b16c3b2c117325bb940a52fbf29dc8cb8b1ca92f4ee1fbe6503db14ca4631864e79f11dc267463664a8f53e11105b

    Download Submit
  • \Program Files (x86)\ROCCAT\Power-Grid\libeay32.dll
    MD5

    ffea025783bf5f1be427ce8f0a21e51e

    SHA1

    f09a73e7895924ca74be7de4252190dc0c7f6089

    SHA256

    7d4fb85d427c6b62ebcc582bb04a237e3fb376462282b330f7d057da471112b7

    SHA512

    69f39bb21c217a1939f3c03adf42c0562c6c41e79fa8dc01cd9624d2ed8373c6b75ec88c30ad47fb363ab292907e5b6c29b48e178db6aed0d0b2c8da5cd07ad1

    Download Submit
  • \Program Files (x86)\ROCCAT\Power-Grid\quazip.dll
    MD5

    758f2819e54859ffb843183c01c2658e

    SHA1

    000edce1058d50c2de9f7c344051f46c6726a3a9

    SHA256

    3c696fc08138f3c9e23113601f36124d7e6ed1aeca13fb471bf194b35fb436db

    SHA512

    19050ededf95e5aafb674da7eb57176a39c0579d7c1be6fb2d44abbdc6c7e09c14fab512e09efb605fa994e27ecad52a936d2bd832b7d2f84fbb887efbed99ba

    Download Submit
  • \Program Files (x86)\ROCCAT\Power-Grid\ssleay32.dll
    MD5

    ed2e41946744ec4355edbc119000f21b

    SHA1

    8e6c18eddf3ae0c16e58419457af079001a1f6c1

    SHA256

    85c71f748377e072cd50a345c3e26db71944a06d6f04139ed3e8cba0fb228361

    SHA512

    0722ebfdbac62ce86be85618752302eef477c8ab77382d78516c1f38946980d06bed51d6137d5ddc4db85601e297649c4c7f3e50ed7a5faf3e0c405c80e5a219

    Download Submit
  • \Users\Admin\AppData\Local\Temp\is-8M8HP.tmp\roccat_power_grid_setup-0461.tmp
    MD5

    7b9ee740752651db10185d0fe95e14fd

    SHA1

    7ff129b0711b9893599545b2845cad732741d55e

    SHA256

    694255b73a502979b8ddc774fcec6f8cf57eebb8b30c864025ecadb4676ccd08

    SHA512

    c95615723c48d027ae4cc5fa7d180c268ad122385eec8ac53b48802f73a41fb5990940128c75d97bf704c1c78e50e5beff8ac62f1b1d609d28987bd0faa31425

    Download Submit
  • \Users\Admin\AppData\Local\Temp\is-IPGSB.tmp\_isetup\_shfoldr.dll
    MD5

    92dc6ef532fbb4a5c3201469a5b5eb63

    SHA1

    3e89ff837147c16b4e41c30d6c796374e0b8e62c

    SHA256

    9884e9d1b4f8a873ccbd81f8ad0ae257776d2348d027d811a56475e028360d87

    SHA512

    9908e573921d5dbc3454a1c0a6c969ab8a81cc2e8b5385391d46b1a738fb06a76aa3282e0e58d0d2ffa6f27c85668cd5178e1500b8a39b1bbae04366ae6a86d3

    Download Submit
  • \Users\Admin\AppData\Local\Temp\is-IPGSB.tmp\_isetup\_shfoldr.dll
    MD5

    92dc6ef532fbb4a5c3201469a5b5eb63

    SHA1

    3e89ff837147c16b4e41c30d6c796374e0b8e62c

    SHA256

    9884e9d1b4f8a873ccbd81f8ad0ae257776d2348d027d811a56475e028360d87

    SHA512

    9908e573921d5dbc3454a1c0a6c969ab8a81cc2e8b5385391d46b1a738fb06a76aa3282e0e58d0d2ffa6f27c85668cd5178e1500b8a39b1bbae04366ae6a86d3

    Download Submit
  • \Users\Admin\AppData\Local\Temp\is-IPGSB.tmp\vcredist_x86.exe
    MD5

    cede02d7af62449a2c38c49abecc0cd3

    SHA1

    b84b83a8a6741a17bfb5f3578b983c1de512589d

    SHA256

    66b797b3b4f99488f53c2b676610dfe9868984c779536891a8d8f73ee214bc4b

    SHA512

    d2d99e06d49a5990b449cf31d82a33104a6b45164e76fbeb34c43d10bcd25c3622af52e59a2d4b7f5f45f83c3ba4d23cf1a5fc0c03b3606f42426988e63a9770

    Download Submit
  • \Windows\SysWOW64\msvcp100.dll
    MD5

    e3c817f7fe44cc870ecdbcbc3ea36132

    SHA1

    2ada702a0c143a7ae39b7de16a4b5cc994d2548b

    SHA256

    d769fafa2b3232de9fa7153212ba287f68e745257f1c00fafb511e7a02de7adf

    SHA512

    4fcf3fcdd27c97a714e173aa221f53df6c152636d77dea49e256a9788f2d3f2c2d7315dd0b4d72ecefc553082f9149b8580779abb39891a88907f16ec9e13cbe

    Download Submit
  • \Windows\SysWOW64\msvcr100.dll
    MD5

    bf38660a9125935658cfa3e53fdc7d65

    SHA1

    0b51fb415ec89848f339f8989d323bea722bfd70

    SHA256

    60c06e0fa4449314da3a0a87c1a9d9577df99226f943637e06f61188e5862efa

    SHA512

    25f521ffe25a950d0f1a4de63b04cb62e2a3b0e72e7405799586913208bf8f8fa52aa34e96a9cc6ee47afcd41870f3aa0cd8289c53461d1b6e792d19b750c9a1

    Download Submit
  • \aead7823e5d3374e1556461f47ddb3\Setup.exe
    MD5

    9a1141fbceeb2e196ae1ba115fd4bee6

    SHA1

    922eacb654f091bc609f1b7f484292468d046bd1

    SHA256

    28563d908450eb7b7e9ed07a934e0d68135b5bb48e866e0a1c913bd776a44fef

    SHA512

    b044600acb16fc3be991d8a6dbc75c2ca45d392e66a4d19eacac4aee282d2ada0d411d832b76d25ef505cc542c7fa1fdb7098da01f84034f798b08baa4796168

    Download Submit
  • \aead7823e5d3374e1556461f47ddb3\SetupEngine.dll
    MD5

    a030c6b93740cbaa232ffaa08ccd3396

    SHA1

    6f7236a30308fbf02d88e228f0b5b5ec7f61d3eb

    SHA256

    0507720d52ae856bbf5ff3f01172a390b6c19517cb95514cd53f4a59859e8d63

    SHA512

    6787195b7e693744ce3b70c3b3ef04eaf81c39621e33d9f40b9c52f1a2c1d6094eceaebbc9b2906649351f5fc106eed085cef71bb606a9dc7890eafd200cfd42

    Download Submit
  • \aead7823e5d3374e1556461f47ddb3\sqmapi.dll
    MD5

    3f0363b40376047eff6a9b97d633b750

    SHA1

    4eaf6650eca5ce931ee771181b04263c536a948b

    SHA256

    bd6395a58f55a8b1f4063e813ce7438f695b9b086bb965d8ac44e7a97d35a93c

    SHA512

    537be86e2f171e0b2b9f462ac7f62c4342beb5d00b68451228f28677d26a525014758672466ad15ed1fd073be38142dae478df67718908eae9e6266359e1f9e8

    Download Submit
  • memory/1492-103-0x0000000000000000-mapping.dmp
    Download
  • memory/1492-138-0x0000000000340000-0x0000000000344000-memory.dmp
    Filesize

    16KB

    Download
  • memory/1492-137-0x0000000000560000-0x0000000000579000-memory.dmp
    Filesize

    100KB

    Download
  • memory/1492-136-0x0000000000300000-0x0000000000335000-memory.dmp
    Filesize

    212KB

    Download
  • memory/1500-77-0x0000000000000000-mapping.dmp
    Download
  • memory/1624-72-0x0000000000000000-mapping.dmp
    Download
  • memory/1688-60-0x0000000000400000-0x0000000000472000-memory.dmp
    Filesize

    456KB

    Download
  • memory/1688-59-0x0000000075011000-0x0000000075013000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1792-62-0x0000000000000000-mapping.dmp
    Download
  • memory/1792-66-0x0000000000240000-0x0000000000241000-memory.dmp
    Filesize

    4KB

    Download
  • memory/1796-100-0x000007FEFBB51000-0x000007FEFBB53000-memory.dmp
    Filesize

    8KB

    Download