babadeda | 595e1545c53d27fb1315e70b241e66f44b28a49be59a717ca4936d167e121470

Analysis

max time kernel
120s
max time network
146s
platform
windows7_x64
resource
win7-en-20211208
submitted
09-03-2022 20:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

686b40dcb167653cb7a8463928c26af1.exe
Size

9.5MB
MD5

686b40dcb167653cb7a8463928c26af1
SHA1

d6146b6fdf516223735e4e881fa797432dff3923
SHA256

595e1545c53d27fb1315e70b241e66f44b28a49be59a717ca4936d167e121470
SHA512

c40d9c17e1b6d1100425b15d0f800562579b935a83e1c9b8f4099d8a4262b7287f545f4c0a00ab040c92e239fe946416242461dd712d4cb63deca5f651558f8f

Score

10^/10

babadeda systembc crypter loader trojan

Malware Config

Extracted

Family

systembc

5.101.78.2:4127

192.53.123.202:4127

Signatures

Babadeda
Babadeda is a crypter delivered as a legitimate installer and used to drop other malware families.
loader crypter babadeda

Babadeda Crypter 3 IoCs

Processes:

resource	yara_rule
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\asp	family_babadeda
behavioral1/memory/632-131-0x0000000003D70000-0x0000000007F70000-memory.dmp	family_babadeda
behavioral1/memory/1720-145-0x0000000001E20000-0x0000000006020000-memory.dmp	family_babadeda

SystemBC
SystemBC is a proxy and remote administration tool first seen in 2019.
trojan systembc
Executes dropped EXE 5 IoCs

Processes:

686b40dcb167653cb7a8463928c26af1.tmp686b40dcb167653cb7a8463928c26af1.tmptracegen.exePDapp.exePDapp.exe

pid process

1356 686b40dcb167653cb7a8463928c26af1.tmp
1200 686b40dcb167653cb7a8463928c26af1.tmp
2016 tracegen.exe
632 PDapp.exe
1720 PDapp.exe

pid	process
1356	686b40dcb167653cb7a8463928c26af1.tmp
1200	686b40dcb167653cb7a8463928c26af1.tmp
2016	tracegen.exe
632	PDapp.exe
1720	PDapp.exe

Loads dropped DLL 52 IoCs

Processes:

686b40dcb167653cb7a8463928c26af1.exe686b40dcb167653cb7a8463928c26af1.exe686b40dcb167653cb7a8463928c26af1.tmpPDapp.exePDapp.exe

pid	process
1548	686b40dcb167653cb7a8463928c26af1.exe
688	686b40dcb167653cb7a8463928c26af1.exe
1200	686b40dcb167653cb7a8463928c26af1.tmp
1200	686b40dcb167653cb7a8463928c26af1.tmp
632	PDapp.exe
632	PDapp.exe
632	PDapp.exe
632	PDapp.exe
632	PDapp.exe
632	PDapp.exe
632	PDapp.exe
632	PDapp.exe
632	PDapp.exe
632	PDapp.exe
632	PDapp.exe
632	PDapp.exe
632	PDapp.exe
632	PDapp.exe
632	PDapp.exe
632	PDapp.exe
632	PDapp.exe
632	PDapp.exe
632	PDapp.exe
632	PDapp.exe
632	PDapp.exe
632	PDapp.exe
632	PDapp.exe
632	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe
1720	PDapp.exe

Drops file in Windows directory 2 IoCs

Processes:

PDapp.exe

description ioc process

File created C:\Windows\Tasks\wow64.job PDapp.exe
File opened for modification C:\Windows\Tasks\wow64.job PDapp.exe
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082
Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

686b40dcb167653cb7a8463928c26af1.tmp

pid process

1200 686b40dcb167653cb7a8463928c26af1.tmp
1200 686b40dcb167653cb7a8463928c26af1.tmp
Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

686b40dcb167653cb7a8463928c26af1.tmp

pid process

1200 686b40dcb167653cb7a8463928c26af1.tmp

description	ioc	process
File created	C:\Windows\Tasks\wow64.job	PDapp.exe
File opened for modification	C:\Windows\Tasks\wow64.job	PDapp.exe

pid	process
1200	686b40dcb167653cb7a8463928c26af1.tmp
1200	686b40dcb167653cb7a8463928c26af1.tmp

pid	process
1200	686b40dcb167653cb7a8463928c26af1.tmp

Suspicious use of WriteProcessMemory 33 IoCs

Processes:

686b40dcb167653cb7a8463928c26af1.exe686b40dcb167653cb7a8463928c26af1.tmp686b40dcb167653cb7a8463928c26af1.exe686b40dcb167653cb7a8463928c26af1.tmptaskeng.exe

description	pid	process	target process
PID 1548 wrote to memory of 1356	1548	686b40dcb167653cb7a8463928c26af1.exe	686b40dcb167653cb7a8463928c26af1.tmp
PID 1548 wrote to memory of 1356	1548	686b40dcb167653cb7a8463928c26af1.exe	686b40dcb167653cb7a8463928c26af1.tmp
PID 1548 wrote to memory of 1356	1548	686b40dcb167653cb7a8463928c26af1.exe	686b40dcb167653cb7a8463928c26af1.tmp
PID 1548 wrote to memory of 1356	1548	686b40dcb167653cb7a8463928c26af1.exe	686b40dcb167653cb7a8463928c26af1.tmp
PID 1548 wrote to memory of 1356	1548	686b40dcb167653cb7a8463928c26af1.exe	686b40dcb167653cb7a8463928c26af1.tmp
PID 1548 wrote to memory of 1356	1548	686b40dcb167653cb7a8463928c26af1.exe	686b40dcb167653cb7a8463928c26af1.tmp
PID 1548 wrote to memory of 1356	1548	686b40dcb167653cb7a8463928c26af1.exe	686b40dcb167653cb7a8463928c26af1.tmp
PID 1356 wrote to memory of 688	1356	686b40dcb167653cb7a8463928c26af1.tmp	686b40dcb167653cb7a8463928c26af1.exe
PID 1356 wrote to memory of 688	1356	686b40dcb167653cb7a8463928c26af1.tmp	686b40dcb167653cb7a8463928c26af1.exe
PID 1356 wrote to memory of 688	1356	686b40dcb167653cb7a8463928c26af1.tmp	686b40dcb167653cb7a8463928c26af1.exe
PID 1356 wrote to memory of 688	1356	686b40dcb167653cb7a8463928c26af1.tmp	686b40dcb167653cb7a8463928c26af1.exe
PID 1356 wrote to memory of 688	1356	686b40dcb167653cb7a8463928c26af1.tmp	686b40dcb167653cb7a8463928c26af1.exe
PID 1356 wrote to memory of 688	1356	686b40dcb167653cb7a8463928c26af1.tmp	686b40dcb167653cb7a8463928c26af1.exe
PID 1356 wrote to memory of 688	1356	686b40dcb167653cb7a8463928c26af1.tmp	686b40dcb167653cb7a8463928c26af1.exe
PID 688 wrote to memory of 1200	688	686b40dcb167653cb7a8463928c26af1.exe	686b40dcb167653cb7a8463928c26af1.tmp
PID 688 wrote to memory of 1200	688	686b40dcb167653cb7a8463928c26af1.exe	686b40dcb167653cb7a8463928c26af1.tmp
PID 688 wrote to memory of 1200	688	686b40dcb167653cb7a8463928c26af1.exe	686b40dcb167653cb7a8463928c26af1.tmp
PID 688 wrote to memory of 1200	688	686b40dcb167653cb7a8463928c26af1.exe	686b40dcb167653cb7a8463928c26af1.tmp
PID 688 wrote to memory of 1200	688	686b40dcb167653cb7a8463928c26af1.exe	686b40dcb167653cb7a8463928c26af1.tmp
PID 688 wrote to memory of 1200	688	686b40dcb167653cb7a8463928c26af1.exe	686b40dcb167653cb7a8463928c26af1.tmp
PID 688 wrote to memory of 1200	688	686b40dcb167653cb7a8463928c26af1.exe	686b40dcb167653cb7a8463928c26af1.tmp
PID 1200 wrote to memory of 2016	1200	686b40dcb167653cb7a8463928c26af1.tmp	tracegen.exe
PID 1200 wrote to memory of 2016	1200	686b40dcb167653cb7a8463928c26af1.tmp	tracegen.exe
PID 1200 wrote to memory of 2016	1200	686b40dcb167653cb7a8463928c26af1.tmp	tracegen.exe
PID 1200 wrote to memory of 2016	1200	686b40dcb167653cb7a8463928c26af1.tmp	tracegen.exe
PID 1200 wrote to memory of 632	1200	686b40dcb167653cb7a8463928c26af1.tmp	PDapp.exe
PID 1200 wrote to memory of 632	1200	686b40dcb167653cb7a8463928c26af1.tmp	PDapp.exe
PID 1200 wrote to memory of 632	1200	686b40dcb167653cb7a8463928c26af1.tmp	PDapp.exe
PID 1200 wrote to memory of 632	1200	686b40dcb167653cb7a8463928c26af1.tmp	PDapp.exe
PID 916 wrote to memory of 1720	916	taskeng.exe	PDapp.exe
PID 916 wrote to memory of 1720	916	taskeng.exe	PDapp.exe
PID 916 wrote to memory of 1720	916	taskeng.exe	PDapp.exe
PID 916 wrote to memory of 1720	916	taskeng.exe	PDapp.exe

C:\Users\Admin\AppData\Local\Temp\686b40dcb167653cb7a8463928c26af1.exe
"C:\Users\Admin\AppData\Local\Temp\686b40dcb167653cb7a8463928c26af1.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1548

C:\Users\Admin\AppData\Local\Temp\is-3AI8R.tmp\686b40dcb167653cb7a8463928c26af1.tmp
"C:\Users\Admin\AppData\Local\Temp\is-3AI8R.tmp\686b40dcb167653cb7a8463928c26af1.tmp" /SL5="$40154,9084029,780800,C:\Users\Admin\AppData\Local\Temp\686b40dcb167653cb7a8463928c26af1.exe"
2⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
PID:1356

C:\Users\Admin\AppData\Local\Temp\686b40dcb167653cb7a8463928c26af1.exe
"C:\Users\Admin\AppData\Local\Temp\686b40dcb167653cb7a8463928c26af1.exe" /VERYSILENT
3⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:688

C:\Users\Admin\AppData\Local\Temp\is-9F9K3.tmp\686b40dcb167653cb7a8463928c26af1.tmp
"C:\Users\Admin\AppData\Local\Temp\is-9F9K3.tmp\686b40dcb167653cb7a8463928c26af1.tmp" /SL5="$40108,9084029,780800,C:\Users\Admin\AppData\Local\Temp\686b40dcb167653cb7a8463928c26af1.exe" /VERYSILENT
4⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:1200

C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\tracegen.exe
"C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\tracegen.exe"
5⤵
- Executes dropped EXE
PID:2016

C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\PDapp.exe
"C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\PDapp.exe"
5⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Windows directory
PID:632

C:\Windows\system32\taskeng.exe
taskeng.exe {A4DCC971-774E-4090-9A6C-9D942512732F} S-1-5-18:NT AUTHORITY\System:Service:
1⤵
- Suspicious use of WriteProcessMemory
PID:916

C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\PDapp.exe
"C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\PDapp.exe" start
2⤵
- Executes dropped EXE
- Loads dropped DLL
PID:1720

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\is-3AI8R.tmp\686b40dcb167653cb7a8463928c26af1.tmp
MD5
681f67c011ee0ac7fd112ed351fc07db

SHA1
cc02d9564dc3e29faf3e4945567d2ce6612d1f8c

SHA256
69d2e938368d9dc2fe5ae956d49ed1005dc4bb18b878cf2e55a0931c7a5eb003

SHA512
c2011f82d2bdb135b7db862cf89298df424a6f31719ce75a9c1fb89493ae65692d3fdfafe45515be5e0459ed6c40bd3db43fb19c8aa49f3e0e9a194ac36cab6a

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-9F9K3.tmp\686b40dcb167653cb7a8463928c26af1.tmp
MD5
681f67c011ee0ac7fd112ed351fc07db

SHA1
cc02d9564dc3e29faf3e4945567d2ce6612d1f8c

SHA256
69d2e938368d9dc2fe5ae956d49ed1005dc4bb18b878cf2e55a0931c7a5eb003

SHA512
c2011f82d2bdb135b7db862cf89298df424a6f31719ce75a9c1fb89493ae65692d3fdfafe45515be5e0459ed6c40bd3db43fb19c8aa49f3e0e9a194ac36cab6a

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\DBClient.dll
MD5
d64cbc9613edc8b8799dd36b8e3f8a62

SHA1
edacb98a4b6ac6407d0b0bdd86317b12a322ab51

SHA256
cdbe7dba0562816180f4d678a55b78c9675dbe09617fb7e3ecb0508bfe2b8681

SHA512
efdd78b35e5f24c0f3ec7a689eb8a53a24f819321cb2d790cc45ba1708209b462928ab5047a14933e4795d569d41a2ecc261158c84467698be2c57392810f19b

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\MSVCP140.dll
MD5
5ff1fca37c466d6723ec67be93b51442

SHA1
34cc4e158092083b13d67d6d2bc9e57b798a303b

SHA256
5136a49a682ac8d7f1ce71b211de8688fce42ed57210af087a8e2dbc8a934062

SHA512
4802ef62630c521d83a1d333969593fb00c9b38f82b4d07f70fbd21f495fea9b3f67676064573d2c71c42bc6f701992989742213501b16087bb6110e337c7546

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\MSVCP90.dll
MD5
30afaf23c37c439c2c83ec6518287076

SHA1
2ece38dc601315f4d05d034f66ad1d77f2845c00

SHA256
f5b6ed22ff07743402a2c90f469fa91f46fba8bf35b55312a5aaf26a448a9064

SHA512
0f87a1c55d54dccf5007a82d51ded65be9ee5619e0c82bd94b53c7d10b33237cd39e5b481dad00698bafdeac2687a7ff920ee5c5900468b5c0c93b996e803e1d

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\MSVCR90.dll
MD5
8d8325e8cdc31ffd3ba95e69d9a5bf91

SHA1
4bbe261d907e58a8487c27d2dc007ae98f1d3d2c

SHA256
1eab5f18a5733d746e681bc3d60175f8fca219dc1f94a7bb19db9e4c2c36224a

SHA512
49ba10c7ec86cff01568520c2092a993184df0b667a8bd197bc6cbe5918575028c1cd127e7d911344e5a88133827cda99aa3c1a331f26f809b04395da599c6b5

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\PDapp.exe
MD5
8c91eacff0f53860ecfc5fd67168927b

SHA1
4062cf4e7c5457849e60232f34afa2b9bbb3d827

SHA256
7e5f8c916e7359dd8a9cd4e476803cf0d89496668879aa34731a38c7ad13a45e

SHA512
dbc5f3f07b3f108d0ddc5e93256ed40cd70c8f32383dd58d698498a4cd8de3d970bd70da3c47b2e2bd9d19d5e90159ffaaf5d6e43039158b23c5cd74ae60403e

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\PDapp.exe
MD5
8c91eacff0f53860ecfc5fd67168927b

SHA1
4062cf4e7c5457849e60232f34afa2b9bbb3d827

SHA256
7e5f8c916e7359dd8a9cd4e476803cf0d89496668879aa34731a38c7ad13a45e

SHA512
dbc5f3f07b3f108d0ddc5e93256ed40cd70c8f32383dd58d698498a4cd8de3d970bd70da3c47b2e2bd9d19d5e90159ffaaf5d6e43039158b23c5cd74ae60403e

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\VCRUNTIME140.dll
MD5
a37ee36b536409056a86f50e67777dd7

SHA1
1cafa159292aa736fc595fc04e16325b27cd6750

SHA256
8934aaeb65b6e6d253dfe72dea5d65856bd871e989d5d3a2a35edfe867bb4825

SHA512
3a7c260646315cf8c01f44b2ec60974017496bd0d80dd055c7e43b707cadba2d63aab5e0efd435670aa77886ed86368390d42c4017fc433c3c4b9d1c47d0f356

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\adbeape.dll
MD5
819b4664a21827749250288b514e2494

SHA1
2bc3885716b1d6b7de41c201ccb40a74a38d8e7b

SHA256
068302bd6b30978c739f4599bfe33f15c2ce3aefdf8abc2ef394139c94d09705

SHA512
cad17c78dfc4ffef030f677373a19fa045d9cbd627de87f35e5bf740147d894ac8c218f070d94b8832241a6dd35f81e6f1e0740f6f5412dd9fb6c5c7257b0734

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-core-file-l1-2-0.dll
MD5
75614f411dec3bff7a4c3443fb06eebe

SHA1
bb77b493f3329284437f2173e5031908f080d68f

SHA256
196c741e12fe57d9fd3c274af8a93d95e148ac91ada451b31b78923bcea77b17

SHA512
f03b71cee885140edc53463132e1d736978ebb0c5e76f2db8c1f7cfd61afa1bf925109f2721cc796ffad4619ca69605c37db496d444c9d34616de5f95c7c9623

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-core-file-l2-1-0.dll
MD5
4f361342b691aedc577e1bbbd16a14ae

SHA1
b249050dc506fd4199bc2d6a00b2fac61e13842b

SHA256
2eb1e71d1112913f09cb372eaaeb19c0b849c81a50649da0e4a66b2c83ad9f32

SHA512
4efd2c4ca0e9a7e38c59d9ca797b0efecbf3d8f33e83f3b49b81f5a2b47fdfcc494abc88c634660783861d50087a106ffc713f19d7cc609e9be38e2250e2940a

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-core-localization-l1-2-0.dll
MD5
a5ef3ecb8ece8f31bfe429316281d64b

SHA1
13b0679242a262ecbda857b163c7db5a4b473c5b

SHA256
8678396666040b289999e82d1a0bb2175a6b5543922f05394252f7b3e986d0e7

SHA512
6f8da1d0c0122c10051a699cd77c1a21864ab14ba1cd485bd6d4c041e45591024254e642d0ae6310a9e1d1ad32e77183a62dab9dfc8ff050cce9e96d398e7ec2

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-core-processthreads-l1-1-1.dll
MD5
a37708eae8e652d16c4af5895cdd3a3d

SHA1
94e478d6568f07603e4d509e374b72a5c8b5ec7c

SHA256
abe2a6d988bfabb567874495f7fce79878967ccc00fea759597861f3fc73e349

SHA512
aa63684bc29bc4eb16a024944a02f4a55a595d7a651f56716ebc635d91474dcf1ed758a9218401ec1ea6610aa881036c3675909f14a37bcc4bd7157da44e21fc

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-core-timezone-l1-1-0.dll
MD5
14d9b19e5b801439fe7f34e195b30306

SHA1
8e3c156e9c2fa7054d0456ff8f7e3104fb2694fe

SHA256
2004a8a13c016c92b63404b882ad945f21a86e36000b9cb5ba24cf3acedb0de3

SHA512
1bb0d5eb3a8fd3173da0f5df1f8d9ae045ce2a21dc73bb2af4b57e537d0b8761711527fedcbc2378b8df300baa317ed2608952de0cad3eb37a9886645f6d94db

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-crt-convert-l1-1-0.dll
MD5
88f89d0f2bd5748ed1af75889e715e6a

SHA1
8ada489b9ff33530a3fb7161cc07b5b11dfb8909

SHA256
02c78781bf6cc5f22a0ecedc3847bfd20bed4065ac028c386d063dc2318c33cc

SHA512
1f5a00284ca1d6dc6ae2dfce306febfa6d7d71d421583e4ce6890389334c2d98291e98e992b58136f5d1a41590553e3ad42fb362247ae8adf60e33397afbb5df

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-crt-environment-l1-1-0.dll
MD5
0979785e3ef8137cdd47c797adcb96e3

SHA1
4051c6eb37a4c0dba47b58301e63df76bff347dd

SHA256
d5164aecde4523ffa2dcfd0315b49428ac220013132ad48422a8ea4ca2361257

SHA512
e369bc53babd327f5d1b9833c0b8d6c7e121072ad81d4ba1fb3e2679f161fb6a9fa2fca0df0bac532fd439beb0d754583582d1dbfeccf2d38cc4f3bdca39b52d

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-crt-filesystem-l1-1-0.dll
MD5
a1b6cebd3d7a8b25b9a9cbc18d03a00c

SHA1
5516de099c49e0e6d1224286c3dc9b4d7985e913

SHA256
162ccf78fa5a4a2ee380f72fbd54d17a73c929a76f6e3659f537fa8f42602362

SHA512
a322fb09e6faaff0daabb4f0284e4e90ccacff27161dbfd77d39a9a93dbf30069b9d86bf15a07fc2006a55af2c35cd8ea544895c93e2e1697c51f2dafad5a9d7

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-crt-heap-l1-1-0.dll
MD5
a6a9dfb31be2510f6dbfedd476c6d15a

SHA1
cdb6d8bd1fbd1c71d85437cff55ddeb76139dbe7

SHA256
150d32b77b2d7f49c8d4f44b64a90d7a0f9df0874a80fc925daf298b038a8e4c

SHA512
b4f0e8fa148fac8a94e04bf4b44f2a26221d943cc399e7f48745ed46e8b58c52d9126110cdf868ebb723423fb0e304983d24fe6608d3757a43ad741bddb3b7ec

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-crt-locale-l1-1-0.dll
MD5
755d68cb04411f8c6f86842484b6e38b

SHA1
60fc150591e644eaa14d77e6bdedf125f94c14fd

SHA256
7e659c94c28f575d8ac20add7cecf421136ff19ce91916d255dc98b5ba16d57b

SHA512
b0cc16effb8fbc26bf58e121836e1d95d25e0438b16a21001e6e61173108d206355145d7ac005fd40e40a2ae3bccf24685844322af667754e6d057ba073d5b61

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-crt-math-l1-1-0.dll
MD5
461d5af3277efb5f000b9df826581b80

SHA1
935b00c88c2065f98746e2b4353d4369216f1812

SHA256
f9ce464b89dd8ea1d5e0b852369fe3a8322b4b9860e5ae401c9a3b797aed17bf

SHA512
229bf31a1de1e84cf238a0dfe0c3a13fee86da94d611fbc8fdb65086dee6a8b1a6ba37c44c5826c3d8cfa120d0fba9e690d31c5b4e73f98c8362b98be1ee9600

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-crt-runtime-l1-1-0.dll
MD5
b3b04c457159e1a174eee384eb8deec7

SHA1
09971b91bf45ae9f84475c6565aaf1c40b34079d

SHA256
59d0de4eecdb196d8be3856894967f38fea60d3afdd2d42ee7dd61d4638680fd

SHA512
e28bdd2a889110e6235f02eb50ee7da2c49dc7dd8373077518f82bc9fd42bf915fedac9ba0dd2b702879da2e8ab99840b7c65011d66a4a296eb8afc3930531c0

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-crt-stdio-l1-1-0.dll
MD5
5765103e1f5412c43295bd752ccaea03

SHA1
6913bf1624599e55680a0292e22c89cab559db81

SHA256
8f7ace43040fa86e972cc74649d3e643d21e4cad6cb86ba78d4c059ed35d95e4

SHA512
5844ac30bc73b7ffba75016abefb8a339e2f2822fc6e1441f33f70b6eb7114f828167dfc34527b0fb5460768c4de7250c655bc56efd8ba03115cd2dd6f6c91c0

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-crt-string-l1-1-0.dll
MD5
a18e20d0362d9da9a4ed8038938c5d74

SHA1
bb07e6e5149ec644eedb850f41039c558c670e4c

SHA256
6f7d536bc81d5a395d8b52f4bd448e36349b8ad4854df5e90e55700487ffaf92

SHA512
dbf8eb5a2069d248305f0c4e61bf1d718b47dfff539cae37ceb47ad73dae431c96d705fa1b17d85cdb984de89c01e38c12e9e7454519f5723550d2af5e4110f6

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-crt-time-l1-1-0.dll
MD5
f575a0246f350985fa8f320c1fb988e4

SHA1
a3673d65222205372abcd05bfc1c660d704a16dd

SHA256
49fc5116b92695b2437c36d17ffdc5fbde99cf3e48ddc9c1a4beb0e396f0d950

SHA512
4b06e54d83e5b42761d16c26a6c19a8a611ae165de94d9d2b8d98915030c0512b068e5c08fcc78cea6fae71d16d29b45bb9a248adf88f5132cea6bed062ed60e

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-crt-utility-l1-1-0.dll
MD5
3dfb82541979a23a9deb5fd4dcfb6b22

SHA1
5da1d02b764917b38fdc34f4b41fb9a599105dd9

SHA256
0cd6d0ff0ff5ecf973f545e98b68ac6038db5494a8990c3b77b8a95b664b6feb

SHA512
f9a20b3d44d39d941fa131c3a1db37614a2f9b2af7260981a0f72c69f82a5326901f70a56b5f7ad65862630fce59b02f650a132ee7ecfe2e4fc80f694483ca82

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\asp
MD5
3c0f89972dfc853512bbf9069fbe4f36

SHA1
c9ac0d13094dd5beb8158cf2f2b9a2d9c5dc251f

SHA256
78799fa3535d592b5589a47b3af214cde9337b9e0255d3b1784d2827223c81b9

SHA512
87097c9d4314752ac499b3c56b1709eaf2e29a4b4dd9fa79e67ace4d34ca54432ecfe338b81c971411397b95ad4b7e0e35e39008852ec14fef3d776559cfd4d1

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\libchart.dll
MD5
79bf2c18072ee2a8831866e07646cf93

SHA1
fd7271b234a567127b47d687fafc88273ece3e8f

SHA256
af91253362b0451fee3f8d9faf946a09cc70b7f157d8281ef1c2f50e1d2f71f9

SHA512
2191ed7135845691afe9cc749f82f5278cdd3c2a1b816f32d2a21d5e8f1c23dd48a74579d5fbe305970533bc67b0ce1b5967e60b1da8fa101ce61f8d8e62a728

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\tracegen.exe
MD5
f0ce1fc1ef4cdae853428faf62c7e0bb

SHA1
cc68f5f4922095219de0ed10c39e225ddd1bd99c

SHA256
1381c53093d2bc83d20e466a0e07f7d6963347862283d64582aa9960c187ad75

SHA512
d8301bc03acd774d8216cbf95e6fa59d220c5d7a6182deafcc8d9af78fa53fb89964128b81f2b6247ec48a44c538cd604159415b69754368e3dcf62b98776837

Download Submit
C:\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\ucrtbase.DLL
MD5
2040cdcd779bbebad36d36035c675d99

SHA1
918bc19f55e656f6d6b1e4713604483eb997ea15

SHA256
2ad9a105a9caa24f41e7b1a6f303c07e6faeceaf3aaf43ebd644d9d5746a4359

SHA512
83dc3c7e35f0f83e1224505d04cdbaee12b7ea37a2c3367cb4fccc4fff3e5923cf8a79dd513c33a667d8231b1cc6cfb1e33f957d92e195892060a22f53c7532f

Download Submit
\Users\Admin\AppData\Local\Temp\is-3AI8R.tmp\686b40dcb167653cb7a8463928c26af1.tmp
MD5
681f67c011ee0ac7fd112ed351fc07db

SHA1
cc02d9564dc3e29faf3e4945567d2ce6612d1f8c

SHA256
69d2e938368d9dc2fe5ae956d49ed1005dc4bb18b878cf2e55a0931c7a5eb003

SHA512
c2011f82d2bdb135b7db862cf89298df424a6f31719ce75a9c1fb89493ae65692d3fdfafe45515be5e0459ed6c40bd3db43fb19c8aa49f3e0e9a194ac36cab6a

Download Submit
\Users\Admin\AppData\Local\Temp\is-9F9K3.tmp\686b40dcb167653cb7a8463928c26af1.tmp
MD5
681f67c011ee0ac7fd112ed351fc07db

SHA1
cc02d9564dc3e29faf3e4945567d2ce6612d1f8c

SHA256
69d2e938368d9dc2fe5ae956d49ed1005dc4bb18b878cf2e55a0931c7a5eb003

SHA512
c2011f82d2bdb135b7db862cf89298df424a6f31719ce75a9c1fb89493ae65692d3fdfafe45515be5e0459ed6c40bd3db43fb19c8aa49f3e0e9a194ac36cab6a

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\DBClient.dll
MD5
d64cbc9613edc8b8799dd36b8e3f8a62

SHA1
edacb98a4b6ac6407d0b0bdd86317b12a322ab51

SHA256
cdbe7dba0562816180f4d678a55b78c9675dbe09617fb7e3ecb0508bfe2b8681

SHA512
efdd78b35e5f24c0f3ec7a689eb8a53a24f819321cb2d790cc45ba1708209b462928ab5047a14933e4795d569d41a2ecc261158c84467698be2c57392810f19b

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\DBClient.dll
MD5
d64cbc9613edc8b8799dd36b8e3f8a62

SHA1
edacb98a4b6ac6407d0b0bdd86317b12a322ab51

SHA256
cdbe7dba0562816180f4d678a55b78c9675dbe09617fb7e3ecb0508bfe2b8681

SHA512
efdd78b35e5f24c0f3ec7a689eb8a53a24f819321cb2d790cc45ba1708209b462928ab5047a14933e4795d569d41a2ecc261158c84467698be2c57392810f19b

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\PDapp.exe
MD5
8c91eacff0f53860ecfc5fd67168927b

SHA1
4062cf4e7c5457849e60232f34afa2b9bbb3d827

SHA256
7e5f8c916e7359dd8a9cd4e476803cf0d89496668879aa34731a38c7ad13a45e

SHA512
dbc5f3f07b3f108d0ddc5e93256ed40cd70c8f32383dd58d698498a4cd8de3d970bd70da3c47b2e2bd9d19d5e90159ffaaf5d6e43039158b23c5cd74ae60403e

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\adbeape.dll
MD5
819b4664a21827749250288b514e2494

SHA1
2bc3885716b1d6b7de41c201ccb40a74a38d8e7b

SHA256
068302bd6b30978c739f4599bfe33f15c2ce3aefdf8abc2ef394139c94d09705

SHA512
cad17c78dfc4ffef030f677373a19fa045d9cbd627de87f35e5bf740147d894ac8c218f070d94b8832241a6dd35f81e6f1e0740f6f5412dd9fb6c5c7257b0734

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\adbeape.dll
MD5
819b4664a21827749250288b514e2494

SHA1
2bc3885716b1d6b7de41c201ccb40a74a38d8e7b

SHA256
068302bd6b30978c739f4599bfe33f15c2ce3aefdf8abc2ef394139c94d09705

SHA512
cad17c78dfc4ffef030f677373a19fa045d9cbd627de87f35e5bf740147d894ac8c218f070d94b8832241a6dd35f81e6f1e0740f6f5412dd9fb6c5c7257b0734

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-core-file-l1-2-0.dll
MD5
75614f411dec3bff7a4c3443fb06eebe

SHA1
bb77b493f3329284437f2173e5031908f080d68f

SHA256
196c741e12fe57d9fd3c274af8a93d95e148ac91ada451b31b78923bcea77b17

SHA512
f03b71cee885140edc53463132e1d736978ebb0c5e76f2db8c1f7cfd61afa1bf925109f2721cc796ffad4619ca69605c37db496d444c9d34616de5f95c7c9623

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-core-file-l2-1-0.dll
MD5
4f361342b691aedc577e1bbbd16a14ae

SHA1
b249050dc506fd4199bc2d6a00b2fac61e13842b

SHA256
2eb1e71d1112913f09cb372eaaeb19c0b849c81a50649da0e4a66b2c83ad9f32

SHA512
4efd2c4ca0e9a7e38c59d9ca797b0efecbf3d8f33e83f3b49b81f5a2b47fdfcc494abc88c634660783861d50087a106ffc713f19d7cc609e9be38e2250e2940a

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-core-localization-l1-2-0.dll
MD5
a5ef3ecb8ece8f31bfe429316281d64b

SHA1
13b0679242a262ecbda857b163c7db5a4b473c5b

SHA256
8678396666040b289999e82d1a0bb2175a6b5543922f05394252f7b3e986d0e7

SHA512
6f8da1d0c0122c10051a699cd77c1a21864ab14ba1cd485bd6d4c041e45591024254e642d0ae6310a9e1d1ad32e77183a62dab9dfc8ff050cce9e96d398e7ec2

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-core-processthreads-l1-1-1.dll
MD5
a37708eae8e652d16c4af5895cdd3a3d

SHA1
94e478d6568f07603e4d509e374b72a5c8b5ec7c

SHA256
abe2a6d988bfabb567874495f7fce79878967ccc00fea759597861f3fc73e349

SHA512
aa63684bc29bc4eb16a024944a02f4a55a595d7a651f56716ebc635d91474dcf1ed758a9218401ec1ea6610aa881036c3675909f14a37bcc4bd7157da44e21fc

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-core-timezone-l1-1-0.dll
MD5
14d9b19e5b801439fe7f34e195b30306

SHA1
8e3c156e9c2fa7054d0456ff8f7e3104fb2694fe

SHA256
2004a8a13c016c92b63404b882ad945f21a86e36000b9cb5ba24cf3acedb0de3

SHA512
1bb0d5eb3a8fd3173da0f5df1f8d9ae045ce2a21dc73bb2af4b57e537d0b8761711527fedcbc2378b8df300baa317ed2608952de0cad3eb37a9886645f6d94db

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-crt-convert-l1-1-0.dll
MD5
88f89d0f2bd5748ed1af75889e715e6a

SHA1
8ada489b9ff33530a3fb7161cc07b5b11dfb8909

SHA256
02c78781bf6cc5f22a0ecedc3847bfd20bed4065ac028c386d063dc2318c33cc

SHA512
1f5a00284ca1d6dc6ae2dfce306febfa6d7d71d421583e4ce6890389334c2d98291e98e992b58136f5d1a41590553e3ad42fb362247ae8adf60e33397afbb5df

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-crt-environment-l1-1-0.dll
MD5
0979785e3ef8137cdd47c797adcb96e3

SHA1
4051c6eb37a4c0dba47b58301e63df76bff347dd

SHA256
d5164aecde4523ffa2dcfd0315b49428ac220013132ad48422a8ea4ca2361257

SHA512
e369bc53babd327f5d1b9833c0b8d6c7e121072ad81d4ba1fb3e2679f161fb6a9fa2fca0df0bac532fd439beb0d754583582d1dbfeccf2d38cc4f3bdca39b52d

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-crt-filesystem-l1-1-0.dll
MD5
a1b6cebd3d7a8b25b9a9cbc18d03a00c

SHA1
5516de099c49e0e6d1224286c3dc9b4d7985e913

SHA256
162ccf78fa5a4a2ee380f72fbd54d17a73c929a76f6e3659f537fa8f42602362

SHA512
a322fb09e6faaff0daabb4f0284e4e90ccacff27161dbfd77d39a9a93dbf30069b9d86bf15a07fc2006a55af2c35cd8ea544895c93e2e1697c51f2dafad5a9d7

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-crt-heap-l1-1-0.dll
MD5
a6a9dfb31be2510f6dbfedd476c6d15a

SHA1
cdb6d8bd1fbd1c71d85437cff55ddeb76139dbe7

SHA256
150d32b77b2d7f49c8d4f44b64a90d7a0f9df0874a80fc925daf298b038a8e4c

SHA512
b4f0e8fa148fac8a94e04bf4b44f2a26221d943cc399e7f48745ed46e8b58c52d9126110cdf868ebb723423fb0e304983d24fe6608d3757a43ad741bddb3b7ec

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-crt-locale-l1-1-0.dll
MD5
755d68cb04411f8c6f86842484b6e38b

SHA1
60fc150591e644eaa14d77e6bdedf125f94c14fd

SHA256
7e659c94c28f575d8ac20add7cecf421136ff19ce91916d255dc98b5ba16d57b

SHA512
b0cc16effb8fbc26bf58e121836e1d95d25e0438b16a21001e6e61173108d206355145d7ac005fd40e40a2ae3bccf24685844322af667754e6d057ba073d5b61

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-crt-math-l1-1-0.dll
MD5
461d5af3277efb5f000b9df826581b80

SHA1
935b00c88c2065f98746e2b4353d4369216f1812

SHA256
f9ce464b89dd8ea1d5e0b852369fe3a8322b4b9860e5ae401c9a3b797aed17bf

SHA512
229bf31a1de1e84cf238a0dfe0c3a13fee86da94d611fbc8fdb65086dee6a8b1a6ba37c44c5826c3d8cfa120d0fba9e690d31c5b4e73f98c8362b98be1ee9600

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-crt-runtime-l1-1-0.dll
MD5
b3b04c457159e1a174eee384eb8deec7

SHA1
09971b91bf45ae9f84475c6565aaf1c40b34079d

SHA256
59d0de4eecdb196d8be3856894967f38fea60d3afdd2d42ee7dd61d4638680fd

SHA512
e28bdd2a889110e6235f02eb50ee7da2c49dc7dd8373077518f82bc9fd42bf915fedac9ba0dd2b702879da2e8ab99840b7c65011d66a4a296eb8afc3930531c0

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-crt-stdio-l1-1-0.dll
MD5
5765103e1f5412c43295bd752ccaea03

SHA1
6913bf1624599e55680a0292e22c89cab559db81

SHA256
8f7ace43040fa86e972cc74649d3e643d21e4cad6cb86ba78d4c059ed35d95e4

SHA512
5844ac30bc73b7ffba75016abefb8a339e2f2822fc6e1441f33f70b6eb7114f828167dfc34527b0fb5460768c4de7250c655bc56efd8ba03115cd2dd6f6c91c0

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-crt-string-l1-1-0.dll
MD5
a18e20d0362d9da9a4ed8038938c5d74

SHA1
bb07e6e5149ec644eedb850f41039c558c670e4c

SHA256
6f7d536bc81d5a395d8b52f4bd448e36349b8ad4854df5e90e55700487ffaf92

SHA512
dbf8eb5a2069d248305f0c4e61bf1d718b47dfff539cae37ceb47ad73dae431c96d705fa1b17d85cdb984de89c01e38c12e9e7454519f5723550d2af5e4110f6

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-crt-time-l1-1-0.dll
MD5
f575a0246f350985fa8f320c1fb988e4

SHA1
a3673d65222205372abcd05bfc1c660d704a16dd

SHA256
49fc5116b92695b2437c36d17ffdc5fbde99cf3e48ddc9c1a4beb0e396f0d950

SHA512
4b06e54d83e5b42761d16c26a6c19a8a611ae165de94d9d2b8d98915030c0512b068e5c08fcc78cea6fae71d16d29b45bb9a248adf88f5132cea6bed062ed60e

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\api-ms-win-crt-utility-l1-1-0.dll
MD5
3dfb82541979a23a9deb5fd4dcfb6b22

SHA1
5da1d02b764917b38fdc34f4b41fb9a599105dd9

SHA256
0cd6d0ff0ff5ecf973f545e98b68ac6038db5494a8990c3b77b8a95b664b6feb

SHA512
f9a20b3d44d39d941fa131c3a1db37614a2f9b2af7260981a0f72c69f82a5326901f70a56b5f7ad65862630fce59b02f650a132ee7ecfe2e4fc80f694483ca82

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\libchart.dll
MD5
79bf2c18072ee2a8831866e07646cf93

SHA1
fd7271b234a567127b47d687fafc88273ece3e8f

SHA256
af91253362b0451fee3f8d9faf946a09cc70b7f157d8281ef1c2f50e1d2f71f9

SHA512
2191ed7135845691afe9cc749f82f5278cdd3c2a1b816f32d2a21d5e8f1c23dd48a74579d5fbe305970533bc67b0ce1b5967e60b1da8fa101ce61f8d8e62a728

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\libchart.dll
MD5
79bf2c18072ee2a8831866e07646cf93

SHA1
fd7271b234a567127b47d687fafc88273ece3e8f

SHA256
af91253362b0451fee3f8d9faf946a09cc70b7f157d8281ef1c2f50e1d2f71f9

SHA512
2191ed7135845691afe9cc749f82f5278cdd3c2a1b816f32d2a21d5e8f1c23dd48a74579d5fbe305970533bc67b0ce1b5967e60b1da8fa101ce61f8d8e62a728

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\msvcp140.dll
MD5
5ff1fca37c466d6723ec67be93b51442

SHA1
34cc4e158092083b13d67d6d2bc9e57b798a303b

SHA256
5136a49a682ac8d7f1ce71b211de8688fce42ed57210af087a8e2dbc8a934062

SHA512
4802ef62630c521d83a1d333969593fb00c9b38f82b4d07f70fbd21f495fea9b3f67676064573d2c71c42bc6f701992989742213501b16087bb6110e337c7546

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\msvcp140.dll
MD5
5ff1fca37c466d6723ec67be93b51442

SHA1
34cc4e158092083b13d67d6d2bc9e57b798a303b

SHA256
5136a49a682ac8d7f1ce71b211de8688fce42ed57210af087a8e2dbc8a934062

SHA512
4802ef62630c521d83a1d333969593fb00c9b38f82b4d07f70fbd21f495fea9b3f67676064573d2c71c42bc6f701992989742213501b16087bb6110e337c7546

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\msvcp90.dll
MD5
30afaf23c37c439c2c83ec6518287076

SHA1
2ece38dc601315f4d05d034f66ad1d77f2845c00

SHA256
f5b6ed22ff07743402a2c90f469fa91f46fba8bf35b55312a5aaf26a448a9064

SHA512
0f87a1c55d54dccf5007a82d51ded65be9ee5619e0c82bd94b53c7d10b33237cd39e5b481dad00698bafdeac2687a7ff920ee5c5900468b5c0c93b996e803e1d

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\msvcp90.dll
MD5
30afaf23c37c439c2c83ec6518287076

SHA1
2ece38dc601315f4d05d034f66ad1d77f2845c00

SHA256
f5b6ed22ff07743402a2c90f469fa91f46fba8bf35b55312a5aaf26a448a9064

SHA512
0f87a1c55d54dccf5007a82d51ded65be9ee5619e0c82bd94b53c7d10b33237cd39e5b481dad00698bafdeac2687a7ff920ee5c5900468b5c0c93b996e803e1d

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\msvcr90.dll
MD5
8d8325e8cdc31ffd3ba95e69d9a5bf91

SHA1
4bbe261d907e58a8487c27d2dc007ae98f1d3d2c

SHA256
1eab5f18a5733d746e681bc3d60175f8fca219dc1f94a7bb19db9e4c2c36224a

SHA512
49ba10c7ec86cff01568520c2092a993184df0b667a8bd197bc6cbe5918575028c1cd127e7d911344e5a88133827cda99aa3c1a331f26f809b04395da599c6b5

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\msvcr90.dll
MD5
8d8325e8cdc31ffd3ba95e69d9a5bf91

SHA1
4bbe261d907e58a8487c27d2dc007ae98f1d3d2c

SHA256
1eab5f18a5733d746e681bc3d60175f8fca219dc1f94a7bb19db9e4c2c36224a

SHA512
49ba10c7ec86cff01568520c2092a993184df0b667a8bd197bc6cbe5918575028c1cd127e7d911344e5a88133827cda99aa3c1a331f26f809b04395da599c6b5

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\tracegen.exe
MD5
f0ce1fc1ef4cdae853428faf62c7e0bb

SHA1
cc68f5f4922095219de0ed10c39e225ddd1bd99c

SHA256
1381c53093d2bc83d20e466a0e07f7d6963347862283d64582aa9960c187ad75

SHA512
d8301bc03acd774d8216cbf95e6fa59d220c5d7a6182deafcc8d9af78fa53fb89964128b81f2b6247ec48a44c538cd604159415b69754368e3dcf62b98776837

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\ucrtbase.dll
MD5
2040cdcd779bbebad36d36035c675d99

SHA1
918bc19f55e656f6d6b1e4713604483eb997ea15

SHA256
2ad9a105a9caa24f41e7b1a6f303c07e6faeceaf3aaf43ebd644d9d5746a4359

SHA512
83dc3c7e35f0f83e1224505d04cdbaee12b7ea37a2c3367cb4fccc4fff3e5923cf8a79dd513c33a667d8231b1cc6cfb1e33f957d92e195892060a22f53c7532f

Download Submit
\Users\Admin\AppData\Roaming\Sure Cuts A Lot 5\vcruntime140.dll
MD5
a37ee36b536409056a86f50e67777dd7

SHA1
1cafa159292aa736fc595fc04e16325b27cd6750

SHA256
8934aaeb65b6e6d253dfe72dea5d65856bd871e989d5d3a2a35edfe867bb4825

SHA512
3a7c260646315cf8c01f44b2ec60974017496bd0d80dd055c7e43b707cadba2d63aab5e0efd435670aa77886ed86368390d42c4017fc433c3c4b9d1c47d0f356

Download Submit
memory/632-131-0x0000000003D70000-0x0000000007F70000-memory.dmp

Filesize
66.0MB

Download
memory/632-126-0x0000000000600000-0x0000000000607000-memory.dmp

Filesize
28KB

Download
memory/688-64-0x0000000000400000-0x00000000004CC000-memory.dmp

Filesize
816KB

Download
memory/688-66-0x0000000000400000-0x00000000004CC000-memory.dmp

Filesize
816KB

Download
memory/1200-71-0x0000000074221000-0x0000000074223000-memory.dmp

Filesize
8KB

Download
memory/1200-70-0x00000000003C0000-0x00000000003C1000-memory.dmp

Filesize
4KB

Download
memory/1356-62-0x0000000000240000-0x0000000000241000-memory.dmp

Filesize
4KB

Download
memory/1548-56-0x0000000000400000-0x00000000004CC000-memory.dmp

Filesize
816KB

Download
memory/1548-58-0x0000000000400000-0x00000000004CC000-memory.dmp

Filesize
816KB

Download
memory/1548-55-0x0000000074F11000-0x0000000074F13000-memory.dmp

Filesize
8KB

Download
memory/1720-140-0x0000000000990000-0x0000000000997000-memory.dmp

Filesize
28KB

Download
memory/1720-145-0x0000000001E20000-0x0000000006020000-memory.dmp

Filesize
66.0MB

Download