Analysis
-
max time kernel
153s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
20-05-2022 03:04
General
-
Target
da4925500fbf1b2ddb620a5e44339335e6499e51f0fed9bf93b897ff667e4c9e.exe
-
Size
15.8MB
-
MD5
7d0a83642db17ab6b57da5624dbf52ab
-
SHA1
c82ccc85a07dbc9a7b2e0e2ce3c3df0c3a649cbc
-
SHA256
da4925500fbf1b2ddb620a5e44339335e6499e51f0fed9bf93b897ff667e4c9e
-
SHA512
6973c12094ace46245f9e3f742ae12072d3e259988af67c1d0d281a592b511b7b9822c06d79ef634307bddd0e2ccc893ed9873915e977361895e752e15552787
Malware Config
Signatures
-
Drops file in Drivers directory 2 IoCs
-
Executes dropped EXE 16 IoCs
-
Checks computer location settings 2 TTPs 3 IoCs
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL 47 IoCs
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives 3 TTPs 22 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory 2 IoCs
-
Drops file in Program Files directory 64 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
NSIS installer 2 IoCs
-
Kills process with taskkill 4 IoCs
-
Suspicious behavior: EnumeratesProcesses 28 IoCs
-
Suspicious behavior: LoadsDriver 2 IoCs
-
Suspicious use of AdjustPrivilegeToken 4 IoCs
-
Suspicious use of FindShellTrayWindow 10 IoCs
-
Suspicious use of SendNotifyMessage 9 IoCs
-
Suspicious use of SetWindowsHookEx 6 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
-
Views/modifies file attributes 1 TTPs 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\da4925500fbf1b2ddb620a5e44339335e6499e51f0fed9bf93b897ff667e4c9e.exe"C:\Users\Admin\AppData\Local\Temp\da4925500fbf1b2ddb620a5e44339335e6499e51f0fed9bf93b897ff667e4c9e.exe"1⤵
- Checks computer location settings
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\RarSFX0\Patch.exe"C:\Users\Admin\AppData\Local\Temp\RarSFX0\Patch.exe"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\cmd.execmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\4SUUA0SR.bat" "C:\Users\Admin\AppData\Local\Temp\RarSFX0\Patch.exe" "3⤵
- Drops file in Drivers directory
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\attrib.exeattrib -s -h -r C:\Windows\System32\Drivers\etc\hosts4⤵
- Views/modifies file attributes
-
C:\Windows\SysWOW64\find.exeFIND /C /I "Smart Defrag Host Block" C:\Windows\system32\drivers\etc\hosts4⤵
-
C:\Windows\SysWOW64\find.exeFIND /C /I "idb.iobit.com" C:\Windows\system32\drivers\etc\hosts4⤵
-
C:\Windows\SysWOW64\find.exeFIND /C /I "asc55.iobit.com" C:\Windows\system32\drivers\etc\hosts4⤵
-
C:\Windows\SysWOW64\find.exeFIND /C /I "is360.iobit.com" C:\Windows\system32\drivers\etc\hosts4⤵
-
C:\Windows\SysWOW64\find.exeFIND /C /I "iunins.iobit.com" C:\Windows\system32\drivers\etc\hosts4⤵
-
C:\Windows\SysWOW64\find.exeFIND /C /I "pf.iobit.com" C:\Windows\system32\drivers\etc\hosts4⤵
-
C:\Windows\SysWOW64\find.exeFIND /C /I "asc.iobit.com" C:\Windows\system32\drivers\etc\hosts4⤵
-
C:\Windows\SysWOW64\find.exeFIND /C /I "sd.iobit.com" C:\Windows\system32\drivers\etc\hosts4⤵
-
C:\Windows\SysWOW64\find.exeFIND /C /I "Defrag Host Block Finish" C:\Windows\system32\drivers\etc\hosts4⤵
-
C:\Users\Admin\AppData\Local\Temp\qbE568D50.94\license.exeC:\Users\Admin\AppData\Local\Temp\qbE568D50.94\license.exe4⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Users\Admin\AppData\Local\Temp\qbE568D50.94\Config.exeC:\Users\Admin\AppData\Local\Temp\qbE568D50.94\config.exe4⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Users\Admin\AppData\Local\Temp\RarSFX0\smart-defrag-setup.exe"C:\Users\Admin\AppData\Local\Temp\RarSFX0\smart-defrag-setup.exe" /sp- /silent /suppressmsgboxes /start2⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\is-N7D39.tmp\smart-defrag-setup.tmp"C:\Users\Admin\AppData\Local\Temp\is-N7D39.tmp\smart-defrag-setup.tmp" /SL5="$801E2,15031166,137216,C:\Users\Admin\AppData\Local\Temp\RarSFX0\smart-defrag-setup.exe" /sp- /silent /suppressmsgboxes /start3⤵
- Executes dropped EXE
- Checks computer location settings
- Drops file in Program Files directory
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\taskkill.exe"C:\Windows\System32\taskkill.exe" -f -im SmartDefrag.exe4⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\SysWOW64\taskkill.exe"C:\Windows\System32\taskkill.exe" -f -im SDInit.exe4⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\SysWOW64\taskkill.exe"C:\Windows\System32\taskkill.exe" -f -im sdproxy.exe4⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\SysWOW64\taskkill.exe"C:\Windows\System32\taskkill.exe" -f -im AutoUpdate.exe4⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
C:\Program Files (x86)\IObit\Smart Defrag\LocalLang.exe"C:\Program Files (x86)\IObit\Smart Defrag\LocalLang.exe"4⤵
- Executes dropped EXE
-
C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe"C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe" /AFTERINSTALL4⤵
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Drops file in Program Files directory
- Suspicious behavior: EnumeratesProcesses
-
C:\Program Files (x86)\IObit\Smart Defrag\Setup.exe"C:\Program Files (x86)\IObit\Smart Defrag\Setup.exe" /SilenceCall5⤵
- Executes dropped EXE
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
-
C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe"C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe" /startup4⤵
- Executes dropped EXE
- Checks computer location settings
- Loads dropped DLL
- Enumerates connected drives
- Writes to the Master Boot Record (MBR)
- Drops file in Program Files directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
-
C:\Program Files (x86)\IObit\Smart Defrag\CareScan.exe"C:\Program Files (x86)\IObit\Smart Defrag\CareScan.exe" /SD5⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious behavior: EnumeratesProcesses
-
C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe"C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe" /check5⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious behavior: EnumeratesProcesses
-
C:\Program Files (x86)\IObit\Smart Defrag\Pub\PubMonitor.exe"C:\Program Files (x86)\IObit\Smart Defrag\Pub\PubMonitor.exe" /SD5⤵
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
-
C:\Program Files (x86)\IObit\Smart Defrag\UninstallPromote.exe"C:\Program Files (x86)\IObit\Smart Defrag\UninstallPromote.exe" /install sd64⤵
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe"C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe" /CREATETOAST4⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
-
C:\Users\Admin\AppData\Local\Temp\RarSFX0\CleanTask.exe"C:\Users\Admin\AppData\Local\Temp\RarSFX0\CleanTask.exe"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Windows\SysWOW64\cmd.execmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\0EMFFY3A.bat" "C:\Users\Admin\AppData\Local\Temp\RarSFX0\CleanTask.exe" "3⤵
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /S /D /c" echo y"4⤵
-
C:\Windows\SysWOW64\schtasks.exeschtasks /delete /tn "\SmartDefrag_Update" /f4⤵
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /S /D /c" echo y"4⤵
-
C:\Windows\SysWOW64\schtasks.exeschtasks /delete /tn "\IObitSelfCheckTask" /f4⤵
-
C:\Users\Admin\AppData\Local\Temp\RarSFX0\CyberMania.exe"C:\Users\Admin\AppData\Local\Temp\RarSFX0\CyberMania.exe"2⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\cmd.execmd.exe /c C:\Users\Admin\AppData\Local\Temp\bt4406.bat "C:\Users\Admin\AppData\Local\Temp\RarSFX0\CyberMania.exe"3⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.cybermania.ws/4⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9dded46f8,0x7ff9dded4708,0x7ff9dded47185⤵
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Program Files (x86)\IObit\Smart Defrag\GameScaner.dllFilesize
1.5MB
MD531536112714cf2281686ed18cb75194e
SHA1ff9037e6596637c86536a37b56dcf6267ce47bd3
SHA256389813cfb7b8621ffca020cbb3740c2ceaf1f186feb491ae477f670f1220028b
SHA512bf2b59a5db89793f2adc2cfcf596db7e892d84a5a70cf02666079595ba52f3918e6ebdd8e08fab7eb55f8ce760466486381ab65d1de61f352e1bbf92362767eb
-
C:\Program Files (x86)\IObit\Smart Defrag\GameScaner.dllFilesize
1.5MB
MD531536112714cf2281686ed18cb75194e
SHA1ff9037e6596637c86536a37b56dcf6267ce47bd3
SHA256389813cfb7b8621ffca020cbb3740c2ceaf1f186feb491ae477f670f1220028b
SHA512bf2b59a5db89793f2adc2cfcf596db7e892d84a5a70cf02666079595ba52f3918e6ebdd8e08fab7eb55f8ce760466486381ab65d1de61f352e1bbf92362767eb
-
C:\Program Files (x86)\IObit\Smart Defrag\GameScaner.dllFilesize
1.5MB
MD531536112714cf2281686ed18cb75194e
SHA1ff9037e6596637c86536a37b56dcf6267ce47bd3
SHA256389813cfb7b8621ffca020cbb3740c2ceaf1f186feb491ae477f670f1220028b
SHA512bf2b59a5db89793f2adc2cfcf596db7e892d84a5a70cf02666079595ba52f3918e6ebdd8e08fab7eb55f8ce760466486381ab65d1de61f352e1bbf92362767eb
-
C:\Program Files (x86)\IObit\Smart Defrag\Lang.datFilesize
2B
MD5f3b25701fe362ec84616a93a45ce9998
SHA1d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA51298c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84
-
C:\Program Files (x86)\IObit\Smart Defrag\LocalLang.exeFilesize
177KB
MD562f63cffd57880b2d09bf09a1e5157c2
SHA1d2f318fb27a6e515f1b2fbf28a873f898cdd1b60
SHA2569793afd3d18927b8dcbdd8d9082cef3d65074a064bd6283382eb4c8d47ec3b20
SHA512cdd579b4973782f02748951e9a10132eff194c8d77789265a3853cb874bb1217912430bdcc84f081f7f8059f4d4f8e6d0de5a5e5840d4e96bec13da0470864f3
-
C:\Program Files (x86)\IObit\Smart Defrag\LocalLang.exeFilesize
177KB
MD562f63cffd57880b2d09bf09a1e5157c2
SHA1d2f318fb27a6e515f1b2fbf28a873f898cdd1b60
SHA2569793afd3d18927b8dcbdd8d9082cef3d65074a064bd6283382eb4c8d47ec3b20
SHA512cdd579b4973782f02748951e9a10132eff194c8d77789265a3853cb874bb1217912430bdcc84f081f7f8059f4d4f8e6d0de5a5e5840d4e96bec13da0470864f3
-
C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dllFilesize
1.1MB
MD55266e1184dfe17cbafd9db2ced614d0f
SHA13c2b328ea26ec70c959f8e25c725162eda084a01
SHA2562a80f1f875b6f605c5532f7322f77ba32469a5dec182ef4aaaca4102199f3ce1
SHA512717c96dbab2fa519557476449f1f9700f531d35fe15cd8eadfc662e9172387d8aaca624264467c5b8d8b886b28c9cf172e6e639cd4241a0b073d5055e57e7c93
-
C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dllFilesize
1.1MB
MD55266e1184dfe17cbafd9db2ced614d0f
SHA13c2b328ea26ec70c959f8e25c725162eda084a01
SHA2562a80f1f875b6f605c5532f7322f77ba32469a5dec182ef4aaaca4102199f3ce1
SHA512717c96dbab2fa519557476449f1f9700f531d35fe15cd8eadfc662e9172387d8aaca624264467c5b8d8b886b28c9cf172e6e639cd4241a0b073d5055e57e7c93
-
C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dllFilesize
1.1MB
MD55266e1184dfe17cbafd9db2ced614d0f
SHA13c2b328ea26ec70c959f8e25c725162eda084a01
SHA2562a80f1f875b6f605c5532f7322f77ba32469a5dec182ef4aaaca4102199f3ce1
SHA512717c96dbab2fa519557476449f1f9700f531d35fe15cd8eadfc662e9172387d8aaca624264467c5b8d8b886b28c9cf172e6e639cd4241a0b073d5055e57e7c93
-
C:\Program Files (x86)\IObit\Smart Defrag\RegisterCom.dllFilesize
1021KB
MD5c23e5d330119dc4de38103bdba64d4a2
SHA1be377c600209f6e0ef702b67d39767225570c2d0
SHA2566a8e6c58adf040ea0884155aa8cc7a7497eae47ec1499ae70fc3dccef0942022
SHA5120eaeea09412fc2d0f72873b7c340d2e92afa86ec0217f6036ec33d0819a2d267d0192d90c896e9bf5f536107b1fa2d826b6091ebb9776502f84887092b04bc7e
-
C:\Program Files (x86)\IObit\Smart Defrag\RegisterCom.dllFilesize
1021KB
MD5c23e5d330119dc4de38103bdba64d4a2
SHA1be377c600209f6e0ef702b67d39767225570c2d0
SHA2566a8e6c58adf040ea0884155aa8cc7a7497eae47ec1499ae70fc3dccef0942022
SHA5120eaeea09412fc2d0f72873b7c340d2e92afa86ec0217f6036ec33d0819a2d267d0192d90c896e9bf5f536107b1fa2d826b6091ebb9776502f84887092b04bc7e
-
C:\Program Files (x86)\IObit\Smart Defrag\RegisterCom.dllFilesize
1021KB
MD5c23e5d330119dc4de38103bdba64d4a2
SHA1be377c600209f6e0ef702b67d39767225570c2d0
SHA2566a8e6c58adf040ea0884155aa8cc7a7497eae47ec1499ae70fc3dccef0942022
SHA5120eaeea09412fc2d0f72873b7c340d2e92afa86ec0217f6036ec33d0819a2d267d0192d90c896e9bf5f536107b1fa2d826b6091ebb9776502f84887092b04bc7e
-
C:\Program Files (x86)\IObit\Smart Defrag\SDDriverMgr.dllFilesize
83KB
MD5aee39371634b755aa3d661baa74ba264
SHA1552844208397f158f30d8824a6ecc0c8686e97a1
SHA2569eab8185c5cc0eed5adaec9a179afab16e7a3048f45f219852f2dd6e7eb4ab7c
SHA512798ed421e031ab0401de547bfbf2466a1e7bc5197a782efbe727dd532285efaea2126b26e19b330412bba5d49536e448376a991db951f0cf0d8c9aca2768a936
-
C:\Program Files (x86)\IObit\Smart Defrag\SDDriverMgr.dllFilesize
83KB
MD5aee39371634b755aa3d661baa74ba264
SHA1552844208397f158f30d8824a6ecc0c8686e97a1
SHA2569eab8185c5cc0eed5adaec9a179afab16e7a3048f45f219852f2dd6e7eb4ab7c
SHA512798ed421e031ab0401de547bfbf2466a1e7bc5197a782efbe727dd532285efaea2126b26e19b330412bba5d49536e448376a991db951f0cf0d8c9aca2768a936
-
C:\Program Files (x86)\IObit\Smart Defrag\Setup.exeFilesize
3.7MB
MD5cc209130c95da17aa252165186b92a09
SHA113d307ff193f5e11e9bf3b7db44eb5d19309b091
SHA2562bdc6528cfa2b6d1e5e9e6e2faf7638337a6f3431b335177ba60118a183587db
SHA5122ebc70556f8023c39e03d7d3dac167e29b87a3c20923e8b5ff07c94b399f19f3e2aa703e420ed77ebd21b7bdbdb648c243616b87d374f61cffc3f46213d000dd
-
C:\Program Files (x86)\IObit\Smart Defrag\Setup.exeFilesize
3.7MB
MD5cc209130c95da17aa252165186b92a09
SHA113d307ff193f5e11e9bf3b7db44eb5d19309b091
SHA2562bdc6528cfa2b6d1e5e9e6e2faf7638337a6f3431b335177ba60118a183587db
SHA5122ebc70556f8023c39e03d7d3dac167e29b87a3c20923e8b5ff07c94b399f19f3e2aa703e420ed77ebd21b7bdbdb648c243616b87d374f61cffc3f46213d000dd
-
C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exeFilesize
5.5MB
MD573d85ec96a0fbb274e87f1dc5ae30838
SHA1af9b0a90cb4afb35f9a152f94fd42767f51229aa
SHA25674039d17d22e0390f577f6e57bcd288a97e2969f725466cdf18f3fc4996dddb8
SHA5129af26c71bb7a93244fb1991792340413581218f90a9749e6e7fe06b80f71fa122e648b7a9220d329191be72acbce8c0c4a7e57a81a251e8b8b3dc87a0ebfbe61
-
C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exeFilesize
5.5MB
MD573d85ec96a0fbb274e87f1dc5ae30838
SHA1af9b0a90cb4afb35f9a152f94fd42767f51229aa
SHA25674039d17d22e0390f577f6e57bcd288a97e2969f725466cdf18f3fc4996dddb8
SHA5129af26c71bb7a93244fb1991792340413581218f90a9749e6e7fe06b80f71fa122e648b7a9220d329191be72acbce8c0c4a7e57a81a251e8b8b3dc87a0ebfbe61
-
C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exeFilesize
5.5MB
MD573d85ec96a0fbb274e87f1dc5ae30838
SHA1af9b0a90cb4afb35f9a152f94fd42767f51229aa
SHA25674039d17d22e0390f577f6e57bcd288a97e2969f725466cdf18f3fc4996dddb8
SHA5129af26c71bb7a93244fb1991792340413581218f90a9749e6e7fe06b80f71fa122e648b7a9220d329191be72acbce8c0c4a7e57a81a251e8b8b3dc87a0ebfbe61
-
C:\Program Files (x86)\IObit\Smart Defrag\Update\Update.iniFilesize
5KB
MD52cd92cbd869471f4b505ae16c1e42a51
SHA1c44334c1dd0180de3368e510a2bce8a6feed5f02
SHA25690138ea4df4d964fa89b1589d8e37617f8eb3f6febfa199fcd2aa58efa2bb2aa
SHA512e29b099605c16c3054223fb37cc0da0b2ce8410282480ed9e9990b906e6b8e1ddb6eb3739c3d0124f17ec5c2b6a5290b6293828d914e9d875f3175fce9799998
-
C:\Program Files (x86)\IObit\Smart Defrag\dataexchange.dllFilesize
73KB
MD5cf370248212f07882e2d8468d2325f19
SHA186cb05c7bac9e47319291a1a972009d9ca318bd3
SHA2560ed32b5fcd774fdf7c7dcdfb8f5e2ebd12979226bf20e1b80ba553dfd9c7875c
SHA51270875e795b2028b695a67e7f32418f1c2d6ee8dc22abe2f3264bdcdf167ee13999eb283b1044bf1cfb3155bd9f40e01db2b7de431f63063317b60dd5b23cee62
-
C:\Program Files (x86)\IObit\Smart Defrag\dataexchange.dllFilesize
73KB
MD5cf370248212f07882e2d8468d2325f19
SHA186cb05c7bac9e47319291a1a972009d9ca318bd3
SHA2560ed32b5fcd774fdf7c7dcdfb8f5e2ebd12979226bf20e1b80ba553dfd9c7875c
SHA51270875e795b2028b695a67e7f32418f1c2d6ee8dc22abe2f3264bdcdf167ee13999eb283b1044bf1cfb3155bd9f40e01db2b7de431f63063317b60dd5b23cee62
-
C:\Program Files (x86)\IObit\Smart Defrag\drivers\win7_x64\SmartDefragDriver.sysFilesize
30KB
MD5d2dde8f0bd39f90e43146db0b3b5da57
SHA1678dbf3a1bc83e19d0a48011f5d1bff75c797ce1
SHA256ff90424b6c68c0fa95cf7a63abb7fae225f700296b9a293df0790f88baffa0e0
SHA5121573573c0f1d6fb9f780ee6a3f90b249a983fb65cabe4b699b0d12edd67c18e2a49420abdee6af884769a7535b4e0afa2e9d86c0c56a2a00a986b6f2cabe105f
-
C:\Program Files (x86)\IObit\Smart Defrag\drivers\wxp_x64\SmartDefragBootTime.exeFilesize
35KB
MD5d57880a3f9f22d67974ef0eb8b67021c
SHA12acf37365cdb4e888d0a38235a2aabe8c9495213
SHA256acefc991bf9e8af6da1b9bfb0d8dad1171cd9f4f8e3e4f236e2474c5aca0423e
SHA5127153f830db046206b2ed8cdfb081bd751f706e82487cd1e5dd21375d1e0d3792f408136d182d91ad3091734afbb1aeeb9c6deebcbe5b4c6814fdf6267cf33fd7
-
C:\Program Files (x86)\IObit\Smart Defrag\license.datFilesize
299B
MD59318a86af2fe6647c925c9737af79a0a
SHA1c27e641326d2de8e25ae4e146ced4a5e9206ac64
SHA256bf18f2d861cda5d6a523a6e1429c2bc9690a887c90203acb680010f77cd26e5e
SHA512262f8137bd9f96f8a2d3cfcde581ada8032e45e650e926e4229daedb1f3220cba5a8d628e8ce7dc772a021bfc5d0605cc0eefe89590dcdefba6cadd8a8650a4a
-
C:\Program Files (x86)\IObit\Smart Defrag\rtl120.bplFilesize
1.1MB
MD50bb593d71d750ef578c0deb9bee3f6ab
SHA1bdf4dd3f7f10e6049d49fa69f90a4adb8202878f
SHA256581cc5a6f3cd6bffbbaa2647a1a81fb62cf3887dbb27084da8bf38920144fdaa
SHA512b9d7edeecbe643bb2279ed3c986c7a30310d4897980d2e3be93e428b09884fd65fb5b962118813c406a13aa56770996f5fa27f7caf77c8369657330b7091305f
-
C:\Program Files (x86)\IObit\Smart Defrag\rtl120.bplFilesize
1.1MB
MD50bb593d71d750ef578c0deb9bee3f6ab
SHA1bdf4dd3f7f10e6049d49fa69f90a4adb8202878f
SHA256581cc5a6f3cd6bffbbaa2647a1a81fb62cf3887dbb27084da8bf38920144fdaa
SHA512b9d7edeecbe643bb2279ed3c986c7a30310d4897980d2e3be93e428b09884fd65fb5b962118813c406a13aa56770996f5fa27f7caf77c8369657330b7091305f
-
C:\Program Files (x86)\IObit\Smart Defrag\rtl120.bplFilesize
1.1MB
MD50bb593d71d750ef578c0deb9bee3f6ab
SHA1bdf4dd3f7f10e6049d49fa69f90a4adb8202878f
SHA256581cc5a6f3cd6bffbbaa2647a1a81fb62cf3887dbb27084da8bf38920144fdaa
SHA512b9d7edeecbe643bb2279ed3c986c7a30310d4897980d2e3be93e428b09884fd65fb5b962118813c406a13aa56770996f5fa27f7caf77c8369657330b7091305f
-
C:\Program Files (x86)\IObit\Smart Defrag\sdassist.dllFilesize
198KB
MD5d5b0f3283d4a86300a2f4acd9dc362c3
SHA1bb789b4218261bdfb05640f44dcd0132099f8707
SHA256d07457185e16a751a7aeff0e74c54fe66c8db345a027ee1b4793d5f4889e3623
SHA5124cf3b923f8e2e9b62e94d00bb3329c493ebc3394ee109ad93f8fc37f9c0d3c5eb1cb7b80d1b72703207efa2efea669bb512f231dc0198ddd8e2a051ee6628364
-
C:\Program Files (x86)\IObit\Smart Defrag\sdassist.dllFilesize
198KB
MD5d5b0f3283d4a86300a2f4acd9dc362c3
SHA1bb789b4218261bdfb05640f44dcd0132099f8707
SHA256d07457185e16a751a7aeff0e74c54fe66c8db345a027ee1b4793d5f4889e3623
SHA5124cf3b923f8e2e9b62e94d00bb3329c493ebc3394ee109ad93f8fc37f9c0d3c5eb1cb7b80d1b72703207efa2efea669bb512f231dc0198ddd8e2a051ee6628364
-
C:\Program Files (x86)\IObit\Smart Defrag\sdassist.dllFilesize
198KB
MD5d5b0f3283d4a86300a2f4acd9dc362c3
SHA1bb789b4218261bdfb05640f44dcd0132099f8707
SHA256d07457185e16a751a7aeff0e74c54fe66c8db345a027ee1b4793d5f4889e3623
SHA5124cf3b923f8e2e9b62e94d00bb3329c493ebc3394ee109ad93f8fc37f9c0d3c5eb1cb7b80d1b72703207efa2efea669bb512f231dc0198ddd8e2a051ee6628364
-
C:\Program Files (x86)\IObit\Smart Defrag\sdcore.dllFilesize
210KB
MD5c982c324cef0bf7dff52d42e4fce0215
SHA18533a858a8639d72940ea806b8bcf91df806b65c
SHA2567a363f084ff4f56c290ca5d27552232b5a2afc4ecc6c0bd5b8a281edfa2f6d0c
SHA5128c0fea19f808ab990e92c553814c1343542522331b258bedcbf6ceaf6ae50aba7851b37d9f9e752c5b9e306c685564eeac0dbed9de6c3fa74ee4abf529ce359d
-
C:\Program Files (x86)\IObit\Smart Defrag\sdcore.dllFilesize
210KB
MD5c982c324cef0bf7dff52d42e4fce0215
SHA18533a858a8639d72940ea806b8bcf91df806b65c
SHA2567a363f084ff4f56c290ca5d27552232b5a2afc4ecc6c0bd5b8a281edfa2f6d0c
SHA5128c0fea19f808ab990e92c553814c1343542522331b258bedcbf6ceaf6ae50aba7851b37d9f9e752c5b9e306c685564eeac0dbed9de6c3fa74ee4abf529ce359d
-
C:\Program Files (x86)\IObit\Smart Defrag\sdcore.dllFilesize
210KB
MD5c982c324cef0bf7dff52d42e4fce0215
SHA18533a858a8639d72940ea806b8bcf91df806b65c
SHA2567a363f084ff4f56c290ca5d27552232b5a2afc4ecc6c0bd5b8a281edfa2f6d0c
SHA5128c0fea19f808ab990e92c553814c1343542522331b258bedcbf6ceaf6ae50aba7851b37d9f9e752c5b9e306c685564eeac0dbed9de6c3fa74ee4abf529ce359d
-
C:\Program Files (x86)\IObit\Smart Defrag\vcl120.bplFilesize
1.9MB
MD5a74f501d75e780441b657c241ffb1975
SHA15b63178ef11f0afad87b1890f33cec64dfd70fb3
SHA2566c7499006af181d5d4a619587723cb16f8c572ee0170b611c520f7e6dba2391f
SHA51251336ff165e8d6dd9ce928b66ef1d0534cb6be3f3f67e8e7af63b7b64b7724c9be8b54329758b99e5936b9fd6e2a5901f40226710add053502d4aba8b7919722
-
C:\Program Files (x86)\IObit\Smart Defrag\vcl120.bplFilesize
1.9MB
MD5a74f501d75e780441b657c241ffb1975
SHA15b63178ef11f0afad87b1890f33cec64dfd70fb3
SHA2566c7499006af181d5d4a619587723cb16f8c572ee0170b611c520f7e6dba2391f
SHA51251336ff165e8d6dd9ce928b66ef1d0534cb6be3f3f67e8e7af63b7b64b7724c9be8b54329758b99e5936b9fd6e2a5901f40226710add053502d4aba8b7919722
-
C:\Program Files (x86)\IObit\Smart Defrag\vcl120.bplFilesize
1.9MB
MD5a74f501d75e780441b657c241ffb1975
SHA15b63178ef11f0afad87b1890f33cec64dfd70fb3
SHA2566c7499006af181d5d4a619587723cb16f8c572ee0170b611c520f7e6dba2391f
SHA51251336ff165e8d6dd9ce928b66ef1d0534cb6be3f3f67e8e7af63b7b64b7724c9be8b54329758b99e5936b9fd6e2a5901f40226710add053502d4aba8b7919722
-
C:\Program Files (x86)\IObit\Smart Defrag\vclx120.bplFilesize
217KB
MD5bcb2d3ebc821f37b781df7862f53a199
SHA1fb8a2bdd53b7bf7c139db20e32b698d4fc39deae
SHA256c2002724a02549254618201db1a023f50bc0f09a107e08d7ef6185e78fa9e8bc
SHA512a9d1f7fa9ac31a0ef386101aff61b5ddaf2b2e74616af83cae342fe1ad8d8f69a3953fb61b48d0f5872896bb11414fc8133d3dca1c2bd9ac359fdb0d70311605
-
C:\Program Files (x86)\IObit\Smart Defrag\vclx120.bplFilesize
217KB
MD5bcb2d3ebc821f37b781df7862f53a199
SHA1fb8a2bdd53b7bf7c139db20e32b698d4fc39deae
SHA256c2002724a02549254618201db1a023f50bc0f09a107e08d7ef6185e78fa9e8bc
SHA512a9d1f7fa9ac31a0ef386101aff61b5ddaf2b2e74616af83cae342fe1ad8d8f69a3953fb61b48d0f5872896bb11414fc8133d3dca1c2bd9ac359fdb0d70311605
-
C:\Program Files (x86)\IObit\Smart Defrag\webres.dllFilesize
878KB
MD573ed8d10da94e13c4a62aaccbeceb88f
SHA1666155fbfb0400a30071f93446162d25b3187f09
SHA2560b40f5be83e058003e3f4f9b5a3f0bd7849faa69a812cc08dde49c94102ef8e5
SHA512c3a85cc0e89b34a5898001551bab946b2af47c336b4281c480e5fdfa1d92c4da719459c182f836a12484a81a14f7e79815cf0ffcc95f6c2829a7fc4ddd0fae41
-
C:\Program Files (x86)\IObit\Smart Defrag\webres.dllFilesize
878KB
MD573ed8d10da94e13c4a62aaccbeceb88f
SHA1666155fbfb0400a30071f93446162d25b3187f09
SHA2560b40f5be83e058003e3f4f9b5a3f0bd7849faa69a812cc08dde49c94102ef8e5
SHA512c3a85cc0e89b34a5898001551bab946b2af47c336b4281c480e5fdfa1d92c4da719459c182f836a12484a81a14f7e79815cf0ffcc95f6c2829a7fc4ddd0fae41
-
C:\Program Files (x86)\IObit\Smart Defrag\webres.dllFilesize
878KB
MD573ed8d10da94e13c4a62aaccbeceb88f
SHA1666155fbfb0400a30071f93446162d25b3187f09
SHA2560b40f5be83e058003e3f4f9b5a3f0bd7849faa69a812cc08dde49c94102ef8e5
SHA512c3a85cc0e89b34a5898001551bab946b2af47c336b4281c480e5fdfa1d92c4da719459c182f836a12484a81a14f7e79815cf0ffcc95f6c2829a7fc4ddd0fae41
-
C:\Program Files (x86)\IObit\Smart Defrag\winid.datFilesize
697B
MD5930118af6862af749ca83e8610635753
SHA14e86629bb7bf8d2d3e68305c24278cf7e50d47ad
SHA256136bc03080c34ef2305c3f221832ada614d7e59c0afe16b5df9fb9aaf8e547f4
SHA5120d565d14d737d09f79d725cbb918f1ce0cece1b86b5fd9f037ac7da4caba10bc8aa5fac640084164e7807b0a9b702f62fc5613066f8ee316f5bb677ee82f8f43
-
C:\Users\Admin\AppData\Local\Temp\4SUUA0SR.batFilesize
1KB
MD5b9c17a48a3e579590c0afdbc06ceea3b
SHA1e44276eede0b69f641df03a4681d3bb6c7dc0d13
SHA256f9c22236aa4dea24feac70ae26abee974264fd39416071b268f6edd266fa2fa2
SHA5124dbfe3352cbcbd337c2b5189b016dea31a72629d8733e444ad6d25791a52ee9693c9da2a00716198a3e25b3a7f79100f42af29160d8c656f8b47a70eaa38a21e
-
C:\Users\Admin\AppData\Local\Temp\RarSFX0\Patch.exeFilesize
1.1MB
MD518eb6378e1e21c3820f967e014aeb6b1
SHA1828c51838633e09407b35e90f3b6fb32c69e05bd
SHA256ed32d9f47d4fff72bf30fa271be48349729efd72053d5b6cb682f933064babe0
SHA512e9345bf038c9e7d1d31eec0a2ac7629e296a1d686873a4d8b0d7bff4fa15bd1d4769c8074457f73c9ecb6095447dd7fd4be0db4c71a307ddfbb75ed90a975525
-
C:\Users\Admin\AppData\Local\Temp\RarSFX0\Patch.exeFilesize
1.1MB
MD518eb6378e1e21c3820f967e014aeb6b1
SHA1828c51838633e09407b35e90f3b6fb32c69e05bd
SHA256ed32d9f47d4fff72bf30fa271be48349729efd72053d5b6cb682f933064babe0
SHA512e9345bf038c9e7d1d31eec0a2ac7629e296a1d686873a4d8b0d7bff4fa15bd1d4769c8074457f73c9ecb6095447dd7fd4be0db4c71a307ddfbb75ed90a975525
-
C:\Users\Admin\AppData\Local\Temp\RarSFX0\smart-defrag-setup.exeFilesize
14.9MB
MD5f5cc3dcefa28335694ccc19dcf5b4e61
SHA1dfe5f854a10c18aa27d80d1ca019435dfa4724b9
SHA256bfbd369fbb445c40dd168003b3e1cd301714a12e826c8ff65707b8f339daf2ae
SHA512fcf912a7d8a75db532ada001c469041a2f0f6c663f8355c88e01a723785cea66ec18c620580e05c073015f98051e6e74cd27b02a325107ef60e60665c5a61733
-
C:\Users\Admin\AppData\Local\Temp\RarSFX0\smart-defrag-setup.exeFilesize
14.9MB
MD5f5cc3dcefa28335694ccc19dcf5b4e61
SHA1dfe5f854a10c18aa27d80d1ca019435dfa4724b9
SHA256bfbd369fbb445c40dd168003b3e1cd301714a12e826c8ff65707b8f339daf2ae
SHA512fcf912a7d8a75db532ada001c469041a2f0f6c663f8355c88e01a723785cea66ec18c620580e05c073015f98051e6e74cd27b02a325107ef60e60665c5a61733
-
C:\Users\Admin\AppData\Local\Temp\is-N7D39.tmp\smart-defrag-setup.tmpFilesize
1.2MB
MD555accee2e490cee39e5545c17a961795
SHA173f81789c23e80a2d0730378793a02faa3e594c2
SHA25602cc46584d2e30bb32b969dca8332dec5b8a2051f4e0fae235e152abfb6f9a76
SHA512397780770974e13c4c7c9cd51f4b45fa4292b8871bf53d84d2b5405505dc669d527111465070360afbfa25d63eafaa6beca464ec3256eca376961fbf6628f5ee
-
C:\Users\Admin\AppData\Local\Temp\is-N7D39.tmp\smart-defrag-setup.tmpFilesize
1.2MB
MD555accee2e490cee39e5545c17a961795
SHA173f81789c23e80a2d0730378793a02faa3e594c2
SHA25602cc46584d2e30bb32b969dca8332dec5b8a2051f4e0fae235e152abfb6f9a76
SHA512397780770974e13c4c7c9cd51f4b45fa4292b8871bf53d84d2b5405505dc669d527111465070360afbfa25d63eafaa6beca464ec3256eca376961fbf6628f5ee
-
C:\Users\Admin\AppData\Local\Temp\qbE568D50.94\Config.exeFilesize
374KB
MD5ccbe3afbc45a336fbd85dd6253bf010f
SHA166404313b89d7e0c9e76c39f919a99153118b104
SHA25649923ae54f6fb4cd944e303b9be1ccf97da1e927bd5338bf3a572302843bb996
SHA51284c43e0c58027e632f672c7043269fd9babb7c36b2105c9fe86461ace21ef8136ac90721b4b4688b03b456b72139b3aba54c2216004cd33ae4d8a350698f1263
-
C:\Users\Admin\AppData\Local\Temp\qbE568D50.94\Config.exeFilesize
374KB
MD5ccbe3afbc45a336fbd85dd6253bf010f
SHA166404313b89d7e0c9e76c39f919a99153118b104
SHA25649923ae54f6fb4cd944e303b9be1ccf97da1e927bd5338bf3a572302843bb996
SHA51284c43e0c58027e632f672c7043269fd9babb7c36b2105c9fe86461ace21ef8136ac90721b4b4688b03b456b72139b3aba54c2216004cd33ae4d8a350698f1263
-
C:\Users\Admin\AppData\Local\Temp\qbE568D50.94\license.exeFilesize
373KB
MD590a078498008102668441909b6c695c2
SHA1fce5f386a2cfd476f5d151b8b628407dbb55d0a2
SHA256c15813f091f6faad0f9b8fbfcda17403695819273cae426485177082609a8744
SHA512a5b1ce3111882c5b80744753230a6151749e4947815bcc6c8db7a3cfdc65eaf1f903658ecf6a6d6885445a0b0321291962e4e16528eea2d858c363386437edf3
-
C:\Users\Admin\AppData\Local\Temp\qbE568D50.94\license.exeFilesize
373KB
MD590a078498008102668441909b6c695c2
SHA1fce5f386a2cfd476f5d151b8b628407dbb55d0a2
SHA256c15813f091f6faad0f9b8fbfcda17403695819273cae426485177082609a8744
SHA512a5b1ce3111882c5b80744753230a6151749e4947815bcc6c8db7a3cfdc65eaf1f903658ecf6a6d6885445a0b0321291962e4e16528eea2d858c363386437edf3
-
C:\Users\Admin\AppData\Roaming\IObit\Smart Defrag\Config.iniMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
C:\Users\Admin\AppData\Roaming\IObit\Smart Defrag\config.iniFilesize
4KB
MD5fdea0ee0206bd26e96627513014b3c1d
SHA19075e20cd8fea7ed0a0c15ad13214a0541324ecb
SHA256783f765f872def68c1c487b075839c78b06557e91d369825c683864a7cd678b4
SHA51240fa0ca94f8896745c46741c60dd91a5eec4390bf9f1e223f0d495e57f3743d889d16ef44025ada492c8ef2a1c5eac4c7f9375e97c68a5bd77ba5fdc2ed201ec
-
C:\Windows\system32\drivers\etc\hostsFilesize
874B
MD5be96ffe51835edc120c6785fdbb7b5e6
SHA1906ba92ca053e3003d71cf828d502492bab420c1
SHA256f15709f9b7c71f1f706156665b492a3278e6217a01ef4ecc7407fb356871375c
SHA512fc6692d9a4619e8fa83e42526ec2a0f7cdb2d0cd4b1608aef0d32a52e4a02b8ffb84e0f0ace03f1e43f2e03aceb23efdc514fc47a4028a47cf12d544a887327e
-
C:\Windows\system32\drivers\etc\hostsFilesize
897B
MD55920eee9412df220ab1199b5124a77b9
SHA1bf3dc7cb9a9d121cf5800144520213398025206d
SHA2568fcc20a0ea7a35584c8a2624fb18b2b644982220f77c385b858688c2f81121d0
SHA51293a9c301488cbdaab229bc7de9c2a3c06b802e589cc9f3b3e5d1995f035c50a4fb7e6e8e91c15833de86f1d4846bf13adc655b76d87f430cc437ab771ab6b186
-
C:\Windows\system32\drivers\etc\hostsFilesize
922B
MD55d8b767b245e0ad2037cac0ee830378d
SHA104ee79fc5171bc6366c28fc6a0b1543ff61e4e60
SHA256ca52563d28aff8268f482395164df50ad086215a68b84c2c3fb012494afc8a54
SHA512d9befbaabe2df0ce64c09d42de1059ea9a7000198ae785d4818e7b58cacd1d9254748e862cdd5dcda701b3555de592c4b3f9df8478c0003220d937585608a263
-
C:\Windows\system32\drivers\etc\hostsFilesize
947B
MD55f7e7e049d6dd2b80caa7698c57c6bfe
SHA1269fff9c6fbc16e296640b3bfc809bb38ca9e3e5
SHA25619c63a3b18b012ba9df51b4748c06a71ed2a8c956485c1a5829a904c3618964d
SHA512d51820a2fb7923124e50ae9eff9e739b3a588dade398682c01af5f0883bb297b4b7d723d8487d81d1cb305bb650b4cd1ca527df5339639054193ed5cd094aa83
-
C:\Windows\system32\drivers\etc\hostsFilesize
970B
MD5d6497bd1af789fb6ab45b0011a0961c9
SHA19d0989906e35e2d217318a8e63938b9a29797203
SHA256327842b1c8967370e2b8cd66e90f77557d9eddd58dbafdf705bf32844caf46c3
SHA5123047b866f61e4ddedb1ecb10e280f0279a24e5f7141168fe23f05e2ea54ddeaecacd3305fe50801391a8f01b0a15e5cd7bdd9a241cff2df646bd585019583791
-
C:\Windows\system32\drivers\etc\hostsFilesize
992B
MD52bde2fbb1f1f2987b750d497fab21940
SHA1bd587fe686b5faf20f9d2d423b2170fcabf2cff6
SHA2561831f775213fed7ddb686a6beb1d5a271998028fdb75f89843c895394c106333
SHA5129064abfcccc7c9b7e1cf04c747d522fe2e510cf50937fe5c1119b1ea87232ac068a2f575e1ce42099f727eb7cf89dcb19cd0ab242a43ff7c1d75fc4876a89242
-
C:\Windows\system32\drivers\etc\hostsFilesize
1018B
MD52df39b6dca93fa8e93c84c3e6da9bb2e
SHA16a908f86fdb3295794e968640da4e1c3c7139c4f
SHA256f1aa8dbdb6abca8c45479176462f57d850d2a50438988725ca60f1acaac99c68
SHA5120ba63a062860cf52ad1a1b6dae6f4c4dbc7101aeca8b49d65911d5512a552704fd9fc70741745b5977e08e9faab7945baf293f1b0a40bfbca0163fe9dacff916
-
C:\Windows\system32\drivers\etc\hostsFilesize
1KB
MD582678a7ef852268ea4e8773f6b669ffd
SHA117d0ed56b1ed177c436ffd2c5a5c651a5ef75abd
SHA2561aa060e571e2e5adbff1cac4e0a5e3b0d8a6db22fda7c2ba25234ed2c15991cc
SHA512d7835d598a8140881880f0553337f83af8f2b9c3cceaeccf31d007177b5b47baaced74f980489ba2bb3131bb4d18d02516a961f5e6bd2845e6773520538026b0
-
memory/832-290-0x0000000000000000-mapping.dmp
-
memory/920-225-0x0000000000000000-mapping.dmp
-
memory/1288-159-0x0000000000000000-mapping.dmp
-
memory/1288-166-0x0000000000400000-0x000000000042C000-memory.dmpFilesize
176KB
-
memory/1288-161-0x0000000000400000-0x000000000042C000-memory.dmpFilesize
176KB
-
memory/1432-257-0x0000000000000000-mapping.dmp
-
memory/1452-171-0x0000000000000000-mapping.dmp
-
memory/1636-315-0x0000000000000000-mapping.dmp
-
memory/1732-214-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-238-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-210-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-209-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-212-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-211-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-208-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-206-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-205-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-213-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-207-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-215-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-216-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-217-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-218-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-204-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-202-0x00000000010E1000-0x0000000001217000-memory.dmpFilesize
1.2MB
-
memory/1732-223-0x0000000005EB0000-0x0000000005FB7000-memory.dmpFilesize
1.0MB
-
memory/1732-177-0x0000000000000000-mapping.dmp
-
memory/1732-237-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-245-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-246-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-244-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-242-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-243-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-241-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-239-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-240-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-232-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-233-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-234-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-235-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1732-236-0x0000000000FB1000-0x000000000108B000-memory.dmpFilesize
872KB
-
memory/1820-173-0x0000000000000000-mapping.dmp
-
memory/1980-168-0x0000000000000000-mapping.dmp
-
memory/2120-147-0x0000000000000000-mapping.dmp
-
memory/2144-276-0x0000000000E21000-0x0000000000EFB000-memory.dmpFilesize
872KB
-
memory/2144-262-0x0000000000E21000-0x0000000000EFB000-memory.dmpFilesize
872KB
-
memory/2144-272-0x0000000000E21000-0x0000000000EFB000-memory.dmpFilesize
872KB
-
memory/2144-278-0x0000000000E21000-0x0000000000EFB000-memory.dmpFilesize
872KB
-
memory/2144-259-0x0000000000E21000-0x0000000000EFB000-memory.dmpFilesize
872KB
-
memory/2144-280-0x0000000000E21000-0x0000000000EFB000-memory.dmpFilesize
872KB
-
memory/2144-151-0x0000000000000000-mapping.dmp
-
memory/2144-254-0x0000000000E20000-0x0000000000F45000-memory.dmpFilesize
1.1MB
-
memory/2144-255-0x0000000001050000-0x0000000001205000-memory.dmpFilesize
1.7MB
-
memory/2144-274-0x0000000000E21000-0x0000000000EFB000-memory.dmpFilesize
872KB
-
memory/2144-268-0x0000000000E21000-0x0000000000EFB000-memory.dmpFilesize
872KB
-
memory/2144-270-0x0000000000E21000-0x0000000000EFB000-memory.dmpFilesize
872KB
-
memory/2144-256-0x0000000000E21000-0x0000000000EFB000-memory.dmpFilesize
872KB
-
memory/2144-258-0x0000000000E21000-0x0000000000EFB000-memory.dmpFilesize
872KB
-
memory/2144-260-0x0000000000E21000-0x0000000000EFB000-memory.dmpFilesize
872KB
-
memory/2144-247-0x0000000000000000-mapping.dmp
-
memory/2144-267-0x0000000000E21000-0x0000000000EFB000-memory.dmpFilesize
872KB
-
memory/2144-263-0x0000000000E21000-0x0000000000EFB000-memory.dmpFilesize
872KB
-
memory/2144-264-0x0000000000E21000-0x0000000000EFB000-memory.dmpFilesize
872KB
-
memory/2172-316-0x0000000000000000-mapping.dmp
-
memory/2248-156-0x0000000000000000-mapping.dmp
-
memory/2268-313-0x0000000000000000-mapping.dmp
-
memory/2372-306-0x0000000000000000-mapping.dmp
-
memory/2588-136-0x0000000000000000-mapping.dmp
-
memory/2824-310-0x0000000000000000-mapping.dmp
-
memory/2892-318-0x0000000000000000-mapping.dmp
-
memory/2980-149-0x0000000000000000-mapping.dmp
-
memory/3096-320-0x0000000000000000-mapping.dmp
-
memory/3188-169-0x0000000000000000-mapping.dmp
-
memory/3380-277-0x0000000000D31000-0x0000000000E0B000-memory.dmpFilesize
872KB
-
memory/3380-275-0x0000000000D31000-0x0000000000E0B000-memory.dmpFilesize
872KB
-
memory/3380-261-0x0000000000000000-mapping.dmp
-
memory/3380-279-0x0000000000D31000-0x0000000000E0B000-memory.dmpFilesize
872KB
-
memory/3380-281-0x0000000000D31000-0x0000000000E0B000-memory.dmpFilesize
872KB
-
memory/3380-285-0x0000000000D31000-0x0000000000E0B000-memory.dmpFilesize
872KB
-
memory/3380-284-0x0000000000D31000-0x0000000000E0B000-memory.dmpFilesize
872KB
-
memory/3380-269-0x0000000000D31000-0x0000000000E0B000-memory.dmpFilesize
872KB
-
memory/3380-273-0x0000000000D31000-0x0000000000E0B000-memory.dmpFilesize
872KB
-
memory/3380-271-0x0000000000D31000-0x0000000000E0B000-memory.dmpFilesize
872KB
-
memory/3380-283-0x0000000000D31000-0x0000000000E0B000-memory.dmpFilesize
872KB
-
memory/3380-265-0x0000000000D30000-0x0000000000E55000-memory.dmpFilesize
1.1MB
-
memory/3380-266-0x0000000000FA0000-0x0000000001155000-memory.dmpFilesize
1.7MB
-
memory/3380-282-0x0000000000D31000-0x0000000000E0B000-memory.dmpFilesize
872KB
-
memory/3572-133-0x0000000000000000-mapping.dmp
-
memory/3612-312-0x0000000000000000-mapping.dmp
-
memory/3668-311-0x0000000000000000-mapping.dmp
-
memory/3940-319-0x0000000000000000-mapping.dmp
-
memory/4004-292-0x0000000000000000-mapping.dmp
-
memory/4016-135-0x0000000000000000-mapping.dmp
-
memory/4176-170-0x0000000000000000-mapping.dmp
-
memory/4300-314-0x0000000000000000-mapping.dmp
-
memory/4444-164-0x0000000000000000-mapping.dmp
-
memory/4584-143-0x0000000000000000-mapping.dmp
-
memory/4644-130-0x0000000000000000-mapping.dmp
-
memory/4664-141-0x0000000000000000-mapping.dmp
-
memory/4692-145-0x0000000000000000-mapping.dmp
-
memory/4700-139-0x0000000000000000-mapping.dmp
-
memory/5004-153-0x0000000000000000-mapping.dmp
-
memory/5116-137-0x0000000000000000-mapping.dmp