babadeda | d2409e2236609aaa743681f503ed6963ad22e50bcc1583a749c16605af7968de

Analysis

max time kernel
44s
max time network
109s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
27-10-2022 14:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8b82597ca0a096d822a9f7a653bf4356.exe
Size

12.4MB
MD5

8b82597ca0a096d822a9f7a653bf4356
SHA1

3c44e2633e22af9089cb6e51dad828263a8db61c
SHA256

d2409e2236609aaa743681f503ed6963ad22e50bcc1583a749c16605af7968de
SHA512

9bc1f3896e910d64d2e8976de20c8e8c4eaa2d1643601f7a15e9ad0ad215c5c59b1b4c4d345180e2baf105a11fdf2a68cc5041d5497d2bf19ff6f641ed6b70d5
SSDEEP

393216:SQ/5wdPcRkVrsRaSczOjSx52hwbTCMGppU:SQRwdPcRvjI5PnCG

Score

10^/10

babadeda vidar 1670 crypter discovery evasion loader spyware stealer trojan

Malware Config

Extracted

Family

vidar

Version

55.1

Botnet

1670

http://94.131.109.112:80

http://94.131.109.113:80

Attributes

profile_id
1670

Signatures

Babadeda
Babadeda is a crypter delivered as a legitimate installer and used to drop other malware families.
loader crypter babadeda

Babadeda Crypter 2 IoCs

resource	yara_rule
behavioral1/memory/904-121-0x0000000007B50000-0x0000000007F50000-memory.dmp	family_babadeda
behavioral1/memory/904-124-0x0000000007B50000-0x0000000007F50000-memory.dmp	family_babadeda

Vidar
Vidar is an infostealer based on Arkei stealer.
stealer vidar

Executes dropped EXE 1 IoCs

pid	Process
904	DtlManualUpdate.exe

Loads dropped DLL 44 IoCs

pid	Process
1184	8b82597ca0a096d822a9f7a653bf4356.exe
1184	8b82597ca0a096d822a9f7a653bf4356.exe
1184	8b82597ca0a096d822a9f7a653bf4356.exe
1184	8b82597ca0a096d822a9f7a653bf4356.exe
1184	8b82597ca0a096d822a9f7a653bf4356.exe
1184	8b82597ca0a096d822a9f7a653bf4356.exe
1184	8b82597ca0a096d822a9f7a653bf4356.exe
1184	8b82597ca0a096d822a9f7a653bf4356.exe
1184	8b82597ca0a096d822a9f7a653bf4356.exe
1184	8b82597ca0a096d822a9f7a653bf4356.exe
1184	8b82597ca0a096d822a9f7a653bf4356.exe
1184	8b82597ca0a096d822a9f7a653bf4356.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe
904	DtlManualUpdate.exe

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials in Files
T1081
Accesses 2FA software files, possible credential harvesting 2 TTPs
spyware stealer

Data from Local System
T1005

Credentials in Files
T1081
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Checks whether UAC is enabled 1 TTPs 1 IoCs

evasion trojan

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	8b82597ca0a096d822a9f7a653bf4356.exe

Maps connected drives based on registry 3 TTPs 2 IoCs

Disk information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum	DtlManualUpdate.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\services\Disk\Enum\0	DtlManualUpdate.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 5 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	DtlManualUpdate.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	DtlManualUpdate.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	8b82597ca0a096d822a9f7a653bf4356.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier	8b82597ca0a096d822a9f7a653bf4356.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	8b82597ca0a096d822a9f7a653bf4356.exe

Delays execution with timeout.exe 1 IoCs

evasion

pid	Process
1144	timeout.exe

Modifies system certificate store 2 TTPs 4 IoCs

evasion spyware trojan

Install Root Certificate

T1130

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43	DtlManualUpdate.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 0f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d432000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2	DtlManualUpdate.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 190000000100000010000000749966cecc95c1874194ca7203f9b6200300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d431d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0b000000010000001200000044006900670069004300650072007400000014000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b060105050703080f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa62000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2	DtlManualUpdate.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 04000000010000001000000087ce0b7b2a0e4900e158719b37a893720f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d43190000000100000010000000749966cecc95c1874194ca7203f9b6202000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2	DtlManualUpdate.exe

Suspicious behavior: EnumeratesProcesses 3 IoCs

pid	Process
1184	8b82597ca0a096d822a9f7a653bf4356.exe
1184	8b82597ca0a096d822a9f7a653bf4356.exe
904	DtlManualUpdate.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
904	DtlManualUpdate.exe

Suspicious use of WriteProcessMemory 11 IoCs

description	pid	Process	procid_target
PID 1184 wrote to memory of 904	1184	8b82597ca0a096d822a9f7a653bf4356.exe	26
PID 1184 wrote to memory of 904	1184	8b82597ca0a096d822a9f7a653bf4356.exe	26
PID 1184 wrote to memory of 904	1184	8b82597ca0a096d822a9f7a653bf4356.exe	26
PID 1184 wrote to memory of 904	1184	8b82597ca0a096d822a9f7a653bf4356.exe	26
PID 1184 wrote to memory of 904	1184	8b82597ca0a096d822a9f7a653bf4356.exe	26
PID 1184 wrote to memory of 904	1184	8b82597ca0a096d822a9f7a653bf4356.exe	26
PID 1184 wrote to memory of 904	1184	8b82597ca0a096d822a9f7a653bf4356.exe	26
PID 904 wrote to memory of 1056	904	DtlManualUpdate.exe	29
PID 904 wrote to memory of 1056	904	DtlManualUpdate.exe	29
PID 904 wrote to memory of 1056	904	DtlManualUpdate.exe	29
PID 904 wrote to memory of 1056	904	DtlManualUpdate.exe	29

C:\Users\Admin\AppData\Local\Temp\8b82597ca0a096d822a9f7a653bf4356.exe
"C:\Users\Admin\AppData\Local\Temp\8b82597ca0a096d822a9f7a653bf4356.exe"
1⤵
- Loads dropped DLL
- Checks whether UAC is enabled
- Checks processor information in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1184
- C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\DtlManualUpdate.exe
  "C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\DtlManualUpdate.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Maps connected drives based on registry
  - Checks processor information in registry
  - Modifies system certificate store
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:904
- - C:\Windows\SysWOW64\cmd.exe
    "C:\Windows\System32\cmd.exe" /c timeout /t 6 & del /f /q "?" & exit
    3⤵
    PID:1056
  - - C:\Windows\SysWOW64\timeout.exe
      timeout /t 6
      4⤵
      Delays execution with timeout.exe
      PID:1144

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

T1130

Modify Registry

T1112

Credential Access

Credentials in Files

T1081

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\DtlManualUpdate.exe

Filesize
1.1MB

MD5
b12cffcb403830e98c6639d998c477e2

SHA1
c442bb87c96bc247317b5101fd64cecfe1634470

SHA256
b5b14ab08053acd5750c57bbe6c624a47df2ad38f5fc481e4ca0c65400516362

SHA512
642a2aad0b43a4ab50ff222b53fe3803bfcb174604a3f45b2ca465b82e8f3da540aa0b0411862a02318bda6473b543543dd390a70255b3fe0a276b4f19129db7

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\SDL2.dll

Filesize
1.1MB

MD5
d60643229ea9b319f4de76ba47f0e138

SHA1
8811a3d790915e4bbe9deb1d9c7fa499a2679408

SHA256
eab38202aa56c843c561c6a5009efc8ef4468f547f55c562341be38ea512951c

SHA512
95095958378e4c2e0e3924c5245d8fc6f788b926e8e751d40c55dba0ad1c4ed66379fe8dc148a8c39618eeb75e94cba1b3859462051a249f09cd7b483ba45ccd

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\VCRUNTIME140.dll

Filesize
77KB

MD5
ba65db6bfef78a96aee7e29f1449bf8a

SHA1
06c7beb9fd1f33051b0e77087350903c652f4b77

SHA256
141690572594dbd3618a4984712e9e36fc09c9906bb845ce1a9531ac8f7ad493

SHA512
ca63eeac10ef55d7e2e55479b25cf394e58aef1422951f361f762ab667f72a3454f55afc04e967e8cdd20cf3eebe97083e0438ea941916a09e7d091818ea830e

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-core-file-l1-2-0.dll

Filesize
11KB

MD5
86279521328398e87699d248628eb13a

SHA1
e4d4c39bda90635f1f5c2fc58b1304e2daac9caf

SHA256
3c9b67616fd0ceb3dd92e605918b08556683ebab5537aa76dff300fbd54b0337

SHA512
2cc328955611ad8369ff9facf9c1aabe99a20c3ded2977ad86c69e0f54acd78fa6f572ed688625c8c63016826a10b3578e3c186ef2b39c4bf393ab5e399913a6

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-core-file-l2-1-0.dll

Filesize
11KB

MD5
422adad24e8da100f85bf3de86b5f302

SHA1
7004b3ed8663b5890cd25e1a7899a766be912728

SHA256
e04642684dc7376839c570bc11e9b46cae14420f1a85f7562fd2c4d656a22956

SHA512
e689ecb1a1cb1e7735cb6a961fd054d87bcad01acf76950b14a3bf4e08ddb7a8d31805c203374ee081a4ec13c40b25b3dc83b3895b9bfbd9c135673e98e6ee63

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-core-localization-l1-2-0.dll

Filesize
13KB

MD5
602a35b140d9d68d7b3e488896158365

SHA1
f1ba615abb54ff786ddbc74dffffd56394bfc892

SHA256
43b98f74476c86107c8317749f54a107e2955696e4f79d3d02683dd7034d1d52

SHA512
4388947f90838cae8b5f8137c9ed2a099028b4341da8c574d536c6ad096bad0e217e105f0367750c70e3d3ca4857255b674955c71ecff0fda9c47a4b1951b8b6

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
11KB

MD5
a07afa26ab56a8d3b8b16591a1962005

SHA1
2b6f3143487f747911ee20f039f1ffb1381858ac

SHA256
6be230837149dc2a8c7772142a674c3f90930a55da7f91d791942d8276d5440b

SHA512
b77b277d10cf6b8d209679684ead55b4347caef3213acdccdee35b5d4fe0e3fc136daf057830512c5473c4653a8d66357927c4b7d204c07d7508f792299d7fe9

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-core-timezone-l1-1-0.dll

Filesize
11KB

MD5
a9c7db516186c8e367fed757e238c61a

SHA1
1318d6496e7146e773aca85be6d0e9b87a09e284

SHA256
ded52bac23633a03341969c5b98b0d94d24fa3284c1ddd0c489e453b39cec659

SHA512
6aad003287afe86abccf34f6b15338c0c7380f4837805d919064a26380d2f3f7698515f927c148e618c12f0943d3621184bebc70a8b07eed64ad88689fbcc5cb

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-crt-convert-l1-1-0.dll

Filesize
15KB

MD5
c6385b316bb04ca36d76b077eeb9a61e

SHA1
fc376f68798fecd41fb1c936eed1bce3f2ee6bef

SHA256
060636cfc58587b4344a6d0ff4f44dd77266f2bbdb877cb50cb1b44a7e3969bc

SHA512
bddf0f34bedb17ecf1d270a0613f27d174ae04f920192d7d1af6c15245175318b29691e748c36e2ce0a3027495b2f5a0bb688ae16095fad9dcd8c283b6d1b1d4

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-crt-environment-l1-1-0.dll

Filesize
11KB

MD5
311e582d5d3d8421e883c4a8248eacc8

SHA1
c99e61d1446fce0f883a2aad261af22d77953a59

SHA256
369cc4d3bb05f4160a0bc9683feb1df2e94d02f061e4b23d53c3a6e2230cd5e4

SHA512
050ed1310e667e6bb22bb7952794745df1eee0c78f18240cc2217e748a11213d094b48153964c3da0ad8141da1709ece637315633396c77c035bb0565fa981b4

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-crt-filesystem-l1-1-0.dll

Filesize
13KB

MD5
10731d3320c12abb62d3866d7e728cce

SHA1
df4e131c825d1ca5cd14e00e5c04785d6ca508f7

SHA256
9f3eb90963916194f167e98e049707b14fa84a3f11cb8cc7b940d95956601700

SHA512
7eeef98682872fd95a38a03435546349c8488607e59870086b486b807e8b53893603175d9ad0f3b80c1924381daca8d14868a6079988a944b005783b4e2e358e

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-crt-heap-l1-1-0.dll

Filesize
12KB

MD5
cf5f256e8cd76ba85e6c3047f078814a

SHA1
b7cde77313ceaae76a46c1111b33b3d8f47c4214

SHA256
9382fc8d5cbcc23c5d05e6f48f4188af3f96efbbdc5a7ec05b37e252440ecfc1

SHA512
856eff4fff1d11a725af9c3e5ceac6d02a89297a16e97edec171839aa12c468fc37d60ec5df06d507cee695f71b7fbd4bc0ba51b7934d886e66a43b249e62da5

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-crt-locale-l1-1-0.dll

Filesize
11KB

MD5
60ffdc3ef20b127e3fd14a0719328c34

SHA1
b510833350328f79a79fa464ea9d5e9455643659

SHA256
43c9ea4ddecf2f34852559cf0b40b5261e6701d3743ab219f48d43a312707ad9

SHA512
caef6ee08c9f6fabecef1f0be37ab34e2d4dc22f15a775b2f0dcacda1f0fcdf2259399e6fbab85f0f00e8e4b03d77fe88b85b901a9ba2f775a50f2da724da26e

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-crt-math-l1-1-0.dll

Filesize
21KB

MD5
78dfcb76dc8b42411dbc682f78f5c6eb

SHA1
e50f6719fee44c70518cf8442737a688b5f45e62

SHA256
8673dd898f899de831fc3052c8b8254b7b85ee7f2b9b6c422736668689c9b14f

SHA512
968bb3bc952f4057f74c9c8825fcc2db34b9c56166ee39db3bab3d4ecf51fb65af250a8a65340274a1a0c0eed73b6c8962df5d2fce586c1ef4e19706edd5e6e1

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-crt-runtime-l1-1-0.dll

Filesize
15KB

MD5
8bd7a27e6ca969d3eb46086d411ce05d

SHA1
3bbf6f55853b1487debca58d7cb5c877d0abd517

SHA256
8edc95578b8c9ca93a65907e428fa2b57fef8370b902912689332bc61094904c

SHA512
fee8359398efe6a995a214d4e47de43aba12d33bb9cb1de18659d332d94ef83a4a77618b6caa9f455b0c6da4c10ab459209d483b9e778d9b522771ca692ca454

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-crt-stdio-l1-1-0.dll

Filesize
17KB

MD5
f681a45c47ebb2c56c1465677ec33ff3

SHA1
06bf7798c51325cf1806e14dea56ff98b05b7846

SHA256
3a03d727d291be57057587227273af410eda935438d8a0a165ec63ae772809af

SHA512
eeb05f1af7e1c714c658e9aa06e8c6dbeeb5f2e8dcf3fdb7b9b408018e41402d83893472114e0cf6d3a9a3bf54ec45c4f7a4840a09570d190277aa3514681ab8

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-crt-string-l1-1-0.dll

Filesize
17KB

MD5
00446e48d60abf044acc72b46d5c3afb

SHA1
0ccc0c5034ac063e1d4af851b0de1f4ea99aff97

SHA256
82d26998b4b3c26dbc1c1fff9d6106109a081205081d3c0669e59d20d918bc5a

SHA512
69114f0efb3c853bffb55c15e5ad1b7919057a676056d57634a6a39916e232cde2dcdc49ea0f9751ddea6550ffa58f84b1f8918b3c9fd7e88c8b8f7eb4afeaf2

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-crt-utility-l1-1-0.dll

Filesize
11KB

MD5
6376bf5bac3f0208f0a5d11415ccd444

SHA1
c3fe96e51c3f3e622dcedd2ddf8d23f9442361b8

SHA256
e36763df57cd26ec2b4d52e27de51a4ca6f18caf86cbac8307bf4817705f9a0e

SHA512
9614e423c850bdb584f18555825214d42106966b1ee71e75ba7407591aa5de407b43909ce972e1923df82e9a0e953597fe19646296962194ebeb1579493d91c2

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\iconv-2.dll

Filesize
1.0MB

MD5
8b917884024fca4adcdfbe78e1ec500f

SHA1
4bfb956682494420929585b5eeb4fae7baa5a894

SHA256
c21ea273a5fddbb5d7af49eea93809b323621caed3b57fab7ec43ec4b08cce14

SHA512
5a204f94ecfa4f47ed05c164136dac762b2724298a38019926da34bb86fc05a212a3df486dc6da495929f365e0162198069a03f9745e039b0d8ff92c7601e2fc

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\libexpat.dll

Filesize
126KB

MD5
530d00e196a499c0ec24ac6412a46f8b

SHA1
3c2a99233d7d5d2bcf1a3aa576228fc22acc62ba

SHA256
4d82729479a454d85ffe72dbd1c0c42bf544a65dfd4f63313d4e37fb8a250545

SHA512
64f110601be0047c96f0eee1aa9ddcefc8e524b078225878389603a3fee0864e801b49f4f0ab493b83d7bc243f35018358de41b06a63a8107c88a24d3ca12573

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\liblzma.dll

Filesize
130KB

MD5
2337a60384e6e8598af862bfc3c143d0

SHA1
3952358bf1493d5c7a1869b170907a22ceeb6b8b

SHA256
c805c22a6a24424939c50e885b3fab7047d683a1e9bb2e1a1bba2bb6717dd55c

SHA512
6b57eaa61dd6348a568ed017c4094ac508c2e95ffc142d895242a8a78634afd9d95e10ba4a466011520ec0e2cabe0838200363faaa210ad2e248738081dbbf5c

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\libxml2.dll

Filesize
1.1MB

MD5
200419961fb4dddb2600235d8379e041

SHA1
f79f03bb6a8929c851667390886979890f8bbc29

SHA256
5e24a037deee827fcda9d719b22c300eb6e373e633ee35f5ba570dd303d1b757

SHA512
882449740ffb40749da0385dcf55acac461f6dabc206218d17c5808b3ca47287faafed3439726443a0f659ac3fba9492f057656be98004f76ae43088d88aaea7

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\substat.dll

Filesize
154KB

MD5
82e42622d2b2ead49abe5791e5983580

SHA1
0a9f3ea74303e56d367b45503bae3ba1bddc2b5e

SHA256
e074311afc94e0bb98bf0d0c84fe777783a1475c755d6be7041be11a632e5647

SHA512
d40b82fdbfada18174d3ce96c0d5f89960f3f4e19a38a6c21c248839537d95cc6663555a175b1630f2d765387a95ea3a2b9255f1a82c5805f1e11d114f3a64ef

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\svfilter.dll

Filesize
56KB

MD5
269168df32261e0dd932996016df3336

SHA1
e179b4f5baf4b82220bbc6eb9ea645561493891e

SHA256
dd7fa4b8a9f3322119d7cd3dc3901e0ae09a2cbac0b5d35783d73841d7baf57a

SHA512
e455cc87f811e83811788fc2788a9a3b5f2dc2bec8674fe1449d23f6da8d08154c084b8defa9af1e9045837b65b69efaa46a41c8f246930699b12117fa19e4ad

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\ucrtbase.DLL

Filesize
880KB

MD5
5dafe0bfb955e780b3d50da4524b752f

SHA1
91c0d9fabe748d373215ba21b90278671b5f8957

SHA256
6255112c9978c07a05c6feaee01cf4be74b2920dc7017fbc1a42f8f5d23c20f9

SHA512
37fd37f3ad87838f596d1e8e497fe66d1a1c4128625ab456ec850179dd1e1f33cf4945d0faaf6cdbd1ed586ecfb7ff3e7cf10a88a823cc5eb06c2fc4fa16bff3

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\xerces-c_3_2.dll

Filesize
2.4MB

MD5
e477ad70adb0967f926faace10a41820

SHA1
998e8de5ee9afc948c5298d1a268da875b2343da

SHA256
ecc3ab92c9cde46b3a1cbf4bb2876d6c2ef461b7e3f0b8c78fe421f013600c9c

SHA512
87e96764e90d2a61839524f53d5f11aff0da36b4c6f5c406621fbb60bd833a5ad0b00cf8e665152795a9236914e51355d4fa7ab0b50a0531aad85178b01d227b

Download Submit
C:\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\zlib1.dll

Filesize
76KB

MD5
0ac2236d42d8ced5dbd181bf19637783

SHA1
59e317e893831615b7d338f3c328de42c3a04f2d

SHA256
59281018c70bfec371d593d4bd005f8c52c8a3440d96fdf28ad4881bf3c4d78f

SHA512
3c71c2f83110e51c44a6c79efd83490bbc93f022a937d6759cfed103fc250b46a7d895df5d880247381a74642ab8eb6497463202b455f1935d28b24ae0389183

Download Submit
\Users\Admin\AppData\Local\Temp\BRL000004a0\BR479C.tmp

Filesize
99KB

MD5
2c9676a3167739f36912818acb8e9860

SHA1
cd9e5e56cc408c40c45caf49614c26fc7fde39f6

SHA256
75fc64a55afa86173947948d78ba5de98dfc35c487166a6682fe71ed5f6f877a

SHA512
a6c375511d9d339b889adcca4a95bc23df9e207f86605f6d6d04ab7e211901cdc3012860ed844a5c36737369e01dc70b212f5960d8a662fdc720ad98e1202aa1

Download Submit
\Users\Admin\AppData\Local\Temp\BRL000004a0\BR4877.tmp

Filesize
288KB

MD5
122a3741699fb5c0950273245c9dea15

SHA1
811f9149e3310a8e6521da156f92f3aaab012145

SHA256
f675eba3b22e0a2238ec4961d99de3bacca0ab553ab26eecb49800a12a9371ab

SHA512
567c480f70fdc78769ae45bf83b6632f7ab380ebeb00689028d39ff03840c8b778149a3fafe1dab2ac77a1fd17a23b09f58774b1c5e791bfd33b99528225eccc

Download Submit
\Users\Admin\AppData\Local\Temp\BRL000004a0\BR4A4C.tmp

Filesize
35KB

MD5
08ad4cd2a940379f1dcdbdb9884a1375

SHA1
c302b7589ba4f05c6429e7f89ad0cb84dd9dfbac

SHA256
78827e2b1ef0aad4f8b1b42d0964064819aa22bfcd537ebaacb30d817edc06d8

SHA512
f37bd071994c31b361090a149999e8b2d4a7839f19ea63e1d4563aada1371be37f2bfcc474e24de95ff77ca4124a39580c9f711e2fbe54265713ab76f631835a

Download Submit
\Users\Admin\AppData\Local\Temp\BRL000004a0\BR4AAB.tmp

Filesize
169KB

MD5
cf2d7b4de923b25955d96d2e65ce76bc

SHA1
8feee81fe77a7649b969d375778d2b78d842cf48

SHA256
0912c84ded4670c427db1f405eb68a5763eae8fa0a735abe44eea81be7dc44ea

SHA512
d26a0983f0323655eddc48863a409d172a4623bd7ed465b5a4675477938de10127323040da77c80201c3a816315d98cace5194207e22b0a6ac2e65ae6795dc4f

Download Submit
\Users\Admin\AppData\Local\Temp\BRL000004a0\BR4AEA.tmp

Filesize
532KB

MD5
a6f7a08b0676f0564a51b5c47973e635

SHA1
d56f5f9e2580b81717317da6582da9d379426d5b

SHA256
5dd27e845af9333ad7b907a37ab3d239b75be6ccc1f51ef4b21e59b037ce778c

SHA512
1101813034db327af1c16d069a4dfa91ab97ee8188f9ed1a6da9d25558866e7e9af59102e58127e64441d3e4a768b2ad788fd0e5a16db994a14637bfbade2954

Download Submit
\Users\Admin\AppData\Local\Temp\BRL000004a0\BR4B68.tmp

Filesize
72KB

MD5
c04970b55bcf614f24ca75b1de641ae2

SHA1
52b182caef513ed1c36f28eb45cedb257fa8ce40

SHA256
5ddee4aab3cf33e505f52199d64809125b26de04fb9970ca589cd8619c859d80

SHA512
a5f2660e336bf74a1936fb2e1c724220d862632907f5fd690b365009ac3e1bf35fa6689071f3da4049e495f340ff83f8438b79079ef1f248b9dcaedbdd5d3e40

Download Submit
\Users\Admin\AppData\Local\Temp\BRL000004a0\BR4BA7.tmp

Filesize
14KB

MD5
77fe66d74901495f4b41a5918acd02ff

SHA1
ce5bbd53152cd5b03df8bcc232a1aea36a012764

SHA256
b017168c69ef40115141813e47122391602e1af28af342c56495b09f1c3c7522

SHA512
cc6e323d0076577a0a04dbe2c33d90dc616cb5ec3637d3df67cbf169766ca2e6de567fcff4f32938fd6118d98e4796642a3010b7264f0ae247fa8f0fe079bd70

Download Submit
\Users\Admin\AppData\Local\Temp\BRL000004a0\BR4DBB.tmp

Filesize
14KB

MD5
d74aadd701bfacc474c431acab7b9265

SHA1
8a2b424d1f949430ddc1faddee3e9ccb79c95de2

SHA256
f1029f5cca3dabfeffe2c9db6ad84a9ff0f64f5b2fb85cb6ab348740f756e07d

SHA512
0ef85e311fb4843997fd5f87f0a2eec9715e26eae76bfb7bb701d8c043720aeaf7f4825d25187bf35e0a9f00def15ed071120128805445f1330c07c3e0ea5ced

Download Submit
\Users\Admin\AppData\Local\Temp\BRL000004a0\BR4F71.tmp

Filesize
366KB

MD5
0700f3dbe367287ce10472cffbd3d7d1

SHA1
079790389532599ce04fd82c2b89db5e4dedf26c

SHA256
77e46a6a8fbc079cdb1d3ee299af36c3d1881d38d93c4e0551f114965cdaf10f

SHA512
28eb67d348c8e9e36032d041315b6ee790d2e9021a3a657a7fe33c66ad1f8daa5b3e0833a2a432cb4a4c5795fea5a80a1810440fb441b6f0d56cf0d00d3e0a17

Download Submit
\Users\Admin\AppData\Local\Temp\BRL000004a0\BR4FC0.tmp

Filesize
74KB

MD5
924b90c3d9e645dfad53f61ea4e91942

SHA1
65d397199ff191e5078095036e49f08376f9ae4e

SHA256
41788435f245133ec5511111e2c5d52f7515e359876180067e0b5ba85c729322

SHA512
76833708828c8f3fad941abeea158317aff98cf0691b5d5dfa4bca15279cdad1cc23a771258e4de41cf12a58f7033a3ee08b0b5eb834d22be568ea98b183ccd9

Download Submit
\Users\Admin\AppData\Local\Temp\BRL000004a0\BR4FEF.tmp

Filesize
150KB

MD5
efd81ea220094b0e91630b648d00e731

SHA1
226635424baf8146af055908c4c12b0a3faecd4f

SHA256
931c52c91ffbe12d820ff96570ba8db8abc36ac2fb852c87f2ef99271d7183fa

SHA512
fca9ffbcf94507cda23b5a68c4a598a25f0a0e22a7d429a125acbf95bdd03fd63ac80cf8738ae22d1730a73edb3325edc5b85af8d3337a62a97ac0f63dbccdbe

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\DtlManualUpdate.exe

Filesize
1.1MB

MD5
b12cffcb403830e98c6639d998c477e2

SHA1
c442bb87c96bc247317b5101fd64cecfe1634470

SHA256
b5b14ab08053acd5750c57bbe6c624a47df2ad38f5fc481e4ca0c65400516362

SHA512
642a2aad0b43a4ab50ff222b53fe3803bfcb174604a3f45b2ca465b82e8f3da540aa0b0411862a02318bda6473b543543dd390a70255b3fe0a276b4f19129db7

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\SDL2.dll

Filesize
1.1MB

MD5
d60643229ea9b319f4de76ba47f0e138

SHA1
8811a3d790915e4bbe9deb1d9c7fa499a2679408

SHA256
eab38202aa56c843c561c6a5009efc8ef4468f547f55c562341be38ea512951c

SHA512
95095958378e4c2e0e3924c5245d8fc6f788b926e8e751d40c55dba0ad1c4ed66379fe8dc148a8c39618eeb75e94cba1b3859462051a249f09cd7b483ba45ccd

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-core-file-l1-2-0.dll

Filesize
11KB

MD5
86279521328398e87699d248628eb13a

SHA1
e4d4c39bda90635f1f5c2fc58b1304e2daac9caf

SHA256
3c9b67616fd0ceb3dd92e605918b08556683ebab5537aa76dff300fbd54b0337

SHA512
2cc328955611ad8369ff9facf9c1aabe99a20c3ded2977ad86c69e0f54acd78fa6f572ed688625c8c63016826a10b3578e3c186ef2b39c4bf393ab5e399913a6

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-core-file-l2-1-0.dll

Filesize
11KB

MD5
422adad24e8da100f85bf3de86b5f302

SHA1
7004b3ed8663b5890cd25e1a7899a766be912728

SHA256
e04642684dc7376839c570bc11e9b46cae14420f1a85f7562fd2c4d656a22956

SHA512
e689ecb1a1cb1e7735cb6a961fd054d87bcad01acf76950b14a3bf4e08ddb7a8d31805c203374ee081a4ec13c40b25b3dc83b3895b9bfbd9c135673e98e6ee63

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-core-localization-l1-2-0.dll

Filesize
13KB

MD5
602a35b140d9d68d7b3e488896158365

SHA1
f1ba615abb54ff786ddbc74dffffd56394bfc892

SHA256
43b98f74476c86107c8317749f54a107e2955696e4f79d3d02683dd7034d1d52

SHA512
4388947f90838cae8b5f8137c9ed2a099028b4341da8c574d536c6ad096bad0e217e105f0367750c70e3d3ca4857255b674955c71ecff0fda9c47a4b1951b8b6

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
11KB

MD5
a07afa26ab56a8d3b8b16591a1962005

SHA1
2b6f3143487f747911ee20f039f1ffb1381858ac

SHA256
6be230837149dc2a8c7772142a674c3f90930a55da7f91d791942d8276d5440b

SHA512
b77b277d10cf6b8d209679684ead55b4347caef3213acdccdee35b5d4fe0e3fc136daf057830512c5473c4653a8d66357927c4b7d204c07d7508f792299d7fe9

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-core-timezone-l1-1-0.dll

Filesize
11KB

MD5
a9c7db516186c8e367fed757e238c61a

SHA1
1318d6496e7146e773aca85be6d0e9b87a09e284

SHA256
ded52bac23633a03341969c5b98b0d94d24fa3284c1ddd0c489e453b39cec659

SHA512
6aad003287afe86abccf34f6b15338c0c7380f4837805d919064a26380d2f3f7698515f927c148e618c12f0943d3621184bebc70a8b07eed64ad88689fbcc5cb

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-crt-convert-l1-1-0.dll

Filesize
15KB

MD5
c6385b316bb04ca36d76b077eeb9a61e

SHA1
fc376f68798fecd41fb1c936eed1bce3f2ee6bef

SHA256
060636cfc58587b4344a6d0ff4f44dd77266f2bbdb877cb50cb1b44a7e3969bc

SHA512
bddf0f34bedb17ecf1d270a0613f27d174ae04f920192d7d1af6c15245175318b29691e748c36e2ce0a3027495b2f5a0bb688ae16095fad9dcd8c283b6d1b1d4

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-crt-environment-l1-1-0.dll

Filesize
11KB

MD5
311e582d5d3d8421e883c4a8248eacc8

SHA1
c99e61d1446fce0f883a2aad261af22d77953a59

SHA256
369cc4d3bb05f4160a0bc9683feb1df2e94d02f061e4b23d53c3a6e2230cd5e4

SHA512
050ed1310e667e6bb22bb7952794745df1eee0c78f18240cc2217e748a11213d094b48153964c3da0ad8141da1709ece637315633396c77c035bb0565fa981b4

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-crt-filesystem-l1-1-0.dll

Filesize
13KB

MD5
10731d3320c12abb62d3866d7e728cce

SHA1
df4e131c825d1ca5cd14e00e5c04785d6ca508f7

SHA256
9f3eb90963916194f167e98e049707b14fa84a3f11cb8cc7b940d95956601700

SHA512
7eeef98682872fd95a38a03435546349c8488607e59870086b486b807e8b53893603175d9ad0f3b80c1924381daca8d14868a6079988a944b005783b4e2e358e

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-crt-heap-l1-1-0.dll

Filesize
12KB

MD5
cf5f256e8cd76ba85e6c3047f078814a

SHA1
b7cde77313ceaae76a46c1111b33b3d8f47c4214

SHA256
9382fc8d5cbcc23c5d05e6f48f4188af3f96efbbdc5a7ec05b37e252440ecfc1

SHA512
856eff4fff1d11a725af9c3e5ceac6d02a89297a16e97edec171839aa12c468fc37d60ec5df06d507cee695f71b7fbd4bc0ba51b7934d886e66a43b249e62da5

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-crt-locale-l1-1-0.dll

Filesize
11KB

MD5
60ffdc3ef20b127e3fd14a0719328c34

SHA1
b510833350328f79a79fa464ea9d5e9455643659

SHA256
43c9ea4ddecf2f34852559cf0b40b5261e6701d3743ab219f48d43a312707ad9

SHA512
caef6ee08c9f6fabecef1f0be37ab34e2d4dc22f15a775b2f0dcacda1f0fcdf2259399e6fbab85f0f00e8e4b03d77fe88b85b901a9ba2f775a50f2da724da26e

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-crt-math-l1-1-0.dll

Filesize
21KB

MD5
78dfcb76dc8b42411dbc682f78f5c6eb

SHA1
e50f6719fee44c70518cf8442737a688b5f45e62

SHA256
8673dd898f899de831fc3052c8b8254b7b85ee7f2b9b6c422736668689c9b14f

SHA512
968bb3bc952f4057f74c9c8825fcc2db34b9c56166ee39db3bab3d4ecf51fb65af250a8a65340274a1a0c0eed73b6c8962df5d2fce586c1ef4e19706edd5e6e1

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-crt-runtime-l1-1-0.dll

Filesize
15KB

MD5
8bd7a27e6ca969d3eb46086d411ce05d

SHA1
3bbf6f55853b1487debca58d7cb5c877d0abd517

SHA256
8edc95578b8c9ca93a65907e428fa2b57fef8370b902912689332bc61094904c

SHA512
fee8359398efe6a995a214d4e47de43aba12d33bb9cb1de18659d332d94ef83a4a77618b6caa9f455b0c6da4c10ab459209d483b9e778d9b522771ca692ca454

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-crt-stdio-l1-1-0.dll

Filesize
17KB

MD5
f681a45c47ebb2c56c1465677ec33ff3

SHA1
06bf7798c51325cf1806e14dea56ff98b05b7846

SHA256
3a03d727d291be57057587227273af410eda935438d8a0a165ec63ae772809af

SHA512
eeb05f1af7e1c714c658e9aa06e8c6dbeeb5f2e8dcf3fdb7b9b408018e41402d83893472114e0cf6d3a9a3bf54ec45c4f7a4840a09570d190277aa3514681ab8

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-crt-string-l1-1-0.dll

Filesize
17KB

MD5
00446e48d60abf044acc72b46d5c3afb

SHA1
0ccc0c5034ac063e1d4af851b0de1f4ea99aff97

SHA256
82d26998b4b3c26dbc1c1fff9d6106109a081205081d3c0669e59d20d918bc5a

SHA512
69114f0efb3c853bffb55c15e5ad1b7919057a676056d57634a6a39916e232cde2dcdc49ea0f9751ddea6550ffa58f84b1f8918b3c9fd7e88c8b8f7eb4afeaf2

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\api-ms-win-crt-utility-l1-1-0.dll

Filesize
11KB

MD5
6376bf5bac3f0208f0a5d11415ccd444

SHA1
c3fe96e51c3f3e622dcedd2ddf8d23f9442361b8

SHA256
e36763df57cd26ec2b4d52e27de51a4ca6f18caf86cbac8307bf4817705f9a0e

SHA512
9614e423c850bdb584f18555825214d42106966b1ee71e75ba7407591aa5de407b43909ce972e1923df82e9a0e953597fe19646296962194ebeb1579493d91c2

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\iconv-2.dll

Filesize
1.0MB

MD5
8b917884024fca4adcdfbe78e1ec500f

SHA1
4bfb956682494420929585b5eeb4fae7baa5a894

SHA256
c21ea273a5fddbb5d7af49eea93809b323621caed3b57fab7ec43ec4b08cce14

SHA512
5a204f94ecfa4f47ed05c164136dac762b2724298a38019926da34bb86fc05a212a3df486dc6da495929f365e0162198069a03f9745e039b0d8ff92c7601e2fc

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\libexpat.dll

Filesize
126KB

MD5
530d00e196a499c0ec24ac6412a46f8b

SHA1
3c2a99233d7d5d2bcf1a3aa576228fc22acc62ba

SHA256
4d82729479a454d85ffe72dbd1c0c42bf544a65dfd4f63313d4e37fb8a250545

SHA512
64f110601be0047c96f0eee1aa9ddcefc8e524b078225878389603a3fee0864e801b49f4f0ab493b83d7bc243f35018358de41b06a63a8107c88a24d3ca12573

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\liblzma.dll

Filesize
130KB

MD5
2337a60384e6e8598af862bfc3c143d0

SHA1
3952358bf1493d5c7a1869b170907a22ceeb6b8b

SHA256
c805c22a6a24424939c50e885b3fab7047d683a1e9bb2e1a1bba2bb6717dd55c

SHA512
6b57eaa61dd6348a568ed017c4094ac508c2e95ffc142d895242a8a78634afd9d95e10ba4a466011520ec0e2cabe0838200363faaa210ad2e248738081dbbf5c

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\libxml2.dll

Filesize
1.1MB

MD5
200419961fb4dddb2600235d8379e041

SHA1
f79f03bb6a8929c851667390886979890f8bbc29

SHA256
5e24a037deee827fcda9d719b22c300eb6e373e633ee35f5ba570dd303d1b757

SHA512
882449740ffb40749da0385dcf55acac461f6dabc206218d17c5808b3ca47287faafed3439726443a0f659ac3fba9492f057656be98004f76ae43088d88aaea7

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\substat.dll

Filesize
154KB

MD5
82e42622d2b2ead49abe5791e5983580

SHA1
0a9f3ea74303e56d367b45503bae3ba1bddc2b5e

SHA256
e074311afc94e0bb98bf0d0c84fe777783a1475c755d6be7041be11a632e5647

SHA512
d40b82fdbfada18174d3ce96c0d5f89960f3f4e19a38a6c21c248839537d95cc6663555a175b1630f2d765387a95ea3a2b9255f1a82c5805f1e11d114f3a64ef

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\svfilter.dll

Filesize
56KB

MD5
269168df32261e0dd932996016df3336

SHA1
e179b4f5baf4b82220bbc6eb9ea645561493891e

SHA256
dd7fa4b8a9f3322119d7cd3dc3901e0ae09a2cbac0b5d35783d73841d7baf57a

SHA512
e455cc87f811e83811788fc2788a9a3b5f2dc2bec8674fe1449d23f6da8d08154c084b8defa9af1e9045837b65b69efaa46a41c8f246930699b12117fa19e4ad

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\ucrtbase.dll

Filesize
880KB

MD5
5dafe0bfb955e780b3d50da4524b752f

SHA1
91c0d9fabe748d373215ba21b90278671b5f8957

SHA256
6255112c9978c07a05c6feaee01cf4be74b2920dc7017fbc1a42f8f5d23c20f9

SHA512
37fd37f3ad87838f596d1e8e497fe66d1a1c4128625ab456ec850179dd1e1f33cf4945d0faaf6cdbd1ed586ecfb7ff3e7cf10a88a823cc5eb06c2fc4fa16bff3

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\vcruntime140.dll

Filesize
77KB

MD5
ba65db6bfef78a96aee7e29f1449bf8a

SHA1
06c7beb9fd1f33051b0e77087350903c652f4b77

SHA256
141690572594dbd3618a4984712e9e36fc09c9906bb845ce1a9531ac8f7ad493

SHA512
ca63eeac10ef55d7e2e55479b25cf394e58aef1422951f361f762ab667f72a3454f55afc04e967e8cdd20cf3eebe97083e0438ea941916a09e7d091818ea830e

Download Submit
\Users\Admin\AppData\Roaming\XMLBlueprint XML Studio\zlib1.dll

Filesize
76KB

MD5
0ac2236d42d8ced5dbd181bf19637783

SHA1
59e317e893831615b7d338f3c328de42c3a04f2d

SHA256
59281018c70bfec371d593d4bd005f8c52c8a3440d96fdf28ad4881bf3c4d78f

SHA512
3c71c2f83110e51c44a6c79efd83490bbc93f022a937d6759cfed103fc250b46a7d895df5d880247381a74642ab8eb6497463202b455f1935d28b24ae0389183

Download Submit
memory/904-122-0x0000000003810000-0x000000000396C000-memory.dmp

Filesize
1.4MB

Download
memory/904-121-0x0000000007B50000-0x0000000007F50000-memory.dmp

Filesize
4.0MB

Download
memory/904-124-0x0000000007B50000-0x0000000007F50000-memory.dmp

Filesize
4.0MB

Download
memory/904-125-0x0000000003810000-0x000000000386D000-memory.dmp

Filesize
372KB

Download
memory/1184-54-0x0000000074BB1000-0x0000000074BB3000-memory.dmp

Filesize
8KB

Download