babadeda | e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214

Resubmissions

27-11-2022 00:34

221127-awsnrafh98 10

26-11-2022 22:21

221126-194ahsdb41 10

Analysis

max time kernel
412s
max time network
404s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
26-11-2022 22:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe
Size

11.7MB
MD5

0f887c61e1b11623374401f9ffb48bad
SHA1

760321c5710f4040ef74ffbd2ec63244143be11a
SHA256

e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214
SHA512

448cfcc8e5366164b9a950854217cd0a8a1dc99329d6e048a1246a5d03f97dbd311b52876f9003a51d19be1eaa34204e15f67b36d86490905cb873633c5f1340
SSDEEP

196608:S2J/5wdPGb3R3etNv9jpuSrsR3gp276tQhMnfxSvmN6TbSLjuOG+VL9hAlw9fhcn:SQ/5wdPcRkVrsRQp276trfBN6T++ORKj

Score

10^/10

babadeda crypter evasion loader trojan

Malware Config

Signatures

Babadeda
Babadeda is a crypter delivered as a legitimate installer and used to drop other malware families.
loader crypter babadeda

Babadeda Crypter 5 IoCs

resource	yara_rule
behavioral1/memory/1092-121-0x0000000004630000-0x00000000049B0000-memory.dmp	family_babadeda
behavioral1/memory/1092-122-0x0000000004630000-0x00000000049B0000-memory.dmp	family_babadeda
behavioral1/memory/1092-131-0x0000000004630000-0x00000000049B0000-memory.dmp	family_babadeda
behavioral1/memory/1504-132-0x00000000046B0000-0x0000000004A30000-memory.dmp	family_babadeda
behavioral1/memory/1504-139-0x00000000046B0000-0x0000000004A30000-memory.dmp	family_babadeda

Executes dropped EXE 2 IoCs

pid	Process
1092	miaui.exe
1504	miaui.exe

Loads dropped DLL 64 IoCs

pid	Process
564	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe
564	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe
564	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe
564	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe
564	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe
564	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe
564	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe
564	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe
564	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe
564	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe
564	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe
564	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe
564	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1092	miaui.exe
1504	miaui.exe
1504	miaui.exe
1504	miaui.exe
1504	miaui.exe
1504	miaui.exe
1504	miaui.exe
1504	miaui.exe
1504	miaui.exe
1504	miaui.exe
1504	miaui.exe
1504	miaui.exe
1504	miaui.exe
1504	miaui.exe
1504	miaui.exe
1504	miaui.exe
1504	miaui.exe
1504	miaui.exe
1504	miaui.exe
1504	miaui.exe
1504	miaui.exe
1504	miaui.exe
1504	miaui.exe
1504	miaui.exe

Checks whether UAC is enabled 1 TTPs 1 IoCs

evasion trojan

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 3 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe

Suspicious behavior: AddClipboardFormatListener 2 IoCs

pid	Process
1092	miaui.exe
1504	miaui.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
564	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe
564	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe
1092	miaui.exe
1092	miaui.exe
1504	miaui.exe
1504	miaui.exe

Suspicious use of AdjustPrivilegeToken 40 IoCs

description	pid	Process
Token: SeIncreaseQuotaPrivilege	1092	miaui.exe
Token: SeSecurityPrivilege	1092	miaui.exe
Token: SeTakeOwnershipPrivilege	1092	miaui.exe
Token: SeLoadDriverPrivilege	1092	miaui.exe
Token: SeSystemProfilePrivilege	1092	miaui.exe
Token: SeSystemtimePrivilege	1092	miaui.exe
Token: SeProfSingleProcessPrivilege	1092	miaui.exe
Token: SeIncBasePriorityPrivilege	1092	miaui.exe
Token: SeCreatePagefilePrivilege	1092	miaui.exe
Token: SeBackupPrivilege	1092	miaui.exe
Token: SeRestorePrivilege	1092	miaui.exe
Token: SeShutdownPrivilege	1092	miaui.exe
Token: SeDebugPrivilege	1092	miaui.exe
Token: SeSystemEnvironmentPrivilege	1092	miaui.exe
Token: SeRemoteShutdownPrivilege	1092	miaui.exe
Token: SeUndockPrivilege	1092	miaui.exe
Token: SeManageVolumePrivilege	1092	miaui.exe
Token: 33	1092	miaui.exe
Token: 34	1092	miaui.exe
Token: 35	1092	miaui.exe
Token: SeIncreaseQuotaPrivilege	1504	miaui.exe
Token: SeSecurityPrivilege	1504	miaui.exe
Token: SeTakeOwnershipPrivilege	1504	miaui.exe
Token: SeLoadDriverPrivilege	1504	miaui.exe
Token: SeSystemProfilePrivilege	1504	miaui.exe
Token: SeSystemtimePrivilege	1504	miaui.exe
Token: SeProfSingleProcessPrivilege	1504	miaui.exe
Token: SeIncBasePriorityPrivilege	1504	miaui.exe
Token: SeCreatePagefilePrivilege	1504	miaui.exe
Token: SeBackupPrivilege	1504	miaui.exe
Token: SeRestorePrivilege	1504	miaui.exe
Token: SeShutdownPrivilege	1504	miaui.exe
Token: SeDebugPrivilege	1504	miaui.exe
Token: SeSystemEnvironmentPrivilege	1504	miaui.exe
Token: SeRemoteShutdownPrivilege	1504	miaui.exe
Token: SeUndockPrivilege	1504	miaui.exe
Token: SeManageVolumePrivilege	1504	miaui.exe
Token: 33	1504	miaui.exe
Token: 34	1504	miaui.exe
Token: 35	1504	miaui.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1504	miaui.exe

Suspicious use of SendNotifyMessage 1 IoCs

pid	Process
1504	miaui.exe

Suspicious use of WriteProcessMemory 8 IoCs

description	pid	Process	procid_target
PID 564 wrote to memory of 1092	564	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe	28
PID 564 wrote to memory of 1092	564	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe	28
PID 564 wrote to memory of 1092	564	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe	28
PID 564 wrote to memory of 1092	564	e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe	28
PID 1092 wrote to memory of 1504	1092	miaui.exe	29
PID 1092 wrote to memory of 1504	1092	miaui.exe	29
PID 1092 wrote to memory of 1504	1092	miaui.exe	29
PID 1092 wrote to memory of 1504	1092	miaui.exe	29

C:\Users\Admin\AppData\Local\Temp\e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe
"C:\Users\Admin\AppData\Local\Temp\e1c5e17d90f580bbcb8cf99dc5d696f9b5c4cf45789617de77a350e101b79214.exe"
1⤵
- Loads dropped DLL
- Checks whether UAC is enabled
- Checks processor information in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:564
- C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\miaui.exe
  "C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\miaui.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious behavior: AddClipboardFormatListener
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of WriteProcessMemory
  PID:1092
- - C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\miaui.exe
    "C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\miaui.exe"
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious behavior: AddClipboardFormatListener
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of FindShellTrayWindow
    - Suspicious use of SendNotifyMessage
    PID:1504

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\MSVCP140.dll

Filesize
428KB

MD5
fdd04dbbcf321eee5f4dd67266f476b0

SHA1
65ffdfe2664a29a41fcf5039229ccecad5b825b9

SHA256
21570bcb7a77e856f3113235d2b05b2b328d4bb71b4fd9ca4d46d99adac80794

SHA512
04cfc3097fbce6ee1b7bac7bd63c3cffe7dca16f0ec9cd8fe657d8b7ebd06dcba272ff472f98c6385c3cfb9b1ac3f47be8ca6d3ea80ab4aeed44a0e2ce3185dd

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\VCRUNTIME140.dll

Filesize
77KB

MD5
ba65db6bfef78a96aee7e29f1449bf8a

SHA1
06c7beb9fd1f33051b0e77087350903c652f4b77

SHA256
141690572594dbd3618a4984712e9e36fc09c9906bb845ce1a9531ac8f7ad493

SHA512
ca63eeac10ef55d7e2e55479b25cf394e58aef1422951f361f762ab667f72a3454f55afc04e967e8cdd20cf3eebe97083e0438ea941916a09e7d091818ea830e

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\aom.dll

Filesize
9.3MB

MD5
d363cff6d20c8ad0d8ca07eda6bcf78c

SHA1
9938e39d61035731588669253486eed512f47bc4

SHA256
b36c801adf3cf0c427b6eb74b3378010822fed8b9e3d266211d4d9dd1ddf3180

SHA512
e99423c9ecd1dcd333c031cb0ac36e0a9e84c45530c948119487034e7dca8ae3d6207b4f6b905d56864bd50babc3eb7d9b2fd944b5f0acb4172c567c0a3bd12d

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-core-file-l1-2-0.dll

Filesize
11KB

MD5
86279521328398e87699d248628eb13a

SHA1
e4d4c39bda90635f1f5c2fc58b1304e2daac9caf

SHA256
3c9b67616fd0ceb3dd92e605918b08556683ebab5537aa76dff300fbd54b0337

SHA512
2cc328955611ad8369ff9facf9c1aabe99a20c3ded2977ad86c69e0f54acd78fa6f572ed688625c8c63016826a10b3578e3c186ef2b39c4bf393ab5e399913a6

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-core-file-l2-1-0.dll

Filesize
11KB

MD5
422adad24e8da100f85bf3de86b5f302

SHA1
7004b3ed8663b5890cd25e1a7899a766be912728

SHA256
e04642684dc7376839c570bc11e9b46cae14420f1a85f7562fd2c4d656a22956

SHA512
e689ecb1a1cb1e7735cb6a961fd054d87bcad01acf76950b14a3bf4e08ddb7a8d31805c203374ee081a4ec13c40b25b3dc83b3895b9bfbd9c135673e98e6ee63

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-core-localization-l1-2-0.dll

Filesize
13KB

MD5
602a35b140d9d68d7b3e488896158365

SHA1
f1ba615abb54ff786ddbc74dffffd56394bfc892

SHA256
43b98f74476c86107c8317749f54a107e2955696e4f79d3d02683dd7034d1d52

SHA512
4388947f90838cae8b5f8137c9ed2a099028b4341da8c574d536c6ad096bad0e217e105f0367750c70e3d3ca4857255b674955c71ecff0fda9c47a4b1951b8b6

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
11KB

MD5
a07afa26ab56a8d3b8b16591a1962005

SHA1
2b6f3143487f747911ee20f039f1ffb1381858ac

SHA256
6be230837149dc2a8c7772142a674c3f90930a55da7f91d791942d8276d5440b

SHA512
b77b277d10cf6b8d209679684ead55b4347caef3213acdccdee35b5d4fe0e3fc136daf057830512c5473c4653a8d66357927c4b7d204c07d7508f792299d7fe9

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-core-synch-l1-2-0.dll

Filesize
11KB

MD5
ed215daa7493bf93c5eadef178a261e0

SHA1
b20c8dc7ba00f98a326f5f4fd55329b72f8e5699

SHA256
8b7c8fc657e0dab0f2506001ca4bb76e675ffd18a2b4d9c1e03b876e008a7a26

SHA512
3ed052eada11c3dc44f81f330bd2a2526170515bc6a90281872a93ee49f9add8c9ad36b9a9e9185e251d664c1694d06625e0148e113addc32e53d705d2655f03

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-core-timezone-l1-1-0.dll

Filesize
11KB

MD5
a9c7db516186c8e367fed757e238c61a

SHA1
1318d6496e7146e773aca85be6d0e9b87a09e284

SHA256
ded52bac23633a03341969c5b98b0d94d24fa3284c1ddd0c489e453b39cec659

SHA512
6aad003287afe86abccf34f6b15338c0c7380f4837805d919064a26380d2f3f7698515f927c148e618c12f0943d3621184bebc70a8b07eed64ad88689fbcc5cb

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-crt-convert-l1-1-0.dll

Filesize
15KB

MD5
c6385b316bb04ca36d76b077eeb9a61e

SHA1
fc376f68798fecd41fb1c936eed1bce3f2ee6bef

SHA256
060636cfc58587b4344a6d0ff4f44dd77266f2bbdb877cb50cb1b44a7e3969bc

SHA512
bddf0f34bedb17ecf1d270a0613f27d174ae04f920192d7d1af6c15245175318b29691e748c36e2ce0a3027495b2f5a0bb688ae16095fad9dcd8c283b6d1b1d4

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-crt-environment-l1-1-0.dll

Filesize
11KB

MD5
311e582d5d3d8421e883c4a8248eacc8

SHA1
c99e61d1446fce0f883a2aad261af22d77953a59

SHA256
369cc4d3bb05f4160a0bc9683feb1df2e94d02f061e4b23d53c3a6e2230cd5e4

SHA512
050ed1310e667e6bb22bb7952794745df1eee0c78f18240cc2217e748a11213d094b48153964c3da0ad8141da1709ece637315633396c77c035bb0565fa981b4

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-crt-filesystem-l1-1-0.dll

Filesize
13KB

MD5
10731d3320c12abb62d3866d7e728cce

SHA1
df4e131c825d1ca5cd14e00e5c04785d6ca508f7

SHA256
9f3eb90963916194f167e98e049707b14fa84a3f11cb8cc7b940d95956601700

SHA512
7eeef98682872fd95a38a03435546349c8488607e59870086b486b807e8b53893603175d9ad0f3b80c1924381daca8d14868a6079988a944b005783b4e2e358e

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-crt-heap-l1-1-0.dll

Filesize
12KB

MD5
cf5f256e8cd76ba85e6c3047f078814a

SHA1
b7cde77313ceaae76a46c1111b33b3d8f47c4214

SHA256
9382fc8d5cbcc23c5d05e6f48f4188af3f96efbbdc5a7ec05b37e252440ecfc1

SHA512
856eff4fff1d11a725af9c3e5ceac6d02a89297a16e97edec171839aa12c468fc37d60ec5df06d507cee695f71b7fbd4bc0ba51b7934d886e66a43b249e62da5

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-crt-locale-l1-1-0.dll

Filesize
11KB

MD5
60ffdc3ef20b127e3fd14a0719328c34

SHA1
b510833350328f79a79fa464ea9d5e9455643659

SHA256
43c9ea4ddecf2f34852559cf0b40b5261e6701d3743ab219f48d43a312707ad9

SHA512
caef6ee08c9f6fabecef1f0be37ab34e2d4dc22f15a775b2f0dcacda1f0fcdf2259399e6fbab85f0f00e8e4b03d77fe88b85b901a9ba2f775a50f2da724da26e

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-crt-math-l1-1-0.dll

Filesize
21KB

MD5
78dfcb76dc8b42411dbc682f78f5c6eb

SHA1
e50f6719fee44c70518cf8442737a688b5f45e62

SHA256
8673dd898f899de831fc3052c8b8254b7b85ee7f2b9b6c422736668689c9b14f

SHA512
968bb3bc952f4057f74c9c8825fcc2db34b9c56166ee39db3bab3d4ecf51fb65af250a8a65340274a1a0c0eed73b6c8962df5d2fce586c1ef4e19706edd5e6e1

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-crt-runtime-l1-1-0.dll

Filesize
15KB

MD5
8bd7a27e6ca969d3eb46086d411ce05d

SHA1
3bbf6f55853b1487debca58d7cb5c877d0abd517

SHA256
8edc95578b8c9ca93a65907e428fa2b57fef8370b902912689332bc61094904c

SHA512
fee8359398efe6a995a214d4e47de43aba12d33bb9cb1de18659d332d94ef83a4a77618b6caa9f455b0c6da4c10ab459209d483b9e778d9b522771ca692ca454

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-crt-stdio-l1-1-0.dll

Filesize
17KB

MD5
f681a45c47ebb2c56c1465677ec33ff3

SHA1
06bf7798c51325cf1806e14dea56ff98b05b7846

SHA256
3a03d727d291be57057587227273af410eda935438d8a0a165ec63ae772809af

SHA512
eeb05f1af7e1c714c658e9aa06e8c6dbeeb5f2e8dcf3fdb7b9b408018e41402d83893472114e0cf6d3a9a3bf54ec45c4f7a4840a09570d190277aa3514681ab8

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-crt-string-l1-1-0.dll

Filesize
17KB

MD5
00446e48d60abf044acc72b46d5c3afb

SHA1
0ccc0c5034ac063e1d4af851b0de1f4ea99aff97

SHA256
82d26998b4b3c26dbc1c1fff9d6106109a081205081d3c0669e59d20d918bc5a

SHA512
69114f0efb3c853bffb55c15e5ad1b7919057a676056d57634a6a39916e232cde2dcdc49ea0f9751ddea6550ffa58f84b1f8918b3c9fd7e88c8b8f7eb4afeaf2

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-crt-time-l1-1-0.dll

Filesize
13KB

MD5
376b4a7a02f20ed3aede05039ec3daf0

SHA1
c9149b37f85cfc724bedc0ecd543d95280055de1

SHA256
b0b8fc7de3641c3f23d30a4792c8584db33db6133ee29135c70bb504e80e4a2c

SHA512
ff7fba7cd8c9b55c1c87104d7d9074ef0eed524b02480ecf2c80e5cd489c568e1ed63bc62699a03272cab3dcbf20e6437e1f47ce112bcb3336d27ed2790430c5

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-crt-utility-l1-1-0.dll

Filesize
11KB

MD5
6376bf5bac3f0208f0a5d11415ccd444

SHA1
c3fe96e51c3f3e622dcedd2ddf8d23f9442361b8

SHA256
e36763df57cd26ec2b4d52e27de51a4ca6f18caf86cbac8307bf4817705f9a0e

SHA512
9614e423c850bdb584f18555825214d42106966b1ee71e75ba7407591aa5de407b43909ce972e1923df82e9a0e953597fe19646296962194ebeb1579493d91c2

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\avif.dll

Filesize
146KB

MD5
5b9e4a178a17b8c0e33a1737cff7de66

SHA1
c18b1df7b2594719f6acb08418138b26130e1ae6

SHA256
5cfe70655b6c8095fe2e8213cb45490839e56ec7da30ddb21e2b8842a97d8980

SHA512
cc55891200702ad0f4734f8d1bf1158356830d040e34251b08832c412c58bbb41fcd84a5a1c6d66cee9f48bd328b314b285f5f5812c83da61a2742ebc4e8058c

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\libtape4.dll

Filesize
508KB

MD5
f0388abdd873837a79552f6048ef20e4

SHA1
24b4e418c981855a42cad320fd5bc3723c86090d

SHA256
7701eceb12534cc25625b1c5ca0f062bb4966d1c5a1692d6cc8cb98d277bf531

SHA512
1389d546f2490f764bd2437d8b41e32655f1413e3cd0e6d44820dc5097053c878371bb3514e28b71ad98b37df7443d62c1373cc20864d5793f071277da181310

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\mia.lib

Filesize
441KB

MD5
dcb76e96a8361ae6e26a9b998b3c76aa

SHA1
b85b66b30500ce9e3a3f98067ded2266ef6dd9bf

SHA256
1b3261b635bbe6c1b1a8685d7b661caf52c1cc6adc1d6d8837338efa70b9b170

SHA512
068b0968540bbfa359802c46cc80b5eb08605c61e2d166b9435e69a9e7d0a1a6aba6402bd1c8be1424a8240fb70a59f7abcd3adb758868585384ef2bfc2e2f4f

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\miaui.exe

Filesize
6.4MB

MD5
0b3fa08d620d6cdc2619559783ae15f3

SHA1
42c106f57b9c6e536ed14861f1318d8375334519

SHA256
ef4ae923ae93199694518595dacf4911d5f68b75c77018d3252067c3c112be6d

SHA512
08c5e813c098e2ea27e5b09e008df5601999d69563cf1983accb4a6a6ea14b15285b5c1b154b4276d66364945bac4020413474f3591541b18999e165f1af04f4

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\ucrtbase.DLL

Filesize
880KB

MD5
5dafe0bfb955e780b3d50da4524b752f

SHA1
91c0d9fabe748d373215ba21b90278671b5f8957

SHA256
6255112c9978c07a05c6feaee01cf4be74b2920dc7017fbc1a42f8f5d23c20f9

SHA512
37fd37f3ad87838f596d1e8e497fe66d1a1c4128625ab456ec850179dd1e1f33cf4945d0faaf6cdbd1ed586ecfb7ff3e7cf10a88a823cc5eb06c2fc4fa16bff3

Download Submit
C:\Users\Admin\AppData\Roaming\Helicon Focus Manager\uimaster.dll

Filesize
224KB

MD5
f97e2d50aa08397b2722208fd1b78f0a

SHA1
fb312c35f21f048c8a6e0548619b254d74c7a8ae

SHA256
049ae45ff7dbd1e4728c497bf18d66b71503f8ba54e2059eb9774a3f576561b6

SHA512
3532a0a4c81714a49a49aa15cb3a9433a9e30ecd2cd129ddb01779a462ec43e728976a5937d206aded048c5d379f0b4ab3e4781bbfa565fbcb4512c35d03f825

Download Submit
\Users\Admin\AppData\Local\Temp\BRL00000234\BRCD5E.tmp

Filesize
99KB

MD5
2c9676a3167739f36912818acb8e9860

SHA1
cd9e5e56cc408c40c45caf49614c26fc7fde39f6

SHA256
75fc64a55afa86173947948d78ba5de98dfc35c487166a6682fe71ed5f6f877a

SHA512
a6c375511d9d339b889adcca4a95bc23df9e207f86605f6d6d04ab7e211901cdc3012860ed844a5c36737369e01dc70b212f5960d8a662fdc720ad98e1202aa1

Download Submit
\Users\Admin\AppData\Local\Temp\BRL00000234\BRCDEB.tmp

Filesize
288KB

MD5
122a3741699fb5c0950273245c9dea15

SHA1
811f9149e3310a8e6521da156f92f3aaab012145

SHA256
f675eba3b22e0a2238ec4961d99de3bacca0ab553ab26eecb49800a12a9371ab

SHA512
567c480f70fdc78769ae45bf83b6632f7ab380ebeb00689028d39ff03840c8b778149a3fafe1dab2ac77a1fd17a23b09f58774b1c5e791bfd33b99528225eccc

Download Submit
\Users\Admin\AppData\Local\Temp\BRL00000234\BRCEA8.tmp

Filesize
35KB

MD5
08ad4cd2a940379f1dcdbdb9884a1375

SHA1
c302b7589ba4f05c6429e7f89ad0cb84dd9dfbac

SHA256
78827e2b1ef0aad4f8b1b42d0964064819aa22bfcd537ebaacb30d817edc06d8

SHA512
f37bd071994c31b361090a149999e8b2d4a7839f19ea63e1d4563aada1371be37f2bfcc474e24de95ff77ca4124a39580c9f711e2fbe54265713ab76f631835a

Download Submit
\Users\Admin\AppData\Local\Temp\BRL00000234\BRCED7.tmp

Filesize
169KB

MD5
cf2d7b4de923b25955d96d2e65ce76bc

SHA1
8feee81fe77a7649b969d375778d2b78d842cf48

SHA256
0912c84ded4670c427db1f405eb68a5763eae8fa0a735abe44eea81be7dc44ea

SHA512
d26a0983f0323655eddc48863a409d172a4623bd7ed465b5a4675477938de10127323040da77c80201c3a816315d98cace5194207e22b0a6ac2e65ae6795dc4f

Download Submit
\Users\Admin\AppData\Local\Temp\BRL00000234\BRCF26.tmp

Filesize
532KB

MD5
a6f7a08b0676f0564a51b5c47973e635

SHA1
d56f5f9e2580b81717317da6582da9d379426d5b

SHA256
5dd27e845af9333ad7b907a37ab3d239b75be6ccc1f51ef4b21e59b037ce778c

SHA512
1101813034db327af1c16d069a4dfa91ab97ee8188f9ed1a6da9d25558866e7e9af59102e58127e64441d3e4a768b2ad788fd0e5a16db994a14637bfbade2954

Download Submit
\Users\Admin\AppData\Local\Temp\BRL00000234\BRCF95.tmp

Filesize
72KB

MD5
c04970b55bcf614f24ca75b1de641ae2

SHA1
52b182caef513ed1c36f28eb45cedb257fa8ce40

SHA256
5ddee4aab3cf33e505f52199d64809125b26de04fb9970ca589cd8619c859d80

SHA512
a5f2660e336bf74a1936fb2e1c724220d862632907f5fd690b365009ac3e1bf35fa6689071f3da4049e495f340ff83f8438b79079ef1f248b9dcaedbdd5d3e40

Download Submit
\Users\Admin\AppData\Local\Temp\BRL00000234\BRD540.tmp

Filesize
14KB

MD5
77fe66d74901495f4b41a5918acd02ff

SHA1
ce5bbd53152cd5b03df8bcc232a1aea36a012764

SHA256
b017168c69ef40115141813e47122391602e1af28af342c56495b09f1c3c7522

SHA512
cc6e323d0076577a0a04dbe2c33d90dc616cb5ec3637d3df67cbf169766ca2e6de567fcff4f32938fd6118d98e4796642a3010b7264f0ae247fa8f0fe079bd70

Download Submit
\Users\Admin\AppData\Local\Temp\BRL00000234\BRD63B.tmp

Filesize
14KB

MD5
d74aadd701bfacc474c431acab7b9265

SHA1
8a2b424d1f949430ddc1faddee3e9ccb79c95de2

SHA256
f1029f5cca3dabfeffe2c9db6ad84a9ff0f64f5b2fb85cb6ab348740f756e07d

SHA512
0ef85e311fb4843997fd5f87f0a2eec9715e26eae76bfb7bb701d8c043720aeaf7f4825d25187bf35e0a9f00def15ed071120128805445f1330c07c3e0ea5ced

Download Submit
\Users\Admin\AppData\Local\Temp\BRL00000234\BRD793.tmp

Filesize
366KB

MD5
0700f3dbe367287ce10472cffbd3d7d1

SHA1
079790389532599ce04fd82c2b89db5e4dedf26c

SHA256
77e46a6a8fbc079cdb1d3ee299af36c3d1881d38d93c4e0551f114965cdaf10f

SHA512
28eb67d348c8e9e36032d041315b6ee790d2e9021a3a657a7fe33c66ad1f8daa5b3e0833a2a432cb4a4c5795fea5a80a1810440fb441b6f0d56cf0d00d3e0a17

Download Submit
\Users\Admin\AppData\Local\Temp\BRL00000234\BRD7F2.tmp

Filesize
74KB

MD5
924b90c3d9e645dfad53f61ea4e91942

SHA1
65d397199ff191e5078095036e49f08376f9ae4e

SHA256
41788435f245133ec5511111e2c5d52f7515e359876180067e0b5ba85c729322

SHA512
76833708828c8f3fad941abeea158317aff98cf0691b5d5dfa4bca15279cdad1cc23a771258e4de41cf12a58f7033a3ee08b0b5eb834d22be568ea98b183ccd9

Download Submit
\Users\Admin\AppData\Local\Temp\BRL00000234\BRD812.tmp

Filesize
150KB

MD5
efd81ea220094b0e91630b648d00e731

SHA1
226635424baf8146af055908c4c12b0a3faecd4f

SHA256
931c52c91ffbe12d820ff96570ba8db8abc36ac2fb852c87f2ef99271d7183fa

SHA512
fca9ffbcf94507cda23b5a68c4a598a25f0a0e22a7d429a125acbf95bdd03fd63ac80cf8738ae22d1730a73edb3325edc5b85af8d3337a62a97ac0f63dbccdbe

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\aom.dll

Filesize
9.3MB

MD5
d363cff6d20c8ad0d8ca07eda6bcf78c

SHA1
9938e39d61035731588669253486eed512f47bc4

SHA256
b36c801adf3cf0c427b6eb74b3378010822fed8b9e3d266211d4d9dd1ddf3180

SHA512
e99423c9ecd1dcd333c031cb0ac36e0a9e84c45530c948119487034e7dca8ae3d6207b4f6b905d56864bd50babc3eb7d9b2fd944b5f0acb4172c567c0a3bd12d

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-core-file-l1-2-0.dll

Filesize
11KB

MD5
86279521328398e87699d248628eb13a

SHA1
e4d4c39bda90635f1f5c2fc58b1304e2daac9caf

SHA256
3c9b67616fd0ceb3dd92e605918b08556683ebab5537aa76dff300fbd54b0337

SHA512
2cc328955611ad8369ff9facf9c1aabe99a20c3ded2977ad86c69e0f54acd78fa6f572ed688625c8c63016826a10b3578e3c186ef2b39c4bf393ab5e399913a6

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-core-file-l2-1-0.dll

Filesize
11KB

MD5
422adad24e8da100f85bf3de86b5f302

SHA1
7004b3ed8663b5890cd25e1a7899a766be912728

SHA256
e04642684dc7376839c570bc11e9b46cae14420f1a85f7562fd2c4d656a22956

SHA512
e689ecb1a1cb1e7735cb6a961fd054d87bcad01acf76950b14a3bf4e08ddb7a8d31805c203374ee081a4ec13c40b25b3dc83b3895b9bfbd9c135673e98e6ee63

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-core-localization-l1-2-0.dll

Filesize
13KB

MD5
602a35b140d9d68d7b3e488896158365

SHA1
f1ba615abb54ff786ddbc74dffffd56394bfc892

SHA256
43b98f74476c86107c8317749f54a107e2955696e4f79d3d02683dd7034d1d52

SHA512
4388947f90838cae8b5f8137c9ed2a099028b4341da8c574d536c6ad096bad0e217e105f0367750c70e3d3ca4857255b674955c71ecff0fda9c47a4b1951b8b6

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
11KB

MD5
a07afa26ab56a8d3b8b16591a1962005

SHA1
2b6f3143487f747911ee20f039f1ffb1381858ac

SHA256
6be230837149dc2a8c7772142a674c3f90930a55da7f91d791942d8276d5440b

SHA512
b77b277d10cf6b8d209679684ead55b4347caef3213acdccdee35b5d4fe0e3fc136daf057830512c5473c4653a8d66357927c4b7d204c07d7508f792299d7fe9

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-core-synch-l1-2-0.dll

Filesize
11KB

MD5
ed215daa7493bf93c5eadef178a261e0

SHA1
b20c8dc7ba00f98a326f5f4fd55329b72f8e5699

SHA256
8b7c8fc657e0dab0f2506001ca4bb76e675ffd18a2b4d9c1e03b876e008a7a26

SHA512
3ed052eada11c3dc44f81f330bd2a2526170515bc6a90281872a93ee49f9add8c9ad36b9a9e9185e251d664c1694d06625e0148e113addc32e53d705d2655f03

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-core-timezone-l1-1-0.dll

Filesize
11KB

MD5
a9c7db516186c8e367fed757e238c61a

SHA1
1318d6496e7146e773aca85be6d0e9b87a09e284

SHA256
ded52bac23633a03341969c5b98b0d94d24fa3284c1ddd0c489e453b39cec659

SHA512
6aad003287afe86abccf34f6b15338c0c7380f4837805d919064a26380d2f3f7698515f927c148e618c12f0943d3621184bebc70a8b07eed64ad88689fbcc5cb

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-crt-convert-l1-1-0.dll

Filesize
15KB

MD5
c6385b316bb04ca36d76b077eeb9a61e

SHA1
fc376f68798fecd41fb1c936eed1bce3f2ee6bef

SHA256
060636cfc58587b4344a6d0ff4f44dd77266f2bbdb877cb50cb1b44a7e3969bc

SHA512
bddf0f34bedb17ecf1d270a0613f27d174ae04f920192d7d1af6c15245175318b29691e748c36e2ce0a3027495b2f5a0bb688ae16095fad9dcd8c283b6d1b1d4

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-crt-environment-l1-1-0.dll

Filesize
11KB

MD5
311e582d5d3d8421e883c4a8248eacc8

SHA1
c99e61d1446fce0f883a2aad261af22d77953a59

SHA256
369cc4d3bb05f4160a0bc9683feb1df2e94d02f061e4b23d53c3a6e2230cd5e4

SHA512
050ed1310e667e6bb22bb7952794745df1eee0c78f18240cc2217e748a11213d094b48153964c3da0ad8141da1709ece637315633396c77c035bb0565fa981b4

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-crt-filesystem-l1-1-0.dll

Filesize
13KB

MD5
10731d3320c12abb62d3866d7e728cce

SHA1
df4e131c825d1ca5cd14e00e5c04785d6ca508f7

SHA256
9f3eb90963916194f167e98e049707b14fa84a3f11cb8cc7b940d95956601700

SHA512
7eeef98682872fd95a38a03435546349c8488607e59870086b486b807e8b53893603175d9ad0f3b80c1924381daca8d14868a6079988a944b005783b4e2e358e

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-crt-heap-l1-1-0.dll

Filesize
12KB

MD5
cf5f256e8cd76ba85e6c3047f078814a

SHA1
b7cde77313ceaae76a46c1111b33b3d8f47c4214

SHA256
9382fc8d5cbcc23c5d05e6f48f4188af3f96efbbdc5a7ec05b37e252440ecfc1

SHA512
856eff4fff1d11a725af9c3e5ceac6d02a89297a16e97edec171839aa12c468fc37d60ec5df06d507cee695f71b7fbd4bc0ba51b7934d886e66a43b249e62da5

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-crt-locale-l1-1-0.dll

Filesize
11KB

MD5
60ffdc3ef20b127e3fd14a0719328c34

SHA1
b510833350328f79a79fa464ea9d5e9455643659

SHA256
43c9ea4ddecf2f34852559cf0b40b5261e6701d3743ab219f48d43a312707ad9

SHA512
caef6ee08c9f6fabecef1f0be37ab34e2d4dc22f15a775b2f0dcacda1f0fcdf2259399e6fbab85f0f00e8e4b03d77fe88b85b901a9ba2f775a50f2da724da26e

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-crt-math-l1-1-0.dll

Filesize
21KB

MD5
78dfcb76dc8b42411dbc682f78f5c6eb

SHA1
e50f6719fee44c70518cf8442737a688b5f45e62

SHA256
8673dd898f899de831fc3052c8b8254b7b85ee7f2b9b6c422736668689c9b14f

SHA512
968bb3bc952f4057f74c9c8825fcc2db34b9c56166ee39db3bab3d4ecf51fb65af250a8a65340274a1a0c0eed73b6c8962df5d2fce586c1ef4e19706edd5e6e1

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-crt-runtime-l1-1-0.dll

Filesize
15KB

MD5
8bd7a27e6ca969d3eb46086d411ce05d

SHA1
3bbf6f55853b1487debca58d7cb5c877d0abd517

SHA256
8edc95578b8c9ca93a65907e428fa2b57fef8370b902912689332bc61094904c

SHA512
fee8359398efe6a995a214d4e47de43aba12d33bb9cb1de18659d332d94ef83a4a77618b6caa9f455b0c6da4c10ab459209d483b9e778d9b522771ca692ca454

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-crt-stdio-l1-1-0.dll

Filesize
17KB

MD5
f681a45c47ebb2c56c1465677ec33ff3

SHA1
06bf7798c51325cf1806e14dea56ff98b05b7846

SHA256
3a03d727d291be57057587227273af410eda935438d8a0a165ec63ae772809af

SHA512
eeb05f1af7e1c714c658e9aa06e8c6dbeeb5f2e8dcf3fdb7b9b408018e41402d83893472114e0cf6d3a9a3bf54ec45c4f7a4840a09570d190277aa3514681ab8

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-crt-string-l1-1-0.dll

Filesize
17KB

MD5
00446e48d60abf044acc72b46d5c3afb

SHA1
0ccc0c5034ac063e1d4af851b0de1f4ea99aff97

SHA256
82d26998b4b3c26dbc1c1fff9d6106109a081205081d3c0669e59d20d918bc5a

SHA512
69114f0efb3c853bffb55c15e5ad1b7919057a676056d57634a6a39916e232cde2dcdc49ea0f9751ddea6550ffa58f84b1f8918b3c9fd7e88c8b8f7eb4afeaf2

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-crt-time-l1-1-0.dll

Filesize
13KB

MD5
376b4a7a02f20ed3aede05039ec3daf0

SHA1
c9149b37f85cfc724bedc0ecd543d95280055de1

SHA256
b0b8fc7de3641c3f23d30a4792c8584db33db6133ee29135c70bb504e80e4a2c

SHA512
ff7fba7cd8c9b55c1c87104d7d9074ef0eed524b02480ecf2c80e5cd489c568e1ed63bc62699a03272cab3dcbf20e6437e1f47ce112bcb3336d27ed2790430c5

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\api-ms-win-crt-utility-l1-1-0.dll

Filesize
11KB

MD5
6376bf5bac3f0208f0a5d11415ccd444

SHA1
c3fe96e51c3f3e622dcedd2ddf8d23f9442361b8

SHA256
e36763df57cd26ec2b4d52e27de51a4ca6f18caf86cbac8307bf4817705f9a0e

SHA512
9614e423c850bdb584f18555825214d42106966b1ee71e75ba7407591aa5de407b43909ce972e1923df82e9a0e953597fe19646296962194ebeb1579493d91c2

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\avif.dll

Filesize
146KB

MD5
5b9e4a178a17b8c0e33a1737cff7de66

SHA1
c18b1df7b2594719f6acb08418138b26130e1ae6

SHA256
5cfe70655b6c8095fe2e8213cb45490839e56ec7da30ddb21e2b8842a97d8980

SHA512
cc55891200702ad0f4734f8d1bf1158356830d040e34251b08832c412c58bbb41fcd84a5a1c6d66cee9f48bd328b314b285f5f5812c83da61a2742ebc4e8058c

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\libtape4.dll

Filesize
508KB

MD5
f0388abdd873837a79552f6048ef20e4

SHA1
24b4e418c981855a42cad320fd5bc3723c86090d

SHA256
7701eceb12534cc25625b1c5ca0f062bb4966d1c5a1692d6cc8cb98d277bf531

SHA512
1389d546f2490f764bd2437d8b41e32655f1413e3cd0e6d44820dc5097053c878371bb3514e28b71ad98b37df7443d62c1373cc20864d5793f071277da181310

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\mia.lib

Filesize
441KB

MD5
dcb76e96a8361ae6e26a9b998b3c76aa

SHA1
b85b66b30500ce9e3a3f98067ded2266ef6dd9bf

SHA256
1b3261b635bbe6c1b1a8685d7b661caf52c1cc6adc1d6d8837338efa70b9b170

SHA512
068b0968540bbfa359802c46cc80b5eb08605c61e2d166b9435e69a9e7d0a1a6aba6402bd1c8be1424a8240fb70a59f7abcd3adb758868585384ef2bfc2e2f4f

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\miaui.exe

Filesize
6.4MB

MD5
0b3fa08d620d6cdc2619559783ae15f3

SHA1
42c106f57b9c6e536ed14861f1318d8375334519

SHA256
ef4ae923ae93199694518595dacf4911d5f68b75c77018d3252067c3c112be6d

SHA512
08c5e813c098e2ea27e5b09e008df5601999d69563cf1983accb4a6a6ea14b15285b5c1b154b4276d66364945bac4020413474f3591541b18999e165f1af04f4

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\miaui.exe

Filesize
6.4MB

MD5
0b3fa08d620d6cdc2619559783ae15f3

SHA1
42c106f57b9c6e536ed14861f1318d8375334519

SHA256
ef4ae923ae93199694518595dacf4911d5f68b75c77018d3252067c3c112be6d

SHA512
08c5e813c098e2ea27e5b09e008df5601999d69563cf1983accb4a6a6ea14b15285b5c1b154b4276d66364945bac4020413474f3591541b18999e165f1af04f4

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\msvcp140.dll

Filesize
428KB

MD5
fdd04dbbcf321eee5f4dd67266f476b0

SHA1
65ffdfe2664a29a41fcf5039229ccecad5b825b9

SHA256
21570bcb7a77e856f3113235d2b05b2b328d4bb71b4fd9ca4d46d99adac80794

SHA512
04cfc3097fbce6ee1b7bac7bd63c3cffe7dca16f0ec9cd8fe657d8b7ebd06dcba272ff472f98c6385c3cfb9b1ac3f47be8ca6d3ea80ab4aeed44a0e2ce3185dd

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\ucrtbase.dll

Filesize
880KB

MD5
5dafe0bfb955e780b3d50da4524b752f

SHA1
91c0d9fabe748d373215ba21b90278671b5f8957

SHA256
6255112c9978c07a05c6feaee01cf4be74b2920dc7017fbc1a42f8f5d23c20f9

SHA512
37fd37f3ad87838f596d1e8e497fe66d1a1c4128625ab456ec850179dd1e1f33cf4945d0faaf6cdbd1ed586ecfb7ff3e7cf10a88a823cc5eb06c2fc4fa16bff3

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\uimaster.dll

Filesize
224KB

MD5
f97e2d50aa08397b2722208fd1b78f0a

SHA1
fb312c35f21f048c8a6e0548619b254d74c7a8ae

SHA256
049ae45ff7dbd1e4728c497bf18d66b71503f8ba54e2059eb9774a3f576561b6

SHA512
3532a0a4c81714a49a49aa15cb3a9433a9e30ecd2cd129ddb01779a462ec43e728976a5937d206aded048c5d379f0b4ab3e4781bbfa565fbcb4512c35d03f825

Download Submit
\Users\Admin\AppData\Roaming\Helicon Focus Manager\vcruntime140.dll

Filesize
77KB

MD5
ba65db6bfef78a96aee7e29f1449bf8a

SHA1
06c7beb9fd1f33051b0e77087350903c652f4b77

SHA256
141690572594dbd3618a4984712e9e36fc09c9906bb845ce1a9531ac8f7ad493

SHA512
ca63eeac10ef55d7e2e55479b25cf394e58aef1422951f361f762ab667f72a3454f55afc04e967e8cdd20cf3eebe97083e0438ea941916a09e7d091818ea830e

Download Submit
memory/564-54-0x0000000075FF1000-0x0000000075FF3000-memory.dmp

Filesize
8KB

Download
memory/1092-121-0x0000000004630000-0x00000000049B0000-memory.dmp

Filesize
3.5MB

Download
memory/1092-122-0x0000000004630000-0x00000000049B0000-memory.dmp

Filesize
3.5MB

Download
memory/1092-123-0x0000000004AB0000-0x0000000004B6C000-memory.dmp

Filesize
752KB

Download
memory/1092-131-0x0000000004630000-0x00000000049B0000-memory.dmp

Filesize
3.5MB

Download
memory/1504-132-0x00000000046B0000-0x0000000004A30000-memory.dmp

Filesize
3.5MB

Download
memory/1504-133-0x0000000004B30000-0x0000000004BEC000-memory.dmp

Filesize
752KB

Download
memory/1504-139-0x00000000046B0000-0x0000000004A30000-memory.dmp

Filesize
3.5MB

Download