dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319

Analysis

max time kernel
139s
max time network
165s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
28/11/2022, 02:21

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
Size

2.4MB
MD5

32b7d4dfc8b7d51c602cdbf1956eb445
SHA1

60fb3c6e8aa73b4ceb99cbfdf4cf34d4fcee81d5
SHA256

dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319
SHA512

7e17d658502c7f3aa0250a2a09b07e642ae1ef6cbd07768499e3907b11744dc6cbcdcd711cecd400ebf61eabcdbebfcec1439a99106c49a25f063534aebe9926
SSDEEP

49152:LKwdC2Uz6fIwlYXLRnTWjEwE71gmNTzsHWFgP476dDNlJwiSbKAL:LKaC2USIwl8pdmmZzk5PlxNlJwFK+

Score

9^/10

discovery

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 2 IoCs

Detects file using ACProtect software.

resource	yara_rule
behavioral2/files/0x0009000000022e2f-134.dat	acprotect
behavioral2/files/0x0009000000022e2f-133.dat	acprotect

Executes dropped EXE 1 IoCs

pid	Process
1776	WAVETO~1.EXE

Loads dropped DLL 20 IoCs

pid	Process
1952	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
1952	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
1952	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
1776	WAVETO~1.EXE
1776	WAVETO~1.EXE
1776	WAVETO~1.EXE
1776	WAVETO~1.EXE
1776	WAVETO~1.EXE
1776	WAVETO~1.EXE
1776	WAVETO~1.EXE
1776	WAVETO~1.EXE
1776	WAVETO~1.EXE
1776	WAVETO~1.EXE
1776	WAVETO~1.EXE
1776	WAVETO~1.EXE
1776	WAVETO~1.EXE
1776	WAVETO~1.EXE
1776	WAVETO~1.EXE
1776	WAVETO~1.EXE
1776	WAVETO~1.EXE

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\WaveToMidi 2.2\CurrentSession.wmo	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\options\live concert.wmo	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\png.dll	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\snack2.2\libsound.dll	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\tclpip83.dll	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\uninstall.ini	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\tclmidi.dll	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\WaveToMidi_Help.html	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\img1283.dll	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\options\guitar and voice.wmo	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\options\voice solo.wmo	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\snack2.2\libsnack.dll	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\snack2.2\libsquare.dll	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\options\recordguitar.wmo	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\snack2.2\snack.tcl	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\snack2.2\snackstub22.lib	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\_ci_gentee_	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\options\default.wmo	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\options\guitar and voice.wmo	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\options\solo.wmo	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\play.png	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\png.dll	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\options\guitarsolorecord.wmo	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\options\piano.wmo	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\options\voice solo record.wmo	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\snack2.2\snackstub22.lib	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\tcl83.dll	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\start2.png	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\stop.png	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\w2m.dll	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\setupopt.cfg	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\snack2.2\libsound.dll	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\zlib.dll	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\CurrentSession.wmo	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\options\guitar solo.wmo	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\start2.png	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\tclmidi.dll	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\uninstall.exe	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\play.png	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\setupopt.cfg	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\snack2.2\pkgIndex.tcl	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\options\guitar solo.wmo	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\options\record guitar2.wmo	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\snack2.2\snack.tcl	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\WaveToMidi.exe	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\WaveToMidi_Help.html	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\filebrowse.png	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\LLICENCIA STANDARD SOFT EN ANGLES.txt	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\snack2.2\libsquare.dll	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\tcl83.dll	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\tk83.dll	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\img1283.dll	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\LLICENCIA STANDARD SOFT EN ANGLES.txt	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\options\default.wmo	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\options\guitarsolorecord.wmo	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\snack2.2\libsnack.dll	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\stop.png	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\w2m.dll	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\zlib.dll	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\CurrentSession.cfg	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\filebrowse.png	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File opened for modification	C:\Program Files (x86)\WaveToMidi 2.2\options\recordguitar.wmo	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\options\voice solo record.wmo	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
File created	C:\Program Files (x86)\WaveToMidi 2.2\options\voice solo.wmo	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1952	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1952 wrote to memory of 1776	1952	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe	83
PID 1952 wrote to memory of 1776	1952	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe	83
PID 1952 wrote to memory of 1776	1952	dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe	83

C:\Users\Admin\AppData\Local\Temp\dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe
"C:\Users\Admin\AppData\Local\Temp\dbb2f397aa0d8c4597c85bfc3a3502cf7bb75ffca280960deeb5ef48e91cf319.exe"
1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Modifies registry class
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1952
- C:\PROGRA~2\WAVETO~1.2\WAVETO~1.EXE
  C:\PROGRA~2\WAVETO~1.2\WAVETO~1.EXE
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:1776

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3376

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2e0 0x2f4
1⤵
PID:3764

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\PROGRA~2\WAVETO~1.2\CurrentSession.cfg

Filesize
172B

MD5
efc01516ca44742773cb6ed45375dd6b

SHA1
59035d4545eb4d9ccbfbbc2f96375f774cfca24a

SHA256
0fdffa6693cffe7f3226f48a1346673bacfbf21927a217067440dc0fcefad465

SHA512
b9f3456c5fb05692c1a9fb8c5f581aaef413d4ab1c933ea7f2ba6b76a0183debe24177a9188ca2f0ca5a6c1eac1bf6b5a3e1fee27a6b5ca14a916be77f9225d6

Download Submit
C:\PROGRA~2\WAVETO~1.2\CurrentSession.wmo

Filesize
752B

MD5
176860c60353db3ce94f0680458aa4f0

SHA1
05f0b9126e8da24a009edf37f3a663cfa835efc3

SHA256
5ed9a5d3ed7b2402ab15db26f2f9b398c19987bab5bdab2d066e568dd94b64cd

SHA512
c223c0a1105b28ae3105422d8c95335dbea82585d137f81e362daa28d785191a670f097a8f3d90e5138f18f1d295aa44e69e68baf05e2745462bd66ae267d809

Download Submit
C:\PROGRA~2\WAVETO~1.2\WAVETO~1.EXE

Filesize
907KB

MD5
fa5a718d64184dfe21479c66e6b12be1

SHA1
27b0f80b8142392f5c291a44a01b54762ca958b6

SHA256
ffe81f5edace4c24fa248506af7c51db1977828c218bedf7d94516bc7c220863

SHA512
6128f894ff918244e63b75f818af8762a28f1b3a3d04595a235a0294df2f9f73fa41552609cf4575e22d213c96bb9511b2dc4af2e251ed43673445f2a6da1b7c

Download Submit
C:\PROGRA~2\WAVETO~1.2\img1283.dll

Filesize
92KB

MD5
c6d4c52888c364282695b0dc4ba806ca

SHA1
b7cb4a86967063237e61f4eaeccbd7b45467f93b

SHA256
1262724c466b10cdb5f7bad352e8e74fd91ff8ad74e4e80db9735d3b5fa1694d

SHA512
71826c3176a2eaa55a9dd36acf56b3bd7d572175f61f108fa21c87cfe2959d54a9b2a542c77b166fdba772e0b6dc735b7a1171b279ff11d866b1b9a309f9d498

Download Submit
C:\PROGRA~2\WAVETO~1.2\png.dll

Filesize
85KB

MD5
9d731233061c1a5b182cfd3ed68df2a0

SHA1
65bbb64ac8778c5d66abbffc165477c99d28cf22

SHA256
9cbb1ab96d2e86d1ee0bd681fa582c67807c2623201c534fdd1dd486ee18371c

SHA512
19492cbbdc78eff00247d1e327f8d44f89f3d96987eed9171dac2e8b81bb5e7aaa51a16dc43850f5abbc603617741ff94aa0be3bdb1dda186b1186bd679a2d9b

Download Submit
C:\PROGRA~2\WAVETO~1.2\setupopt.cfg

Filesize
102B

MD5
7972d218982697f8434ff5300f982993

SHA1
d0ce370f849b9fa815b73d321d14542afda1623a

SHA256
faf6daf15a3d0cbc7b515bc30e5d5386df68a34ec343c2f154ff9bd5c7eaf25d

SHA512
09c33c728eeb4e105c3852255801ff98bb2a1f30db9dda2e8d6bd48f894d72163a41a6490fac3862dc1b6f5f789b6f6d70cb8d5028c93a2732aa01774df40c9c

Download Submit
C:\PROGRA~2\WAVETO~1.2\snack2.2\libsnack.dll

Filesize
340KB

MD5
b7831c641dc7dcaa3c448a6ddbc46ee9

SHA1
eb1faf804b4e6fe42d1f18250668f2e28c0c7f05

SHA256
2d6632c23f3c8861ba828117caf0b8433573a03c758394b21ba048990b040ada

SHA512
93dc022d3d75b34aa8725bae14a4ccbcc1edbbf6eadf79861dd1d779df3881a587e21443a7542ac97d8a0f21d8c119563b6893da3d852153ce94420342e3ceed

Download Submit
C:\PROGRA~2\WAVETO~1.2\snack2.2\libsound.dll

Filesize
300KB

MD5
0895045858db08a5400ab1939aeba5e6

SHA1
4eb32bfd3a8bbacc9d32311fa9a54d3da6b65ae9

SHA256
ff117ff7098cface925f158c344c566994f816b0f7adbf4020cdd5141f3b70ef

SHA512
6412646d2cae75428cbde6275f7976f8859fe2f93ed9d6a44e4d09c6e62432949b88399dc5c3a6db49174164a10b2695c85c6d9f95f4fbc4e91b6437d3239cef

Download Submit
C:\PROGRA~2\WAVETO~1.2\snack2.2\pkgIndex.tcl

Filesize
512B

MD5
fcf4c004ea64beed5d7480c57a73ae0f

SHA1
d399ba57a7735fb4abe6d875cf923a6aee0c1594

SHA256
9bd24516eadabfe3caa406fb02ae090a7ef6af4feb6c94345994bd1db73783f1

SHA512
aca0df70cf9922b6ca8ba2fe58059ef3143dc67cc7131d65df53df0a28cbfa486df8c22471a1ad30a2c1a1b22db37187aad67f68d1667a7532580800291dd78c

Download Submit
C:\PROGRA~2\WAVETO~1.2\snack2.2\snack.tcl

Filesize
34KB

MD5
ee3deb5ad0c5f4be2a7f3b925a9a9c9f

SHA1
67d7b337854f5b74b2648d22987e8c7f99af26eb

SHA256
b14331153e0523cc28b5dfe3c4e5efef2f58a8709fedbfc6bf60412932e28a01

SHA512
c265770639155e1a611d219442f23231fe225caf9871d6e3c9380ed05646d6853b7764712270656a16a03cfa57c606f3eb650f0575d135d193c5ae55db90293f

Download Submit
C:\PROGRA~2\WAVETO~1.2\tcl83.dll

Filesize
616KB

MD5
f5968f9c980ae4532fffb55e80b99edc

SHA1
ff077def559011163d998661c04e71a4af9e09e0

SHA256
8ba48b645bb32a0ec985ef1dc54acf477462714773c16e29bb18678cac93cb17

SHA512
abc4ef4620246bfdc233afce0627343b43f17cf273801c47fa05c10407a62716cc605c5242d8ac94034600287392433c935e7dda8512fb76851f9b3773b514fa

Download Submit
C:\PROGRA~2\WAVETO~1.2\tclmidi.dll

Filesize
168KB

MD5
d36e76755378a507f98bcc2c8992033c

SHA1
4429edd903d6c216d22b414e7c2b6b4b7b4f3a84

SHA256
eec1b21bb3fee3d19652ece9f6eacba060a5c256a9984209ed4e0523564bb632

SHA512
eb121a96eb94bd76b4fc200272bbba1af322242ba9d9cd24e371fd7a734f0e585e2bcce15cd39143d96476d0adc47f0dc6c62b0d39367b9974417f0d18209457

Download Submit
C:\PROGRA~2\WAVETO~1.2\tk83.dll

Filesize
916KB

MD5
6537b63cea626e6ec3f2ed547961897e

SHA1
47a828d4891b162530e11329a6fc0e7abaceb1be

SHA256
853f7cf769fc1ba90cd132de8378f8ae4ad89d84076419e90bfc41213d7f579d

SHA512
ba7731c13bc240402a18586422e0183d2c1b63d60136de5ee32930c27fb50eafe1efe4a318aa134502854aec0f640cab337f2150cf5426373eadd41487ad7841

Download Submit
C:\PROGRA~2\WAVETO~1.2\w2m.dll

Filesize
376KB

MD5
a210798da9bb313da5e841356c0370b2

SHA1
f1f58480e259c555e03038b8d184a3ca86f1dea8

SHA256
5ec21f60852cacb8dff4a58c1497d2d0115182938a670eb0baeffbb0db5358ad

SHA512
611c01098b97cf3bc1bbd62729e4071e9bfc68a3ca7374e5b58b2c2916101bec7abc14c89203a234c40efe7f2817067ec1a2aad02ffbafff815236940c0646ad

Download Submit
C:\PROGRA~2\WAVETO~1.2\zlib.dll

Filesize
52KB

MD5
7d886442668d1c79ce95e172ae69cccf

SHA1
697e31d6bb0dba9d3a60efbd22f432230873c430

SHA256
afc7cf5b0772b27d05d224136739cd56d1ad07647d996cad97a7e2fe29ab86f1

SHA512
0aa2f753a0a47a139ad232a3bb9725554692fd176f21f25addba56aabcb150960c83d355e5505f37764b0e6da705f35cdd31e285ec13701150b1e3a1c0795955

Download Submit
C:\Program Files (x86)\WaveToMidi 2.2\WaveToMidi.exe

Filesize
907KB

MD5
fa5a718d64184dfe21479c66e6b12be1

SHA1
27b0f80b8142392f5c291a44a01b54762ca958b6

SHA256
ffe81f5edace4c24fa248506af7c51db1977828c218bedf7d94516bc7c220863

SHA512
6128f894ff918244e63b75f818af8762a28f1b3a3d04595a235a0294df2f9f73fa41552609cf4575e22d213c96bb9511b2dc4af2e251ed43673445f2a6da1b7c

Download Submit
C:\Program Files (x86)\WaveToMidi 2.2\filebrowse.png

Filesize
3KB

MD5
5146b562051c62f57d932be1287923f0

SHA1
a5ea49ce88a6556d6841eb0ee53de27cff0ff612

SHA256
2a73693ad0d4472094b9bc5851b0b357ac80880cddc207078ea0f21d3d3d3643

SHA512
f21e30463ede9df9e511cff87e92357216c9e41a58200148e6955da969f1951163835081b4f7d1ca8888c86754801063c3f86bd7962394ccd231d496a4b3f12a

Download Submit
C:\Program Files (x86)\WaveToMidi 2.2\img1283.dll

Filesize
92KB

MD5
c6d4c52888c364282695b0dc4ba806ca

SHA1
b7cb4a86967063237e61f4eaeccbd7b45467f93b

SHA256
1262724c466b10cdb5f7bad352e8e74fd91ff8ad74e4e80db9735d3b5fa1694d

SHA512
71826c3176a2eaa55a9dd36acf56b3bd7d572175f61f108fa21c87cfe2959d54a9b2a542c77b166fdba772e0b6dc735b7a1171b279ff11d866b1b9a309f9d498

Download Submit
C:\Program Files (x86)\WaveToMidi 2.2\img1283.dll

Filesize
92KB

MD5
c6d4c52888c364282695b0dc4ba806ca

SHA1
b7cb4a86967063237e61f4eaeccbd7b45467f93b

SHA256
1262724c466b10cdb5f7bad352e8e74fd91ff8ad74e4e80db9735d3b5fa1694d

SHA512
71826c3176a2eaa55a9dd36acf56b3bd7d572175f61f108fa21c87cfe2959d54a9b2a542c77b166fdba772e0b6dc735b7a1171b279ff11d866b1b9a309f9d498

Download Submit
C:\Program Files (x86)\WaveToMidi 2.2\play.png

Filesize
1KB

MD5
c10700ed065bc6fdc1d91ba6f7182a0c

SHA1
e068e20b18068e3c2300591f6e7259dafe2b76f5

SHA256
3c4d18a7acc9957017438e11f46ddc6cbf3a743da4c96b40a92f581778e3e4e1

SHA512
1d76125302083545cba5448c421c8ee8955e2b3bf336c5201168b6cf563ac676dd43f0e78ad7c00312040fbc288413ad46d77a48c973ad7b3337ab0a05967290

Download Submit
C:\Program Files (x86)\WaveToMidi 2.2\png.dll

Filesize
85KB

MD5
9d731233061c1a5b182cfd3ed68df2a0

SHA1
65bbb64ac8778c5d66abbffc165477c99d28cf22

SHA256
9cbb1ab96d2e86d1ee0bd681fa582c67807c2623201c534fdd1dd486ee18371c

SHA512
19492cbbdc78eff00247d1e327f8d44f89f3d96987eed9171dac2e8b81bb5e7aaa51a16dc43850f5abbc603617741ff94aa0be3bdb1dda186b1186bd679a2d9b

Download Submit
C:\Program Files (x86)\WaveToMidi 2.2\png.dll

Filesize
85KB

MD5
9d731233061c1a5b182cfd3ed68df2a0

SHA1
65bbb64ac8778c5d66abbffc165477c99d28cf22

SHA256
9cbb1ab96d2e86d1ee0bd681fa582c67807c2623201c534fdd1dd486ee18371c

SHA512
19492cbbdc78eff00247d1e327f8d44f89f3d96987eed9171dac2e8b81bb5e7aaa51a16dc43850f5abbc603617741ff94aa0be3bdb1dda186b1186bd679a2d9b

Download Submit
C:\Program Files (x86)\WaveToMidi 2.2\snack2.2\libsnack.dll

Filesize
340KB

MD5
b7831c641dc7dcaa3c448a6ddbc46ee9

SHA1
eb1faf804b4e6fe42d1f18250668f2e28c0c7f05

SHA256
2d6632c23f3c8861ba828117caf0b8433573a03c758394b21ba048990b040ada

SHA512
93dc022d3d75b34aa8725bae14a4ccbcc1edbbf6eadf79861dd1d779df3881a587e21443a7542ac97d8a0f21d8c119563b6893da3d852153ce94420342e3ceed

Download Submit
C:\Program Files (x86)\WaveToMidi 2.2\snack2.2\libsnack.dll

Filesize
340KB

MD5
b7831c641dc7dcaa3c448a6ddbc46ee9

SHA1
eb1faf804b4e6fe42d1f18250668f2e28c0c7f05

SHA256
2d6632c23f3c8861ba828117caf0b8433573a03c758394b21ba048990b040ada

SHA512
93dc022d3d75b34aa8725bae14a4ccbcc1edbbf6eadf79861dd1d779df3881a587e21443a7542ac97d8a0f21d8c119563b6893da3d852153ce94420342e3ceed

Download Submit
C:\Program Files (x86)\WaveToMidi 2.2\snack2.2\libsound.dll

Filesize
300KB

MD5
0895045858db08a5400ab1939aeba5e6

SHA1
4eb32bfd3a8bbacc9d32311fa9a54d3da6b65ae9

SHA256
ff117ff7098cface925f158c344c566994f816b0f7adbf4020cdd5141f3b70ef

SHA512
6412646d2cae75428cbde6275f7976f8859fe2f93ed9d6a44e4d09c6e62432949b88399dc5c3a6db49174164a10b2695c85c6d9f95f4fbc4e91b6437d3239cef

Download Submit
C:\Program Files (x86)\WaveToMidi 2.2\snack2.2\libsound.dll

Filesize
300KB

MD5
0895045858db08a5400ab1939aeba5e6

SHA1
4eb32bfd3a8bbacc9d32311fa9a54d3da6b65ae9

SHA256
ff117ff7098cface925f158c344c566994f816b0f7adbf4020cdd5141f3b70ef

SHA512
6412646d2cae75428cbde6275f7976f8859fe2f93ed9d6a44e4d09c6e62432949b88399dc5c3a6db49174164a10b2695c85c6d9f95f4fbc4e91b6437d3239cef

Download Submit
C:\Program Files (x86)\WaveToMidi 2.2\start2.png

Filesize
4KB

MD5
347a6695be5c3d542a1131120e8f29df

SHA1
543170eed05bfbdd883f823f50f5a20b2dc35557

SHA256
0e95e99989a2c890b9f1179e3d661853c955e703d9bae45b465bc38fa0e35502

SHA512
d3cea2a542a86748f5e729373bd0cb349e67851ef91f655cdd5fa28d110bbbbe1eca16539599f548f189f6633613abbeabf6356e4e31bcd39ddfb06b78a4659b

Download Submit
C:\Program Files (x86)\WaveToMidi 2.2\stop.png

Filesize
1KB

MD5
e55f97369595de687af611a2d40b1e1a

SHA1
ed1c742cb1384ff01cdfb1f2d1113bca5cc4809e

SHA256
ce71a6126e6024802f9b598f3a89e61d5ceff2eb0a59c1b3467d05504083e425

SHA512
fca6ddc68cc6731b919695c7c061dfd3baa40134c18943541ad6cd6b81863caf125c3f9c4b8d11473f64dd608c7640c1d13caba5a97d250d1ec3952588d1a404

Download Submit
C:\Program Files (x86)\WaveToMidi 2.2\tcl83.dll

Filesize
616KB

MD5
f5968f9c980ae4532fffb55e80b99edc

SHA1
ff077def559011163d998661c04e71a4af9e09e0

SHA256
8ba48b645bb32a0ec985ef1dc54acf477462714773c16e29bb18678cac93cb17

SHA512
abc4ef4620246bfdc233afce0627343b43f17cf273801c47fa05c10407a62716cc605c5242d8ac94034600287392433c935e7dda8512fb76851f9b3773b514fa

Download Submit
C:\Program Files (x86)\WaveToMidi 2.2\tcl83.dll

Filesize
616KB

MD5
f5968f9c980ae4532fffb55e80b99edc

SHA1
ff077def559011163d998661c04e71a4af9e09e0

SHA256
8ba48b645bb32a0ec985ef1dc54acf477462714773c16e29bb18678cac93cb17

SHA512
abc4ef4620246bfdc233afce0627343b43f17cf273801c47fa05c10407a62716cc605c5242d8ac94034600287392433c935e7dda8512fb76851f9b3773b514fa

Download Submit
C:\Program Files (x86)\WaveToMidi 2.2\tclmidi.dll

Filesize
168KB

MD5
d36e76755378a507f98bcc2c8992033c

SHA1
4429edd903d6c216d22b414e7c2b6b4b7b4f3a84

SHA256
eec1b21bb3fee3d19652ece9f6eacba060a5c256a9984209ed4e0523564bb632

SHA512
eb121a96eb94bd76b4fc200272bbba1af322242ba9d9cd24e371fd7a734f0e585e2bcce15cd39143d96476d0adc47f0dc6c62b0d39367b9974417f0d18209457

Download Submit
C:\Program Files (x86)\WaveToMidi 2.2\tclmidi.dll

Filesize
168KB

MD5
d36e76755378a507f98bcc2c8992033c

SHA1
4429edd903d6c216d22b414e7c2b6b4b7b4f3a84

SHA256
eec1b21bb3fee3d19652ece9f6eacba060a5c256a9984209ed4e0523564bb632

SHA512
eb121a96eb94bd76b4fc200272bbba1af322242ba9d9cd24e371fd7a734f0e585e2bcce15cd39143d96476d0adc47f0dc6c62b0d39367b9974417f0d18209457

Download Submit
C:\Program Files (x86)\WaveToMidi 2.2\tk83.dll

Filesize
916KB

MD5
6537b63cea626e6ec3f2ed547961897e

SHA1
47a828d4891b162530e11329a6fc0e7abaceb1be

SHA256
853f7cf769fc1ba90cd132de8378f8ae4ad89d84076419e90bfc41213d7f579d

SHA512
ba7731c13bc240402a18586422e0183d2c1b63d60136de5ee32930c27fb50eafe1efe4a318aa134502854aec0f640cab337f2150cf5426373eadd41487ad7841

Download Submit
C:\Program Files (x86)\WaveToMidi 2.2\w2m.dll

Filesize
376KB

MD5
a210798da9bb313da5e841356c0370b2

SHA1
f1f58480e259c555e03038b8d184a3ca86f1dea8

SHA256
5ec21f60852cacb8dff4a58c1497d2d0115182938a670eb0baeffbb0db5358ad

SHA512
611c01098b97cf3bc1bbd62729e4071e9bfc68a3ca7374e5b58b2c2916101bec7abc14c89203a234c40efe7f2817067ec1a2aad02ffbafff815236940c0646ad

Download Submit
C:\Program Files (x86)\WaveToMidi 2.2\w2m.dll

Filesize
376KB

MD5
a210798da9bb313da5e841356c0370b2

SHA1
f1f58480e259c555e03038b8d184a3ca86f1dea8

SHA256
5ec21f60852cacb8dff4a58c1497d2d0115182938a670eb0baeffbb0db5358ad

SHA512
611c01098b97cf3bc1bbd62729e4071e9bfc68a3ca7374e5b58b2c2916101bec7abc14c89203a234c40efe7f2817067ec1a2aad02ffbafff815236940c0646ad

Download Submit
C:\Program Files (x86)\WaveToMidi 2.2\zlib.dll

Filesize
52KB

MD5
7d886442668d1c79ce95e172ae69cccf

SHA1
697e31d6bb0dba9d3a60efbd22f432230873c430

SHA256
afc7cf5b0772b27d05d224136739cd56d1ad07647d996cad97a7e2fe29ab86f1

SHA512
0aa2f753a0a47a139ad232a3bb9725554692fd176f21f25addba56aabcb150960c83d355e5505f37764b0e6da705f35cdd31e285ec13701150b1e3a1c0795955

Download Submit
C:\Program Files (x86)\WaveToMidi 2.2\zlib.dll

Filesize
52KB

MD5
7d886442668d1c79ce95e172ae69cccf

SHA1
697e31d6bb0dba9d3a60efbd22f432230873c430

SHA256
afc7cf5b0772b27d05d224136739cd56d1ad07647d996cad97a7e2fe29ab86f1

SHA512
0aa2f753a0a47a139ad232a3bb9725554692fd176f21f25addba56aabcb150960c83d355e5505f37764b0e6da705f35cdd31e285ec13701150b1e3a1c0795955

Download Submit
C:\Users\Admin\AppData\Local\Temp\ytiBFF9.tmp

Filesize
172KB

MD5
fe763c2d71419352141c77c310e600d2

SHA1
6bb51ebcbde9fe5556a74319b49bea37d5542d5e

SHA256
7fdf10ca02d2238e22fda18dfbede9750da9f257221802c8b86c557c19c9bc7b

SHA512
147b3a525b1fef98ae46923dcbe25edfcf7b523f347857466eefa88f09ec053ba309dfbee5f1454ec64aba0518ee21986c4b6a506f8550efb1163c8f04d7482c

Download Submit
C:\Users\Admin\AppData\Local\Temp\ytiBFF9.tmp

Filesize
172KB

MD5
fe763c2d71419352141c77c310e600d2

SHA1
6bb51ebcbde9fe5556a74319b49bea37d5542d5e

SHA256
7fdf10ca02d2238e22fda18dfbede9750da9f257221802c8b86c557c19c9bc7b

SHA512
147b3a525b1fef98ae46923dcbe25edfcf7b523f347857466eefa88f09ec053ba309dfbee5f1454ec64aba0518ee21986c4b6a506f8550efb1163c8f04d7482c

Download Submit
C:\ginstall.dll

Filesize
53KB

MD5
909d7cbc60915bb280dde2c706f86ae4

SHA1
25f1fa3ebdf435e809439cb8bf8badeac23e35fb

SHA256
0b76cc6506a41bc34a054aa55581e7e6e982f630a100967a9d2f00ca631f3a37

SHA512
c53bcc10874cc50176638da822d074f025435d4beba1393259b45b8955f1f1d0a8557cc13210de8477ee7d3b13ababfd1e29fa5ab4b5178fac35438389a1fd8b

Download Submit
memory/1776-159-0x0000000003220000-0x0000000003408000-memory.dmp

Filesize
1.9MB

Download
memory/1776-184-0x0000000003580000-0x0000000003591000-memory.dmp

Filesize
68KB

Download
memory/1776-147-0x0000000000630000-0x00000000006CB000-memory.dmp

Filesize
620KB

Download
memory/1776-154-0x00000000025B0000-0x00000000027B2000-memory.dmp

Filesize
2.0MB

Download
memory/1776-172-0x0000000003510000-0x000000000353E000-memory.dmp

Filesize
184KB

Download
memory/1776-180-0x0000000003560000-0x0000000003578000-memory.dmp

Filesize
96KB

Download
memory/1776-186-0x0000000003961000-0x000000000397E000-memory.dmp

Filesize
116KB

Download
memory/1776-167-0x0000000002F80000-0x0000000002FF1000-memory.dmp

Filesize
452KB

Download
memory/1776-163-0x00000000028F0000-0x000000000291A000-memory.dmp

Filesize
168KB

Download
memory/1776-185-0x0000000003960000-0x0000000003987000-memory.dmp

Filesize
156KB

Download
memory/1952-149-0x00000000021E0000-0x0000000002253000-memory.dmp

Filesize
460KB

Download
memory/1952-136-0x00000000021E0000-0x0000000002253000-memory.dmp

Filesize
460KB

Download
memory/1952-140-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/1952-137-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/1952-132-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download