de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9

Analysis

max time kernel
42s
max time network
49s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
28/11/2022, 07:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
Size

5.9MB
MD5

1c94921d0331164d89e741dea08a30da
SHA1

ca86e120e2d56b81e894c2379c23f65a0d5fe3c1
SHA256

de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9
SHA512

461a63346d44bf2bd54fc9e14a09595a2306c264225d233a82d4a7c58296e6507cbc3c28df2a17c1bd924235b9d51537cf7bd42f1ba333352b58ab37ebd90006
SSDEEP

98304:DQkuA/31rGDX4kKwA4lwo9V+3f6D5g2BA/2cJ0/7pFbdoRwTi7MUVEgBzjZUkKwt:s0/316DtA4aCV+Pi5g2BA/l0rCwG7zV/

Score

8^/10

persistence

Malware Config

Signatures

Executes dropped EXE 2 IoCs

pid	Process
1180	WebActiveX.exe
1740	WebSocketServer.exe

Loads dropped DLL 43 IoCs

pid	Process
828	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
828	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
828	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
828	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
828	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe
1740	WebSocketServer.exe

Adds Run key to start application 2 TTPs 2 IoCs

persistence

Registry Run Keys / Startup Folder

T1060

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Windows\CurrentVersion\Run	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Windows\CurrentVersion\Run\VideoWebServer = "C:\\Program Files (x86)\\webrec\\Torch\\5.0.412649.0\\WebSocketServer.exe"	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\h264dec.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavmp2dec.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\postproc.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\WebSocketServer.exe	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\CrowdDistr_Disable.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\icon_toujian_active.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\ThdProtocolClient.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\CapturePic_InActive.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\LocalRecord_InActive.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\plugin.data	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavg729dec.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\Sounds2_Active.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\dhplay.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\npMedia5.0.412649.0.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\left_top_bg.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\right_top_bg.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\icon_renti_active.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\icon_toujian.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\IvsDrawer.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\WebActiveX.exe	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\Fisheye_Active.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\Sounds1_InActive.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\icon_chepai_active.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\Sounds1_Active.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\label_bg.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\FileOperator.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\cximagecrt.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavg726dec.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\Audio_Active.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\LocalRecord_Active.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\Play_Hover.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\uninst.exe	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File opened for modification	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\SVComponentInterface.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\webrec.ico	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\icon_head_active.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\3CapturePic_Active.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\Sounds2_InActive.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\MediaSvr.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavaudio_codecs.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavg7231dec.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\jpeg_dec.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\CapturePic_Active.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\Fisheye_InActive.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\Audio_InActive.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\CrowdDistr_Active.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\MasterSlaveAPI.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavaacdec.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\mpeg4dec.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\MPA_HSPano.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File opened for modification	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\plugin.data	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\background.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\ZoomIn_InActive.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\Play_Active.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\CloseVideo_Active.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\Play_InActive.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\icon_chepai.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\webplugin_MulID_WebSocketServer.nsi	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\hevcdec.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\StreamConvertor.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\ScenicSpot.dll	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\left_bottom_bg.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\CrowdDistr_InActive.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
File created	C:\Program Files (x86)\webrec\Torch\5.0.412649.0\Res\icon_renti.png	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Kills process with taskkill 1 IoCs

evasion

pid	Process
892	TASKKILL.exe

Modifies registry class 64 IoCs

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\VersionIndependentProgID\ = "WebActiveX.Plugin412649"	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{C4D24DBC-758E-4F61-9FAC-8D94A088B6AE}\TypeLib	WebActiveX.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C4D24DBC-758E-4F61-9FAC-8D94A088B6AE}\ = "_IPluginEvents"	WebActiveX.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C4D24DBC-758E-4F61-9FAC-8D94A088B6AE}\TypeLib\Version = "1.0"	WebActiveX.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{A73C899A-98A7-4C49-8F11-B4D483D6CC7E}\1.0\ = "WebActiveX 1.0 Type Library"	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\LocalServer32	WebActiveX.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\AppID = "{4C782490-0459-4AAF-95CC-D9B073B5CF60}"	WebActiveX.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}	WebActiveX.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WebSocketServer\ = "VideoWebServer"	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WebSocketServer\shell\open	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}	WebActiveX.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{C4D24DBC-758E-4F61-9FAC-8D94A088B6AE}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}"	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C4D24DBC-758E-4F61-9FAC-8D94A088B6AE}\TypeLib	WebActiveX.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WebActiveX.Plugin.412.6.4.9\ = "Plugin Class"	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WebActiveX.Plugin412649	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WebActiveX.Plugin412649\CLSID	WebActiveX.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\ = "Plugin Class"	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\ProgID	WebActiveX.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WebActiveX.Plugin412649\CLSID\ = "{CC9002D3-73D6-4453-951E-770A3D49180E}"	WebActiveX.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}	WebActiveX.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WebSocketServer\URL Protocol	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{42630400-6A2D-48F4-9497-57B9D0EBC7B0}\TypeLib\ = "{A73C899A-98A7-4C49-8F11-B4D483D6CC7E}"	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{A73C899A-98A7-4C49-8F11-B4D483D6CC7E}\1.0\0\win32	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{C4D24DBC-758E-4F61-9FAC-8D94A088B6AE}\ProxyStubClsid32	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C4D24DBC-758E-4F61-9FAC-8D94A088B6AE}	WebActiveX.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{4C782490-0459-4AAF-95CC-D9B073B5CF60}\ = "WebActiveX412.6.4.9"	WebActiveX.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\MiscStatus\1	WebActiveX.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\Version	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WebSocketServer\shell\open\command	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WebSocketServer\shell\open\command\ = "C:\\Program Files (x86)\\webrec\\Torch\\5.0.412649.0\\WebSocketServer.exe %1"	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{42630400-6A2D-48F4-9497-57B9D0EBC7B0}\ProxyStubClsid32	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WebActiveX.Plugin.412.6.4.9\CLSID	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\ToolboxBitmap32	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{A73C899A-98A7-4C49-8F11-B4D483D6CC7E}\1.0\0	WebActiveX.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WebActiveX.Plugin412649\CurVer\ = "WebActiveX.Plugin.412.6.4.9"	WebActiveX.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\Version\ = "1.0"	WebActiveX.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\Programmable	WebActiveX.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\TypeLib	WebActiveX.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{42630400-6A2D-48F4-9497-57B9D0EBC7B0}\ = "IPlugin"	WebActiveX.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{42630400-6A2D-48F4-9497-57B9D0EBC7B0}\ = "IPlugin"	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\Control	WebActiveX.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\ToolboxBitmap32\ = "\"C:\\Program Files (x86)\\webrec\\Torch\\5.0.412649.0\\WebActiveX.exe\", 101"	WebActiveX.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\Implemented Categories	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{A73C899A-98A7-4C49-8F11-B4D483D6CC7E}\1.0	WebActiveX.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C4D24DBC-758E-4F61-9FAC-8D94A088B6AE}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}"	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\Programmable	WebActiveX.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\LocalServer32\ = "\"C:\\Program Files (x86)\\webrec\\Torch\\5.0.412649.0\\WebActiveX.exe\""	WebActiveX.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\MiscStatus\1\ = "131473"	WebActiveX.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\ProgID	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{42630400-6A2D-48F4-9497-57B9D0EBC7B0}	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\TypeLib	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\Implemented Categories	WebActiveX.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\LocalServer32	WebActiveX.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{42630400-6A2D-48F4-9497-57B9D0EBC7B0}	WebActiveX.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{42630400-6A2D-48F4-9497-57B9D0EBC7B0}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}"	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WebActiveX.Plugin412649\CurVer	WebActiveX.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\TypeLib\ = "{2E29FADF-539C-49C1-BB38-12BD94863C4C}"	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}	WebActiveX.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\ToolboxBitmap32	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{42630400-6A2D-48F4-9497-57B9D0EBC7B0}\ProxyStubClsid32	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{4C782490-0459-4AAF-95CC-D9B073B5CF60}	WebActiveX.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}	WebActiveX.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CC9002D3-73D6-4453-951E-770A3D49180E}\Insertable	WebActiveX.exe

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
1740	WebSocketServer.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	892	TASKKILL.exe

Suspicious use of WriteProcessMemory 12 IoCs

description	pid	Process	procid_target
PID 828 wrote to memory of 892	828	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe	28
PID 828 wrote to memory of 892	828	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe	28
PID 828 wrote to memory of 892	828	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe	28
PID 828 wrote to memory of 892	828	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe	28
PID 828 wrote to memory of 1180	828	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe	30
PID 828 wrote to memory of 1180	828	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe	30
PID 828 wrote to memory of 1180	828	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe	30
PID 828 wrote to memory of 1180	828	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe	30
PID 828 wrote to memory of 1740	828	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe	31
PID 828 wrote to memory of 1740	828	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe	31
PID 828 wrote to memory of 1740	828	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe	31
PID 828 wrote to memory of 1740	828	de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe	31

C:\Users\Admin\AppData\Local\Temp\de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe
"C:\Users\Admin\AppData\Local\Temp\de71e8a2aaa70219160cb11a7be7f06f24082d2c0c9211fbe7823fe84185d5e9.exe"
1⤵
- Loads dropped DLL
- Adds Run key to start application
- Drops file in Program Files directory
- Modifies registry class
- Suspicious use of WriteProcessMemory
PID:828
- C:\Windows\SysWOW64\TASKKILL.exe
  TASKKILL /F /IM WebSocketServer.exe
  2⤵
  - Kills process with taskkill
  - Suspicious use of AdjustPrivilegeToken
  PID:892
- C:\Program Files (x86)\webrec\Torch\5.0.412649.0\WebActiveX.exe
  "C:\Program Files (x86)\webrec\Torch\5.0.412649.0\WebActiveX.exe" /regserver
  2⤵
  - Executes dropped EXE
  - Modifies registry class
  PID:1180
- C:\Program Files (x86)\webrec\Torch\5.0.412649.0\WebSocketServer.exe
  "C:\Program Files (x86)\webrec\Torch\5.0.412649.0\WebSocketServer.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious behavior: EnumeratesProcesses
  PID:1740

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\webrec\Torch\5.0.412649.0\CommSvrBus.dll

Filesize
352KB

MD5
8035ab987940583fd6c22b64efc3118e

SHA1
6f330948e827caed637905456c1bc8288e730805

SHA256
b085a8db23dfb63398a45f0d51b8fa4c957cc9ade50b1707aa6c7358b0099d56

SHA512
854063d1dcdad1279c395ec43234e76fe300e0f152c6c975b3d875d92fca0c022e5490b1d0c3ba6dc2e3ee031ed74a639d9c1941cad1f52af948a2f4335bbbfe

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\DHIVS_AutoMatch.dll

Filesize
196KB

MD5
43395fcbcd4785cea8727c0b9fcc0458

SHA1
1b9e594d9e8c85c0b77211be9953b7282eb0bd51

SHA256
53f61eb1a04730faeea11e258b6ce94a509bebe2ea9e836ee5f4241c8fb077e8

SHA512
c3fe6e215b007e5c3298e8fdafd021f515ae3ff206bd916e3436c91917418211f61173e7715f8f87869237d3eefb7699d46cfa7ea16764f8391b40448b152053

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\FileOperator.dll

Filesize
312KB

MD5
ccff48ba1dfb73b868be9aa21d66a8c2

SHA1
a079df36c7409635d9d2ca07376259bfc3833852

SHA256
2c296e3af6d260655e739633b02e3d97ad7fa8a8a51b4af6b9e97e1c63ff8de5

SHA512
b484de313cfaa1cf547f10928f95c7a3397905d807fde8dc4be1c750e8bf9ff1d647b5e2197a38df75499c766c6e138efe93d06497d6ff9e50940c01e87638c7

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\FisheyeCtrl.dll

Filesize
488KB

MD5
61529b087f712cb982506b6fae84968c

SHA1
a62a09227dc9dad8d5c26324b98200656f965d3f

SHA256
d5e459fa34857b33f2728132d54bbe90b511d009408dbb0eafc00c552d80f57d

SHA512
15c971d7e58fcd96db0eb91febc2cb4c0e608b3d1ff7cf9bb662e173c284e78d864407dbe73bca4d34f4b051376bf273ead3a8881f40e807259e9501a5e4c46e

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\IvsDrawer.dll

Filesize
1.2MB

MD5
dad1ab731cd7e081350c834c24a57ace

SHA1
3787f1d65cb354ed9ad9cef6b596743701617b87

SHA256
7f35569f388b6f3b209023d5a33d9dea81233bafc2a475b2ffd0b3d270abcc02

SHA512
96aa44cbaf0fdedeaab98e6c063bc9684476068637d6a6dd69119d6328427191b1f9426e884a9e0c8d91b7fc23e6168d4f65b53424ef01c1c0ab2be3e07f3891

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\MPA_HSPano.dll

Filesize
251KB

MD5
d34eec160132540ec68e52625ae8b108

SHA1
3c00b591cd2516607e10e368ceb2cc6e85eded05

SHA256
7081fa328704099319b1e0f992c5cb08e0b7846e0ac3028150f3779caef72913

SHA512
dcc5d6f4ccfc2980d1e5ca6290961b988c7e26b5f6c3521feec45f8f704964cf9769f23da963db8cd2ed688503722aaf4f7568948c6331b356c4cdded94ef7e3

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\MasterSlaveAPI.dll

Filesize
143KB

MD5
2c4931303e254dfd46008a8325b0221e

SHA1
bdb5534f874aff7890b5825432d6388cc5018920

SHA256
ca593efcf1013f9ff3ea422981eb6842bdc5ca07240487f6ad79471fb75b6dc9

SHA512
bf667cb5845fb2010d789ad506e013c42d34737e5089fa6d3d35ff849b1ac1820cd629d0e7eaea49882e2409ea04463d23210291f8728a4d65a448a818ba1c42

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\MediaSvr.dll

Filesize
2.5MB

MD5
52b500fa45608c3d76755231d8b7b017

SHA1
b413760eda75eca3f592520d567f5a00862ab51a

SHA256
09f8475e7467f6c1460c81ec64510165cc93e2207d0a9d2f72af09504b9181eb

SHA512
e49ded515dfff0f23a47bdbdbbfb7df266d7529c17a240a64beb3927fdc67a73f65b78ecd9233a26b7406185bf4e43534267838d94c7f1cb832297570d12b26d

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\ThdProtocolClient.dll

Filesize
4.4MB

MD5
1b60f044dad422b87666b9490a2000d6

SHA1
78597f1605bc55311a33f5dd0f7ef306a23215c7

SHA256
219fe275301bfc77fbbef3aefc19a4c4e719ed8ae06e015acac7422f0e8a6cb1

SHA512
509813b99440f6a7eb1fd91c8d21085721eada5f9bc264f2cc8fa0add267fafbf8367ae5658dc1c3337cf0cf6d386717645be9394fd8e4ad61f2147fd82d0c71

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\WebActiveX.exe

Filesize
408KB

MD5
fa6180c81eb1bff83c52293de771ae35

SHA1
5fb2acbe91da7583460f1bc023385ed2f7ba8917

SHA256
e014323174d2f01b6b6d32a46f3378509727dd21f4a56ec0a500b6eaae9a4827

SHA512
c925d7bd8f2cab53d854c1d76d211995ec7d207115cea2d0a9a66b3546cbed853c2d2d2085ad5fb4cb10cf72e92c607b695e578620d4654f8c9451450fc4417f

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\WebActiveX.exe

Filesize
408KB

MD5
fa6180c81eb1bff83c52293de771ae35

SHA1
5fb2acbe91da7583460f1bc023385ed2f7ba8917

SHA256
e014323174d2f01b6b6d32a46f3378509727dd21f4a56ec0a500b6eaae9a4827

SHA512
c925d7bd8f2cab53d854c1d76d211995ec7d207115cea2d0a9a66b3546cbed853c2d2d2085ad5fb4cb10cf72e92c607b695e578620d4654f8c9451450fc4417f

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\WebSocketServer.exe

Filesize
64KB

MD5
4da9b75acdb147b78299d5233dbc604b

SHA1
70512a6447cc9c21d88ebfa0ba9a0666bf2493f0

SHA256
e6c92c5c83247a6508cbf615697d31f821b809063e6ac62996e0e0d58c41c325

SHA512
06cb72d502fdda2fbd3233a90410f06d8279f04b0e2a203ef9699c7f359f22d574002d280041356f27f66492b73d5cb3feeaffea094dbd27abee374be5449f2b

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\cximagecrt.dll

Filesize
536KB

MD5
b82701b645f615516e9c452727bc8608

SHA1
095b335d7298adc9f8b1e225d351907d8509af68

SHA256
fc5817ab630310f00c2dddce7155e8fc13df640040ead376bfc99032c16f1242

SHA512
91278837564b8b70b63d0049c36b1177c2c0fc4ac58e5cdb337d60a0a34e1319b811cce1fabe42a5cdf1d764fd522d3ba119e5de113adab51db0ba0a25ede47c

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\dhplay.dll

Filesize
1.8MB

MD5
b3d27a2746f9e76d99fff88c52d92a97

SHA1
801c1dbaf6e3d290e26f56b5422dabb651c9fcb1

SHA256
dd12de382f78636e092445cb573dfb6253a39438dd7198538ee9980a4c7eab95

SHA512
88c0a7c6ed7b83d1b4123a2e852c789639d2e23250182cefed44a96e3199dcad23ba4eaa9dd403635124b79887ca566b035e5c27f8222671023eb9fd33a6e72d

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavaacdec.dll

Filesize
191KB

MD5
eb6a55a4b3346b36f16bb1d76185b953

SHA1
a0e92a915fb48164cfb77b6b5418d7dd6841922a

SHA256
2b5ffff62a2cdfca60e977121237c3d45b0fcb23e86f3e37fd2ba86b0db82463

SHA512
cbc5790a3db122dbf97d6fae0b4d2f8f776c66e75745cd2384a4e739258e94cd0be6d4bbacabbd6e0303ed5e5afb80c22cb99ae346a6559ba2d92e43484b0539

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavaudio_codecs.dll

Filesize
188KB

MD5
1665b0c9cda50d2c23450ddb6e3a62fc

SHA1
0ef7a5c5888451cb75c79489a7de507a17644fc5

SHA256
c8a5987c43bc87016a301f2f65e9b28f7f247d2412c66cfbe2a5f50ccf556ac1

SHA512
bab4d4934f23be06c87e9f671215588d78de85552c863112ec42d7b18cd45aeb216a6dd1d55975061b30c39698c4aaf1c5fb0fb4d5cc89670031bac7379a2f0a

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavg711.dll

Filesize
34KB

MD5
0f49a9b5ff7d5773a3837294b9d85fd3

SHA1
77ff25cc146d6cde19335175499ee4e526aeaf60

SHA256
ad1c7139319089493c1df3daf9441c670148fd15c43e213f14dbb3ceb7484e34

SHA512
ce13d75d769ea4fd00d03b95b77752d7d5ff7b67e3c5f27e1444111d85725e1bc9b7131a8a07d1a48e10f4b650ae7b5122931c4e19a788f1b4c19a5effd6a4a3

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavg7221dec.dll

Filesize
59KB

MD5
4aa98d116c78166b896ea55408f04c7a

SHA1
d7b56622434a5351fff9ca0330753e9570802214

SHA256
1026a598d19e8e295cfe03941e54b49224a00bab84f422645b0db04adc9cdc9e

SHA512
8680cd11bfa2f5264c109c1488ef6a0a7651c74f697731b3845c1c240cfd995fcacaf6d5ceefe9687214310e6f388c3174339907439deb723d038906fdbb15fb

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavg7231dec.dll

Filesize
122KB

MD5
33594d0a87492c7a6f4d06f5fae860f0

SHA1
0c7428b47e060384a26b14aa6f43c576130d70c4

SHA256
c4ac9e746764e96575a45d8b050fc8940e039e553e0b05bb4dab53a7c3843ea3

SHA512
59cd08b91d5be02232abfd2833944bf004a201aa973f554bb41f03a56ae10df83aa9656f4ae37a0037970c2f20c8accb299e7ed1c3f099a9c6dd4dcc3ebc6e1b

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavg726dec.dll

Filesize
39KB

MD5
b84c44a1d08427b1e641296cf98c36e0

SHA1
27f7e5397d3eacd6abb069108518b0c80135598e

SHA256
cb5845ff4206b3d021ae72b8dd5aa35f6288a5611db43450fd7ab535408a2420

SHA512
5ed5d805fc6e0c7b157483445e807857371dbcfe36658136547c95980fe178fe3e4162b081c820baad17347e8961c6d05109d117f9d8024cf8852a9a9e141175

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavg729dec.dll

Filesize
155KB

MD5
811a7d4130b824104e8abbfa614f956d

SHA1
c88d90c815feda19d26d665d6640910de2c45d37

SHA256
bf37007363dbfcbf6dda30f51aaf43f769472e00fa9ee6295556e56cd8135a82

SHA512
3ae0dd3bc94dfec2100b6d5f53f6b88561a196dc5cc704705f32065c9f6e7c0acb611834c91c03f14a2f3ff2cd1d5cb246e1b6f4d03827c691579557d35f9483

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavmp2dec.dll

Filesize
56KB

MD5
0536d131a438d79804328438bd03de76

SHA1
a8ea66bb38390cbc96e9b6bfc731247abcc26811

SHA256
14802b88b1e34fc0026cee85a91d93c6277c5768adb77b5ff4267bf6ad44c145

SHA512
110fdfbecf0f2f022abd72f3fa73d6b2d5c00cefe9ecad437c2291f7f449ddef54ecbd0f4f3ffc6e34fe713f5e20f5fd83ecf5c80446e3754b6a65f1bb05a88d

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavmp3dec.dll

Filesize
103KB

MD5
47a225265823c0c35645a8efe1d85d74

SHA1
e1629578a7bc767c36379098aeb10b561d388314

SHA256
aa9bd70bd2204898f8909517b26dd6ab8eaaf9d47fe8e383f666c0a894695622

SHA512
b3319b2839741ff260f8b4ae52d3cad2472b993a5be11341fc1d3353ec166e69f1013f4155fb2658741c71f05b83577d72b2f003d1d7ef7d729b5df445f9f792

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\fisheye.dll

Filesize
763KB

MD5
5ceb84e0212f80af2b50fac1671464e2

SHA1
899ed1d13910298139882cf106383faa39611928

SHA256
9e07bd2a64d6232c270b4104a9217b89aab90d91a8e716a48d9ee63b2dc35030

SHA512
f8ae62eb619fe45259191f336ed7e41eb9c0499f23948e77e67a5ce267a74a12ccbcaa3dd5bfcfff9952a94a6dc9e8a44cdc3153c068a5c07b5dcc8544e5394d

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\h264dec.dll

Filesize
556KB

MD5
bff61e23a8640144994b3954d513da0b

SHA1
b78cfecc8f3e2e2d6bae877f7d8221d7bc6215e4

SHA256
50113c267ecd95615e37b7db9cf1a9e4ae398aff35c199ee3ecff5fe3d234e93

SHA512
42870af17f50a99494987b662b6cc6d046fa3ad83d8cb2cdf8fd5bd9b21ac4b40cd750cae597dd571f2e438ef9d2a4e891549c793ea15c5662f7fc32a82a03ae

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\hevcdec.dll

Filesize
1.2MB

MD5
a3c5fd97cf132eeb20b02085eb5dcf6f

SHA1
6aff3238602d7e4ad8c1260494f47f3cbdaa55a1

SHA256
966b85dc333c2f5140485eb5d9e401007e9b7406fb9cbb085c8258ba8a1c693d

SHA512
1a60f525cb90e3db54d11ddbcf61af24255cfbca6b828963223b114effe2fe76bb5323dc7bd6e9a1924a97763aa7c8e26c615c501b354adc505164413d4753d3

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\jpeg_dec.dll

Filesize
170KB

MD5
0b7701110624c46ef17262661a931336

SHA1
ccbee483805a479a9eff96292714839010b86e16

SHA256
9ae8b6d12df227619147dac3b9e99c47e1e57bf38912dda4caab957cd6369a89

SHA512
0c07efd63029cb7d27687fcda6e33421d9a723b8f4b009cdd915d3a8f1178dd0c0b8a2d3eceb2369b09eaee8be9df4a3ee9bfd4128d0d4d6564e953cf752377e

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\mpeg4dec.dll

Filesize
179KB

MD5
8f5751ae7d6f04c0f3ef1e046763f086

SHA1
dc7758be1473158f6ea9e8bd31ea3f9a2207c5f7

SHA256
bc7f6b6c1270693245237e8b6fdbe68013146977e87660512e778ce1248b5b3c

SHA512
25f60cd8df4474255950823566a774326065ab90cf28ac45bfe607e77ae717d6bf68d8d8dec00b82e59352ec245ac440aca5b12335accd4c1536c6552c46c683

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\npMedia5.0.412649.0.dll

Filesize
356KB

MD5
d1792a0fc06aa88a5e6420cc83b62979

SHA1
2813889967a39b7e4c35fe8c7a5071dbfa94abfb

SHA256
317b136aacb298ef67ff6644a0e8ff8adcacf2fad5fd2b33eaa51fcbb3b2273e

SHA512
90502d5343c087a16814181b1ed6f852a27be0843ec9ad752f8ca41eb953f229db3653114215040c53434ff5e578b682aafb4bb494ba6140192f73163072f485

Download Submit
C:\Program Files (x86)\webrec\Torch\5.0.412649.0\postproc.dll

Filesize
74KB

MD5
b7114e46b7e7bc8e96a3686840e5e4b8

SHA1
f798c12bccafef9823fba5f9677776cdf51abd53

SHA256
6ecd5f96d190e58e523484f4978ca7b475b1ac546215c0d443714af512543ceb

SHA512
c3110936b68888cbfd12c87284aeddb1a2d645297a674336c8c774de2cf6e94bec7afcea56538c4d23534c877a6083d1c5786c0f1d5a508622138d7d9ec19641

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\CommSvrBus.dll

Filesize
352KB

MD5
8035ab987940583fd6c22b64efc3118e

SHA1
6f330948e827caed637905456c1bc8288e730805

SHA256
b085a8db23dfb63398a45f0d51b8fa4c957cc9ade50b1707aa6c7358b0099d56

SHA512
854063d1dcdad1279c395ec43234e76fe300e0f152c6c975b3d875d92fca0c022e5490b1d0c3ba6dc2e3ee031ed74a639d9c1941cad1f52af948a2f4335bbbfe

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\DHIVS_AutoMatch.dll

Filesize
196KB

MD5
43395fcbcd4785cea8727c0b9fcc0458

SHA1
1b9e594d9e8c85c0b77211be9953b7282eb0bd51

SHA256
53f61eb1a04730faeea11e258b6ce94a509bebe2ea9e836ee5f4241c8fb077e8

SHA512
c3fe6e215b007e5c3298e8fdafd021f515ae3ff206bd916e3436c91917418211f61173e7715f8f87869237d3eefb7699d46cfa7ea16764f8391b40448b152053

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\FileOperator.dll

Filesize
312KB

MD5
ccff48ba1dfb73b868be9aa21d66a8c2

SHA1
a079df36c7409635d9d2ca07376259bfc3833852

SHA256
2c296e3af6d260655e739633b02e3d97ad7fa8a8a51b4af6b9e97e1c63ff8de5

SHA512
b484de313cfaa1cf547f10928f95c7a3397905d807fde8dc4be1c750e8bf9ff1d647b5e2197a38df75499c766c6e138efe93d06497d6ff9e50940c01e87638c7

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\FisheyeCtrl.dll

Filesize
488KB

MD5
61529b087f712cb982506b6fae84968c

SHA1
a62a09227dc9dad8d5c26324b98200656f965d3f

SHA256
d5e459fa34857b33f2728132d54bbe90b511d009408dbb0eafc00c552d80f57d

SHA512
15c971d7e58fcd96db0eb91febc2cb4c0e608b3d1ff7cf9bb662e173c284e78d864407dbe73bca4d34f4b051376bf273ead3a8881f40e807259e9501a5e4c46e

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\IvsDrawer.dll

Filesize
1.2MB

MD5
dad1ab731cd7e081350c834c24a57ace

SHA1
3787f1d65cb354ed9ad9cef6b596743701617b87

SHA256
7f35569f388b6f3b209023d5a33d9dea81233bafc2a475b2ffd0b3d270abcc02

SHA512
96aa44cbaf0fdedeaab98e6c063bc9684476068637d6a6dd69119d6328427191b1f9426e884a9e0c8d91b7fc23e6168d4f65b53424ef01c1c0ab2be3e07f3891

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\MPA_HSPano.dll

Filesize
251KB

MD5
d34eec160132540ec68e52625ae8b108

SHA1
3c00b591cd2516607e10e368ceb2cc6e85eded05

SHA256
7081fa328704099319b1e0f992c5cb08e0b7846e0ac3028150f3779caef72913

SHA512
dcc5d6f4ccfc2980d1e5ca6290961b988c7e26b5f6c3521feec45f8f704964cf9769f23da963db8cd2ed688503722aaf4f7568948c6331b356c4cdded94ef7e3

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\MasterSlaveAPI.dll

Filesize
143KB

MD5
2c4931303e254dfd46008a8325b0221e

SHA1
bdb5534f874aff7890b5825432d6388cc5018920

SHA256
ca593efcf1013f9ff3ea422981eb6842bdc5ca07240487f6ad79471fb75b6dc9

SHA512
bf667cb5845fb2010d789ad506e013c42d34737e5089fa6d3d35ff849b1ac1820cd629d0e7eaea49882e2409ea04463d23210291f8728a4d65a448a818ba1c42

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\MediaSvr.dll

Filesize
2.5MB

MD5
52b500fa45608c3d76755231d8b7b017

SHA1
b413760eda75eca3f592520d567f5a00862ab51a

SHA256
09f8475e7467f6c1460c81ec64510165cc93e2207d0a9d2f72af09504b9181eb

SHA512
e49ded515dfff0f23a47bdbdbbfb7df266d7529c17a240a64beb3927fdc67a73f65b78ecd9233a26b7406185bf4e43534267838d94c7f1cb832297570d12b26d

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\ThdProtocolClient.dll

Filesize
4.4MB

MD5
1b60f044dad422b87666b9490a2000d6

SHA1
78597f1605bc55311a33f5dd0f7ef306a23215c7

SHA256
219fe275301bfc77fbbef3aefc19a4c4e719ed8ae06e015acac7422f0e8a6cb1

SHA512
509813b99440f6a7eb1fd91c8d21085721eada5f9bc264f2cc8fa0add267fafbf8367ae5658dc1c3337cf0cf6d386717645be9394fd8e4ad61f2147fd82d0c71

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\WebActiveX.exe

Filesize
408KB

MD5
fa6180c81eb1bff83c52293de771ae35

SHA1
5fb2acbe91da7583460f1bc023385ed2f7ba8917

SHA256
e014323174d2f01b6b6d32a46f3378509727dd21f4a56ec0a500b6eaae9a4827

SHA512
c925d7bd8f2cab53d854c1d76d211995ec7d207115cea2d0a9a66b3546cbed853c2d2d2085ad5fb4cb10cf72e92c607b695e578620d4654f8c9451450fc4417f

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\WebActiveX.exe

Filesize
408KB

MD5
fa6180c81eb1bff83c52293de771ae35

SHA1
5fb2acbe91da7583460f1bc023385ed2f7ba8917

SHA256
e014323174d2f01b6b6d32a46f3378509727dd21f4a56ec0a500b6eaae9a4827

SHA512
c925d7bd8f2cab53d854c1d76d211995ec7d207115cea2d0a9a66b3546cbed853c2d2d2085ad5fb4cb10cf72e92c607b695e578620d4654f8c9451450fc4417f

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\WebSocketServer.exe

Filesize
64KB

MD5
4da9b75acdb147b78299d5233dbc604b

SHA1
70512a6447cc9c21d88ebfa0ba9a0666bf2493f0

SHA256
e6c92c5c83247a6508cbf615697d31f821b809063e6ac62996e0e0d58c41c325

SHA512
06cb72d502fdda2fbd3233a90410f06d8279f04b0e2a203ef9699c7f359f22d574002d280041356f27f66492b73d5cb3feeaffea094dbd27abee374be5449f2b

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\WebSocketServer.exe

Filesize
64KB

MD5
4da9b75acdb147b78299d5233dbc604b

SHA1
70512a6447cc9c21d88ebfa0ba9a0666bf2493f0

SHA256
e6c92c5c83247a6508cbf615697d31f821b809063e6ac62996e0e0d58c41c325

SHA512
06cb72d502fdda2fbd3233a90410f06d8279f04b0e2a203ef9699c7f359f22d574002d280041356f27f66492b73d5cb3feeaffea094dbd27abee374be5449f2b

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\cximagecrt.dll

Filesize
536KB

MD5
b82701b645f615516e9c452727bc8608

SHA1
095b335d7298adc9f8b1e225d351907d8509af68

SHA256
fc5817ab630310f00c2dddce7155e8fc13df640040ead376bfc99032c16f1242

SHA512
91278837564b8b70b63d0049c36b1177c2c0fc4ac58e5cdb337d60a0a34e1319b811cce1fabe42a5cdf1d764fd522d3ba119e5de113adab51db0ba0a25ede47c

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\cximagecrt.dll

Filesize
536KB

MD5
b82701b645f615516e9c452727bc8608

SHA1
095b335d7298adc9f8b1e225d351907d8509af68

SHA256
fc5817ab630310f00c2dddce7155e8fc13df640040ead376bfc99032c16f1242

SHA512
91278837564b8b70b63d0049c36b1177c2c0fc4ac58e5cdb337d60a0a34e1319b811cce1fabe42a5cdf1d764fd522d3ba119e5de113adab51db0ba0a25ede47c

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\dhplay.dll

Filesize
1.8MB

MD5
b3d27a2746f9e76d99fff88c52d92a97

SHA1
801c1dbaf6e3d290e26f56b5422dabb651c9fcb1

SHA256
dd12de382f78636e092445cb573dfb6253a39438dd7198538ee9980a4c7eab95

SHA512
88c0a7c6ed7b83d1b4123a2e852c789639d2e23250182cefed44a96e3199dcad23ba4eaa9dd403635124b79887ca566b035e5c27f8222671023eb9fd33a6e72d

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavaacdec.dll

Filesize
191KB

MD5
eb6a55a4b3346b36f16bb1d76185b953

SHA1
a0e92a915fb48164cfb77b6b5418d7dd6841922a

SHA256
2b5ffff62a2cdfca60e977121237c3d45b0fcb23e86f3e37fd2ba86b0db82463

SHA512
cbc5790a3db122dbf97d6fae0b4d2f8f776c66e75745cd2384a4e739258e94cd0be6d4bbacabbd6e0303ed5e5afb80c22cb99ae346a6559ba2d92e43484b0539

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavaudio_codecs.dll

Filesize
188KB

MD5
1665b0c9cda50d2c23450ddb6e3a62fc

SHA1
0ef7a5c5888451cb75c79489a7de507a17644fc5

SHA256
c8a5987c43bc87016a301f2f65e9b28f7f247d2412c66cfbe2a5f50ccf556ac1

SHA512
bab4d4934f23be06c87e9f671215588d78de85552c863112ec42d7b18cd45aeb216a6dd1d55975061b30c39698c4aaf1c5fb0fb4d5cc89670031bac7379a2f0a

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavaudio_codecs.dll

Filesize
188KB

MD5
1665b0c9cda50d2c23450ddb6e3a62fc

SHA1
0ef7a5c5888451cb75c79489a7de507a17644fc5

SHA256
c8a5987c43bc87016a301f2f65e9b28f7f247d2412c66cfbe2a5f50ccf556ac1

SHA512
bab4d4934f23be06c87e9f671215588d78de85552c863112ec42d7b18cd45aeb216a6dd1d55975061b30c39698c4aaf1c5fb0fb4d5cc89670031bac7379a2f0a

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavg711.dll

Filesize
34KB

MD5
0f49a9b5ff7d5773a3837294b9d85fd3

SHA1
77ff25cc146d6cde19335175499ee4e526aeaf60

SHA256
ad1c7139319089493c1df3daf9441c670148fd15c43e213f14dbb3ceb7484e34

SHA512
ce13d75d769ea4fd00d03b95b77752d7d5ff7b67e3c5f27e1444111d85725e1bc9b7131a8a07d1a48e10f4b650ae7b5122931c4e19a788f1b4c19a5effd6a4a3

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavg7221dec.dll

Filesize
59KB

MD5
4aa98d116c78166b896ea55408f04c7a

SHA1
d7b56622434a5351fff9ca0330753e9570802214

SHA256
1026a598d19e8e295cfe03941e54b49224a00bab84f422645b0db04adc9cdc9e

SHA512
8680cd11bfa2f5264c109c1488ef6a0a7651c74f697731b3845c1c240cfd995fcacaf6d5ceefe9687214310e6f388c3174339907439deb723d038906fdbb15fb

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavg7231dec.dll

Filesize
122KB

MD5
33594d0a87492c7a6f4d06f5fae860f0

SHA1
0c7428b47e060384a26b14aa6f43c576130d70c4

SHA256
c4ac9e746764e96575a45d8b050fc8940e039e553e0b05bb4dab53a7c3843ea3

SHA512
59cd08b91d5be02232abfd2833944bf004a201aa973f554bb41f03a56ae10df83aa9656f4ae37a0037970c2f20c8accb299e7ed1c3f099a9c6dd4dcc3ebc6e1b

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavg726dec.dll

Filesize
39KB

MD5
b84c44a1d08427b1e641296cf98c36e0

SHA1
27f7e5397d3eacd6abb069108518b0c80135598e

SHA256
cb5845ff4206b3d021ae72b8dd5aa35f6288a5611db43450fd7ab535408a2420

SHA512
5ed5d805fc6e0c7b157483445e807857371dbcfe36658136547c95980fe178fe3e4162b081c820baad17347e8961c6d05109d117f9d8024cf8852a9a9e141175

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavg729dec.dll

Filesize
155KB

MD5
811a7d4130b824104e8abbfa614f956d

SHA1
c88d90c815feda19d26d665d6640910de2c45d37

SHA256
bf37007363dbfcbf6dda30f51aaf43f769472e00fa9ee6295556e56cd8135a82

SHA512
3ae0dd3bc94dfec2100b6d5f53f6b88561a196dc5cc704705f32065c9f6e7c0acb611834c91c03f14a2f3ff2cd1d5cb246e1b6f4d03827c691579557d35f9483

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavmp2dec.dll

Filesize
56KB

MD5
0536d131a438d79804328438bd03de76

SHA1
a8ea66bb38390cbc96e9b6bfc731247abcc26811

SHA256
14802b88b1e34fc0026cee85a91d93c6277c5768adb77b5ff4267bf6ad44c145

SHA512
110fdfbecf0f2f022abd72f3fa73d6b2d5c00cefe9ecad437c2291f7f449ddef54ecbd0f4f3ffc6e34fe713f5e20f5fd83ecf5c80446e3754b6a65f1bb05a88d

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\dllmavmp3dec.dll

Filesize
103KB

MD5
47a225265823c0c35645a8efe1d85d74

SHA1
e1629578a7bc767c36379098aeb10b561d388314

SHA256
aa9bd70bd2204898f8909517b26dd6ab8eaaf9d47fe8e383f666c0a894695622

SHA512
b3319b2839741ff260f8b4ae52d3cad2472b993a5be11341fc1d3353ec166e69f1013f4155fb2658741c71f05b83577d72b2f003d1d7ef7d729b5df445f9f792

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\fisheye.dll

Filesize
763KB

MD5
5ceb84e0212f80af2b50fac1671464e2

SHA1
899ed1d13910298139882cf106383faa39611928

SHA256
9e07bd2a64d6232c270b4104a9217b89aab90d91a8e716a48d9ee63b2dc35030

SHA512
f8ae62eb619fe45259191f336ed7e41eb9c0499f23948e77e67a5ce267a74a12ccbcaa3dd5bfcfff9952a94a6dc9e8a44cdc3153c068a5c07b5dcc8544e5394d

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\h264dec.dll

Filesize
556KB

MD5
bff61e23a8640144994b3954d513da0b

SHA1
b78cfecc8f3e2e2d6bae877f7d8221d7bc6215e4

SHA256
50113c267ecd95615e37b7db9cf1a9e4ae398aff35c199ee3ecff5fe3d234e93

SHA512
42870af17f50a99494987b662b6cc6d046fa3ad83d8cb2cdf8fd5bd9b21ac4b40cd750cae597dd571f2e438ef9d2a4e891549c793ea15c5662f7fc32a82a03ae

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\hevcdec.dll

Filesize
1.2MB

MD5
a3c5fd97cf132eeb20b02085eb5dcf6f

SHA1
6aff3238602d7e4ad8c1260494f47f3cbdaa55a1

SHA256
966b85dc333c2f5140485eb5d9e401007e9b7406fb9cbb085c8258ba8a1c693d

SHA512
1a60f525cb90e3db54d11ddbcf61af24255cfbca6b828963223b114effe2fe76bb5323dc7bd6e9a1924a97763aa7c8e26c615c501b354adc505164413d4753d3

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\jpeg_dec.dll

Filesize
170KB

MD5
0b7701110624c46ef17262661a931336

SHA1
ccbee483805a479a9eff96292714839010b86e16

SHA256
9ae8b6d12df227619147dac3b9e99c47e1e57bf38912dda4caab957cd6369a89

SHA512
0c07efd63029cb7d27687fcda6e33421d9a723b8f4b009cdd915d3a8f1178dd0c0b8a2d3eceb2369b09eaee8be9df4a3ee9bfd4128d0d4d6564e953cf752377e

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\mpeg4dec.dll

Filesize
179KB

MD5
8f5751ae7d6f04c0f3ef1e046763f086

SHA1
dc7758be1473158f6ea9e8bd31ea3f9a2207c5f7

SHA256
bc7f6b6c1270693245237e8b6fdbe68013146977e87660512e778ce1248b5b3c

SHA512
25f60cd8df4474255950823566a774326065ab90cf28ac45bfe607e77ae717d6bf68d8d8dec00b82e59352ec245ac440aca5b12335accd4c1536c6552c46c683

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\npMedia5.0.412649.0.dll

Filesize
356KB

MD5
d1792a0fc06aa88a5e6420cc83b62979

SHA1
2813889967a39b7e4c35fe8c7a5071dbfa94abfb

SHA256
317b136aacb298ef67ff6644a0e8ff8adcacf2fad5fd2b33eaa51fcbb3b2273e

SHA512
90502d5343c087a16814181b1ed6f852a27be0843ec9ad752f8ca41eb953f229db3653114215040c53434ff5e578b682aafb4bb494ba6140192f73163072f485

Download Submit
\Program Files (x86)\webrec\Torch\5.0.412649.0\postproc.dll

Filesize
74KB

MD5
b7114e46b7e7bc8e96a3686840e5e4b8

SHA1
f798c12bccafef9823fba5f9677776cdf51abd53

SHA256
6ecd5f96d190e58e523484f4978ca7b475b1ac546215c0d443714af512543ceb

SHA512
c3110936b68888cbfd12c87284aeddb1a2d645297a674336c8c774de2cf6e94bec7afcea56538c4d23534c877a6083d1c5786c0f1d5a508622138d7d9ec19641

Download Submit
\Users\Admin\AppData\Local\Temp\nsd2B09.tmp\nsExec.dll

Filesize
6KB

MD5
acc2b699edfea5bf5aae45aba3a41e96

SHA1
d2accf4d494e43ceb2cff69abe4dd17147d29cc2

SHA256
168a974eaa3f588d759db3f47c1a9fdc3494ba1fa1a73a84e5e3b2a4d58abd7e

SHA512
e29ea10ada98c71a18273b04f44f385b120d4e8473e441ce5748cfa44a23648814f2656f429b85440157988c88de776c6ac008dc38bf09cbb746c230a46c69fe

Download Submit
memory/828-54-0x0000000075AC1000-0x0000000075AC3000-memory.dmp

Filesize
8KB

Download
memory/1740-136-0x0000000003FA0000-0x0000000003FFC000-memory.dmp

Filesize
368KB

Download
memory/1740-140-0x0000000004260000-0x0000000004315000-memory.dmp

Filesize
724KB

Download
memory/1740-128-0x0000000003F10000-0x0000000003F96000-memory.dmp

Filesize
536KB

Download
memory/1740-125-0x0000000003C91000-0x0000000003E81000-memory.dmp

Filesize
1.9MB

Download
memory/1740-71-0x0000000003740000-0x0000000003799000-memory.dmp

Filesize
356KB

Download
memory/1740-76-0x00000000037A0000-0x0000000003826000-memory.dmp

Filesize
536KB

Download
memory/1740-126-0x0000000003C90000-0x0000000003F0F000-memory.dmp

Filesize
2.5MB

Download
memory/1740-82-0x00000000039A0000-0x0000000003B92000-memory.dmp

Filesize
1.9MB

Download
memory/1740-142-0x0000000004320000-0x0000000004477000-memory.dmp

Filesize
1.3MB

Download
memory/1740-144-0x0000000003960000-0x0000000003989000-memory.dmp

Filesize
164KB

Download
memory/1740-150-0x0000000003FA1000-0x0000000004017000-memory.dmp

Filesize
472KB

Download
memory/1740-151-0x0000000003FA0000-0x0000000004034000-memory.dmp

Filesize
592KB

Download
memory/1740-152-0x0000000004511000-0x0000000004648000-memory.dmp

Filesize
1.2MB

Download
memory/1740-153-0x0000000004510000-0x0000000004702000-memory.dmp

Filesize
1.9MB

Download