f683a83f9974c75a7fd162b114fe21aded2e14ed2dddea537c127232a7b20a2f

Analysis

max time kernel
79s
max time network
84s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
02/02/2023, 08:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

NinjaRipper2011beta_setup.exe
Size

99.7MB
MD5

9f75e1cf90e9acac0d72de9e3d3af1b5
SHA1

0721ee460bae9a1549d205389960688c39baf93a
SHA256

f683a83f9974c75a7fd162b114fe21aded2e14ed2dddea537c127232a7b20a2f
SHA512

bca90b1a1228d4bff0c0e3739466b8348b96215efe8ac31ba175aeb9420ffab49fd033b62e9e17b656439bfeb41eb7c7c74860401d17adc911045615f09507f0
SSDEEP

3145728:e5l7VvuMWJB+X5xQWlsHKakt9ywT4Bj4YfvMZ:u5VGMWT+UcfakWrff0Z

Score

8^/10

discovery

Malware Config

Signatures

Executes dropped EXE 2 IoCs

pid	Process
1208	Process not Found
580	NinjaRipper2.exe

Loads dropped DLL 14 IoCs

pid	Process
844	NinjaRipper2011beta_setup.exe
844	NinjaRipper2011beta_setup.exe
844	NinjaRipper2011beta_setup.exe
844	NinjaRipper2011beta_setup.exe
844	NinjaRipper2011beta_setup.exe
844	NinjaRipper2011beta_setup.exe
1208	Process not Found
1208	Process not Found
1208	Process not Found
580	NinjaRipper2.exe
580	NinjaRipper2.exe
580	NinjaRipper2.exe
580	NinjaRipper2.exe
580	NinjaRipper2.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin32\d3dcompiler_47.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\data\config.xml	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\external\dgVoodoo2\3Dfx\x86\Glide3x.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\ssleay32.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\external\dgVoodoo2\QuickGuide.url	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\external\dgVoodoo2\MS\arm64\D3D9.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\importers\readme_3dsmax.txt	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\importers\noesis\import_nr\nrtools.py	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\themes\Dark.qss	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin32\Qt5Svg.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin32\platforms\qwindows.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\platforms\qwindows.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\external\dgVoodoo2\dgVoodooCpl.exe	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\external\dgVoodoo2\MS\x86\D3D9.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\importers\3dsmax\import_nr\nrimp.py	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\themes\readme.txt	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\importers\noesis\import_nr\nrnoeimp.py	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin32\intruder.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin32\libeay32.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\NinjaRipper2.exe	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\d3dcompiler_47.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\external\dgVoodoo2\Cpl\x64\dgVoodooCpl.exe	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\external\dgVoodoo2\Doc\ReadmeGlide.url	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\importers\noesis\import_nr\nrimp.py	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\themes\images\checkbox_checked_dark.png	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\importers\3dsmax\import_world.ms	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\readme_wrappers.txt	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin32\Qt5Network.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin32\Qt5Widgets.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\Qt5Network.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\external\dgVoodoo2\3Dfx\arm64\Glide3x.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\external\dgVoodoo2\MS\x86\D3D8.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\importers\io_import_nr.zip	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\importers\3dsmax\import_nr\nr3dsimpmain.py	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\importers\3dsmax\import_nr\nrtools.py	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\themes\images\checkbox_unchecked_dark.png	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin32\vcredist_x86.exe	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\dxil.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\external\dgVoodoo2\3Dfx\x86\Napalm\Glide3x.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\external\dgVoodoo2\Cpl\arm64\dgVoodooCpl.exe	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\external\dgVoodoo2\Doc\ReadmeDirectX.url	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\importers\3dsmax\import_nr\nrdump.py	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\themes\Light.qss	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin32\Qt5Core.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin32\dxcompiler.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\external\dgVoodoo2\Doc\Readme.url	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\themes\images\up_arrow.png	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\themes\images\up_arrow_dark.png	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin32\Qt5Gui.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\Qt5Gui.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\intruder.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\external\dgVoodoo2\MS\x86\D3DImm.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\importers\readme_noesis.txt	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\themes\images\down_arrow.png	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\translations\Русский.qm	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin32\dxil.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\Qt5Widgets.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\wrappers\opengl32.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\uninst.exe	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin32\wrappers\opengl32.dll	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\external\dgVoodoo2\dgVoodoo.conf	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\importers\copy_3dsmaxaddon_to_maxdir.bat	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\importers\readme_blender.txt	NinjaRipper2011beta_setup.exe
File created	C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\importers\3dsmax\import_nr\nrqtgui.py	NinjaRipper2011beta_setup.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Modifies Internet Explorer settings 1 TTPs 28 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\DOMStorage\captcha-delivery.com	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{333A20F1-A2D6-11ED-AA9B-EE0F1DD48A27} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\DOMStorage\captcha-delivery.com\NumberOfSubdomains = "1"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\MINIE	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\DOMStorage	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\MINIE\TabBandWidth = "500"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
580	NinjaRipper2.exe

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
580	NinjaRipper2.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
580	NinjaRipper2.exe

Suspicious use of FindShellTrayWindow 2 IoCs

pid	Process
580	NinjaRipper2.exe
804	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
580	NinjaRipper2.exe
804	iexplore.exe
804	iexplore.exe
340	IEXPLORE.EXE
340	IEXPLORE.EXE
804	iexplore.exe

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 580 wrote to memory of 804	580	NinjaRipper2.exe	29
PID 580 wrote to memory of 804	580	NinjaRipper2.exe	29
PID 580 wrote to memory of 804	580	NinjaRipper2.exe	29
PID 804 wrote to memory of 340	804	iexplore.exe	31
PID 804 wrote to memory of 340	804	iexplore.exe	31
PID 804 wrote to memory of 340	804	iexplore.exe	31
PID 804 wrote to memory of 340	804	iexplore.exe	31

C:\Users\Admin\AppData\Local\Temp\NinjaRipper2011beta_setup.exe
"C:\Users\Admin\AppData\Local\Temp\NinjaRipper2011beta_setup.exe"
1⤵
- Loads dropped DLL
- Drops file in Program Files directory
PID:844

C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\NinjaRipper2.exe
"C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\NinjaRipper2.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:580
- C:\Program Files\Internet Explorer\iexplore.exe
  "C:\Program Files\Internet Explorer\iexplore.exe" https://www.patreon.com/oauth2/become-patron?response_type=code&min_cents=500&client_id=SjnOyIKa_1lUKLDVuKwc18ykzfbAhGxt2j-syE8X9UJHs5p9Jv9Ucv1iFWGNgXf2&scope=identity&redirect_uri=https://ninjaripper.com/patreoncallback.php&state=nQAuq8JYb228zrMox9BFOkdHjm%2Bntw5dQrjaokq5idVpx8ZfV3mVJg%3D%3D
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:804
- - C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:804 CREDAT:275457 /prefetch:2
    3⤵
    - Modifies Internet Explorer settings
    - Suspicious use of SetWindowsHookEx
    PID:340

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\NinjaRipper2.exe

Filesize
10.7MB

MD5
a4a8d0dc02abcccec581fc97058d03ee

SHA1
21572e962db6c0840cb09c1a2bad5dc1641166d7

SHA256
0acaa82a92d0bc5f23fbe2b621bcf1f7b87f1fca433729a1a22e8361c616afb3

SHA512
ce7588b9765489485534b39e61fe7e16182fa209b00f8a78e8216e3d7d37a3ab2ad47bf8c75f9c92de62b0d54071fb0fff41627cda23d84e75d12ae817a35252

Download Submit
C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\NinjaRipper2.exe

Filesize
10.7MB

MD5
a4a8d0dc02abcccec581fc97058d03ee

SHA1
21572e962db6c0840cb09c1a2bad5dc1641166d7

SHA256
0acaa82a92d0bc5f23fbe2b621bcf1f7b87f1fca433729a1a22e8361c616afb3

SHA512
ce7588b9765489485534b39e61fe7e16182fa209b00f8a78e8216e3d7d37a3ab2ad47bf8c75f9c92de62b0d54071fb0fff41627cda23d84e75d12ae817a35252

Download Submit
C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\Qt5Core.dll

Filesize
5.6MB

MD5
f9e081fec48237576a526f5f7c4b9629

SHA1
0133fbfd4baa86e312a33643b491514b1337bd4f

SHA256
cac4aaa974c9648374d385a2961134c59d289344c9d1f0daf490d202e3f8159a

SHA512
4d312763fdca55a882b1cdb884e7556470c5346f9a0a29ff8529c211665dfe2fb719f682cbd69e768b90a4fa6beadc237e65753c57bd58fa74b0998d191911c4

Download Submit
C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\Qt5Gui.dll

Filesize
6.0MB

MD5
e16a501bea674ce6b4bb314e0d3287f7

SHA1
cbcaedac243aceea1a535f79f89a15300032b791

SHA256
b4a2c9c8454826eef63ee5807a832f97ef7fc630f1635e758e7381f2be05ee5c

SHA512
cef3c5dc5f2439c324b5c740106c9d53f050088e033834d7373551ca3837f273d4eade703bdeaf362f455017e0d6ec757d2340099f113e1a50ed75a34a2ee0ad

Download Submit
C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\Qt5Network.dll

Filesize
1.2MB

MD5
6d3f9fb92d993a991fdd077f8c194db7

SHA1
7bab7730772cdd821a9b0d9dd6f18ee278a33107

SHA256
e29ac60ba5acf914a8d621d2cb69a6e0c9affd64a29d467cc6ef9c6b50ee13e8

SHA512
8b6302398f225a3fe8b73c4a9a7378461e84b9348eee2f7be070e9077ff1e48e3acb61cf69c07a5e73da46eaf8dc88526683a7b9fd1968415bc3515f728a764f

Download Submit
C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\Qt5Widgets.dll

Filesize
5.3MB

MD5
128e0ff017cfac20dc37d2a0e0609ff8

SHA1
d41226aa942040d811e2db7c0194fc74c1dce46b

SHA256
50bbd1bad5d7c0fa7341bf80c4f8950f1049930e24cdfa9d0282a522717c51a7

SHA512
0ec596fdc5e6162584575e1dd787f092f25595a82ab51b147116239764078e70b47408cc378e195e472cf3d40c5576268dfbdc8027aaa50e9e2947034dd36bf7

Download Submit
C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\platforms\qwindows.dll

Filesize
1.4MB

MD5
61799973f397f2a5f9a1b80a4f4a64c3

SHA1
09e417682e7f56e2570fb9563a4aa08bc9486170

SHA256
c85d46debb233f8aaebf357d62c23bfbca50b113b291092d1deb2bbf4177ba70

SHA512
7cac8f51c83dcfd8e083a84eb12d72a9b8c61b3321764fbde0299228d9821c254cdec82556e5c23b15a0dba451b8cb22c724d4331e3ea8f930f2352ca4a28fe6

Download Submit
C:\Program Files (x86)\Ninja Ripper 2.0.11 beta\themes\Dark.qss

Filesize
3KB

MD5
2cbd0bd39a54d826eb52d21656745b6c

SHA1
30ff5771d1e1a5c91a0e85f2d7df71f42d3fd8b1

SHA256
4d643c523f91f0981e70c8b0b168446d2a5f2c04d171fb1c05638040ccfa334b

SHA512
f3350f860f4bace1e786c17a93f98aa680de69c453d43465f5728decd83e4380b8210ea58cc67a53ea31e0b433d3670f36d9e8c9a1e13f3b4244cb10b4ce3dbb

Download Submit
\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\NinjaRipper2.exe

Filesize
10.7MB

MD5
a4a8d0dc02abcccec581fc97058d03ee

SHA1
21572e962db6c0840cb09c1a2bad5dc1641166d7

SHA256
0acaa82a92d0bc5f23fbe2b621bcf1f7b87f1fca433729a1a22e8361c616afb3

SHA512
ce7588b9765489485534b39e61fe7e16182fa209b00f8a78e8216e3d7d37a3ab2ad47bf8c75f9c92de62b0d54071fb0fff41627cda23d84e75d12ae817a35252

Download Submit
\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\NinjaRipper2.exe

Filesize
10.7MB

MD5
a4a8d0dc02abcccec581fc97058d03ee

SHA1
21572e962db6c0840cb09c1a2bad5dc1641166d7

SHA256
0acaa82a92d0bc5f23fbe2b621bcf1f7b87f1fca433729a1a22e8361c616afb3

SHA512
ce7588b9765489485534b39e61fe7e16182fa209b00f8a78e8216e3d7d37a3ab2ad47bf8c75f9c92de62b0d54071fb0fff41627cda23d84e75d12ae817a35252

Download Submit
\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\NinjaRipper2.exe

Filesize
10.7MB

MD5
a4a8d0dc02abcccec581fc97058d03ee

SHA1
21572e962db6c0840cb09c1a2bad5dc1641166d7

SHA256
0acaa82a92d0bc5f23fbe2b621bcf1f7b87f1fca433729a1a22e8361c616afb3

SHA512
ce7588b9765489485534b39e61fe7e16182fa209b00f8a78e8216e3d7d37a3ab2ad47bf8c75f9c92de62b0d54071fb0fff41627cda23d84e75d12ae817a35252

Download Submit
\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\NinjaRipper2.exe

Filesize
10.7MB

MD5
a4a8d0dc02abcccec581fc97058d03ee

SHA1
21572e962db6c0840cb09c1a2bad5dc1641166d7

SHA256
0acaa82a92d0bc5f23fbe2b621bcf1f7b87f1fca433729a1a22e8361c616afb3

SHA512
ce7588b9765489485534b39e61fe7e16182fa209b00f8a78e8216e3d7d37a3ab2ad47bf8c75f9c92de62b0d54071fb0fff41627cda23d84e75d12ae817a35252

Download Submit
\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\NinjaRipper2.exe

Filesize
10.7MB

MD5
a4a8d0dc02abcccec581fc97058d03ee

SHA1
21572e962db6c0840cb09c1a2bad5dc1641166d7

SHA256
0acaa82a92d0bc5f23fbe2b621bcf1f7b87f1fca433729a1a22e8361c616afb3

SHA512
ce7588b9765489485534b39e61fe7e16182fa209b00f8a78e8216e3d7d37a3ab2ad47bf8c75f9c92de62b0d54071fb0fff41627cda23d84e75d12ae817a35252

Download Submit
\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\NinjaRipper2.exe

Filesize
10.7MB

MD5
a4a8d0dc02abcccec581fc97058d03ee

SHA1
21572e962db6c0840cb09c1a2bad5dc1641166d7

SHA256
0acaa82a92d0bc5f23fbe2b621bcf1f7b87f1fca433729a1a22e8361c616afb3

SHA512
ce7588b9765489485534b39e61fe7e16182fa209b00f8a78e8216e3d7d37a3ab2ad47bf8c75f9c92de62b0d54071fb0fff41627cda23d84e75d12ae817a35252

Download Submit
\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\Qt5Core.dll

Filesize
5.6MB

MD5
f9e081fec48237576a526f5f7c4b9629

SHA1
0133fbfd4baa86e312a33643b491514b1337bd4f

SHA256
cac4aaa974c9648374d385a2961134c59d289344c9d1f0daf490d202e3f8159a

SHA512
4d312763fdca55a882b1cdb884e7556470c5346f9a0a29ff8529c211665dfe2fb719f682cbd69e768b90a4fa6beadc237e65753c57bd58fa74b0998d191911c4

Download Submit
\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\Qt5Gui.dll

Filesize
6.0MB

MD5
e16a501bea674ce6b4bb314e0d3287f7

SHA1
cbcaedac243aceea1a535f79f89a15300032b791

SHA256
b4a2c9c8454826eef63ee5807a832f97ef7fc630f1635e758e7381f2be05ee5c

SHA512
cef3c5dc5f2439c324b5c740106c9d53f050088e033834d7373551ca3837f273d4eade703bdeaf362f455017e0d6ec757d2340099f113e1a50ed75a34a2ee0ad

Download Submit
\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\Qt5Network.dll

Filesize
1.2MB

MD5
6d3f9fb92d993a991fdd077f8c194db7

SHA1
7bab7730772cdd821a9b0d9dd6f18ee278a33107

SHA256
e29ac60ba5acf914a8d621d2cb69a6e0c9affd64a29d467cc6ef9c6b50ee13e8

SHA512
8b6302398f225a3fe8b73c4a9a7378461e84b9348eee2f7be070e9077ff1e48e3acb61cf69c07a5e73da46eaf8dc88526683a7b9fd1968415bc3515f728a764f

Download Submit
\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\Qt5Widgets.dll

Filesize
5.3MB

MD5
128e0ff017cfac20dc37d2a0e0609ff8

SHA1
d41226aa942040d811e2db7c0194fc74c1dce46b

SHA256
50bbd1bad5d7c0fa7341bf80c4f8950f1049930e24cdfa9d0282a522717c51a7

SHA512
0ec596fdc5e6162584575e1dd787f092f25595a82ab51b147116239764078e70b47408cc378e195e472cf3d40c5576268dfbdc8027aaa50e9e2947034dd36bf7

Download Submit
\Program Files (x86)\Ninja Ripper 2.0.11 beta\bin64\platforms\qwindows.dll

Filesize
1.4MB

MD5
61799973f397f2a5f9a1b80a4f4a64c3

SHA1
09e417682e7f56e2570fb9563a4aa08bc9486170

SHA256
c85d46debb233f8aaebf357d62c23bfbca50b113b291092d1deb2bbf4177ba70

SHA512
7cac8f51c83dcfd8e083a84eb12d72a9b8c61b3321764fbde0299228d9821c254cdec82556e5c23b15a0dba451b8cb22c724d4331e3ea8f930f2352ca4a28fe6

Download Submit
\Users\Admin\AppData\Local\Temp\nsd14CA.tmp\InstallOptions.dll

Filesize
15KB

MD5
90bb49f3fd416f912a637526914bd044

SHA1
626051dd6c759a5b847664549736c37aba9ede5a

SHA256
1f8e8f336df6773d6b63bd5a7efbfc889d08888fec55da402eaf93cb950aa283

SHA512
5156923f51be2057f7003577b46732f6b0b0bb55402f49df3747085b9802b3a2492cd5f087ef988db5a69f241c10163ada0e649b149da8a198b7fc2cc83334e5

Download Submit
\Users\Admin\AppData\Local\Temp\nsd14CA.tmp\InstallOptions.dll

Filesize
15KB

MD5
90bb49f3fd416f912a637526914bd044

SHA1
626051dd6c759a5b847664549736c37aba9ede5a

SHA256
1f8e8f336df6773d6b63bd5a7efbfc889d08888fec55da402eaf93cb950aa283

SHA512
5156923f51be2057f7003577b46732f6b0b0bb55402f49df3747085b9802b3a2492cd5f087ef988db5a69f241c10163ada0e649b149da8a198b7fc2cc83334e5

Download Submit
\Users\Admin\AppData\Local\Temp\nsd14CA.tmp\LangDLL.dll

Filesize
5KB

MD5
08de81a4584f5201086f57a7a93ed83b

SHA1
266a6ecc8fb7dca115e6915cd75e2595816841a8

SHA256
4883cd4231744be2dca4433ef62824b7957a3c16be54f8526270402d9413ebe6

SHA512
b72e7cea5ce1f4dc64e65a1f683a3ef9e3fa2dc45cf421f569eb461f1fdcc0caf4ff62a872e62b400579f567c6ff9fc3c2e6e020cdca89d96015502c803a09b9

Download Submit
\Users\Admin\AppData\Local\Temp\nsd14CA.tmp\System.dll

Filesize
12KB

MD5
6e55a6e7c3fdbd244042eb15cb1ec739

SHA1
070ea80e2192abc42f358d47b276990b5fa285a9

SHA256
acf90ab6f4edc687e94aaf604d05e16e6cfb5e35873783b50c66f307a35c6506

SHA512
2d504b74da38edc967e3859733a2a9cacd885db82f0ca69bfb66872e882707314c54238344d45945dc98bae85772aceef71a741787922d640627d3c8ae8f1c35

Download Submit
memory/580-72-0x000007FEF6420000-0x000007FEF696F000-memory.dmp

Filesize
5.3MB

Download
memory/580-76-0x000000013FED0000-0x0000000141280000-memory.dmp

Filesize
19.7MB

Download
memory/580-83-0x000000013FED0000-0x0000000141280000-memory.dmp

Filesize
19.7MB

Download
memory/580-84-0x000007FEFB9E1000-0x000007FEFB9E3000-memory.dmp

Filesize
8KB

Download
memory/580-85-0x000000013FED0000-0x0000000141280000-memory.dmp

Filesize
19.7MB

Download
memory/844-54-0x0000000075601000-0x0000000075603000-memory.dmp

Filesize
8KB

Download