e78d2705c55dc8f4398e14391c197ca60edb766ba46339e66c04756fe79c6032

Analysis

max time kernel
73s
max time network
62s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
03/02/2023, 01:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

YTDSetup.exe
Size

13.5MB
MD5

8118cee82d7d42b2aa06c90cd74839fe
SHA1

40e77bde5eee58a5bab2deb1732471b3ea4a1ea7
SHA256

e78d2705c55dc8f4398e14391c197ca60edb766ba46339e66c04756fe79c6032
SHA512

e92cc5f7a0f663c447729cbe861e79936f539235b2db77535c7620c590c0964526be7a0cdd9048bcd4edb0cb7712fe27fc79b6c22f4be7e1b0de0ba7054fe3fd
SSDEEP

393216:az7yK7xZiYYoLkcRzzHHzAiplQR8zib/e4mmw:8GKHS8HrlQqz0/vw

Score

7^/10

discovery

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
1052	ytd.exe

Loads dropped DLL 34 IoCs

pid	Process
828	YTDSetup.exe
828	YTDSetup.exe
828	YTDSetup.exe
828	YTDSetup.exe
828	YTDSetup.exe
828	YTDSetup.exe
828	YTDSetup.exe
828	YTDSetup.exe
828	YTDSetup.exe
828	YTDSetup.exe
828	YTDSetup.exe
828	YTDSetup.exe
828	YTDSetup.exe
828	YTDSetup.exe
828	YTDSetup.exe
828	YTDSetup.exe
828	YTDSetup.exe
828	YTDSetup.exe
1052	ytd.exe
1052	ytd.exe
1052	ytd.exe
1052	ytd.exe
1052	ytd.exe
1052	ytd.exe
1052	ytd.exe
1052	ytd.exe
1052	ytd.exe
1052	ytd.exe
1052	ytd.exe
1052	ytd.exe
1052	ytd.exe
1052	ytd.exe
1052	ytd.exe
1052	ytd.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 56 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\librtmp.dll	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res2070.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\libfloat_mixer_plugin.dll	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1029.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1034.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\COPYING.Apachev2	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\COPYING.LGPLv2	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1044.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\plugins.dat.1052	ytd.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\manual.bat	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\libugly_resampler_plugin.dll	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1050.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1059.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Uninstall.exe	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libwingdi_plugin.dll	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1038.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1043.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1052.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res2052.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libdrawable_plugin.dll	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1026.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\scripts.yds	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\libvlc.dll	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1048.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1055.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\LICENSE	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1035.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\libaudio_format_plugin.dll	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_output\libdirectsound_plugin.dll	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\libvlccore.dll	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\access\libfilesystem_plugin.dll	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1051.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res2074.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1061.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\COPYING.LGPLv3	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\libinteger_mixer_plugin.dll	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1041.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1053.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1025.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1033.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1045.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_filter\libswscale_plugin.dll	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1030.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1060.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1031.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1040.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1032.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res9999.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\FFMPEG.EXE	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libvmem_plugin.dll	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libdirect3d_plugin.dll	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1036.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1049.ini	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe	YTDSetup.exe
File created	C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\codec\libavcodec_plugin.dll	YTDSetup.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Modifies Internet Explorer settings 1 TTPs 26 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{9FE8E421-A362-11ED-9FD0-D6EA6736E294} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\MINIE\TabBandWidth = "500"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\MINIE	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main	ytd.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe

Suspicious behavior: EnumeratesProcesses 5 IoCs

pid	Process
828	YTDSetup.exe
828	YTDSetup.exe
828	YTDSetup.exe
1052	ytd.exe
1052	ytd.exe

Suspicious use of AdjustPrivilegeToken 4 IoCs

description	pid	Process
Token: 33	616	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	616	AUDIODG.EXE
Token: 33	616	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	616	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 3 IoCs

pid	Process
436	iexplore.exe
1052	ytd.exe
1052	ytd.exe

Suspicious use of SendNotifyMessage 2 IoCs

pid	Process
1052	ytd.exe
1052	ytd.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
436	iexplore.exe
436	iexplore.exe
992	IEXPLORE.EXE
992	IEXPLORE.EXE
1052	ytd.exe
1052	ytd.exe

Suspicious use of WriteProcessMemory 19 IoCs

description	pid	Process	procid_target
PID 828 wrote to memory of 1740	828	YTDSetup.exe	28
PID 828 wrote to memory of 1740	828	YTDSetup.exe	28
PID 828 wrote to memory of 1740	828	YTDSetup.exe	28
PID 828 wrote to memory of 1740	828	YTDSetup.exe	28
PID 632 wrote to memory of 436	632	explorer.exe	30
PID 632 wrote to memory of 436	632	explorer.exe	30
PID 632 wrote to memory of 436	632	explorer.exe	30
PID 436 wrote to memory of 992	436	iexplore.exe	32
PID 436 wrote to memory of 992	436	iexplore.exe	32
PID 436 wrote to memory of 992	436	iexplore.exe	32
PID 436 wrote to memory of 992	436	iexplore.exe	32
PID 828 wrote to memory of 1140	828	YTDSetup.exe	33
PID 828 wrote to memory of 1140	828	YTDSetup.exe	33
PID 828 wrote to memory of 1140	828	YTDSetup.exe	33
PID 828 wrote to memory of 1140	828	YTDSetup.exe	33
PID 1488 wrote to memory of 1052	1488	explorer.exe	35
PID 1488 wrote to memory of 1052	1488	explorer.exe	35
PID 1488 wrote to memory of 1052	1488	explorer.exe	35
PID 1488 wrote to memory of 1052	1488	explorer.exe	35

C:\Users\Admin\AppData\Local\Temp\YTDSetup.exe
"C:\Users\Admin\AppData\Local\Temp\YTDSetup.exe"
1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:828
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe" "http://www.ytddownloader.com/thankyou.html?isn=01C79F9D56D5450682ACA7F821D2AC3B&lang=1033&cid=0adb1f2444aa956fc7752180c6b9a314&oldVer=&newVer=5.9.22&kt=ytds&pv=0"
  2⤵
  PID:1740
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe" "C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe"
  2⤵
  PID:1140

C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
1⤵
- Suspicious use of WriteProcessMemory
PID:632
- C:\Program Files\Internet Explorer\iexplore.exe
  "C:\Program Files\Internet Explorer\iexplore.exe" http://www.ytddownloader.com/thankyou.html?isn=01C79F9D56D5450682ACA7F821D2AC3B&lang=1033&cid=0adb1f2444aa956fc7752180c6b9a314&oldVer=&newVer=5.9.22&kt=ytds&pv=0
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:436
- - C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:436 CREDAT:275457 /prefetch:2
    3⤵
    - Modifies Internet Explorer settings
    - Suspicious use of SetWindowsHookEx
    PID:992

C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
1⤵
- Suspicious use of WriteProcessMemory
PID:1488
- C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe
  "C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Drops file in Program Files directory
  - Modifies Internet Explorer settings
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  PID:1052

C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
1⤵
PID:1472

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x458
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:616

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1033.ini

Filesize
14KB

MD5
5e4f61279b53016801d453b1d7a20cd3

SHA1
f32a34a88f7684264bfe4b1589cb7fd346add1b7

SHA256
546f50186b607153c9f121c751ac592b8905c29397bdd7a9c0bd860e467e6ee9

SHA512
1f9514359eada9224ed52815f02b17712d357e9806171acd1b0c88d6dceadac5692e5a131df4af62b8d15fce01759ffdcc3f075c374a33d43e10df8acc5268c6

Download Submit
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\libvlc.dll

Filesize
111KB

MD5
ded3aa6b7920334e6b334eaed3db96c5

SHA1
43ddc57d22dce102a3687e548bd36e32fe20495e

SHA256
feed76629d5f9dbe7401a326994e80b003ca5fe1cf876029e4707a71bf4b5860

SHA512
aeec44f69d430a544594433a8e830af075cad27a7dfe83401ee82e51a949d1140e253ee49f786b944ddf98f513f3754eda6bf0311288eddf7ad1a73d8110de9c

Download Submit
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\libvlccore.dll

Filesize
2.2MB

MD5
3c07164ceba1068ee3eff672d8e11eb6

SHA1
c96d644ad20a788100609061c052220828784a09

SHA256
170a18f9d841606432b9157f243c43c7a2d53bf1fc028a147bd15f505749e69a

SHA512
af48e1d10f442789df7edaa89b7364f7670134af7f8c624b22073eadaf3516cf10aab196b411835afb839c0256314eb3d75fec37afe3f78f5e5fe123b3ffef4f

Download Submit
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\access\libfilesystem_plugin.dll

Filesize
45KB

MD5
ab0a22194181d6d6ff01123dc9a376ce

SHA1
006355a4240c874443db242ec4d79b8f61e149be

SHA256
4d03b0edd616098fa390a41f8d68f6b77f4c96abf0bbf1578e310c1846017da1

SHA512
1db197bf8e99cd3e729a481a6f24fe1b090a12679a6ab5b6334e26a8442bd80d25379104c475fc9a70111b8c57ca048c4a3f40eb6e667814cce9ab1c86b6253e

Download Submit
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\libaudio_format_plugin.dll

Filesize
45KB

MD5
91074f5c7288c67eaed2c2c657e373d3

SHA1
84aecb92336c668bd834a749081eaf1e476c38e4

SHA256
085dc559b88b1687b2918b8ee797734adfbbaa233ba7d8f0e8b5abea8740ca51

SHA512
579a27e5f3565efe46a47034f2880782c5a947b56e65118e8cbc58c886ec805ce39593becce5df4aeb851adc12fc22fd3db450c67b864a618dea05822c58a4a4

Download Submit
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll

Filesize
36KB

MD5
43f19a5d4d42e3cd6514348ba5fbdd96

SHA1
1f708f75fb1024be8b3f6e51ac465664f9414e29

SHA256
634e0e8bcecde4375f1f9510980bc2bf95495acfc8d0a14d15307c49829b4b2a

SHA512
bee50cdaeb50c888bd7df7ed789983a47ce6a50ab8bbba006519640530de8744f164628e741be8cd106cc229de1ca5f63ce23f41e94343869e8ba1aadd840f41

Download Submit
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\libugly_resampler_plugin.dll

Filesize
35KB

MD5
a3297b187aba1024501007bce77eeec4

SHA1
66b0d789f0fc6e465827bc372047ae1b57fb209c

SHA256
bf000179818fd3db857f7f46dca974698258fc11acf518fd77df4f5a9de05bbd

SHA512
8528aedc44bfb827fa2b5c9fe7c36152daa2e7c4cec32b8eabd8167dca4deadbe3dbd2b4723f00355a1f77cca1ff8c3275cc33c85454ef3e951a72bd1a6a407f

Download Submit
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\libfloat_mixer_plugin.dll

Filesize
34KB

MD5
04a21f5ee0a9c27ca5e5dae050f3d275

SHA1
44835c934ec2a4e37a75023317798837e412e34f

SHA256
ef0fdefcf8af37c1ebaca95e79279907a389915d09e81da38fea9ff17afb1acc

SHA512
6fb0b523288c70f11cd1fae8bed774266956033352df6e9dea3f3881a9b971f0d13eddf9d6d124edccc4dc7ead9441749b091017b3f9ed2b33f887a1f8f660fa

Download Submit
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\libinteger_mixer_plugin.dll

Filesize
36KB

MD5
d4f826e68b616cccc1de1e5ef07738b8

SHA1
e35d6657f4de4826d790c935f94ce41320d09b00

SHA256
1b64f39162f9918597019a89068edb9607caae194fd80b5367df08ed06ed5a78

SHA512
877df9980a3951d9f65983ddfac5df8026229e99618cd05b6c803e754074d760c5f4308cd54a1c7e7ba8f65ef684ea43eaa06ebebd4e1a38441ea9a63b47c956

Download Submit
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_output\libdirectsound_plugin.dll

Filesize
46KB

MD5
46672363f47a25d69a5324045f4e8d63

SHA1
f0d65ad9301f953f7b604087d27ce3e600891250

SHA256
0a2f80092b426f11dbf54b10542d3d7b45d2e40fc575e8e0e73cdcca47b4885d

SHA512
24b52206390b04cb909a1da12b46294f2aa848a42c27a6d765e6666ffbf86f64bac929e9210723d5c537a11d015d2f556e39821d01310a328cf41c988a25146b

Download Submit
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\codec\libavcodec_plugin.dll

Filesize
9.5MB

MD5
4088b4e4ea76db97544c76ef7f2af08c

SHA1
c862b32ed75b8ad1c029edd2c0f492fcb689f8e6

SHA256
2d7aff56a160ac39f7b68b34eb1e25bbeee8fca6034fee8f278abd0fb3dbc0d8

SHA512
66f664a8fc270bc611cc1c247fbe9a2b26baa900b7b38a35ac2d232b6af694914667eb066139e1a889b33e226b845f74f615b48ef84eb626fcf3db137468087c

Download Submit
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_filter\libswscale_plugin.dll

Filesize
528KB

MD5
416108272cc56d4036d5796fbb1b8f3c

SHA1
66a7bb238eb0d4ba6543a0046df5324a8833cceb

SHA256
7bf969f40afb0ae30da950059a10868e1a20c0d64ed7da11fa5c9c7e0a123bc4

SHA512
682062f8d3b012242b3f679a16f1e4edf62f7918864488f49fcc8ee5b938989ec6828417c0f771ec2835e11688ce024dc84dbc859c70daac2fff87fab28019fa

Download Submit
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libdirect3d_plugin.dll

Filesize
78KB

MD5
350983ab596397b2d2703d658baeea8c

SHA1
63205b4238ba14871bc44c7b14b61c43ea509f19

SHA256
36f5f233c3c01c8ddbe330a760d28c0733fc512ba5097daba5c992742e0a6571

SHA512
b923e096a0f0460055d8f959ea496625e87a939b0c054fb2331508d8905a3c19ef7dd9a0d327144a70a1ded62cfb602c42637fa2be1de69b1a74f61101fb962e

Download Submit
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libdrawable_plugin.dll

Filesize
36KB

MD5
6d9fa70a05698e9b6aa1c6074def16e8

SHA1
41b2e9aa0ed69a75a279cd3b57e5b4666e9ab991

SHA256
3ef1918ccb05373eb15f5298d083c1c0a8e171ed2ab321a6c2270f26c2185a5b

SHA512
a075bdba7c71664880549b6779d56fc5e354f1ed11eb1f50be68e4e6f81c7fc4b4ead6a7478e58c460f292aac02506d01d5c65a7b42cd4a65ef554b75a20eb01

Download Submit
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libvmem_plugin.dll

Filesize
39KB

MD5
3dee8d41db28133b3d00bfdf0fd16eaf

SHA1
55f447676e8d94df25285155f6974583613395ed

SHA256
d6af06ae76f1409b16d2e781217b863a7b32d5ca953795f52d5aa54b0491272c

SHA512
6b222b39601210957082e490073b2d15caa0ccb94121385f4372a02f916a04d4c1824b0f897c875fa1a756d81d511f4ffa649dae7cc900c3746817e1049a67ac

Download Submit
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libwingdi_plugin.dll

Filesize
64KB

MD5
ccc67f588880568bfd46c4b8140f41aa

SHA1
5d37e43434dc31d55624bfd481c816bd2a285b6d

SHA256
8f42dafb5528c09248478913ba39b6381128c28eace727b488d639f36e614a7d

SHA512
5ac2ae619bb27a4c8cd2fdbed454d930cb5ed8ffa134ab6e9eb84c156650955b7eb1ab4542e5477f7aebad95194dd0dd751dfc508781d9820079d8189ef45092

Download Submit
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\scripts.yds

Filesize
245KB

MD5
0cc821e990de891dd9818c1820797fce

SHA1
ac696d8a9050e5935867d582153305ea8335a07b

SHA256
1c9866aee546a897eef42aac6b196b83d7f026fefed604176f90d926b5781dee

SHA512
1a57ddb5edd927821d7c1ddb75b27557d7c02f6c7a705e7ee217803c2dcc38a6d620993a1d2668fea8c577ee210339072087000d0aaeb6287368a24d00f7d8b5

Download Submit
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe

Filesize
1.9MB

MD5
7a98898adb4b2846f93c9e88e6eedbb1

SHA1
48fbbc81441b60b9ff1b0c292c5b19dd340bffb2

SHA256
849e844b529ac84d030d37f47168daf1e8ecfe6a6f9d33bd4a1d6cc6dfb95431

SHA512
169be05c0002082089e2dd5fe815487c7e9ce8e4f3cb3de326fde6bcdbc87dbc90f35dc86c366984869c431b9719d033845741fba97ef5109885eab8bb07d15b

Download Submit
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe

Filesize
1.9MB

MD5
7a98898adb4b2846f93c9e88e6eedbb1

SHA1
48fbbc81441b60b9ff1b0c292c5b19dd340bffb2

SHA256
849e844b529ac84d030d37f47168daf1e8ecfe6a6f9d33bd4a1d6cc6dfb95431

SHA512
169be05c0002082089e2dd5fe815487c7e9ce8e4f3cb3de326fde6bcdbc87dbc90f35dc86c366984869c431b9719d033845741fba97ef5109885eab8bb07d15b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\75CA58072B9926F763A91F0CC2798706_93E4B2BA79A897B3100CCB27F2D3BF4F

Filesize
1KB

MD5
a5d863d182e0bea2ddaef44f91f84476

SHA1
bbace6752a6a230ecabf6612165c870853c6a1de

SHA256
cdb09a400468085fbf73c42d591181923524603c35aad3b211cfa3f1599f0355

SHA512
c2e76a00ab404f30b4297f594100a6e18ad70407317dc0ccd608a30eb141581f3ebf3759e9a13a9891b35a15c2c6e41276cc0b80aa6b9a5b54b289af09a1460d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7D6243C18F0F8F9AEC6638DD210F1984_1750E90E6A2F3895E8136C206FE22CBC

Filesize
471B

MD5
4a857cbe3f3d0f23a335eecf8c0fa6a7

SHA1
80d7efc7937d6e4cc65d5b8cf1f830227c36b6b3

SHA256
ebe2ca9235c8410aee06a45201b74773e127fa64664bd5421480444c4b94a52e

SHA512
e70afe3c67a0a1ff4655e7ef841a634187d7de68ba86fd2b151a9a7f6f2c085f03bd84f82520a65175a94f6682b351229c4fda265ce94687a6b278ffcfe0fea0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62

Filesize
1KB

MD5
6a0f61698a28b6fff3ca6c07b07672d4

SHA1
850f920a5a68c18862b298749ccb153d3f56fad0

SHA256
291bc632eb650b08024df287bee7b6cd51d95c9746820f99df676b663e90bb43

SHA512
cb1dd3f155517fc9a1b2ff574d057a1fb870ccda2fe386a6c100dafe8b2adcccb08a8c6402a0cd796e2b22971e01263fd04b6fcabef2dd4b074096265eb5594b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894

Filesize
1KB

MD5
4d34e54a7c287917ecff33c996a7728b

SHA1
7b85415ded9ad97601f32c1abcff2c1d4287ceb4

SHA256
780c64c248230e7a0a18ceb77d94e634c12a408ad1b4408c6e5905b202521dd2

SHA512
e5bec206e584255f0d51b8a606607a266f30716c919fc60e0f2c3f0ef21b1a59308399a9cf2efa4761a6ec77c7aef993cb870eaf23a4a231bb7800505d6864e9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\75CA58072B9926F763A91F0CC2798706_93E4B2BA79A897B3100CCB27F2D3BF4F

Filesize
442B

MD5
c68c645ad77b055e8335ffa233baefff

SHA1
86394b15167cbcef782d88e03e73da0b48c9d734

SHA256
13bf545d066799b3b0a8184fcc5cd5926d6786bbd0ccdff03fc9b6ef53fcb82b

SHA512
63807f8f7be6451658a4bd5fe584399507965727d6c569659bcc2cfbf9af2c55533a46242b685a2fc6c92a173416d5120cbaa6a4eb27f670cd9b8b62a3f92e11

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7D6243C18F0F8F9AEC6638DD210F1984_1750E90E6A2F3895E8136C206FE22CBC

Filesize
444B

MD5
2f4b296f8fc36ca0203155d04329ea41

SHA1
b56a204b2fdf55e7465b1c00a9bdb67f8062157d

SHA256
c9bd1b48075ffdb9f171da6e653129403551ca7c41ded2ed6274f9384b1e76d1

SHA512
18d8cefdd8a82ef63ee3544f2f4edb824b83996860649c7cc624c7e2ce838632c6524fcdaa35d7e92cf71a6a4a036fc24005fe95804d872470a52ec3774f7f69

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
304B

MD5
2697b6f657cbea3696017cfe758e11bd

SHA1
8951d6f9a5b276bb95477f7ff8cbb4d0c542f65a

SHA256
6c01c2f0c15c48d7a6ecd4abe078da22b080ef3f9ceb5255ea0b07c1434a671e

SHA512
f3461a6bfaf00c870c01f416167e1452ec296fc89a286df4461d777e029db2c72b40965139b1fe220ec128e21aaeaac04a44be722eaf0db3b6acb837eac4a5fe

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62

Filesize
458B

MD5
d5f33d66df1fe44cd3b36b6333ee929b

SHA1
c6d5577c752eb5a7c68cbbd3d1b94837cd4105ed

SHA256
9d0f392b3da0aa3bad7fa12ed0e29b3823b26824f1d58fdab22e167840dae9b7

SHA512
04c771c6dcdd49434270884daec9c739faa68d2d4dc06d6baf58e9c583fb9994ed51d310dcdf650fbef404ab00ff6ffa11c4d2e7616dc8de6af121eb2012c829

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894

Filesize
432B

MD5
2878806f3558f23a86c4074f4e2418d5

SHA1
c10e3eaed711e6b231e40df0a0c0f49d1fb24ff6

SHA256
b6d2eb31393cee22b7cbeb6355c25b94ff8e565c7dec000aa7d73fa4e3d335d9

SHA512
9ddd80a8b81284e77a431307739a7f27b8955661a895ac82d6de670baf34861364781284beef38883e5d923081f972d22461ff665f0bab30c3196964470119e8

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\0FNU5QBA.txt

Filesize
408B

MD5
21bd7a437b5808db303649e8ec149684

SHA1
e0dac62a9ddb9c8ab050023d85ce3ad451765e80

SHA256
fb3df176c48015a809a43d1d196be5b12aa0b692b05689837ff096716b6f87a4

SHA512
9d4ae17b5753fc9ac7989f52603d3ce47a65f940d6cdd6fbde78c8366562f16f5321758e7c35c0faf9e252fe54a0886123e5f59425df8c71cbd23450498ce828

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\Q5WX6FX7.txt

Filesize
347B

MD5
e29c7b64de42da656509b35dcff23d83

SHA1
895e3ccd77972f32121f3a42a62cb024041fe44e

SHA256
672489b32489e68c2c812717d217b061cbfa5e8f495c345192b32e4d706dbf6a

SHA512
2474c88873d3a78691e082526eade4391919dbe6437033063ba3aad8b9468a64b340e22cb1eb18ac7ac0872c45b9c8159cf7f434501ff081f2fefff9f55318a1

Download Submit
\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Uninstall.exe

Filesize
336KB

MD5
f7b53c76409776ba8fc812daeb3aa7b2

SHA1
4d5ebe115596a0e85af456c7658e9bc6a1f391e9

SHA256
d377d9fc4735ed2f04ed4ebe50d457363982124d8be020a64baec4b42cc1578e

SHA512
053a1ceb2e6e24b20849c78efcb428e1f740d9aac24136604387aadc5740708b469ecb5aa8ca43a2eb5b78339d5455107d3fae71a522ee985f72c5a158182c98

Download Submit
\Program Files (x86)\GreenTree Applications\YTD Video Downloader\libvlc.dll

Filesize
111KB

MD5
ded3aa6b7920334e6b334eaed3db96c5

SHA1
43ddc57d22dce102a3687e548bd36e32fe20495e

SHA256
feed76629d5f9dbe7401a326994e80b003ca5fe1cf876029e4707a71bf4b5860

SHA512
aeec44f69d430a544594433a8e830af075cad27a7dfe83401ee82e51a949d1140e253ee49f786b944ddf98f513f3754eda6bf0311288eddf7ad1a73d8110de9c

Download Submit
\Program Files (x86)\GreenTree Applications\YTD Video Downloader\libvlccore.dll

Filesize
2.2MB

MD5
3c07164ceba1068ee3eff672d8e11eb6

SHA1
c96d644ad20a788100609061c052220828784a09

SHA256
170a18f9d841606432b9157f243c43c7a2d53bf1fc028a147bd15f505749e69a

SHA512
af48e1d10f442789df7edaa89b7364f7670134af7f8c624b22073eadaf3516cf10aab196b411835afb839c0256314eb3d75fec37afe3f78f5e5fe123b3ffef4f

Download Submit
\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\access\libfilesystem_plugin.dll

Filesize
45KB

MD5
ab0a22194181d6d6ff01123dc9a376ce

SHA1
006355a4240c874443db242ec4d79b8f61e149be

SHA256
4d03b0edd616098fa390a41f8d68f6b77f4c96abf0bbf1578e310c1846017da1

SHA512
1db197bf8e99cd3e729a481a6f24fe1b090a12679a6ab5b6334e26a8442bd80d25379104c475fc9a70111b8c57ca048c4a3f40eb6e667814cce9ab1c86b6253e

Download Submit
\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\libaudio_format_plugin.dll

Filesize
45KB

MD5
91074f5c7288c67eaed2c2c657e373d3

SHA1
84aecb92336c668bd834a749081eaf1e476c38e4

SHA256
085dc559b88b1687b2918b8ee797734adfbbaa233ba7d8f0e8b5abea8740ca51

SHA512
579a27e5f3565efe46a47034f2880782c5a947b56e65118e8cbc58c886ec805ce39593becce5df4aeb851adc12fc22fd3db450c67b864a618dea05822c58a4a4

Download Submit
\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll

Filesize
36KB

MD5
43f19a5d4d42e3cd6514348ba5fbdd96

SHA1
1f708f75fb1024be8b3f6e51ac465664f9414e29

SHA256
634e0e8bcecde4375f1f9510980bc2bf95495acfc8d0a14d15307c49829b4b2a

SHA512
bee50cdaeb50c888bd7df7ed789983a47ce6a50ab8bbba006519640530de8744f164628e741be8cd106cc229de1ca5f63ce23f41e94343869e8ba1aadd840f41

Download Submit
\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\libugly_resampler_plugin.dll

Filesize
35KB

MD5
a3297b187aba1024501007bce77eeec4

SHA1
66b0d789f0fc6e465827bc372047ae1b57fb209c

SHA256
bf000179818fd3db857f7f46dca974698258fc11acf518fd77df4f5a9de05bbd

SHA512
8528aedc44bfb827fa2b5c9fe7c36152daa2e7c4cec32b8eabd8167dca4deadbe3dbd2b4723f00355a1f77cca1ff8c3275cc33c85454ef3e951a72bd1a6a407f

Download Submit
\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\libfloat_mixer_plugin.dll

Filesize
34KB

MD5
04a21f5ee0a9c27ca5e5dae050f3d275

SHA1
44835c934ec2a4e37a75023317798837e412e34f

SHA256
ef0fdefcf8af37c1ebaca95e79279907a389915d09e81da38fea9ff17afb1acc

SHA512
6fb0b523288c70f11cd1fae8bed774266956033352df6e9dea3f3881a9b971f0d13eddf9d6d124edccc4dc7ead9441749b091017b3f9ed2b33f887a1f8f660fa

Download Submit
\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\libinteger_mixer_plugin.dll

Filesize
36KB

MD5
d4f826e68b616cccc1de1e5ef07738b8

SHA1
e35d6657f4de4826d790c935f94ce41320d09b00

SHA256
1b64f39162f9918597019a89068edb9607caae194fd80b5367df08ed06ed5a78

SHA512
877df9980a3951d9f65983ddfac5df8026229e99618cd05b6c803e754074d760c5f4308cd54a1c7e7ba8f65ef684ea43eaa06ebebd4e1a38441ea9a63b47c956

Download Submit
\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_output\libdirectsound_plugin.dll

Filesize
46KB

MD5
46672363f47a25d69a5324045f4e8d63

SHA1
f0d65ad9301f953f7b604087d27ce3e600891250

SHA256
0a2f80092b426f11dbf54b10542d3d7b45d2e40fc575e8e0e73cdcca47b4885d

SHA512
24b52206390b04cb909a1da12b46294f2aa848a42c27a6d765e6666ffbf86f64bac929e9210723d5c537a11d015d2f556e39821d01310a328cf41c988a25146b

Download Submit
\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_output\libdirectsound_plugin.dll

Filesize
46KB

MD5
46672363f47a25d69a5324045f4e8d63

SHA1
f0d65ad9301f953f7b604087d27ce3e600891250

SHA256
0a2f80092b426f11dbf54b10542d3d7b45d2e40fc575e8e0e73cdcca47b4885d

SHA512
24b52206390b04cb909a1da12b46294f2aa848a42c27a6d765e6666ffbf86f64bac929e9210723d5c537a11d015d2f556e39821d01310a328cf41c988a25146b

Download Submit
\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\codec\libavcodec_plugin.dll

Filesize
9.5MB

MD5
4088b4e4ea76db97544c76ef7f2af08c

SHA1
c862b32ed75b8ad1c029edd2c0f492fcb689f8e6

SHA256
2d7aff56a160ac39f7b68b34eb1e25bbeee8fca6034fee8f278abd0fb3dbc0d8

SHA512
66f664a8fc270bc611cc1c247fbe9a2b26baa900b7b38a35ac2d232b6af694914667eb066139e1a889b33e226b845f74f615b48ef84eb626fcf3db137468087c

Download Submit
\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_filter\libswscale_plugin.dll

Filesize
528KB

MD5
416108272cc56d4036d5796fbb1b8f3c

SHA1
66a7bb238eb0d4ba6543a0046df5324a8833cceb

SHA256
7bf969f40afb0ae30da950059a10868e1a20c0d64ed7da11fa5c9c7e0a123bc4

SHA512
682062f8d3b012242b3f679a16f1e4edf62f7918864488f49fcc8ee5b938989ec6828417c0f771ec2835e11688ce024dc84dbc859c70daac2fff87fab28019fa

Download Submit
\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libdirect3d_plugin.dll

Filesize
78KB

MD5
350983ab596397b2d2703d658baeea8c

SHA1
63205b4238ba14871bc44c7b14b61c43ea509f19

SHA256
36f5f233c3c01c8ddbe330a760d28c0733fc512ba5097daba5c992742e0a6571

SHA512
b923e096a0f0460055d8f959ea496625e87a939b0c054fb2331508d8905a3c19ef7dd9a0d327144a70a1ded62cfb602c42637fa2be1de69b1a74f61101fb962e

Download Submit
\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libdrawable_plugin.dll

Filesize
36KB

MD5
6d9fa70a05698e9b6aa1c6074def16e8

SHA1
41b2e9aa0ed69a75a279cd3b57e5b4666e9ab991

SHA256
3ef1918ccb05373eb15f5298d083c1c0a8e171ed2ab321a6c2270f26c2185a5b

SHA512
a075bdba7c71664880549b6779d56fc5e354f1ed11eb1f50be68e4e6f81c7fc4b4ead6a7478e58c460f292aac02506d01d5c65a7b42cd4a65ef554b75a20eb01

Download Submit
\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libvmem_plugin.dll

Filesize
39KB

MD5
3dee8d41db28133b3d00bfdf0fd16eaf

SHA1
55f447676e8d94df25285155f6974583613395ed

SHA256
d6af06ae76f1409b16d2e781217b863a7b32d5ca953795f52d5aa54b0491272c

SHA512
6b222b39601210957082e490073b2d15caa0ccb94121385f4372a02f916a04d4c1824b0f897c875fa1a756d81d511f4ffa649dae7cc900c3746817e1049a67ac

Download Submit
\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libwingdi_plugin.dll

Filesize
64KB

MD5
ccc67f588880568bfd46c4b8140f41aa

SHA1
5d37e43434dc31d55624bfd481c816bd2a285b6d

SHA256
8f42dafb5528c09248478913ba39b6381128c28eace727b488d639f36e614a7d

SHA512
5ac2ae619bb27a4c8cd2fdbed454d930cb5ed8ffa134ab6e9eb84c156650955b7eb1ab4542e5477f7aebad95194dd0dd751dfc508781d9820079d8189ef45092

Download Submit
\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe

Filesize
1.9MB

MD5
7a98898adb4b2846f93c9e88e6eedbb1

SHA1
48fbbc81441b60b9ff1b0c292c5b19dd340bffb2

SHA256
849e844b529ac84d030d37f47168daf1e8ecfe6a6f9d33bd4a1d6cc6dfb95431

SHA512
169be05c0002082089e2dd5fe815487c7e9ce8e4f3cb3de326fde6bcdbc87dbc90f35dc86c366984869c431b9719d033845741fba97ef5109885eab8bb07d15b

Download Submit
\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe

Filesize
1.9MB

MD5
7a98898adb4b2846f93c9e88e6eedbb1

SHA1
48fbbc81441b60b9ff1b0c292c5b19dd340bffb2

SHA256
849e844b529ac84d030d37f47168daf1e8ecfe6a6f9d33bd4a1d6cc6dfb95431

SHA512
169be05c0002082089e2dd5fe815487c7e9ce8e4f3cb3de326fde6bcdbc87dbc90f35dc86c366984869c431b9719d033845741fba97ef5109885eab8bb07d15b

Download Submit
\Users\Admin\AppData\Local\Temp\nsy1D82.tmp\NSISHelper.dll

Filesize
400KB

MD5
b89033b44c504dae63789d45a5227599

SHA1
028a1085d322f6b92dc800bde144b0df868f1d30

SHA256
96a047d63d0be14f8fa112f72b40e7e7f562990e98a06e1488e07304b10206cd

SHA512
f0bfbb24efee489c992f274a77ec6c5ea0cff6a87e2bd0d4242b88373a154029d9738079e325d1a55b30b804c2c0e804b3256228a1c98535000c8af8860c8d19

Download Submit
\Users\Admin\AppData\Local\Temp\nsy1D82.tmp\NSISHelper.dll

Filesize
400KB

MD5
b89033b44c504dae63789d45a5227599

SHA1
028a1085d322f6b92dc800bde144b0df868f1d30

SHA256
96a047d63d0be14f8fa112f72b40e7e7f562990e98a06e1488e07304b10206cd

SHA512
f0bfbb24efee489c992f274a77ec6c5ea0cff6a87e2bd0d4242b88373a154029d9738079e325d1a55b30b804c2c0e804b3256228a1c98535000c8af8860c8d19

Download Submit
\Users\Admin\AppData\Local\Temp\nsy1D82.tmp\NSISHelper.dll

Filesize
400KB

MD5
b89033b44c504dae63789d45a5227599

SHA1
028a1085d322f6b92dc800bde144b0df868f1d30

SHA256
96a047d63d0be14f8fa112f72b40e7e7f562990e98a06e1488e07304b10206cd

SHA512
f0bfbb24efee489c992f274a77ec6c5ea0cff6a87e2bd0d4242b88373a154029d9738079e325d1a55b30b804c2c0e804b3256228a1c98535000c8af8860c8d19

Download Submit
\Users\Admin\AppData\Local\Temp\nsy1D82.tmp\NSISHelper.dll

Filesize
400KB

MD5
b89033b44c504dae63789d45a5227599

SHA1
028a1085d322f6b92dc800bde144b0df868f1d30

SHA256
96a047d63d0be14f8fa112f72b40e7e7f562990e98a06e1488e07304b10206cd

SHA512
f0bfbb24efee489c992f274a77ec6c5ea0cff6a87e2bd0d4242b88373a154029d9738079e325d1a55b30b804c2c0e804b3256228a1c98535000c8af8860c8d19

Download Submit
\Users\Admin\AppData\Local\Temp\nsy1D82.tmp\NSISHelper.dll

Filesize
400KB

MD5
b89033b44c504dae63789d45a5227599

SHA1
028a1085d322f6b92dc800bde144b0df868f1d30

SHA256
96a047d63d0be14f8fa112f72b40e7e7f562990e98a06e1488e07304b10206cd

SHA512
f0bfbb24efee489c992f274a77ec6c5ea0cff6a87e2bd0d4242b88373a154029d9738079e325d1a55b30b804c2c0e804b3256228a1c98535000c8af8860c8d19

Download Submit
\Users\Admin\AppData\Local\Temp\nsy1D82.tmp\NSISHelper.dll

Filesize
400KB

MD5
b89033b44c504dae63789d45a5227599

SHA1
028a1085d322f6b92dc800bde144b0df868f1d30

SHA256
96a047d63d0be14f8fa112f72b40e7e7f562990e98a06e1488e07304b10206cd

SHA512
f0bfbb24efee489c992f274a77ec6c5ea0cff6a87e2bd0d4242b88373a154029d9738079e325d1a55b30b804c2c0e804b3256228a1c98535000c8af8860c8d19

Download Submit
\Users\Admin\AppData\Local\Temp\nsy1D82.tmp\NSISHelper.dll

Filesize
400KB

MD5
b89033b44c504dae63789d45a5227599

SHA1
028a1085d322f6b92dc800bde144b0df868f1d30

SHA256
96a047d63d0be14f8fa112f72b40e7e7f562990e98a06e1488e07304b10206cd

SHA512
f0bfbb24efee489c992f274a77ec6c5ea0cff6a87e2bd0d4242b88373a154029d9738079e325d1a55b30b804c2c0e804b3256228a1c98535000c8af8860c8d19

Download Submit
\Users\Admin\AppData\Local\Temp\nsy1D82.tmp\NSISHelper.dll

Filesize
400KB

MD5
b89033b44c504dae63789d45a5227599

SHA1
028a1085d322f6b92dc800bde144b0df868f1d30

SHA256
96a047d63d0be14f8fa112f72b40e7e7f562990e98a06e1488e07304b10206cd

SHA512
f0bfbb24efee489c992f274a77ec6c5ea0cff6a87e2bd0d4242b88373a154029d9738079e325d1a55b30b804c2c0e804b3256228a1c98535000c8af8860c8d19

Download Submit
\Users\Admin\AppData\Local\Temp\nsy1D82.tmp\NSISHelper.dll

Filesize
400KB

MD5
b89033b44c504dae63789d45a5227599

SHA1
028a1085d322f6b92dc800bde144b0df868f1d30

SHA256
96a047d63d0be14f8fa112f72b40e7e7f562990e98a06e1488e07304b10206cd

SHA512
f0bfbb24efee489c992f274a77ec6c5ea0cff6a87e2bd0d4242b88373a154029d9738079e325d1a55b30b804c2c0e804b3256228a1c98535000c8af8860c8d19

Download Submit
\Users\Admin\AppData\Local\Temp\nsy1D82.tmp\NSISHelper.dll

Filesize
400KB

MD5
b89033b44c504dae63789d45a5227599

SHA1
028a1085d322f6b92dc800bde144b0df868f1d30

SHA256
96a047d63d0be14f8fa112f72b40e7e7f562990e98a06e1488e07304b10206cd

SHA512
f0bfbb24efee489c992f274a77ec6c5ea0cff6a87e2bd0d4242b88373a154029d9738079e325d1a55b30b804c2c0e804b3256228a1c98535000c8af8860c8d19

Download Submit
\Users\Admin\AppData\Local\Temp\nsy1D82.tmp\NSISHelper.dll

Filesize
400KB

MD5
b89033b44c504dae63789d45a5227599

SHA1
028a1085d322f6b92dc800bde144b0df868f1d30

SHA256
96a047d63d0be14f8fa112f72b40e7e7f562990e98a06e1488e07304b10206cd

SHA512
f0bfbb24efee489c992f274a77ec6c5ea0cff6a87e2bd0d4242b88373a154029d9738079e325d1a55b30b804c2c0e804b3256228a1c98535000c8af8860c8d19

Download Submit
\Users\Admin\AppData\Local\Temp\nsy1D82.tmp\System.dll

Filesize
12KB

MD5
0d7ad4f45dc6f5aa87f606d0331c6901

SHA1
48df0911f0484cbe2a8cdd5362140b63c41ee457

SHA256
3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

SHA512
c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

Download Submit
\Users\Admin\AppData\Local\Temp\nsy1D82.tmp\UserInfo.dll

Filesize
4KB

MD5
9eb662f3b5fbda28bffe020e0ab40519

SHA1
0bd28183a9d8dbb98afbcf100fb1f4f6c5fc6c41

SHA256
9aa388c7de8e96885adcb4325af871b470ac50edb60d4b0d876ad43f5332ffd1

SHA512
6c36f7b45efe792c21d8a87d03e63a4b641169fad6d014db1e7d15badd0e283144d746d888232d6123b551612173b2bb42bf05f16e3129b625f5ddba4134b5b8

Download Submit
\Users\Admin\AppData\Local\Temp\nsy1D82.tmp\nsDialogs.dll

Filesize
9KB

MD5
466179e1c8ee8a1ff5e4427dbb6c4a01

SHA1
eb607467009074278e4bd50c7eab400e95ae48f7

SHA256
1e40211af65923c2f4fd02ce021458a7745d28e2f383835e3015e96575632172

SHA512
7508a29c722d45297bfb090c8eb49bd1560ef7d4b35413f16a8aed62d3b1030a93d001a09de98c2b9fea9acf062dc99a7278786f4ece222e7436b261d14ca817

Download Submit
\Users\Admin\AppData\Local\Temp\nsy1D82.tmp\nsisdl.dll

Filesize
15KB

MD5
ba2cc9634ebed71cea697a31144af802

SHA1
8221c522b24f4808f66a476381db3e6455eab5c3

SHA256
9a3c2fe5490c34f73f1a05899ef60cfef05e0c9599cd704e524ef7a46ead67ba

SHA512
dcc74bcedd9402f7ac7e2d1872fe0e2876ae93cf8bbd869d5b9b7b56cea244ba8d2891fa2b51382092b86480337936f5ec495d9005d47fbfd9e2b71cb7f6ba8f

Download Submit
memory/828-54-0x0000000075AC1000-0x0000000075AC3000-memory.dmp

Filesize
8KB

Download
memory/1740-74-0x000007FEFC001000-0x000007FEFC003000-memory.dmp

Filesize
8KB

Download