aurora | 9d2321341dc5804543514a81cab9aac8dbc52466c77bad98a3835819cb9d9c7d

Analysis

max time kernel
117s
max time network
151s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
13-02-2023 09:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8fef3a062676cda862c7a3281f7c672f.exe
Size

29.5MB
MD5

8fef3a062676cda862c7a3281f7c672f
SHA1

ec2d8e9278fb366d338f7c94d601f51c1db2e3a5
SHA256

9d2321341dc5804543514a81cab9aac8dbc52466c77bad98a3835819cb9d9c7d
SHA512

6f05faeb7dc04ee8adb2fa49cc4dfc0358edd2653a15600609826526fa352107df7cdd333141fcfc4c33c2b6cae087fe6ef44d48887add0b3fd3032ba6215c01
SSDEEP

786432:uZuA/ghq/LEGnD351tC9Tv55/DEhSslNRb6tg4dg9TqnQ:uz/g0N1kz55/0Sslveddg9UQ

Score

10^/10

aurora babadeda crypter discovery loader spyware stealer

Malware Config

Extracted

Family

aurora

185.106.93.247:8081

Signatures

Aurora
Aurora is a crypto wallet stealer written in Golang.
stealer aurora
Babadeda
Babadeda is a crypter delivered as a legitimate installer and used to drop other malware families.
loader crypter babadeda

Babadeda Crypter 1 IoCs

resource	yara_rule
behavioral1/memory/556-130-0x0000000073140000-0x00000000734B1000-memory.dmp	family_babadeda

Executes dropped EXE 1 IoCs

pid	Process
556	SUMo.exe

Loads dropped DLL 11 IoCs

pid	Process
2008	MsiExec.exe
1756	MsiExec.exe
1756	MsiExec.exe
1756	MsiExec.exe
1756	MsiExec.exe
556	SUMo.exe
556	SUMo.exe
556	SUMo.exe
556	SUMo.exe
556	SUMo.exe
556	SUMo.exe

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials in Files
T1081
Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
spyware

Data from Local System
T1005

Credentials in Files
T1081
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Enumerates connected drives 3 TTPs 64 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\A:	msiexec.exe
File opened (read-only)	\??\K:	msiexec.exe
File opened (read-only)	\??\L:	msiexec.exe
File opened (read-only)	\??\S:	msiexec.exe
File opened (read-only)	\??\F:	msiexec.exe
File opened (read-only)	\??\N:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\R:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\S:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\X:	msiexec.exe
File opened (read-only)	\??\Y:	msiexec.exe
File opened (read-only)	\??\L:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\H:	msiexec.exe
File opened (read-only)	\??\Q:	msiexec.exe
File opened (read-only)	\??\E:	msiexec.exe
File opened (read-only)	\??\P:	msiexec.exe
File opened (read-only)	\??\V:	msiexec.exe
File opened (read-only)	\??\V:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\F:	msiexec.exe
File opened (read-only)	\??\Z:	msiexec.exe
File opened (read-only)	\??\G:	msiexec.exe
File opened (read-only)	\??\S:	msiexec.exe
File opened (read-only)	\??\X:	msiexec.exe
File opened (read-only)	\??\E:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\G:	msiexec.exe
File opened (read-only)	\??\M:	msiexec.exe
File opened (read-only)	\??\Y:	msiexec.exe
File opened (read-only)	\??\B:	msiexec.exe
File opened (read-only)	\??\R:	msiexec.exe
File opened (read-only)	\??\U:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\W:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\R:	msiexec.exe
File opened (read-only)	\??\H:	msiexec.exe
File opened (read-only)	\??\T:	msiexec.exe
File opened (read-only)	\??\B:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\M:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\T:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\Q:	msiexec.exe
File opened (read-only)	\??\Q:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\E:	msiexec.exe
File opened (read-only)	\??\J:	msiexec.exe
File opened (read-only)	\??\O:	msiexec.exe
File opened (read-only)	\??\K:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\O:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\Y:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\N:	msiexec.exe
File opened (read-only)	\??\O:	msiexec.exe
File opened (read-only)	\??\J:	msiexec.exe
File opened (read-only)	\??\P:	msiexec.exe
File opened (read-only)	\??\U:	msiexec.exe
File opened (read-only)	\??\B:	msiexec.exe
File opened (read-only)	\??\N:	msiexec.exe
File opened (read-only)	\??\Z:	msiexec.exe
File opened (read-only)	\??\F:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\X:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\Z:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\K:	msiexec.exe
File opened (read-only)	\??\U:	msiexec.exe
File opened (read-only)	\??\L:	msiexec.exe
File opened (read-only)	\??\M:	msiexec.exe
File opened (read-only)	\??\G:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\I:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\T:	msiexec.exe
File opened (read-only)	\??\V:	msiexec.exe
File opened (read-only)	\??\W:	msiexec.exe

Maps connected drives based on registry 3 TTPs 2 IoCs

Disk information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum	SUMo.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\services\Disk\Enum\0	SUMo.exe

Drops file in Windows directory 10 IoCs

description	ioc	Process
File opened for modification	C:\Windows\Installer\MSI126B.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\MSI1327.tmp	msiexec.exe
File created	C:\Windows\Installer\6c0f8e.ipi	msiexec.exe
File opened for modification	C:\Windows\Installer\	msiexec.exe
File opened for modification	C:\Windows\Installer\6c0f8c.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\MSI1037.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\MSI11FD.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\MSI1F0A.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\6c0f8e.ipi	msiexec.exe
File created	C:\Windows\Installer\6c0f8c.msi	msiexec.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
932	msiexec.exe
932	msiexec.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeRestorePrivilege	932	msiexec.exe
Token: SeTakeOwnershipPrivilege	932	msiexec.exe
Token: SeSecurityPrivilege	932	msiexec.exe
Token: SeCreateTokenPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeAssignPrimaryTokenPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeLockMemoryPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeIncreaseQuotaPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeMachineAccountPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeTcbPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeSecurityPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeTakeOwnershipPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeLoadDriverPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeSystemProfilePrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeSystemtimePrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeProfSingleProcessPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeIncBasePriorityPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeCreatePagefilePrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeCreatePermanentPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeBackupPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeRestorePrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeShutdownPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeDebugPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeAuditPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeSystemEnvironmentPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeChangeNotifyPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeRemoteShutdownPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeUndockPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeSyncAgentPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeEnableDelegationPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeManageVolumePrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeImpersonatePrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeCreateGlobalPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeCreateTokenPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeAssignPrimaryTokenPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeLockMemoryPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeIncreaseQuotaPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeMachineAccountPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeTcbPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeSecurityPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeTakeOwnershipPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeLoadDriverPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeSystemProfilePrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeSystemtimePrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeProfSingleProcessPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeIncBasePriorityPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeCreatePagefilePrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeCreatePermanentPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeBackupPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeRestorePrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeShutdownPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeDebugPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeAuditPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeSystemEnvironmentPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeChangeNotifyPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeRemoteShutdownPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeUndockPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeSyncAgentPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeEnableDelegationPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeManageVolumePrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeImpersonatePrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeCreateGlobalPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeCreateTokenPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeAssignPrimaryTokenPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeLockMemoryPrivilege	1612	8fef3a062676cda862c7a3281f7c672f.exe

Suspicious use of FindShellTrayWindow 4 IoCs

pid	Process
1612	8fef3a062676cda862c7a3281f7c672f.exe
1968	msiexec.exe
1968	msiexec.exe
556	SUMo.exe

Suspicious use of WriteProcessMemory 45 IoCs

description	pid	Process	procid_target
PID 932 wrote to memory of 2008	932	msiexec.exe	28
PID 932 wrote to memory of 2008	932	msiexec.exe	28
PID 932 wrote to memory of 2008	932	msiexec.exe	28
PID 932 wrote to memory of 2008	932	msiexec.exe	28
PID 932 wrote to memory of 2008	932	msiexec.exe	28
PID 932 wrote to memory of 2008	932	msiexec.exe	28
PID 932 wrote to memory of 2008	932	msiexec.exe	28
PID 1612 wrote to memory of 1968	1612	8fef3a062676cda862c7a3281f7c672f.exe	29
PID 1612 wrote to memory of 1968	1612	8fef3a062676cda862c7a3281f7c672f.exe	29
PID 1612 wrote to memory of 1968	1612	8fef3a062676cda862c7a3281f7c672f.exe	29
PID 1612 wrote to memory of 1968	1612	8fef3a062676cda862c7a3281f7c672f.exe	29
PID 1612 wrote to memory of 1968	1612	8fef3a062676cda862c7a3281f7c672f.exe	29
PID 1612 wrote to memory of 1968	1612	8fef3a062676cda862c7a3281f7c672f.exe	29
PID 1612 wrote to memory of 1968	1612	8fef3a062676cda862c7a3281f7c672f.exe	29
PID 932 wrote to memory of 1756	932	msiexec.exe	30
PID 932 wrote to memory of 1756	932	msiexec.exe	30
PID 932 wrote to memory of 1756	932	msiexec.exe	30
PID 932 wrote to memory of 1756	932	msiexec.exe	30
PID 932 wrote to memory of 1756	932	msiexec.exe	30
PID 932 wrote to memory of 1756	932	msiexec.exe	30
PID 932 wrote to memory of 1756	932	msiexec.exe	30
PID 932 wrote to memory of 556	932	msiexec.exe	31
PID 932 wrote to memory of 556	932	msiexec.exe	31
PID 932 wrote to memory of 556	932	msiexec.exe	31
PID 932 wrote to memory of 556	932	msiexec.exe	31
PID 556 wrote to memory of 1144	556	SUMo.exe	32
PID 556 wrote to memory of 1144	556	SUMo.exe	32
PID 556 wrote to memory of 1144	556	SUMo.exe	32
PID 556 wrote to memory of 1144	556	SUMo.exe	32
PID 556 wrote to memory of 1912	556	SUMo.exe	35
PID 556 wrote to memory of 1912	556	SUMo.exe	35
PID 556 wrote to memory of 1912	556	SUMo.exe	35
PID 556 wrote to memory of 1912	556	SUMo.exe	35
PID 1912 wrote to memory of 1896	1912	cmd.exe	37
PID 1912 wrote to memory of 1896	1912	cmd.exe	37
PID 1912 wrote to memory of 1896	1912	cmd.exe	37
PID 1912 wrote to memory of 1896	1912	cmd.exe	37
PID 556 wrote to memory of 680	556	SUMo.exe	38
PID 556 wrote to memory of 680	556	SUMo.exe	38
PID 556 wrote to memory of 680	556	SUMo.exe	38
PID 556 wrote to memory of 680	556	SUMo.exe	38
PID 680 wrote to memory of 1184	680	cmd.exe	40
PID 680 wrote to memory of 1184	680	cmd.exe	40
PID 680 wrote to memory of 1184	680	cmd.exe	40
PID 680 wrote to memory of 1184	680	cmd.exe	40

C:\Users\Admin\AppData\Local\Temp\8fef3a062676cda862c7a3281f7c672f.exe
"C:\Users\Admin\AppData\Local\Temp\8fef3a062676cda862c7a3281f7c672f.exe"
1⤵
- Enumerates connected drives
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:1612
- C:\Windows\SysWOW64\msiexec.exe
  "C:\Windows\system32\msiexec.exe" /i "C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\md.msi" AI_SETUPEXEPATH=C:\Users\Admin\AppData\Local\Temp\8fef3a062676cda862c7a3281f7c672f.exe SETUPEXEDIR=C:\Users\Admin\AppData\Local\Temp\ EXE_CMD_LINE="/exenoupdates /forcecleanup /wintime 1676278695 " AI_EUIMSI=""
  2⤵
  - Enumerates connected drives
  - Suspicious use of FindShellTrayWindow
  PID:1968

C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
1⤵
- Enumerates connected drives
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:932
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding CEDF51F47134245C91C012D0C181A403 C
  2⤵
  - Loads dropped DLL
  PID:2008
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 05B281C227F5A3A4FCF129A84DC1814A
  2⤵
  - Loads dropped DLL
  PID:1756
- C:\Users\Admin\AppData\Local\Magic Desktop\SUMo.exe
  "C:\Users\Admin\AppData\Local\Magic Desktop\SUMo.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Maps connected drives based on registry
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:556
- - C:\Windows\SysWOW64\Wbem\wmic.exe
    wmic os get Caption
    3⤵
    PID:1144
- - C:\Windows\SysWOW64\cmd.exe
    cmd /C "wmic path win32_VideoController get name"
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:1912
  - - C:\Windows\SysWOW64\Wbem\WMIC.exe
      wmic path win32_VideoController get name
      4⤵
      PID:1896
- - C:\Windows\SysWOW64\cmd.exe
    cmd /C "wmic cpu get name"
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:680
  - - C:\Windows\SysWOW64\Wbem\WMIC.exe
      wmic cpu get name
      4⤵
      PID:1184

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

T1081

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\MSIC51.tmp

Filesize
559KB

MD5
7380aa7a4eafd17c21cf315ae35fe288

SHA1
886747c7526627898bd36ff8b85869c9bf6718fc

SHA256
dba4ba13c058f89a92ff5afb2e9c77688bce5909499238b5c396d4308071ed88

SHA512
c4976712429d715adb7b4379d6e339e76557897117df2f9a920283ece5ca5bdabbf5ce0c3cda162a0a54bfc29ec8b979195689309a47ab00d800595e290f69a1

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000411.SPK

Filesize
25KB

MD5
a0cd0621342dcd89f0a07bf0f0b43497

SHA1
43d120e9ed7d77879823d31fb30c492b9aad7cdf

SHA256
1cca56735fc3b085641bd4a4ca39d8538eef28889827936fd1be3f1664859202

SHA512
c253ac805bef8eb6c81b056df93ea5250dacf703e5c96c861649351dafb8dc7d61a07290f20eac64191f6e9369adc06208ab14aa4b23b8689c55c822462cf917

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000412.SPK

Filesize
18KB

MD5
b2c2252e465425ed73985675e92d4736

SHA1
4ef054acc17cfd748da8256d09bcba937c98ac72

SHA256
8757f0801c5f6cc0fc81e69254922623f891729c74422d0e34d334f48545cb38

SHA512
5692b280ac6b650a87fda1c3bcc9a398c3225e76cefb261292a35760e26851eb654441f51140848a136fd1775f3f03fe6b7ed9779db3e7b05d8df67e145263a1

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000413.SPK

Filesize
26KB

MD5
7a60015341a6e25a4da8f2513399a735

SHA1
957cc8d715c3892200b7eb7a5fc8df0adbb58efb

SHA256
434ed013e46ea5a7c05c7481ad8cf45e0eb5908cdd94ed863ea6fe405cce129d

SHA512
e2cfccc8eb77d819ee7ca3677198ca79a0129f3ac0e63c94314a11266f1514917969047020500eba14b281bc3825aa022727e99063b550e14a5d772e256d72aa

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000415.SPK

Filesize
21KB

MD5
042a26f0347aa7206779d81b2912bc6f

SHA1
1dbf0c0c4b1bb9e5985b0b137251dd6aabcfa43b

SHA256
cbcf617f7c0b3af2b8ebdf76ba51ff55d956bc97eeee05c9aed25ed027d61cfa

SHA512
e70737832ec3bc347f84023f69b3842b790bfa9fa3f5e7f783236d873bfc53db6608299b995fc0a92ee0cb9116412adad18c159a4c046f0d1a93bbcaec401c3c

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000416.SPK

Filesize
25KB

MD5
02639c0b531caede2b2072fc6826edad

SHA1
0530750bf3a4a951725eea2d644c30dca6132dfb

SHA256
2201e0453240ba3cebeb5be37d9aa15517b51ad04acde6b5ebb148383cd7c443

SHA512
440095237eeb07ffbf5cb9787be0285ed1baba1b48ad845b3be29435b9b46c28a4febddf3c1539c4df8004d471e216839421b2496ae33193622eee8a18c748ef

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000418.SPK

Filesize
24KB

MD5
b388d2cfd162ba73d75d5f44042ccb1d

SHA1
0258c34a2017d163f388cec88b349c35c7a0cff8

SHA256
64255df648940ab13a3bd55d7fbc1448f5a1abb1d1cd1ecd890d73f17f3635e1

SHA512
e85ffda3074471f0775708f96cb478a93cf630611593b0c0c5f4df2745214ee897ab83ce830db2da192e88f8822562e4a02d4a03f9662886a91607fc2d6a0ea1

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000419.SPK

Filesize
27KB

MD5
1160933a76e0ec4fd23447423540380b

SHA1
bf94e5777b0d85b864cc0e2349823c96132e202d

SHA256
e89895bad4ebc80c1a063fb34632720f0cb5aed88833e146ab9c2e547a8cd33c

SHA512
55ca2d98686591c9de5ddcb435c2f9eaf8a76dec288857c3f06c42def02f0c3aeab65f0657f400a8d08f5b2a2a7880ddd7ee345e3cd3250b2b07e9d76db2e210

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000422.SPK

Filesize
24KB

MD5
913b77afdf0717a7092a5203842fb477

SHA1
5e0fe351338f066508b3c2387fe9202bcf3859bf

SHA256
649a5425c79e1e6aadea0971222638cedf99c522595fa30528a8860d32a88fbf

SHA512
0340efb89431cd803a642f3ea8b81e4e882d9d33aedd30329db08214118de6f489fd87a35ef8a70cdfabcae6b0cec234b86687e16a6b56a15e38024b72b8788b

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000424.SPK

Filesize
26KB

MD5
dbed70e56af564a37603f16d32951dff

SHA1
7ad82597da16b01f1f76fd134b7d0f5082b2c805

SHA256
47ec8a1365bc0d8eec441923734b8123d6cd9df37b168a9eb706714480a56f51

SHA512
1b393f570a6ecacc2fb42b50d8b267b7eda0d307e9ccfaa572ca0080b44d55d1b8b3350263ac73cb21d3f8f27c019809d15b474b2901a60fbc6ef465b8b22120

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000425.SPK

Filesize
22KB

MD5
fabd351c936c7a6b757779f13f5707b5

SHA1
1c6defb61d9efeea665d12bebeebdf36017871ea

SHA256
7d984899c467bb13b4057d1f96db88a182d9f24b3693c534304caff0446b8be2

SHA512
5acfa822acce5b8bf70de1380eb2b1e39a18c4139eca06c6521007e33c31653532fc4a7bba7eedf70bf00ec5795e18f2628739c713a97df4b146459641fb6297

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000427.SPK

Filesize
23KB

MD5
953853724b9db696dc2eadd9e4cb2126

SHA1
ca5c486c5e8aaa982281e3b203f0ffc8e5749de3

SHA256
6cadeaab7b52fa31d19d5b4a1959da631da92ee5f88bc3e8284bee7a3967cd33

SHA512
3b8d91d7d0980a0b2af0540a73c0c342547dde38f8466d87c57fa14f8a23117cd4cfd87a49b99bea33bff76fd3d96a74737b4a787a074a93c7a1d14f3a4e34c8

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000804.SPK

Filesize
24KB

MD5
a0a6d9285e19f4643796dcb91fd900dc

SHA1
0e4e689226b37ead2b24af1512ba6546b39b40fe

SHA256
a4e53483b8dc4cf2b247e73a33fb01d9f312ec61f69d32c4b4c01a0512760bfb

SHA512
d031c7ce25bdd856ef83f7d52ab83cf2aea171b0a18a8584274f517a795c098aba00de548d23015c5584d31c4e22669073dd78afa45e775862ff34a79c4aa25f

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000814.SPK

Filesize
19KB

MD5
da9df95dda95e1fe352bd7b854a33890

SHA1
06634a8f3a0176e6d7b934cdf4752cc4012c775e

SHA256
ebba5750cef9a457023f4e8713c85174497751ea7c65bf5d8d80fb55375dfbd7

SHA512
7ae49f97153d898399d4a51eab4c700d7522ec1d72c0ff680f2c2bb5213d77ae1a810db8db7105c24b5b57b0084a2dd723d24c70b40568bebdaaa856f986fd26

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000816.SPK

Filesize
27KB

MD5
6340816924e9894eab687c2f5ae35b5f

SHA1
482e6672f417d418938d8d8385ceea04b373a6fe

SHA256
a881dc695a24fef491364a0126531e3480e0ea7bd73429e8092c9eea6dd5d107

SHA512
933e210e84dfdf776730b1914e52fe1fb696963bb0f34cd576f90341577e3c29f90a733d98fa2c1e469c029bc1c8eea30a300724ffb4188387fc23617bdc1405

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_ORIGINAL.SPK

Filesize
21KB

MD5
9a4512ee5dbc43f3743c285ee22ae8f6

SHA1
6462674328fb9e21f3320eaa5d70c167dd36f8ef

SHA256
dd6acc6ca924732a0b0190ae362fd7830aa45648b5eb6a64e3a5a58871c26347

SHA512
5624b78a8c24f7aa07b96994cb761330a723a4a989b8e7d9083326f9e149ca42de802985d94afb99039a2046ed15ea28ab54af0ef9a09397870dd342910256e1

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Screen Savers\Magic Castle\WizardScr_1.swf

Filesize
624KB

MD5
f613ec2dcc859061eb73e05728c4ce04

SHA1
0445dbb0d000ebb8917d23ed267d4e2d9f94e980

SHA256
95ed0f6c585e8cb95f0223300741c4c3e4d2f953dca5782456c4129233d58234

SHA512
ce79e1679eeecb7fce7a6b1d0c750a8f5d1e1a66525e41b432c6631ac5580d0a79d4eb07741f1a82fe9d559cdd0346b997140fcac879503dcaecb9fc98d4339a

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Screen Savers\Magic Castle\WizardScr_2.swf

Filesize
518KB

MD5
387737e9a0842e792cb534be6db8ae5b

SHA1
af9e9577fbad8bbd0782ef3058d02bda4e7deeca

SHA256
9a53e5649afd5ad7cff3fbf11293802decb48cc132ab28fff20813025e3fc610

SHA512
b3ba7c89ab1eb8eee9a1249733e0752a98b18a9143341833159ffb5bf47989d8b107dd4cccd9cdc11a20c32b3882919b96f8508594676796e2dad5f37843be2c

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Screen Savers\Magic Castle\WizardScr_3.swf

Filesize
276KB

MD5
7d590392405c884321428692f984b1c6

SHA1
bd02f9f77efdfd96a3274f0ccddc376b3b13bdf3

SHA256
41a4d832dde594ca57a715a8bb667dc9c637f73a2a06a78f49d98970d071a5cb

SHA512
ee30ef7ea611e4d1ba746985e30ee14ecca9a2c360e39c6a5f0210d2b7dd379837cb4dd365e432d63c44e4f61a4ee48c3adaf4b77790deb429087819a61cc686

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Screen Savers\Magic Castle\WizardScr_4.swf

Filesize
376KB

MD5
eb2855a5f261a2a6049e9667c08f59a0

SHA1
b6295edb29b76c2c30ae90711679cfe0e2a6b92b

SHA256
60c922307c5e214ae86b0a4ce344fcc3c1eefe13b566feae161e275b3b1616fc

SHA512
d454698f2cc7e16ede630f84a643356900ed054e449daa2c741757bb376c7ec1e3123730cf738152d38fea221d7fa6b60848a0d7fe5677d367e7316c9c13be37

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Screen Savers\Magic Castle\default.htm

Filesize
546B

MD5
e26e4f2be744fa3ba2f72a3fda255b4a

SHA1
8f2adba630472e1036bd8d5360288fd1495e0cf7

SHA256
55708b223808f4ffc6ec49249a52bff5d249b683c0dd9d292c248c25a51b2981

SHA512
21f8f2df2e488224384b448f6424da3822ca411598e04e31ea0c298cf4eac0f6cd160ff31782d2f1e609aa8b0a7f3efe1d194b5d9f8eb4b99f20f8f5730f2118

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Screen Savers\Magic Castle\ezScreenSaver.swf

Filesize
98KB

MD5
38d62a9224eff28cb611ae65711f1c85

SHA1
851054986feb04fdb34d578b93ba3a866a882c77

SHA256
6d8506499a169dc20d83a34313eeb437ccee7ca973366cad8f072aed0e442576

SHA512
a10082c8ff28343467ca27c4d53d0161b73c0b6f77d2db141a751f748c1dce9f96dc93470998abd0d4cf999f91f10d2eeeb8f9f2273880092484f2cd2d5bca9d

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Screen Savers\ezScrSvr.dat

Filesize
139B

MD5
c853406876edc4af968c0fe8ac389a84

SHA1
2ac07a682faded4e19fa53c1071abfbbe94aa1e0

SHA256
0173034a264ccbefe4855731da222c0e7c58a633c37dfabbee70338b48835801

SHA512
20d51300a852648b2b59327c41955145bcfe0b60c0b8db70fafa63c31819eb7cea0db775dc769fc74217619dc8a80b45ea3605b85d89cadc14d804260e6302b5

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default.dat

Filesize
158B

MD5
aea1e024bb478d3ea6dcac03f7c620a3

SHA1
bb2934faa925700418a76b6ffa0d1c28da3fb7fa

SHA256
9eda6d6c394f6ec73e886bf9d12c4b86ab9cd0296acc6c28f299f465e4bf01d8

SHA512
f66e1ca73988b57fcb10cea3515bfce5f37964f86072435e07e0a70e47641f9beca3fd351523124b1e72025fa744c1aa836c7862c0c56eaaf8e12a88a1c6f81b

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default\Alert2.wav

Filesize
88KB

MD5
bb8104f73344d925a73e12c1e78ea461

SHA1
a9c2c7d92ac2dd3a08549804dd31083c3f20b6f2

SHA256
a9f435650a3cf0a776db28085d24e9f9f59cf177567765502c32252a7ae4501a

SHA512
79b31ab3b3832b8d370799333f77b2afe8439208cbb0630e9b580d70ba55277f69e98429f9d564d9e4ed1ce2326dbe7f785aea9fc025aef0c67cc06a862413f4

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default\BookItemHover.wav

Filesize
16KB

MD5
c5663579b6ff35149786c38577c4beef

SHA1
52860c3a828016bec8416d09f50c3e3092ffd189

SHA256
e48347c77019945b3cdba802928b2fd08e72f861b7fa41bc6d49c4ec976410c0

SHA512
ccfbad08aa32825cab2818f38736ca508b4379ff5456de53d618f596c8f895c3b4aceb7c83e87480c7261d0de93efced0a5f4184f759cd2261dfb3fcd2f18f8c

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default\CallOutInfo.wav

Filesize
150KB

MD5
86427827deb4d909b56d8f5fce84686a

SHA1
02bee5114c863f20ed8a8d76fc248732f3e770b4

SHA256
2ccb80316e42435927cd71699e9e8a1bdb2d818df1900c16289566ea8ff000ad

SHA512
e5b7e51ead5c370f669a23b68f36912bd56388bda24a9adc65fd092b6f86a7eba51d3a958630a2c17ccbc14cec180d3ff87f02ff8bb6f8367df34cdfa49c5bce

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default\ChangeTheme.wav

Filesize
52KB

MD5
6d1939a28c5cb616bb0d6a7dbd5a58cf

SHA1
3d527941d16299c5355491a7aa0e7e2666b5d5f0

SHA256
57765650a33e689f4efc8d110548b6234ec4c6d44021ff392e5dbbc84d21a554

SHA512
04147b7f1ffd04501644ce176472c0a7c68b8622054e063dec248be650f540969852d03eb29797561531988d4b0545d7f8b93002cc92e18f989eb93eb503543e

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default\CloseBook.wav

Filesize
90KB

MD5
d9464a693bbbc1de2a7c39ac3bc1fcbc

SHA1
b578064d1211334e43a3063e914f70b2df502e4f

SHA256
b773e31d17b344f9c7939f97e8854e9d5b1a27996938e4659b8a2a2139582ba8

SHA512
17bbe962a4e08e50c92ca06942647a9a07374d028f137324eb66914362f430bfcb73bb7c8df32d697f692b723533abd169cb4a254e48095c3bc041519b4c9907

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default\ControlHover.wav

Filesize
11KB

MD5
15485dca6038e70708089a0ef7bda328

SHA1
e7764fd673532105e7127b365eb491f0ccaa3588

SHA256
f5e3b61a2334fd2f2462d9b79f0deb660ec0bf0d41c0e272723cf01b783c68dd

SHA512
9cdcf6db3cdb96d6f3837516a7c902f4228a648038c544db77a9cb8d380ef8ae653bd2d9f35c9114b18e8bb05fcda78afdbb712ef7261a3e5185d2650ed2ce04

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default\EnterPassword.wav

Filesize
108KB

MD5
7c3c8f70dde06fedbadcb48e701e6efc

SHA1
d532d2623dc036dc5b1e540960db88fff6fceb5b

SHA256
fa73fc064267fb1b7efe57095d1c8e11e54e175381ed5e4eb09afcce9484a75a

SHA512
714d34e7f4cf229c72cbd3c9aa3e0ad831f092c7cb3630e4fbde026fade3a64d3568824484ce157296db89505c84aecaf83a5b0092bd0c6b794fd0854dcff18e

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default\FlipBookPage.wav

Filesize
49KB

MD5
ed87eff4ed9d267906eb89421d5c086c

SHA1
b4a0b09ace19b6928dcd91750d883bef858397f4

SHA256
13ef4c4e9d6aa1ddd6e7150688295650a7c3fa4f858e4d1068e2263af50be683

SHA512
3a6eb83ca1aef367bc1477cae92200cd86967f6c4f2c74781814b11bb58d67937af8b33872a326d5cf830c641bb4973df2da967dcf8b627a03f6e44b51705023

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default\Logoff.wav

Filesize
211KB

MD5
614e553567e79aa1c19631f971972c38

SHA1
62c7e8f10fd4e6a4e3477d541e9339a50f9221ba

SHA256
fdde2ff9ba355bad92de0b23957c422987c44d6ad75de2f4116ac25981ae29ff

SHA512
b409469d6dc12dd08c18b60d2a116af696f2ed74704cc5897b733412f4e10e5d86df1a4a7b1700bfb4228946d1396a44efe34f39eb29479d27f0bf8052852968

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default\Logon.wav

Filesize
222KB

MD5
a824beee2910d5ffb6f036c0bcb35d04

SHA1
f0c90276ed1216cc37e80e80b121fca70603fdbf

SHA256
aaff0be8e11512ad6131a4b15a7b3ed85e4ff008ded48985c75b21c5580fc79c

SHA512
39451238929c375b4f0872d5f1e3c513d2cf9fabfa741ef5b9999c226e27abf6553bcba3feda4639230ddf1ec1eecfb7705e3bf4cfa012574bf6070485230437

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default\OpenBook.wav

Filesize
121KB

MD5
dc3f6c7b307f91504e38cf0b32e757d1

SHA1
81f57454cea45927d70435796e783d080f35dd2f

SHA256
92623395bd284cf788b6e2e8eaf6515b99f4e26160c77752b5beb512862b836c

SHA512
98611be70727f8be8d1a04ca98dc810753d256520dcc9a1ca6182a4f1b58fd3d4665ea42ccba6a815216e74c11ebdd83c983abe5f6734508af6d1aac42177799

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default\ShowGuide.wav

Filesize
84KB

MD5
1abbb64fe5bab5e9f8f70d04be0584cb

SHA1
02a8403fa736cedc6d21390e83796c6ef03a1d40

SHA256
99fe8d09d5e221c214b8594d6bccdb7e0768bc406a12a8d44850f19c247bd10a

SHA512
17a3a065a10359548cd099ae172fda666e5e8b9b484c5a741fb29303781f83b0d62c212d8f2ba3a3883f3e6cedb6547b046244be9d93d7edce2bc68b4e9dc9b1

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default\Sounds.dat

Filesize
728B

MD5
69ad2b481cc0251d62a3e414ac9ef8be

SHA1
78a45c86089d532d288edab98ec417d80847b190

SHA256
fe4f2e6655192969973d68be317e2e0d7fcedf1c9e346c5a85fb33c9953b31ca

SHA512
0de90092e65c2a7fc212d7e290982191fe501eb2a91b6026fd04b3f52e2bb34c81d41d7cca56794a421a265bfdc3b35e0322c2a9abd546821a3977c90b5bd8f6

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default\collapseWindow.wav

Filesize
32KB

MD5
b2affea4b0b140f950407a48dada44d7

SHA1
7e6ac887ac564a3be28812aec9a844d26ba4f4f1

SHA256
1cbaccff303238482d15aa6e23a349f4e33b5a85efb9e06f34910ecfae2defb1

SHA512
6fba572ae7cfc8adb8141caff7e15d59e817abc1d2d583ab7deb97fefdf810d7da50431ee04b3cf7104d73ef3577e947323efb71a308ff25111e7285b929369a

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default\expandWindow.wav

Filesize
29KB

MD5
35ecacacf989c23f558bfb497cab5a26

SHA1
5580acd583a0a87750b788bf3d70cf43c64e34e1

SHA256
80f5358fc36a0fd3a885cb9f6c5f8ad4d128f0258bc29f40877ad707a8a95e5e

SHA512
35c582efff8f210681d206e9074a7cc7f093d6bd6642eefbcc6957aff8aa337fbcfb0771e245537baa444aa39f031e4205167c9785ec4042ca38244f6333fec6

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default\iconClick.wav

Filesize
33KB

MD5
eda655cc99b9a1464e1399300667a1b1

SHA1
45938a2f2196eb87a8d58f0854889d5dcc284acd

SHA256
29fb653a396667c8588dbec4fad51659700e95a16345a7f501570a0e7bfe3283

SHA512
827c1003f27ee0b11a5721fd8cfa2ed4f8e76244668ff0688b9997b3e0f3a57c9bc531f8d20e1264c78ee8b23fc8617bc704a476f2dd091fa0224f8c50e1881f

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Sound Names.dan

Filesize
938B

MD5
be6ec692ef9415b61e292b42a6cf69ef

SHA1
11ced8957f98947e736cacc25007d1a4e68fe275

SHA256
c94990617fb26c4d630bd1422f815635d6cdd6115d7d32b4cb65df24f12f445b

SHA512
93c31c2f66966080f08b032bef25c6d2fefa2e65e122eab3337f695a9703a0ff4fbd943cfb003c4b3258bed5d5fc3288b7a235b56515c312bb0b3a41838448ad

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Sound Names.dea

Filesize
1KB

MD5
b6bd2cd2b6634e1d15b1e2cd25ea01fb

SHA1
e95479efedb99ed08dd4bd7a1f3c34f2157fb8c1

SHA256
ce08d8d7b56b5702848412d2da7e6db508ee9b795c565b80ef0ef4f027228501

SHA512
db8b64ac0d7b769e3e9380b026c5428e4c6b403eff25a908ef8e6a42daae5e89f5c92fd890386dce0acf32ca6f323f550a45e07715aa27f8614bfe1a10a39abd

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Sound Names.des

Filesize
2KB

MD5
f361a99ac212194ce77d674e655f82b3

SHA1
2972497183f46ead9f48b67c8f00b8564dc22556

SHA256
09dcc61e60fa23bb1a23a737620cf6cb9deba3d7f1b3cab96872789dbe890f83

SHA512
c2dab2fc83aa1fe066d2b833c8d8719b9e4ad51d7a1c92e76a08f68ccfa0fc90d07350f2bad9ea4d499997079f828bd1b4ef9abe85cbc6178273dc50ad89d02b

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Sound Names.deu

Filesize
1KB

MD5
b6bd2cd2b6634e1d15b1e2cd25ea01fb

SHA1
e95479efedb99ed08dd4bd7a1f3c34f2157fb8c1

SHA256
ce08d8d7b56b5702848412d2da7e6db508ee9b795c565b80ef0ef4f027228501

SHA512
db8b64ac0d7b769e3e9380b026c5428e4c6b403eff25a908ef8e6a42daae5e89f5c92fd890386dce0acf32ca6f323f550a45e07715aa27f8614bfe1a10a39abd

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Sound Names.ell

Filesize
2KB

MD5
f7e4d171255173be9934023c611e492e

SHA1
c8c94ef8f52b0e406c4dccf72c23b2d2ea09539f

SHA256
7a306b356e04a2e2e738bc0ea5757e5316a7be457dc572bb5a74f6a307fdeabd

SHA512
835262013ccd6bf2c40f6b386de77313d892920e32d64db8ebdafeb65e2acd3716a9d37ea58ba5e3419e9fa03d305d3704411b4dfafa4b238c81aaef85cbcab6

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Sound Names.eng

Filesize
908B

MD5
27aded172141e533386de3bff0935e38

SHA1
ecb87f653ffcccf146cd22223abbbfdc9daf40a3

SHA256
c4f7c4d4c97288a55ef3f7ab0dcb6f2b9d0c0a0908145f4848dbc1b504e1e17e

SHA512
0b176a24c03ce524dedc55b8e4bbf820fea9399400ef91e15c52700c77903b08ebcb74c2f63fd8bd74d9bc260d38d7b2c1c73250d1c9631332d2551a46fbe0e0

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Sound Names.enu

Filesize
893B

MD5
fdba395854ffce8938f2eacc086e6dec

SHA1
a0d7538b59573313d517a9114699ce945f56aadd

SHA256
da83c4f0fa62f332f5c134b85aed1a7d79a5af1f3bf4a07de3c2522ebf82588b

SHA512
e4bdb45ac5b50dc28528e6cd19ed90d982c5f92aa969fc9963d70bbce9cfea63638d29d5165c81b6b6373d7b88732b4f70fc6eac796cd901c54a39663e1218cb

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Sound Names.esm

Filesize
2KB

MD5
0a71778bc75a567f0eb6af7330ada498

SHA1
1b7ea7ae160c642077abc3eb00d97abfa75064b8

SHA256
f62f316ce0d6ea5318ca43c1f45d49ccda6db7fe016c137d6d24192ec32f3cde

SHA512
b165f168960de75692e7dc454a0985f082a3dc9af0af412d6ef3c21cfc6a10f202faadd2b3b60f9fd06165534a6db28b7cbc05faf652b3a20c8a11b96df15949

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Sound Names.fin

Filesize
1KB

MD5
ea8927ac5171df3ba482f5f5c9001182

SHA1
d7361dbf96e732b6c0f0353e2ff180d2f0e5e86a

SHA256
70a4992eb912cd85bae4fa04569b8ab77af9862c7fb1ec702f3afbbde7ddb1cb

SHA512
ae2d0812fc391303289b37e6d171648f1920a9b040f36be3977af9d1ff152e4883ac643fbce4ea1bb5df40a272deeefccb24a86537cfc32bdff38ae99fd25592

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Sound Names.fra

Filesize
1KB

MD5
2583af779c1e638b5a5e7c19915e015d

SHA1
5446a3b72625e43ab6b75ecb247f66e9e053d1ab

SHA256
3302a57be1aa084c89b79330091722e894907ab8c7d95caf3c32742714c25af7

SHA512
44d5afd129d3bfff1f29069f26360251910dae0a37fd83b34c45574e5a95676a3fd47c2f614dd4b8eb89183fc1ff53f323060e41b17588821974d43d03706d77

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Sound Names.hun

Filesize
1KB

MD5
a2a1ca494344bae8abcf364ee2878f4a

SHA1
b316ce8f43cc7018c6d1fc79f305b4e7ff685e32

SHA256
59127983fa0b9795b3ae2ac7afb9161c36120754c1b5f5894ce686d019f1200e

SHA512
cf3cc570f887c72f5620be99b6dda1f3858b4ac5ad5a046c24edf08d4f10aa9c2269b12f173e98906ea0f09e1d8ddb2ec44e8dde91d215d1f8ca8eed0e225edf

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Sound Names.ita

Filesize
1KB

MD5
7faffef2dcfb186ccc3f3392ab03d3f0

SHA1
0d091273e18b14da1e2cc4c9fba7085daa7a1add

SHA256
095b0a5b2a07fba56b7eba4e8628aba2095a0b36aac6ef8f2fc9755c3efb345c

SHA512
5c6fed7ef3f1ff859bffe2a033ddd47142f68f584bcdb55c8ee1015ed5bef10e9df586b2ebf7e7ff7e9cc5152d35312057e0b24cafa94f1b4cdc84323f30b60b

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Sound Names.jpn

Filesize
1KB

MD5
5e33e5d96cf91c3e5dec9b719159e09a

SHA1
8ee140c62d2ab6e0a4508be665077120680c4ce6

SHA256
0a8d2e42a4e41c87385fcb6701bd70251ecfefef0f8c5a6f12f955dd5861cd67

SHA512
93bf45d67b61920dd4b8d3af924f4b674a73584fcb275fd0a617592505dc6fb5ef85b647dc5bcfa16e86c7088bc81698cf69947b0a0013d1d6a77c1d2df83744

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Sound Names.nld

Filesize
963B

MD5
4bea7130cf937f42aa697c604367d7b6

SHA1
be6de6b1cd21da2b3a932962f5119002cc438d7f

SHA256
3fb606205b7b661582e0e4ad35a0bb115bc2f6d0f7ed8b0679b304968251f126

SHA512
ccdb1145fda72bdafaf94b2cfaf3427614aa4d52aa1b4a692956ac7219db17f779594864a85ffaa6b7782386d32e5c9a983ca9d4347df6283bd645178b0a9094

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\md.msi

Filesize
1.7MB

MD5
6518026d73f6ca85100ed4cb3b2dc8b9

SHA1
8e04e3e501f70a1bb892ac1b92a90de546f52932

SHA256
5c614872ba056279e939b90b29412ae179ab9058d0b7b00dfccc2cc64ffc50e3

SHA512
5819c02e579eda16b478436bffc0f799935b28a34de4591863ef08be7f0732144f439b6377fb65712c25a2f9fb013ca9e2701cb6c801a75fcf355157a5723bb5

Download Submit
C:\Windows\Installer\MSI1037.tmp

Filesize
559KB

MD5
7380aa7a4eafd17c21cf315ae35fe288

SHA1
886747c7526627898bd36ff8b85869c9bf6718fc

SHA256
dba4ba13c058f89a92ff5afb2e9c77688bce5909499238b5c396d4308071ed88

SHA512
c4976712429d715adb7b4379d6e339e76557897117df2f9a920283ece5ca5bdabbf5ce0c3cda162a0a54bfc29ec8b979195689309a47ab00d800595e290f69a1

Download Submit
C:\Windows\Installer\MSI11FD.tmp

Filesize
559KB

MD5
7380aa7a4eafd17c21cf315ae35fe288

SHA1
886747c7526627898bd36ff8b85869c9bf6718fc

SHA256
dba4ba13c058f89a92ff5afb2e9c77688bce5909499238b5c396d4308071ed88

SHA512
c4976712429d715adb7b4379d6e339e76557897117df2f9a920283ece5ca5bdabbf5ce0c3cda162a0a54bfc29ec8b979195689309a47ab00d800595e290f69a1

Download Submit
C:\Windows\Installer\MSI126B.tmp

Filesize
559KB

MD5
7380aa7a4eafd17c21cf315ae35fe288

SHA1
886747c7526627898bd36ff8b85869c9bf6718fc

SHA256
dba4ba13c058f89a92ff5afb2e9c77688bce5909499238b5c396d4308071ed88

SHA512
c4976712429d715adb7b4379d6e339e76557897117df2f9a920283ece5ca5bdabbf5ce0c3cda162a0a54bfc29ec8b979195689309a47ab00d800595e290f69a1

Download Submit
C:\Windows\Installer\MSI1327.tmp

Filesize
703KB

MD5
ae585caebd7faece019342026b304129

SHA1
8c512e6db9b0c9547fc0a6d3f3d1216e373d924e

SHA256
92dd2c1f1d19e1d96411d8afc81c29696d76abe6469a2d75200dd82a8fc164b4

SHA512
dbafd2b28356139f886ed7af3813bf7ee1e95709549b8bdbb3c52e17a213694af45096f369668e674a3295a1ba6ce3232dc8c213b29f24442a3c9e68e0d87313

Download Submit
\Users\Admin\AppData\Local\Temp\MSIC51.tmp

Filesize
559KB

MD5
7380aa7a4eafd17c21cf315ae35fe288

SHA1
886747c7526627898bd36ff8b85869c9bf6718fc

SHA256
dba4ba13c058f89a92ff5afb2e9c77688bce5909499238b5c396d4308071ed88

SHA512
c4976712429d715adb7b4379d6e339e76557897117df2f9a920283ece5ca5bdabbf5ce0c3cda162a0a54bfc29ec8b979195689309a47ab00d800595e290f69a1

Download Submit
\Windows\Installer\MSI1037.tmp

Filesize
559KB

MD5
7380aa7a4eafd17c21cf315ae35fe288

SHA1
886747c7526627898bd36ff8b85869c9bf6718fc

SHA256
dba4ba13c058f89a92ff5afb2e9c77688bce5909499238b5c396d4308071ed88

SHA512
c4976712429d715adb7b4379d6e339e76557897117df2f9a920283ece5ca5bdabbf5ce0c3cda162a0a54bfc29ec8b979195689309a47ab00d800595e290f69a1

Download Submit
\Windows\Installer\MSI11FD.tmp

Filesize
559KB

MD5
7380aa7a4eafd17c21cf315ae35fe288

SHA1
886747c7526627898bd36ff8b85869c9bf6718fc

SHA256
dba4ba13c058f89a92ff5afb2e9c77688bce5909499238b5c396d4308071ed88

SHA512
c4976712429d715adb7b4379d6e339e76557897117df2f9a920283ece5ca5bdabbf5ce0c3cda162a0a54bfc29ec8b979195689309a47ab00d800595e290f69a1

Download Submit
\Windows\Installer\MSI126B.tmp

Filesize
559KB

MD5
7380aa7a4eafd17c21cf315ae35fe288

SHA1
886747c7526627898bd36ff8b85869c9bf6718fc

SHA256
dba4ba13c058f89a92ff5afb2e9c77688bce5909499238b5c396d4308071ed88

SHA512
c4976712429d715adb7b4379d6e339e76557897117df2f9a920283ece5ca5bdabbf5ce0c3cda162a0a54bfc29ec8b979195689309a47ab00d800595e290f69a1

Download Submit
\Windows\Installer\MSI1327.tmp

Filesize
703KB

MD5
ae585caebd7faece019342026b304129

SHA1
8c512e6db9b0c9547fc0a6d3f3d1216e373d924e

SHA256
92dd2c1f1d19e1d96411d8afc81c29696d76abe6469a2d75200dd82a8fc164b4

SHA512
dbafd2b28356139f886ed7af3813bf7ee1e95709549b8bdbb3c52e17a213694af45096f369668e674a3295a1ba6ce3232dc8c213b29f24442a3c9e68e0d87313

Download Submit
memory/556-143-0x0000000006360000-0x00000000067D6000-memory.dmp

Filesize
4.5MB

Download
memory/556-129-0x0000000074891000-0x0000000074893000-memory.dmp

Filesize
8KB

Download
memory/556-130-0x0000000073140000-0x00000000734B1000-memory.dmp

Filesize
3.4MB

Download
memory/556-131-0x0000000004800000-0x00000000048BB000-memory.dmp

Filesize
748KB

Download
memory/556-137-0x0000000006360000-0x00000000067D6000-memory.dmp

Filesize
4.5MB

Download
memory/932-56-0x000007FEFB751000-0x000007FEFB753000-memory.dmp

Filesize
8KB

Download
memory/1612-55-0x0000000073AC1000-0x0000000073AC3000-memory.dmp

Filesize
8KB

Download
memory/1612-54-0x0000000075091000-0x0000000075093000-memory.dmp

Filesize
8KB

Download