aurora | 9d2321341dc5804543514a81cab9aac8dbc52466c77bad98a3835819cb9d9c7d

Analysis

max time kernel
117s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
13-02-2023 09:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8fef3a062676cda862c7a3281f7c672f.exe
Size

29.5MB
MD5

8fef3a062676cda862c7a3281f7c672f
SHA1

ec2d8e9278fb366d338f7c94d601f51c1db2e3a5
SHA256

9d2321341dc5804543514a81cab9aac8dbc52466c77bad98a3835819cb9d9c7d
SHA512

6f05faeb7dc04ee8adb2fa49cc4dfc0358edd2653a15600609826526fa352107df7cdd333141fcfc4c33c2b6cae087fe6ef44d48887add0b3fd3032ba6215c01
SSDEEP

786432:uZuA/ghq/LEGnD351tC9Tv55/DEhSslNRb6tg4dg9TqnQ:uz/g0N1kz55/0Sslveddg9UQ

Score

10^/10

aurora babadeda crypter discovery loader spyware stealer

Malware Config

Extracted

Family

aurora

185.106.93.247:8081

Signatures

Aurora
Aurora is a crypto wallet stealer written in Golang.
stealer aurora
Babadeda
Babadeda is a crypter delivered as a legitimate installer and used to drop other malware families.
loader crypter babadeda

Babadeda Crypter 2 IoCs

resource	yara_rule
behavioral2/memory/240-200-0x0000000072F70000-0x00000000732E1000-memory.dmp	family_babadeda
behavioral2/memory/240-214-0x0000000072F70000-0x00000000732E1000-memory.dmp	family_babadeda

Executes dropped EXE 1 IoCs

pid	Process
240	SUMo.exe

Loads dropped DLL 12 IoCs

pid	Process
2644	MsiExec.exe
3396	MsiExec.exe
3396	MsiExec.exe
3396	MsiExec.exe
3396	MsiExec.exe
3396	MsiExec.exe
240	SUMo.exe
240	SUMo.exe
240	SUMo.exe
240	SUMo.exe
240	SUMo.exe
240	SUMo.exe

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials in Files
T1081
Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
spyware

Data from Local System
T1005

Credentials in Files
T1081
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Enumerates connected drives 3 TTPs 64 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\F:	msiexec.exe
File opened (read-only)	\??\O:	msiexec.exe
File opened (read-only)	\??\P:	msiexec.exe
File opened (read-only)	\??\X:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\A:	msiexec.exe
File opened (read-only)	\??\F:	msiexec.exe
File opened (read-only)	\??\E:	msiexec.exe
File opened (read-only)	\??\H:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\N:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\P:	msiexec.exe
File opened (read-only)	\??\W:	msiexec.exe
File opened (read-only)	\??\A:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\I:	msiexec.exe
File opened (read-only)	\??\G:	msiexec.exe
File opened (read-only)	\??\O:	msiexec.exe
File opened (read-only)	\??\R:	msiexec.exe
File opened (read-only)	\??\B:	msiexec.exe
File opened (read-only)	\??\Q:	msiexec.exe
File opened (read-only)	\??\E:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\O:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\P:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\M:	msiexec.exe
File opened (read-only)	\??\Y:	msiexec.exe
File opened (read-only)	\??\G:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\K:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\J:	msiexec.exe
File opened (read-only)	\??\U:	msiexec.exe
File opened (read-only)	\??\T:	msiexec.exe
File opened (read-only)	\??\V:	msiexec.exe
File opened (read-only)	\??\F:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\T:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\H:	msiexec.exe
File opened (read-only)	\??\B:	msiexec.exe
File opened (read-only)	\??\K:	msiexec.exe
File opened (read-only)	\??\N:	msiexec.exe
File opened (read-only)	\??\U:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\A:	msiexec.exe
File opened (read-only)	\??\X:	msiexec.exe
File opened (read-only)	\??\Z:	msiexec.exe
File opened (read-only)	\??\W:	msiexec.exe
File opened (read-only)	\??\L:	msiexec.exe
File opened (read-only)	\??\S:	msiexec.exe
File opened (read-only)	\??\S:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\V:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\W:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\Y:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\Z:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\N:	msiexec.exe
File opened (read-only)	\??\B:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\I:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\E:	msiexec.exe
File opened (read-only)	\??\G:	msiexec.exe
File opened (read-only)	\??\J:	msiexec.exe
File opened (read-only)	\??\U:	msiexec.exe
File opened (read-only)	\??\H:	msiexec.exe
File opened (read-only)	\??\Q:	msiexec.exe
File opened (read-only)	\??\Q:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\R:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\T:	msiexec.exe
File opened (read-only)	\??\S:	msiexec.exe
File opened (read-only)	\??\J:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\M:	8fef3a062676cda862c7a3281f7c672f.exe
File opened (read-only)	\??\Z:	msiexec.exe
File opened (read-only)	\??\L:	8fef3a062676cda862c7a3281f7c672f.exe

Maps connected drives based on registry 3 TTPs 2 IoCs

Disk information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum	SUMo.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum\0	SUMo.exe

Drops file in Windows directory 12 IoCs

description	ioc	Process
File opened for modification	C:\Windows\Installer\e566db3.msi	msiexec.exe
File created	C:\Windows\Installer\inprogressinstallinfo.ipi	msiexec.exe
File created	C:\Windows\Installer\SourceHash{DE95392E-B226-44A8-ACAF-B122805E29F0}	msiexec.exe
File opened for modification	C:\Windows\Installer\MSI6F2B.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\MSI6FE7.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\MSI7056.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\MSI7102.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\	msiexec.exe
File created	C:\Windows\Installer\e566db3.msi	msiexec.exe
File opened for modification	C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log	msiexec.exe
File opened for modification	C:\Windows\Installer\MSI6E8D.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\MSI7D29.tmp	msiexec.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4872	msiexec.exe
4872	msiexec.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeSecurityPrivilege	4872	msiexec.exe
Token: SeCreateTokenPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeAssignPrimaryTokenPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeLockMemoryPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeIncreaseQuotaPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeMachineAccountPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeTcbPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeSecurityPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeTakeOwnershipPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeLoadDriverPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeSystemProfilePrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeSystemtimePrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeProfSingleProcessPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeIncBasePriorityPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeCreatePagefilePrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeCreatePermanentPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeBackupPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeRestorePrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeShutdownPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeDebugPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeAuditPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeSystemEnvironmentPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeChangeNotifyPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeRemoteShutdownPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeUndockPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeSyncAgentPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeEnableDelegationPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeManageVolumePrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeImpersonatePrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeCreateGlobalPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeCreateTokenPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeAssignPrimaryTokenPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeLockMemoryPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeIncreaseQuotaPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeMachineAccountPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeTcbPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeSecurityPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeTakeOwnershipPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeLoadDriverPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeSystemProfilePrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeSystemtimePrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeProfSingleProcessPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeIncBasePriorityPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeCreatePagefilePrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeCreatePermanentPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeBackupPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeRestorePrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeShutdownPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeDebugPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeAuditPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeSystemEnvironmentPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeChangeNotifyPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeRemoteShutdownPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeUndockPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeSyncAgentPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeEnableDelegationPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeManageVolumePrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeImpersonatePrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeCreateGlobalPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeCreateTokenPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeAssignPrimaryTokenPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeLockMemoryPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeIncreaseQuotaPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe
Token: SeMachineAccountPrivilege	4612	8fef3a062676cda862c7a3281f7c672f.exe

Suspicious use of FindShellTrayWindow 4 IoCs

pid	Process
4612	8fef3a062676cda862c7a3281f7c672f.exe
4128	msiexec.exe
4128	msiexec.exe
240	SUMo.exe

Suspicious use of WriteProcessMemory 27 IoCs

description	pid	Process	procid_target
PID 4872 wrote to memory of 2644	4872	msiexec.exe	83
PID 4872 wrote to memory of 2644	4872	msiexec.exe	83
PID 4872 wrote to memory of 2644	4872	msiexec.exe	83
PID 4612 wrote to memory of 4128	4612	8fef3a062676cda862c7a3281f7c672f.exe	84
PID 4612 wrote to memory of 4128	4612	8fef3a062676cda862c7a3281f7c672f.exe	84
PID 4612 wrote to memory of 4128	4612	8fef3a062676cda862c7a3281f7c672f.exe	84
PID 4872 wrote to memory of 3396	4872	msiexec.exe	85
PID 4872 wrote to memory of 3396	4872	msiexec.exe	85
PID 4872 wrote to memory of 3396	4872	msiexec.exe	85
PID 4872 wrote to memory of 240	4872	msiexec.exe	88
PID 4872 wrote to memory of 240	4872	msiexec.exe	88
PID 4872 wrote to memory of 240	4872	msiexec.exe	88
PID 240 wrote to memory of 4076	240	SUMo.exe	93
PID 240 wrote to memory of 4076	240	SUMo.exe	93
PID 240 wrote to memory of 4076	240	SUMo.exe	93
PID 240 wrote to memory of 1696	240	SUMo.exe	95
PID 240 wrote to memory of 1696	240	SUMo.exe	95
PID 240 wrote to memory of 1696	240	SUMo.exe	95
PID 1696 wrote to memory of 3176	1696	cmd.exe	97
PID 1696 wrote to memory of 3176	1696	cmd.exe	97
PID 1696 wrote to memory of 3176	1696	cmd.exe	97
PID 240 wrote to memory of 4560	240	SUMo.exe	98
PID 240 wrote to memory of 4560	240	SUMo.exe	98
PID 240 wrote to memory of 4560	240	SUMo.exe	98
PID 4560 wrote to memory of 3148	4560	cmd.exe	100
PID 4560 wrote to memory of 3148	4560	cmd.exe	100
PID 4560 wrote to memory of 3148	4560	cmd.exe	100

C:\Users\Admin\AppData\Local\Temp\8fef3a062676cda862c7a3281f7c672f.exe
"C:\Users\Admin\AppData\Local\Temp\8fef3a062676cda862c7a3281f7c672f.exe"
1⤵
- Enumerates connected drives
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:4612
- C:\Windows\SysWOW64\msiexec.exe
  "C:\Windows\system32\msiexec.exe" /i "C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\md.msi" AI_SETUPEXEPATH=C:\Users\Admin\AppData\Local\Temp\8fef3a062676cda862c7a3281f7c672f.exe SETUPEXEDIR=C:\Users\Admin\AppData\Local\Temp\ EXE_CMD_LINE="/exenoupdates /forcecleanup /wintime 1676045232 " AI_EUIMSI=""
  2⤵
  - Enumerates connected drives
  - Suspicious use of FindShellTrayWindow
  PID:4128

C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
1⤵
- Enumerates connected drives
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:4872
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 4E35C3C6C19FAE0CBF1BFC4A4A8C2497 C
  2⤵
  - Loads dropped DLL
  PID:2644
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding D312056A75758FB7A2E09A62EBCA7C74
  2⤵
  - Loads dropped DLL
  PID:3396
- C:\Users\Admin\AppData\Local\Magic Desktop\SUMo.exe
  "C:\Users\Admin\AppData\Local\Magic Desktop\SUMo.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Maps connected drives based on registry
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:240
- - C:\Windows\SysWOW64\Wbem\wmic.exe
    wmic os get Caption
    3⤵
    PID:4076
- - C:\Windows\SysWOW64\cmd.exe
    cmd /C "wmic path win32_VideoController get name"
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:1696
  - - C:\Windows\SysWOW64\Wbem\WMIC.exe
      wmic path win32_VideoController get name
      4⤵
      PID:3176
- - C:\Windows\SysWOW64\cmd.exe
    cmd /C "wmic cpu get name"
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:4560
  - - C:\Windows\SysWOW64\Wbem\WMIC.exe
      wmic cpu get name
      4⤵
      PID:3148

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

T1081

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\MSI6AB6.tmp

Filesize
559KB

MD5
7380aa7a4eafd17c21cf315ae35fe288

SHA1
886747c7526627898bd36ff8b85869c9bf6718fc

SHA256
dba4ba13c058f89a92ff5afb2e9c77688bce5909499238b5c396d4308071ed88

SHA512
c4976712429d715adb7b4379d6e339e76557897117df2f9a920283ece5ca5bdabbf5ce0c3cda162a0a54bfc29ec8b979195689309a47ab00d800595e290f69a1

Download Submit
C:\Users\Admin\AppData\Local\Temp\MSI6AB6.tmp

Filesize
559KB

MD5
7380aa7a4eafd17c21cf315ae35fe288

SHA1
886747c7526627898bd36ff8b85869c9bf6718fc

SHA256
dba4ba13c058f89a92ff5afb2e9c77688bce5909499238b5c396d4308071ed88

SHA512
c4976712429d715adb7b4379d6e339e76557897117df2f9a920283ece5ca5bdabbf5ce0c3cda162a0a54bfc29ec8b979195689309a47ab00d800595e290f69a1

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\MediaInfo.dll

Filesize
3.4MB

MD5
548cb3a857e341f9d531292b6d5a31fa

SHA1
2a1b055d5c9e26f2b9051719bf80313700726135

SHA256
aa21764eaa38f290c1002bbea5dc14ba2678ea262f5f854cf31073ee9f0006ab

SHA512
dcc2c002958da0dc648cab0a11d8447db6dc3023092ea2441a346fe9ec0842e770e63acf30c338f2c1da96facbe947c6d0accca4681d1b1bcbc1edace3e2e460

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo.exe

Filesize
2.1MB

MD5
85a5c9a3435594fb7e0d40d1289d4e5b

SHA1
d841701a46fa6fa9444501ff3774f808758924b4

SHA256
fa1e530b966af389f22bc95b0b45ebecf3975e29d4346fd9f3af7bd9e2b3f9e6

SHA512
74e65bf3b76ce36268ef432750280b95050a2512d047369d2cbb8d26f5cddbceb67cacc9043ab90238d2c8d2f65dded1c599425e96c4045c517709c83ff2ee6c

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000411.SPK

Filesize
25KB

MD5
a0cd0621342dcd89f0a07bf0f0b43497

SHA1
43d120e9ed7d77879823d31fb30c492b9aad7cdf

SHA256
1cca56735fc3b085641bd4a4ca39d8538eef28889827936fd1be3f1664859202

SHA512
c253ac805bef8eb6c81b056df93ea5250dacf703e5c96c861649351dafb8dc7d61a07290f20eac64191f6e9369adc06208ab14aa4b23b8689c55c822462cf917

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000412.SPK

Filesize
18KB

MD5
b2c2252e465425ed73985675e92d4736

SHA1
4ef054acc17cfd748da8256d09bcba937c98ac72

SHA256
8757f0801c5f6cc0fc81e69254922623f891729c74422d0e34d334f48545cb38

SHA512
5692b280ac6b650a87fda1c3bcc9a398c3225e76cefb261292a35760e26851eb654441f51140848a136fd1775f3f03fe6b7ed9779db3e7b05d8df67e145263a1

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000413.SPK

Filesize
26KB

MD5
7a60015341a6e25a4da8f2513399a735

SHA1
957cc8d715c3892200b7eb7a5fc8df0adbb58efb

SHA256
434ed013e46ea5a7c05c7481ad8cf45e0eb5908cdd94ed863ea6fe405cce129d

SHA512
e2cfccc8eb77d819ee7ca3677198ca79a0129f3ac0e63c94314a11266f1514917969047020500eba14b281bc3825aa022727e99063b550e14a5d772e256d72aa

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000415.SPK

Filesize
21KB

MD5
042a26f0347aa7206779d81b2912bc6f

SHA1
1dbf0c0c4b1bb9e5985b0b137251dd6aabcfa43b

SHA256
cbcf617f7c0b3af2b8ebdf76ba51ff55d956bc97eeee05c9aed25ed027d61cfa

SHA512
e70737832ec3bc347f84023f69b3842b790bfa9fa3f5e7f783236d873bfc53db6608299b995fc0a92ee0cb9116412adad18c159a4c046f0d1a93bbcaec401c3c

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000416.SPK

Filesize
25KB

MD5
02639c0b531caede2b2072fc6826edad

SHA1
0530750bf3a4a951725eea2d644c30dca6132dfb

SHA256
2201e0453240ba3cebeb5be37d9aa15517b51ad04acde6b5ebb148383cd7c443

SHA512
440095237eeb07ffbf5cb9787be0285ed1baba1b48ad845b3be29435b9b46c28a4febddf3c1539c4df8004d471e216839421b2496ae33193622eee8a18c748ef

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000418.SPK

Filesize
24KB

MD5
b388d2cfd162ba73d75d5f44042ccb1d

SHA1
0258c34a2017d163f388cec88b349c35c7a0cff8

SHA256
64255df648940ab13a3bd55d7fbc1448f5a1abb1d1cd1ecd890d73f17f3635e1

SHA512
e85ffda3074471f0775708f96cb478a93cf630611593b0c0c5f4df2745214ee897ab83ce830db2da192e88f8822562e4a02d4a03f9662886a91607fc2d6a0ea1

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000419.SPK

Filesize
27KB

MD5
1160933a76e0ec4fd23447423540380b

SHA1
bf94e5777b0d85b864cc0e2349823c96132e202d

SHA256
e89895bad4ebc80c1a063fb34632720f0cb5aed88833e146ab9c2e547a8cd33c

SHA512
55ca2d98686591c9de5ddcb435c2f9eaf8a76dec288857c3f06c42def02f0c3aeab65f0657f400a8d08f5b2a2a7880ddd7ee345e3cd3250b2b07e9d76db2e210

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000422.SPK

Filesize
24KB

MD5
913b77afdf0717a7092a5203842fb477

SHA1
5e0fe351338f066508b3c2387fe9202bcf3859bf

SHA256
649a5425c79e1e6aadea0971222638cedf99c522595fa30528a8860d32a88fbf

SHA512
0340efb89431cd803a642f3ea8b81e4e882d9d33aedd30329db08214118de6f489fd87a35ef8a70cdfabcae6b0cec234b86687e16a6b56a15e38024b72b8788b

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000424.SPK

Filesize
26KB

MD5
dbed70e56af564a37603f16d32951dff

SHA1
7ad82597da16b01f1f76fd134b7d0f5082b2c805

SHA256
47ec8a1365bc0d8eec441923734b8123d6cd9df37b168a9eb706714480a56f51

SHA512
1b393f570a6ecacc2fb42b50d8b267b7eda0d307e9ccfaa572ca0080b44d55d1b8b3350263ac73cb21d3f8f27c019809d15b474b2901a60fbc6ef465b8b22120

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000425.SPK

Filesize
22KB

MD5
fabd351c936c7a6b757779f13f5707b5

SHA1
1c6defb61d9efeea665d12bebeebdf36017871ea

SHA256
7d984899c467bb13b4057d1f96db88a182d9f24b3693c534304caff0446b8be2

SHA512
5acfa822acce5b8bf70de1380eb2b1e39a18c4139eca06c6521007e33c31653532fc4a7bba7eedf70bf00ec5795e18f2628739c713a97df4b146459641fb6297

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000427.SPK

Filesize
23KB

MD5
953853724b9db696dc2eadd9e4cb2126

SHA1
ca5c486c5e8aaa982281e3b203f0ffc8e5749de3

SHA256
6cadeaab7b52fa31d19d5b4a1959da631da92ee5f88bc3e8284bee7a3967cd33

SHA512
3b8d91d7d0980a0b2af0540a73c0c342547dde38f8466d87c57fa14f8a23117cd4cfd87a49b99bea33bff76fd3d96a74737b4a787a074a93c7a1d14f3a4e34c8

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000804.SPK

Filesize
24KB

MD5
a0a6d9285e19f4643796dcb91fd900dc

SHA1
0e4e689226b37ead2b24af1512ba6546b39b40fe

SHA256
a4e53483b8dc4cf2b247e73a33fb01d9f312ec61f69d32c4b4c01a0512760bfb

SHA512
d031c7ce25bdd856ef83f7d52ab83cf2aea171b0a18a8584274f517a795c098aba00de548d23015c5584d31c4e22669073dd78afa45e775862ff34a79c4aa25f

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000814.SPK

Filesize
19KB

MD5
da9df95dda95e1fe352bd7b854a33890

SHA1
06634a8f3a0176e6d7b934cdf4752cc4012c775e

SHA256
ebba5750cef9a457023f4e8713c85174497751ea7c65bf5d8d80fb55375dfbd7

SHA512
7ae49f97153d898399d4a51eab4c700d7522ec1d72c0ff680f2c2bb5213d77ae1a810db8db7105c24b5b57b0084a2dd723d24c70b40568bebdaaa856f986fd26

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_00000816.SPK

Filesize
27KB

MD5
6340816924e9894eab687c2f5ae35b5f

SHA1
482e6672f417d418938d8d8385ceea04b373a6fe

SHA256
a881dc695a24fef491364a0126531e3480e0ea7bd73429e8092c9eea6dd5d107

SHA512
933e210e84dfdf776730b1914e52fe1fb696963bb0f34cd576f90341577e3c29f90a733d98fa2c1e469c029bc1c8eea30a300724ffb4188387fc23617bdc1405

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\SUMo_ORIGINAL.SPK

Filesize
21KB

MD5
9a4512ee5dbc43f3743c285ee22ae8f6

SHA1
6462674328fb9e21f3320eaa5d70c167dd36f8ef

SHA256
dd6acc6ca924732a0b0190ae362fd7830aa45648b5eb6a64e3a5a58871c26347

SHA512
5624b78a8c24f7aa07b96994cb761330a723a4a989b8e7d9083326f9e149ca42de802985d94afb99039a2046ed15ea28ab54af0ef9a09397870dd342910256e1

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Screen Savers\Magic Castle\WizardScr_2.swf

Filesize
518KB

MD5
387737e9a0842e792cb534be6db8ae5b

SHA1
af9e9577fbad8bbd0782ef3058d02bda4e7deeca

SHA256
9a53e5649afd5ad7cff3fbf11293802decb48cc132ab28fff20813025e3fc610

SHA512
b3ba7c89ab1eb8eee9a1249733e0752a98b18a9143341833159ffb5bf47989d8b107dd4cccd9cdc11a20c32b3882919b96f8508594676796e2dad5f37843be2c

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Screen Savers\Magic Castle\default.htm

Filesize
546B

MD5
e26e4f2be744fa3ba2f72a3fda255b4a

SHA1
8f2adba630472e1036bd8d5360288fd1495e0cf7

SHA256
55708b223808f4ffc6ec49249a52bff5d249b683c0dd9d292c248c25a51b2981

SHA512
21f8f2df2e488224384b448f6424da3822ca411598e04e31ea0c298cf4eac0f6cd160ff31782d2f1e609aa8b0a7f3efe1d194b5d9f8eb4b99f20f8f5730f2118

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Screen Savers\Magic Castle\ezScreenSaver.swf

Filesize
98KB

MD5
38d62a9224eff28cb611ae65711f1c85

SHA1
851054986feb04fdb34d578b93ba3a866a882c77

SHA256
6d8506499a169dc20d83a34313eeb437ccee7ca973366cad8f072aed0e442576

SHA512
a10082c8ff28343467ca27c4d53d0161b73c0b6f77d2db141a751f748c1dce9f96dc93470998abd0d4cf999f91f10d2eeeb8f9f2273880092484f2cd2d5bca9d

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Screen Savers\ezScrSvr.dat

Filesize
139B

MD5
c853406876edc4af968c0fe8ac389a84

SHA1
2ac07a682faded4e19fa53c1071abfbbe94aa1e0

SHA256
0173034a264ccbefe4855731da222c0e7c58a633c37dfabbee70338b48835801

SHA512
20d51300a852648b2b59327c41955145bcfe0b60c0b8db70fafa63c31819eb7cea0db775dc769fc74217619dc8a80b45ea3605b85d89cadc14d804260e6302b5

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default.dat

Filesize
158B

MD5
aea1e024bb478d3ea6dcac03f7c620a3

SHA1
bb2934faa925700418a76b6ffa0d1c28da3fb7fa

SHA256
9eda6d6c394f6ec73e886bf9d12c4b86ab9cd0296acc6c28f299f465e4bf01d8

SHA512
f66e1ca73988b57fcb10cea3515bfce5f37964f86072435e07e0a70e47641f9beca3fd351523124b1e72025fa744c1aa836c7862c0c56eaaf8e12a88a1c6f81b

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default\Alert2.wav

Filesize
88KB

MD5
bb8104f73344d925a73e12c1e78ea461

SHA1
a9c2c7d92ac2dd3a08549804dd31083c3f20b6f2

SHA256
a9f435650a3cf0a776db28085d24e9f9f59cf177567765502c32252a7ae4501a

SHA512
79b31ab3b3832b8d370799333f77b2afe8439208cbb0630e9b580d70ba55277f69e98429f9d564d9e4ed1ce2326dbe7f785aea9fc025aef0c67cc06a862413f4

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default\BookItemHover.wav

Filesize
16KB

MD5
c5663579b6ff35149786c38577c4beef

SHA1
52860c3a828016bec8416d09f50c3e3092ffd189

SHA256
e48347c77019945b3cdba802928b2fd08e72f861b7fa41bc6d49c4ec976410c0

SHA512
ccfbad08aa32825cab2818f38736ca508b4379ff5456de53d618f596c8f895c3b4aceb7c83e87480c7261d0de93efced0a5f4184f759cd2261dfb3fcd2f18f8c

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default\CallOutInfo.wav

Filesize
150KB

MD5
86427827deb4d909b56d8f5fce84686a

SHA1
02bee5114c863f20ed8a8d76fc248732f3e770b4

SHA256
2ccb80316e42435927cd71699e9e8a1bdb2d818df1900c16289566ea8ff000ad

SHA512
e5b7e51ead5c370f669a23b68f36912bd56388bda24a9adc65fd092b6f86a7eba51d3a958630a2c17ccbc14cec180d3ff87f02ff8bb6f8367df34cdfa49c5bce

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default\Logon.wav

Filesize
222KB

MD5
a824beee2910d5ffb6f036c0bcb35d04

SHA1
f0c90276ed1216cc37e80e80b121fca70603fdbf

SHA256
aaff0be8e11512ad6131a4b15a7b3ed85e4ff008ded48985c75b21c5580fc79c

SHA512
39451238929c375b4f0872d5f1e3c513d2cf9fabfa741ef5b9999c226e27abf6553bcba3feda4639230ddf1ec1eecfb7705e3bf4cfa012574bf6070485230437

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default\collapseWindow.wav

Filesize
32KB

MD5
b2affea4b0b140f950407a48dada44d7

SHA1
7e6ac887ac564a3be28812aec9a844d26ba4f4f1

SHA256
1cbaccff303238482d15aa6e23a349f4e33b5a85efb9e06f34910ecfae2defb1

SHA512
6fba572ae7cfc8adb8141caff7e15d59e817abc1d2d583ab7deb97fefdf810d7da50431ee04b3cf7104d73ef3577e947323efb71a308ff25111e7285b929369a

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Default\iconClick.wav

Filesize
33KB

MD5
eda655cc99b9a1464e1399300667a1b1

SHA1
45938a2f2196eb87a8d58f0854889d5dcc284acd

SHA256
29fb653a396667c8588dbec4fad51659700e95a16345a7f501570a0e7bfe3283

SHA512
827c1003f27ee0b11a5721fd8cfa2ed4f8e76244668ff0688b9997b3e0f3a57c9bc531f8d20e1264c78ee8b23fc8617bc704a476f2dd091fa0224f8c50e1881f

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Sound Names.ell

Filesize
2KB

MD5
f7e4d171255173be9934023c611e492e

SHA1
c8c94ef8f52b0e406c4dccf72c23b2d2ea09539f

SHA256
7a306b356e04a2e2e738bc0ea5757e5316a7be457dc572bb5a74f6a307fdeabd

SHA512
835262013ccd6bf2c40f6b386de77313d892920e32d64db8ebdafeb65e2acd3716a9d37ea58ba5e3419e9fa03d305d3704411b4dfafa4b238c81aaef85cbcab6

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Sound Names.enu

Filesize
893B

MD5
fdba395854ffce8938f2eacc086e6dec

SHA1
a0d7538b59573313d517a9114699ce945f56aadd

SHA256
da83c4f0fa62f332f5c134b85aed1a7d79a5af1f3bf4a07de3c2522ebf82588b

SHA512
e4bdb45ac5b50dc28528e6cd19ed90d982c5f92aa969fc9963d70bbce9cfea63638d29d5165c81b6b6373d7b88732b4f70fc6eac796cd901c54a39663e1218cb

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Sound Names.fra

Filesize
1KB

MD5
2583af779c1e638b5a5e7c19915e015d

SHA1
5446a3b72625e43ab6b75ecb247f66e9e053d1ab

SHA256
3302a57be1aa084c89b79330091722e894907ab8c7d95caf3c32742714c25af7

SHA512
44d5afd129d3bfff1f29069f26360251910dae0a37fd83b34c45574e5a95676a3fd47c2f614dd4b8eb89183fc1ff53f323060e41b17588821974d43d03706d77

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Sounds\Sound Names.nor

Filesize
910B

MD5
760fb4c11c6e761eef9650198dbd5f96

SHA1
b481257978ba759198f77643f11fc9d57b565413

SHA256
07b98984f12cd4720f44389a033c44f5c104aefe170a9d12f608e638173e9b66

SHA512
cb74aca8f06d87376411acbebda75c10358bcc7f0e6fb0b0eb89b5e70c24afe223c58bdb8eeb1cdfe1887abacdff40b36836e6670c53a04eb6ec50d6fba5f685

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\StarBurn.dll

Filesize
126KB

MD5
7483c0b27eaa26de3d30e08dcb72c984

SHA1
2620ee8474db3b977cfee0cc16a14adf63f16512

SHA256
95e2ca8582e27ad29acaae8422472e901e206f975f7e124c563a9b8c3a1b65e0

SHA512
c339ad729eae62ea968f65e2de98376e0e31e827af8c8b34f8cbcd2d931e712c763b3fc53c8b4b57da1b49ad150887aee8e217077d1ec097551789e146bc8540

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Themes\Caribbean\Caribbean.DesktopTheme

Filesize
38B

MD5
393f595b1b6e45e43fcb0917701bef86

SHA1
181f937cb225c5216aa201b9e7bd0a8c8d77d4b3

SHA256
2fa2b0c37c92cb4040b86ec9b80bcb688591b38ee88cece9e5a0b45c1fba293e

SHA512
280aeeca9ff1ad072297e638a8f844c653bf17ac25b2aa5d7e889fdcf4ab097add4b3c7934d6a017d900219b6adcba12abb30d72da9cb14ea7f3608798a0a26d

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Themes\Caribbean\Caribbean.swf

Filesize
2.4MB

MD5
4a50b4cd0f87d7b2a8273ff74604ad9d

SHA1
17caa11e846a90b9a43e43de0b9d0e0a23581a81

SHA256
4fcc5ede1811e0c970a297efe23a2094a306b42064ffe43f4ad9a6dfb0ed987a

SHA512
bcb8136c680f7e9ad6362404635657c71720860dd0b814ffaf383268190a27f900413084f7d76d4a3af5be61745e0f313aae7254d779d30e20c60e7db8a4e610

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Themes\Caribbean\Thumb.bmp

Filesize
87KB

MD5
8493f0e02348b4f845e283b14cffff76

SHA1
64eb4dcb9c3b418d453a381686be9a6918616dc0

SHA256
aa6699a1e5c018d80c0efa26b56ab13b7785de35c77198260a4ff88cc7df90d2

SHA512
39fb88bc8ae1e9c901c8ce82c1a0870057f98a39629249bde5688d07763a7d33c47d9c7398eb211fd5f76c0a0c96463ebca66f7a5198c7c998fee0f100240bd8

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Themes\Cubes\Cubes.DesktopTheme

Filesize
38B

MD5
e4ebf0bf58439afc18bdfd179ec97cfc

SHA1
f97d79e4096977901bb45a5249a1e1ed060dca2f

SHA256
84ce81c3759778c70ee88d39d86e8ed97033397ce65b68bea04d370eb4f23bd2

SHA512
d039dd6f5bb7406d50bfde319afda6cc2efdb730bd3c1139397b249a90b3427b7753fa31e526c5f3c676d8447d60c4e03de11c6ef2d008819d2e7eef73fdb191

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Themes\Letters\alphabet.xml

Filesize
2KB

MD5
2d9b052263242ca4a3a19414b94621c9

SHA1
1880f31ae14bd506a69bf262aa54a3e727543d6b

SHA256
2d8cfdfbb57889eb4bfd496600243a466261dc76046593988e3069c273ca0411

SHA512
e535a9fd5eb18124a9532a057a749806efd07730619728b6ba2b01871b84943d0f26aa2aab4cb6f075127000ba5c9dd280c75a616efdb4927a14febee94ecc64

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Themes\MPbutton.swf

Filesize
81KB

MD5
7c03ca9db06dd6eb8a68fdb7399a3d74

SHA1
2a34508d2243013385576d5e6453c052a91664ec

SHA256
fcbae6f849042b90499febe03b8695b9fe75826252a51d9ef657061d88993266

SHA512
8396598252918b8a7ff358872ff8991a513e8c39a1d7bc496a8ba778dd78320e6ba6eabbb6712e91ee11c496b88c4747ae59b9a9b9213f86a168964a0c506a33

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Themes\MagicHome\MagicHome.DesktopTheme

Filesize
40B

MD5
fdcfaff1483d441c73d5184a2353e764

SHA1
3da48e23b3a1c21bb7d5084aeae1b57b632c0afb

SHA256
2662510fab7283d4b659edb83649d0f0424381a475bdaed207455989b95d3837

SHA512
30d9af8286c1a8d4b88ab69d34503d83bf12d857bbad37739a73217aa531912651b025383a1a3d7ee536da971dd2823b2cb9ca62260fdd522f874488b5216012

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Themes\Numbers\Numbers.DesktopTheme

Filesize
40B

MD5
2eb180ef6a9a061bcf9fba52ecf37714

SHA1
5f3322392654ab3e3e71fa7859a8a7c17fe9d6ad

SHA256
96eae342ecfcf8817b84dbc610605ccec0e2e76cb06cd01f1734b560027e473b

SHA512
e3a61909149d55eff299188fa44b9f2579e1918e7a4255734f11502a88b221ce72d717defc6df5c760afa6e47a4ff79fbadde273fa84f2928d581196cafce201

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Themes\Paint\Paint.DesktopTheme

Filesize
40B

MD5
3ec0323e17a0a61a8da89b221de5dbaf

SHA1
325ce9e76a5d745a9511d6e7c7f0c0cb97a1fb22

SHA256
fdac318e812a344a7068ded63ca355ae00ce4854545c98f3ebfc8168cfbbc51f

SHA512
a765d8e5fb075aaa09d3d42b9c6933d4fb2d1a279d73b69c573fdd04317d65c08b622e464c5552c1f38fdfcfa5c6e9ee85d7b59ad9c07da3607df088d7de5960

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Themes\Paint\pictures\pics_01.swf

Filesize
17KB

MD5
12bfdd4a48120a6fdcd03edbed179765

SHA1
50cfcdaa44833366e773605248a6d259f24cf992

SHA256
545eafc1da38289eb7f154b8ac12045c466cdc85803c26b0c4045df1540277cb

SHA512
8422ef7d0dd7879b9988229008575fa01b5b86d4f482b294c528a7baec86fa58e4b50aff3cc1105e4f6f1f7a7f4211ba489b5213bf5c2ac04ba09ae1a96a7ff0

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Themes\Paint\pictures\pics_21.swf

Filesize
31KB

MD5
cd08a1c0231df9ea93eb9f495e3cdb66

SHA1
ddf0f1eb666dedcf002c27ecf719bba077d8e09a

SHA256
dbad27361363bf0b710d279d2268bdfe871fd69545d05d19c31c4fc890610e84

SHA512
68b3c36ac11611da05aac972611b8b5e452dcd6e886e1e5b93477f2bb551d3e4798d7fafea09ac985386c06db38d9e00945ff2f9971af39e8208f83e947d4eb5

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Themes\SpaceShip\SpaceShip.DesktopTheme

Filesize
38B

MD5
d40fca62cd492651683bbc451a6bd433

SHA1
cbb84106dd550bd57caed0abf9df1de44f1fe74f

SHA256
5cc3b7420b80df8917e31d8257baadd490daf38b859c236ba5f8801cd58d1870

SHA512
1ff848dd965eb8cdf54dd1fbeded9fb352fbd63af50255a7fb2dd03fe6e31ae5cf5b3dff7ab5855b4fe9eed7f5c0b8d9a331aaf41ff6ea19b6fc2504c5e39a47

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Themes\SpaceShip\local_cache\alien.swf

Filesize
872KB

MD5
3eb7178104990c859cd005291e9aca7a

SHA1
e5db93d086292f776e03d3e1b1a13b5b9a0d5684

SHA256
6f7d968567315a95594de3ce09934a809ffa48a26914356489eac9cf0946b735

SHA512
3de3a0c2afbc7df1327b9c82d905fd1fd16756ffb0bb069ed1f654ef1a552f75427a9e96796a7af69b7326702ad34b125de7eac24c7c9e012e4032499e01b441

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\Themes\UnderWater\Thumb.bmp

Filesize
87KB

MD5
28497711fb2ebee5f3103748b036f054

SHA1
684d82afe1754ad624001ce4325e74efcb06f277

SHA256
81f3f724a3593cf7a992926ce7b50f3bec75ae73c63c23e04e9d3644f8b263dc

SHA512
e3df6bf80b5c6007ef034abd14ae1471112a3bea47c7f899fcb84ffcf31c584c9d99da775d70ff38d8a60a509910b0ba24bb22041af9933d3d0e528c0e55537b

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\libcrypto-3.dll

Filesize
3.1MB

MD5
e44f1ca764da493d54064a2702dbe889

SHA1
86e1644d4466d464748b3d22a496061249ada545

SHA256
b823a3edb1d42919f7c822b4dbd5cd0cf01bf42248060c3df6ba03ff26bbe8af

SHA512
3d433caeaad900841d0ff44b89bcda4a9bd4d61f2b6296dcad0548caf1dcfecaddb2586a99214fc08b9293ec4977c63790f2ca7df0e3fdeeb340dbcef2096e88

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\libssl-3.dll

Filesize
769KB

MD5
6a92cec97792669dec4c1e06f957ed4e

SHA1
6789eb64b31fd5ab643cd91b2ba3afcfde22e7a2

SHA256
84b912710d6648269bfc96ded14c9f3fc98a45f4adab07a993e86c3defb1f65d

SHA512
bd185182334a423bec23e6931da62afd3a95bd2b93860b328f78ed2d02a811ac492f30178239d589fda0976ec3170d89b611cdccc190222bacbf1182b2ffd1d2

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\libunmap.dll

Filesize
32KB

MD5
53634bc76f19ea065981ac1b02225df9

SHA1
7d1cb4ae535c30d2443c4b8f14927300c8449839

SHA256
e9053b628bf89440e0ad4874a5c234fe058539f20f9bf02d36c7492fed70857a

SHA512
3b46f34b4d370f44f219f0a404ae1f9a53897ddaabfb7665197dc16b538a13d9ee89af7053fd74998dc38321af8f076759f535d5a855f6ff5212d88704c79d3a

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\md.msi

Filesize
1.7MB

MD5
6518026d73f6ca85100ed4cb3b2dc8b9

SHA1
8e04e3e501f70a1bb892ac1b92a90de546f52932

SHA256
5c614872ba056279e939b90b29412ae179ab9058d0b7b00dfccc2cc64ffc50e3

SHA512
5819c02e579eda16b478436bffc0f799935b28a34de4591863ef08be7f0732144f439b6377fb65712c25a2f9fb013ca9e2701cb6c801a75fcf355157a5723bb5

Download Submit
C:\Users\Admin\AppData\Roaming\Easybits\Magic Desktop 11.3.0.9\install\05E29F0\soxr.dll

Filesize
173KB

MD5
c8b8e48d19d1219f3a7c05610365cb4e

SHA1
688d9206775a17a2afae2d5042054d7fa41a29ba

SHA256
edafc54a4eca340353560bc43936fbbc59e6ac363a514e73b94d8628016b6736

SHA512
847694d63473d8a636269b6855bb10b4ac848949a7f4cce1c796732e377f6ed37c9a89f60fb497e0119514d299e9ba7ee0ead7f607e304760f1f7a2407543cfd

Download Submit
C:\Windows\Installer\MSI6E8D.tmp

Filesize
559KB

MD5
7380aa7a4eafd17c21cf315ae35fe288

SHA1
886747c7526627898bd36ff8b85869c9bf6718fc

SHA256
dba4ba13c058f89a92ff5afb2e9c77688bce5909499238b5c396d4308071ed88

SHA512
c4976712429d715adb7b4379d6e339e76557897117df2f9a920283ece5ca5bdabbf5ce0c3cda162a0a54bfc29ec8b979195689309a47ab00d800595e290f69a1

Download Submit
C:\Windows\Installer\MSI6E8D.tmp

Filesize
559KB

MD5
7380aa7a4eafd17c21cf315ae35fe288

SHA1
886747c7526627898bd36ff8b85869c9bf6718fc

SHA256
dba4ba13c058f89a92ff5afb2e9c77688bce5909499238b5c396d4308071ed88

SHA512
c4976712429d715adb7b4379d6e339e76557897117df2f9a920283ece5ca5bdabbf5ce0c3cda162a0a54bfc29ec8b979195689309a47ab00d800595e290f69a1

Download Submit
C:\Windows\Installer\MSI6F2B.tmp

Filesize
559KB

MD5
7380aa7a4eafd17c21cf315ae35fe288

SHA1
886747c7526627898bd36ff8b85869c9bf6718fc

SHA256
dba4ba13c058f89a92ff5afb2e9c77688bce5909499238b5c396d4308071ed88

SHA512
c4976712429d715adb7b4379d6e339e76557897117df2f9a920283ece5ca5bdabbf5ce0c3cda162a0a54bfc29ec8b979195689309a47ab00d800595e290f69a1

Download Submit
C:\Windows\Installer\MSI6F2B.tmp

Filesize
559KB

MD5
7380aa7a4eafd17c21cf315ae35fe288

SHA1
886747c7526627898bd36ff8b85869c9bf6718fc

SHA256
dba4ba13c058f89a92ff5afb2e9c77688bce5909499238b5c396d4308071ed88

SHA512
c4976712429d715adb7b4379d6e339e76557897117df2f9a920283ece5ca5bdabbf5ce0c3cda162a0a54bfc29ec8b979195689309a47ab00d800595e290f69a1

Download Submit
C:\Windows\Installer\MSI6FE7.tmp

Filesize
559KB

MD5
7380aa7a4eafd17c21cf315ae35fe288

SHA1
886747c7526627898bd36ff8b85869c9bf6718fc

SHA256
dba4ba13c058f89a92ff5afb2e9c77688bce5909499238b5c396d4308071ed88

SHA512
c4976712429d715adb7b4379d6e339e76557897117df2f9a920283ece5ca5bdabbf5ce0c3cda162a0a54bfc29ec8b979195689309a47ab00d800595e290f69a1

Download Submit
C:\Windows\Installer\MSI6FE7.tmp

Filesize
559KB

MD5
7380aa7a4eafd17c21cf315ae35fe288

SHA1
886747c7526627898bd36ff8b85869c9bf6718fc

SHA256
dba4ba13c058f89a92ff5afb2e9c77688bce5909499238b5c396d4308071ed88

SHA512
c4976712429d715adb7b4379d6e339e76557897117df2f9a920283ece5ca5bdabbf5ce0c3cda162a0a54bfc29ec8b979195689309a47ab00d800595e290f69a1

Download Submit
C:\Windows\Installer\MSI7056.tmp

Filesize
559KB

MD5
7380aa7a4eafd17c21cf315ae35fe288

SHA1
886747c7526627898bd36ff8b85869c9bf6718fc

SHA256
dba4ba13c058f89a92ff5afb2e9c77688bce5909499238b5c396d4308071ed88

SHA512
c4976712429d715adb7b4379d6e339e76557897117df2f9a920283ece5ca5bdabbf5ce0c3cda162a0a54bfc29ec8b979195689309a47ab00d800595e290f69a1

Download Submit
C:\Windows\Installer\MSI7056.tmp

Filesize
559KB

MD5
7380aa7a4eafd17c21cf315ae35fe288

SHA1
886747c7526627898bd36ff8b85869c9bf6718fc

SHA256
dba4ba13c058f89a92ff5afb2e9c77688bce5909499238b5c396d4308071ed88

SHA512
c4976712429d715adb7b4379d6e339e76557897117df2f9a920283ece5ca5bdabbf5ce0c3cda162a0a54bfc29ec8b979195689309a47ab00d800595e290f69a1

Download Submit
C:\Windows\Installer\MSI7102.tmp

Filesize
703KB

MD5
ae585caebd7faece019342026b304129

SHA1
8c512e6db9b0c9547fc0a6d3f3d1216e373d924e

SHA256
92dd2c1f1d19e1d96411d8afc81c29696d76abe6469a2d75200dd82a8fc164b4

SHA512
dbafd2b28356139f886ed7af3813bf7ee1e95709549b8bdbb3c52e17a213694af45096f369668e674a3295a1ba6ce3232dc8c213b29f24442a3c9e68e0d87313

Download Submit
C:\Windows\Installer\MSI7102.tmp

Filesize
703KB

MD5
ae585caebd7faece019342026b304129

SHA1
8c512e6db9b0c9547fc0a6d3f3d1216e373d924e

SHA256
92dd2c1f1d19e1d96411d8afc81c29696d76abe6469a2d75200dd82a8fc164b4

SHA512
dbafd2b28356139f886ed7af3813bf7ee1e95709549b8bdbb3c52e17a213694af45096f369668e674a3295a1ba6ce3232dc8c213b29f24442a3c9e68e0d87313

Download Submit
memory/240-214-0x0000000072F70000-0x00000000732E1000-memory.dmp

Filesize
3.4MB

Download
memory/240-213-0x0000000007430000-0x00000000078A6000-memory.dmp

Filesize
4.5MB

Download
memory/240-200-0x0000000072F70000-0x00000000732E1000-memory.dmp

Filesize
3.4MB

Download
memory/240-201-0x0000000005E30000-0x0000000005EEB000-memory.dmp

Filesize
748KB

Download
memory/240-207-0x0000000007430000-0x00000000078A6000-memory.dmp

Filesize
4.5MB

Download