3212aa98f6c8d67aa997a074578010b36d3df5d1a6d2055f5434ba8632fc260e

Analysis

max time kernel
145s
max time network
132s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
22-02-2023 21:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fdm_x64_setup.exe
Size

34.0MB
MD5

ca2ead342a22fcd891f73f99cba91005
SHA1

6e6470b49e9e9791acc6854b3d3823e97b058407
SHA256

3212aa98f6c8d67aa997a074578010b36d3df5d1a6d2055f5434ba8632fc260e
SHA512

39e8e285f3bc169ce3306cecf7a06317a93126dfce2d128acbb0a82d693d98ba0297601e258e4fa48ab8d2f235c6f8b5b648b48f15c02022e22893095a470bc6
SSDEEP

786432:5fzVFV7zFAsPBoyK32MlH8CSC9xSWEjh/dlCBS1Y/qemqa:/fWyKGMlcnelEdlO0YLa

Score

8^/10

discovery evasion persistence

Malware Config

Signatures

Modifies Windows Firewall 1 TTPs 2 IoCs
evasion

Modify Existing Service
T1031

Processes:

netsh.exenetsh.exe

pid process

3844 netsh.exe
4628 netsh.exe

pid	process
3844	netsh.exe
4628	netsh.exe

Executes dropped EXE 13 IoCs

Processes:

fdm_x64_setup.tmphelperservice.exefdm.exeimportwizard.exefdm5rhwin.exefdm5rhwin.exefdm.exeimportwizard.exeimportwizard.exefdm.exeimportwizard.exefdm.exeimportwizard.exe

pid	process
4804	fdm_x64_setup.tmp
3536	helperservice.exe
1964	fdm.exe
4568	importwizard.exe
856	fdm5rhwin.exe
4440	fdm5rhwin.exe
3320	fdm.exe
392	importwizard.exe
3824	importwizard.exe
936	fdm.exe
1720	importwizard.exe
992	fdm.exe
4428	importwizard.exe

Loads dropped DLL 64 IoCs

Processes:

helperservice.exefdm.exeimportwizard.exefdm.exe

pid	process
3536	helperservice.exe
3536	helperservice.exe
3536	helperservice.exe
3536	helperservice.exe
3536	helperservice.exe
3536	helperservice.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
4568	importwizard.exe
4568	importwizard.exe
4568	importwizard.exe
4568	importwizard.exe
4568	importwizard.exe
4568	importwizard.exe
4568	importwizard.exe
4568	importwizard.exe
4568	importwizard.exe
4568	importwizard.exe
4568	importwizard.exe
4568	importwizard.exe
4568	importwizard.exe
4568	importwizard.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1060

Modify Registry

T1112

Processes:

fdm.exe

description	ioc	process
Set value (str)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Free Download Manager = "\"C:\\Program Files\\Softdeluxe\\Free Download Manager\\fdm.exe\" --hidden"	fdm.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 64 IoCs

Processes:

fdm_x64_setup.tmp

description	ioc	process
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls\is-SVEJI.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\is-SR8E7.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\is-EFJ9Q.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls\is-MDRQU.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls\is-7E25A.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls.2\is-232TV.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls.2\Universal\is-LVDVL.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtGraphicalEffects\is-G5IVK.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls\is-7FKR2.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\Qt\labs\folderlistmodel\is-6A66G.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtGraphicalEffects\private\is-VVFBB.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls\Private\is-M7O87.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls.2\Fusion\is-DDDEB.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls.2\Universal\is-TPTUE.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\translations\is-OUTAQ.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtGraphicalEffects\is-U73OM.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls\Styles\Desktop\is-LAEAH.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls\Styles\Desktop\is-LF50G.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls.2\Universal\is-GELTO.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\translations\main\is-N6GRC.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\is-B2N3B.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls\is-T7OQQ.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls.2\Fusion\is-R3FRV.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Scene3D\is-D0L8S.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls.2\Imagine\is-115E5.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls.2\Material\is-TNOFO.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Dialogs\is-T2GT3.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\XmlListModel\is-HQQIV.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\bearer\is-CC3FK.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls\is-P6N67.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\translations\main\is-AJEBD.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\is-BLA5C.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\is-OU8IO.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls\is-6PTK8.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls.2\Fusion\is-65GPR.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Window.2\is-DVP1I.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls\Styles\Desktop\is-HB918.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Extras\is-MCN7H.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls\Styles\Base\is-758RL.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls\Styles\Desktop\is-740NF.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls.2\Fusion\is-GQEV2.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtGraphicalEffects\is-ADB16.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls\Private\is-BECCK.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls\Styles\Desktop\is-H3CNJ.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls.2\Material\is-EO0IT.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls.2\Universal\is-HBJP3.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Extras\is-S1DR6.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls\Styles\Base\images\is-5373G.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls.2\is-AK2HP.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\is-A4IDT.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls\Styles\Base\is-P7RC7.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls.2\Material\is-1E9T4.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls.2\Material\is-I9N08.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\translations\torrents\is-3T0OG.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\is-VPJA3.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\is-2O3BJ.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls\Private\is-2GGHP.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls\Styles\Desktop\is-NCE2F.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls.2\Fusion\is-AP296.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Dialogs\images\is-6T7OS.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Extras\Private\is-J2OLK.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls\is-L1U6I.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls\is-R5IDC.tmp	fdm_x64_setup.tmp
File created	C:\Program Files\Softdeluxe\Free Download Manager\QtQuick\Controls.2\is-J27BF.tmp	fdm_x64_setup.tmp

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082
Creates scheduled task(s) 1 TTPs 1 IoCs
Schtasks is often used by malware for persistence or to perform post-infection execution.
persistence

Scheduled Task
T1053

Processes:

schtasks.exe

pid process

552 schtasks.exe

pid	process
552	schtasks.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

msedge.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies Internet Explorer settings 1 TTPs 8 IoCs

adware spyware

Modify Registry

T1112

Processes:

fdm_x64_setup.tmp

description	ioc	process
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING\fdm.exe = "1"	fdm_x64_setup.tmp
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_GPU_RENDERING	fdm_x64_setup.tmp
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING\fdm.exe = "1"	fdm_x64_setup.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION	fdm_x64_setup.tmp
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\fdm.exe = "11000"	fdm_x64_setup.tmp
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION	fdm_x64_setup.tmp
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\fdm.exe = "11000"	fdm_x64_setup.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_GPU_RENDERING	fdm_x64_setup.tmp

Modifies registry class 18 IoCs

Processes:

fdm.exemsedge.exe

description	ioc	process
Set value (str)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\fdm\{17FF5AC0-1D17-4A53-A10F-85E3EFA3DF17}\icon	fdm.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\fdm	fdm.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\fdm\ = "URL:fdm link"	fdm.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\fdm\Content Type	fdm.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\fdm\DefaultIcon\	fdm.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\fdm\DefaultIcon\ = "\"C:\\Program Files\\Softdeluxe\\Free Download Manager\\fdm.exe\", 1"	fdm.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\fdm\shell\ = "open"	fdm.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\fdm\shell	fdm.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\fdm\{17FF5AC0-1D17-4A53-A10F-85E3EFA3DF17}\	fdm.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\fdm\URL Protocol	fdm.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\fdm\shell\open\command\	fdm.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\fdm\{17FF5AC0-1D17-4A53-A10F-85E3EFA3DF17}	fdm.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\fdm\{17FF5AC0-1D17-4A53-A10F-85E3EFA3DF17}\command	fdm.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\fdm\shell\	fdm.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\fdm\shell\open	fdm.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\fdm\shell\open\command	fdm.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\fdm\shell\open\command\ = "\"C:\\Program Files\\Softdeluxe\\Free Download Manager\\fdm.exe\" \"%1\""	fdm.exe

Suspicious behavior: AddClipboardFormatListener 4 IoCs

Processes:

fdm.exefdm.exefdm.exefdm.exe

pid process

1964 fdm.exe
3320 fdm.exe
936 fdm.exe
992 fdm.exe

Suspicious behavior: EnumeratesProcesses 14 IoCs

Processes:

fdm.exefdm5rhwin.exefdm5rhwin.exemsedge.exemsedge.exeidentity_helper.exefdm.exe

pid	process
1964	fdm.exe
1964	fdm.exe
856	fdm5rhwin.exe
856	fdm5rhwin.exe
4440	fdm5rhwin.exe
4440	fdm5rhwin.exe
3932	msedge.exe
3932	msedge.exe
4128	msedge.exe
4128	msedge.exe
4420	identity_helper.exe
4420	identity_helper.exe
3320	fdm.exe
3320	fdm.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

fdm.exe

pid process

3320 fdm.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

Processes:

msedge.exe

pid process

4128 msedge.exe
4128 msedge.exe
Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

fdm.exe

description pid process

Token: SeIncreaseQuotaPrivilege 1964 fdm.exe

pid	process
3320	fdm.exe

pid	process
4128	msedge.exe
4128	msedge.exe

description	pid	process
Token: SeIncreaseQuotaPrivilege	1964	fdm.exe

Suspicious use of FindShellTrayWindow 11 IoCs

Processes:

fdm_x64_setup.tmpmsedge.exefdm.exe

pid	process
4804	fdm_x64_setup.tmp
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe

Suspicious use of SendNotifyMessage 5 IoCs

Processes:

fdm.exe

pid process

3320 fdm.exe
3320 fdm.exe
3320 fdm.exe
3320 fdm.exe
3320 fdm.exe

pid	process
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe

Suspicious use of SetWindowsHookEx 42 IoCs

Processes:

helperservice.exefdm.exefdm.exefdm.exefdm.exe

pid	process
3536	helperservice.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
1964	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
936	fdm.exe
936	fdm.exe
936	fdm.exe
936	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
992	fdm.exe
992	fdm.exe
992	fdm.exe
992	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe
3320	fdm.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

fdm_x64_setup.exefdm_x64_setup.tmpfdm.exemsedge.exe

description	pid	process	target process
PID 2512 wrote to memory of 4804	2512	fdm_x64_setup.exe	fdm_x64_setup.tmp
PID 2512 wrote to memory of 4804	2512	fdm_x64_setup.exe	fdm_x64_setup.tmp
PID 2512 wrote to memory of 4804	2512	fdm_x64_setup.exe	fdm_x64_setup.tmp
PID 4804 wrote to memory of 3572	4804	fdm_x64_setup.tmp	schtasks.exe
PID 4804 wrote to memory of 3572	4804	fdm_x64_setup.tmp	schtasks.exe
PID 4804 wrote to memory of 552	4804	fdm_x64_setup.tmp	schtasks.exe
PID 4804 wrote to memory of 552	4804	fdm_x64_setup.tmp	schtasks.exe
PID 4804 wrote to memory of 1696	4804	fdm_x64_setup.tmp	schtasks.exe
PID 4804 wrote to memory of 1696	4804	fdm_x64_setup.tmp	schtasks.exe
PID 4804 wrote to memory of 4888	4804	fdm_x64_setup.tmp	schtasks.exe
PID 4804 wrote to memory of 4888	4804	fdm_x64_setup.tmp	schtasks.exe
PID 4804 wrote to memory of 1964	4804	fdm_x64_setup.tmp	fdm.exe
PID 4804 wrote to memory of 1964	4804	fdm_x64_setup.tmp	fdm.exe
PID 1964 wrote to memory of 4568	1964	fdm.exe	importwizard.exe
PID 1964 wrote to memory of 4568	1964	fdm.exe	importwizard.exe
PID 4128 wrote to memory of 1840	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 1840	4128	msedge.exe	msedge.exe
PID 4804 wrote to memory of 856	4804	fdm_x64_setup.tmp	fdm5rhwin.exe
PID 4804 wrote to memory of 856	4804	fdm_x64_setup.tmp	fdm5rhwin.exe
PID 4804 wrote to memory of 4440	4804	fdm_x64_setup.tmp	fdm5rhwin.exe
PID 4804 wrote to memory of 4440	4804	fdm_x64_setup.tmp	fdm5rhwin.exe
PID 4804 wrote to memory of 4628	4804	fdm_x64_setup.tmp	netsh.exe
PID 4804 wrote to memory of 4628	4804	fdm_x64_setup.tmp	netsh.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 4496	4128	msedge.exe	msedge.exe
PID 4128 wrote to memory of 3932	4128	msedge.exe	msedge.exe

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Users\Admin\AppData\Local\Temp\fdm_x64_setup.exe
"C:\Users\Admin\AppData\Local\Temp\fdm_x64_setup.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2512

C:\Users\Admin\AppData\Local\Temp\is-TQ8HO.tmp\fdm_x64_setup.tmp
"C:\Users\Admin\AppData\Local\Temp\is-TQ8HO.tmp\fdm_x64_setup.tmp" /SL5="$80062,34943088,780288,C:\Users\Admin\AppData\Local\Temp\fdm_x64_setup.exe"
2⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:4804

C:\Windows\SYSTEM32\schtasks.exe
"schtasks.exe" /end /tn FreeDownloadManagerHelperService
3⤵
PID:3572

C:\Windows\system32\schtasks.exe
"schtasks.exe" /create /RU SYSTEM /tn FreeDownloadManagerHelperService /f /xml "C:\Program Files\Softdeluxe\Free Download Manager\service.xml"
3⤵
- Creates scheduled task(s)
PID:552

C:\Windows\system32\schtasks.exe
"schtasks.exe" /change /tn FreeDownloadManagerHelperService /tr "\"C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe"\"
3⤵
PID:1696

C:\Windows\system32\schtasks.exe
"schtasks.exe" /run /tn FreeDownloadManagerHelperService
3⤵
PID:4888

C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe
"C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe" --install
3⤵
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1964

C:\Program Files\Softdeluxe\Free Download Manager\importwizard.exe
"C:\Program Files\Softdeluxe\Free Download Manager\importwizard" 3FE02402165644D986B63DE6638495E4
4⤵
- Executes dropped EXE
- Loads dropped DLL
PID:4568

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.freedownloadmanager.org/afterinstall.html?os=windows&osversion=10&osarchitecture=x86_64&architecture=x86_64&version=6.18.1.4920&uuid=80a56ea1-69e4-45d9-9d0c-7d00e257d3fd&locale=en_US&ac=1&au=1
4⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:4128

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffdace646f8,0x7ffdace64708,0x7ffdace64718
5⤵
PID:1840

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,7919381446043249394,7102506981809033715,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2188 /prefetch:2
5⤵
PID:4496

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,7919381446043249394,7102506981809033715,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
5⤵
- Suspicious behavior: EnumeratesProcesses
PID:3932

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,7919381446043249394,7102506981809033715,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2744 /prefetch:8
5⤵
PID:1788

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,7919381446043249394,7102506981809033715,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1
5⤵
PID:4100

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,7919381446043249394,7102506981809033715,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3436 /prefetch:1
5⤵
PID:1632

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,7919381446043249394,7102506981809033715,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5680 /prefetch:8
5⤵
PID:4984

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
5⤵
PID:2180

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x230,0x234,0x238,0x100,0x23c,0x7ff7841f5460,0x7ff7841f5470,0x7ff7841f5480
6⤵
PID:1276

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,7919381446043249394,7102506981809033715,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5680 /prefetch:8
5⤵
- Suspicious behavior: EnumeratesProcesses
PID:4420

C:\Program Files\Softdeluxe\Free Download Manager\fdm5rhwin.exe
"C:\Program Files\Softdeluxe\Free Download Manager\fdm5rhwin.exe" 21907CB0205CFF989F82C03684A01B86 phase1
3⤵
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
PID:856

C:\Windows\system32\netsh.exe
"netsh.exe" firewall add allowedprogram program="C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe" name="Free Download Manager" ENABLE scope=ALL profile=ALL
3⤵
- Modifies Windows Firewall
PID:4628

C:\Program Files\Softdeluxe\Free Download Manager\fdm5rhwin.exe
"C:\Program Files\Softdeluxe\Free Download Manager\fdm5rhwin.exe" 21907CB0205CFF989F82C03684A01B86 phase2
3⤵
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
PID:4440

C:\Windows\system32\netsh.exe
"netsh.exe" firewall add allowedprogram program="C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe" name="Free Download Manager" ENABLE scope=ALL profile=CURRENT
3⤵
- Modifies Windows Firewall
PID:3844

C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe
"C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe" --byinstaller
3⤵
- Executes dropped EXE
- Loads dropped DLL
- Modifies registry class
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:3320

C:\Program Files\Softdeluxe\Free Download Manager\importwizard.exe
"C:\Program Files\Softdeluxe\Free Download Manager\importwizard" 3FE02402165644D986B63DE6638495E4
4⤵
- Executes dropped EXE
PID:392

C:\Program Files\Softdeluxe\Free Download Manager\importwizard.exe
"C:\Program Files\Softdeluxe\Free Download Manager\importwizard" 3FE02402165644D986B63DE6638495E4 --printFdm5Setting=ExpectingUpdateToVersion
4⤵
- Executes dropped EXE
PID:3824

C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe
"C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
PID:3536

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3920

C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe
"C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe"
1⤵
- Executes dropped EXE
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
PID:936

C:\Program Files\Softdeluxe\Free Download Manager\importwizard.exe
"C:\Program Files\Softdeluxe\Free Download Manager\importwizard" 3FE02402165644D986B63DE6638495E4
2⤵
- Executes dropped EXE
PID:1720

C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe
"C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe"
1⤵
- Executes dropped EXE
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
PID:992

C:\Program Files\Softdeluxe\Free Download Manager\importwizard.exe
"C:\Program Files\Softdeluxe\Free Download Manager\importwizard" 3FE02402165644D986B63DE6638495E4
2⤵
- Executes dropped EXE
PID:4428

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

T1053

Persistence

Modify Existing Service

T1031

Registry Run Keys / Startup Folder

T1060

Scheduled Task

T1053

Privilege Escalation

Scheduled Task

T1053

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Softdeluxe\Free Download Manager\MSVCP140.dll

Filesize
553KB

MD5
6da7f4530edb350cf9d967d969ccecf8

SHA1
3e2681ea91f60a7a9ef2407399d13c1ca6aa71e9

SHA256
9fee6f36547d6f6ea7ca0338655555dba6bb0f798bc60334d29b94d1547da4da

SHA512
1f77f900215a4966f7f4e5d23b4aaad203136cb8561f4e36f03f13659fe1ff4b81caa75fef557c890e108f28f0484ad2baa825559114c0daa588cf1de6c1afab

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\Qt5Core.dll

Filesize
5.7MB

MD5
0e51ac35b4b2922288b956450a73cbab

SHA1
adee61361815b216ba5c6c3b1cab998f1093a06b

SHA256
3b2129169999b948ca6ef1931410c235ac2aece3088ff9fc486145dcf772dd46

SHA512
fd36ecf24fe17892817a3007d7cb1c730469f61e68c66ed2da090b9e84d782298d08849b80788f72e48e289332f6dbea7fa2222e7b9518165b0335643d710843

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\Qt5Core.dll

Filesize
5.7MB

MD5
0e51ac35b4b2922288b956450a73cbab

SHA1
adee61361815b216ba5c6c3b1cab998f1093a06b

SHA256
3b2129169999b948ca6ef1931410c235ac2aece3088ff9fc486145dcf772dd46

SHA512
fd36ecf24fe17892817a3007d7cb1c730469f61e68c66ed2da090b9e84d782298d08849b80788f72e48e289332f6dbea7fa2222e7b9518165b0335643d710843

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\Qt5Core.dll

Filesize
5.7MB

MD5
0e51ac35b4b2922288b956450a73cbab

SHA1
adee61361815b216ba5c6c3b1cab998f1093a06b

SHA256
3b2129169999b948ca6ef1931410c235ac2aece3088ff9fc486145dcf772dd46

SHA512
fd36ecf24fe17892817a3007d7cb1c730469f61e68c66ed2da090b9e84d782298d08849b80788f72e48e289332f6dbea7fa2222e7b9518165b0335643d710843

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\Qt5Gui.dll

Filesize
6.2MB

MD5
1273c387e80db82ee6a96ac4788da8f7

SHA1
d0ba5c2c54e535254fb1ac5866c32b4c1398e045

SHA256
90b1a7c47965eafcc896b99e9520198c097f60975b74884f1c2bc91a5ce88160

SHA512
3356e4da246a05aaa959002463835afc4154077e112acde6531b78bcaf32272f1d81d8b8aa8407d31bee48b1f439b57427874660386147729749efe790a2ada2

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\Qt5Gui.dll

Filesize
6.2MB

MD5
1273c387e80db82ee6a96ac4788da8f7

SHA1
d0ba5c2c54e535254fb1ac5866c32b4c1398e045

SHA256
90b1a7c47965eafcc896b99e9520198c097f60975b74884f1c2bc91a5ce88160

SHA512
3356e4da246a05aaa959002463835afc4154077e112acde6531b78bcaf32272f1d81d8b8aa8407d31bee48b1f439b57427874660386147729749efe790a2ada2

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\Qt5Multimedia.dll

Filesize
713KB

MD5
d51ad7b8a4f98a8f584989c2e72679e5

SHA1
4f8bfb1a5ff09cd29b11dbd7acb805061d416dee

SHA256
e36cde2154a75b2267cf5ba8ae659d7e0750e9ac985d6923db0335c1ed734b10

SHA512
aed79d5bd7f197af96e02f11de289c9062f64c3956b4c6d66098c6f78b3d0159e180a5afb1e7baa58ac0a7dca98a98f147bb1a9e1fa8a4b1bdf5da06f583e064

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\Qt5Multimedia.dll

Filesize
713KB

MD5
d51ad7b8a4f98a8f584989c2e72679e5

SHA1
4f8bfb1a5ff09cd29b11dbd7acb805061d416dee

SHA256
e36cde2154a75b2267cf5ba8ae659d7e0750e9ac985d6923db0335c1ed734b10

SHA512
aed79d5bd7f197af96e02f11de289c9062f64c3956b4c6d66098c6f78b3d0159e180a5afb1e7baa58ac0a7dca98a98f147bb1a9e1fa8a4b1bdf5da06f583e064

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\Qt5Network.dll

Filesize
1.3MB

MD5
20dc922278cd948ce6dbdcb74580f910

SHA1
1a34d4738955f99c17083fec22945b0d6af76f40

SHA256
f7c7a1ea2570d1238287470b479e384f87c39357d1a4b2eeedbf90901d9c3cbc

SHA512
90afc14985b51744e2f3ea11a0f6f0edc3c7306bf6e9539c9526adbed0caf47e2b19fa90b38a3269424f109adb80f2bd7394620a35360d5aeb0b3641eb92fb79

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\Qt5Network.dll

Filesize
1.3MB

MD5
20dc922278cd948ce6dbdcb74580f910

SHA1
1a34d4738955f99c17083fec22945b0d6af76f40

SHA256
f7c7a1ea2570d1238287470b479e384f87c39357d1a4b2eeedbf90901d9c3cbc

SHA512
90afc14985b51744e2f3ea11a0f6f0edc3c7306bf6e9539c9526adbed0caf47e2b19fa90b38a3269424f109adb80f2bd7394620a35360d5aeb0b3641eb92fb79

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\Qt5Network.dll

Filesize
1.3MB

MD5
20dc922278cd948ce6dbdcb74580f910

SHA1
1a34d4738955f99c17083fec22945b0d6af76f40

SHA256
f7c7a1ea2570d1238287470b479e384f87c39357d1a4b2eeedbf90901d9c3cbc

SHA512
90afc14985b51744e2f3ea11a0f6f0edc3c7306bf6e9539c9526adbed0caf47e2b19fa90b38a3269424f109adb80f2bd7394620a35360d5aeb0b3641eb92fb79

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\Qt5Qml.dll

Filesize
3.8MB

MD5
bb53b42e1676fcdb5d5e71664ca592ba

SHA1
a781aaf2600658e868ba6950721ad8ced6ffb6d4

SHA256
a473856364e00c6fc9c25508089f078665464a64d5b50c8a1b48a853709bcf23

SHA512
53e6f72516f71b54179935829d1b425a43e5e65a211759bb2f1ef44815d6cc0e09cc651919436402983b41e51dc683d45c4683ae7131a0aa056244d3508e4e48

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\Qt5Qml.dll

Filesize
3.8MB

MD5
bb53b42e1676fcdb5d5e71664ca592ba

SHA1
a781aaf2600658e868ba6950721ad8ced6ffb6d4

SHA256
a473856364e00c6fc9c25508089f078665464a64d5b50c8a1b48a853709bcf23

SHA512
53e6f72516f71b54179935829d1b425a43e5e65a211759bb2f1ef44815d6cc0e09cc651919436402983b41e51dc683d45c4683ae7131a0aa056244d3508e4e48

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\Qt5Quick.dll

Filesize
3.6MB

MD5
c01cab6389a0b21d61bb77e56fd898aa

SHA1
84153b02aec718ae0881158dec3c5de257ef89f7

SHA256
d93f6a371e4fd92740d0c46dbf4a9ac82f2e79444a34a36d0be82266ed4fd93a

SHA512
3a351b5d71a7b0711d9117bb0ed04ca194e77684bd57314939e5dcbc4430b0f6fb8865f2f3427e0c9c0a1e662048fbd79f020b7e64bd3e3e4759f83fab103d16

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\Qt5Quick.dll

Filesize
3.6MB

MD5
c01cab6389a0b21d61bb77e56fd898aa

SHA1
84153b02aec718ae0881158dec3c5de257ef89f7

SHA256
d93f6a371e4fd92740d0c46dbf4a9ac82f2e79444a34a36d0be82266ed4fd93a

SHA512
3a351b5d71a7b0711d9117bb0ed04ca194e77684bd57314939e5dcbc4430b0f6fb8865f2f3427e0c9c0a1e662048fbd79f020b7e64bd3e3e4759f83fab103d16

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\Qt5QuickControls2.dll

Filesize
175KB

MD5
83d2d8058e2beecfacecea3f773684ae

SHA1
410f95d0a5f550ed98ec072d1d039923b3b85cff

SHA256
c27ff75badc2ca3d60da3d5878aa777ae7ca2fb41ffd3931d65c390227a4bb3d

SHA512
b895eea653997753aca88c2df2dea8c79dd65314f38fc841103e5c286e2dc313063b9dfd951c4cf293ea18e38086d0a1f6714f5232d96d925acd1b0bc6ad5ab0

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\Qt5QuickControls2.dll

Filesize
175KB

MD5
83d2d8058e2beecfacecea3f773684ae

SHA1
410f95d0a5f550ed98ec072d1d039923b3b85cff

SHA256
c27ff75badc2ca3d60da3d5878aa777ae7ca2fb41ffd3931d65c390227a4bb3d

SHA512
b895eea653997753aca88c2df2dea8c79dd65314f38fc841103e5c286e2dc313063b9dfd951c4cf293ea18e38086d0a1f6714f5232d96d925acd1b0bc6ad5ab0

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\Qt5QuickTemplates2.dll

Filesize
1010KB

MD5
4760f98a8a40e6d07db6b8506553fb80

SHA1
a9ddcddf81358253dfdf86e210a63ff28d556587

SHA256
4f3267d1871cfcda6c9cdf7240c2189eaa7f96aa4967d98a660c4d5e9cc0b101

SHA512
1860ae685868b554008a1dab2e8d4fa34588cb503509fddcfb5366bd49143fcacd2ff8141023146787a55f5a1b0d1bab09b5f436035f26e3b48c463c4c58e1d1

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\Qt5QuickTemplates2.dll

Filesize
1010KB

MD5
4760f98a8a40e6d07db6b8506553fb80

SHA1
a9ddcddf81358253dfdf86e210a63ff28d556587

SHA256
4f3267d1871cfcda6c9cdf7240c2189eaa7f96aa4967d98a660c4d5e9cc0b101

SHA512
1860ae685868b554008a1dab2e8d4fa34588cb503509fddcfb5366bd49143fcacd2ff8141023146787a55f5a1b0d1bab09b5f436035f26e3b48c463c4c58e1d1

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\Qt5Sql.dll

Filesize
209KB

MD5
d780e35d89a9d5389b03e5181832af75

SHA1
23ffc88e2026871a299065d55eb21d3b67546418

SHA256
1b9435197ea13aac313106822d61f36ab107a48341e5d09408918bd0fc3bbe44

SHA512
bba506404e85243098aba6a39ad6dceb06669058842b5e0ddc884f95c749a722c4ed15b9f22f3810f73b0605343f39ff82ca71e4da9e8c4d8a95eb42d18cca45

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\Qt5Sql.dll

Filesize
209KB

MD5
d780e35d89a9d5389b03e5181832af75

SHA1
23ffc88e2026871a299065d55eb21d3b67546418

SHA256
1b9435197ea13aac313106822d61f36ab107a48341e5d09408918bd0fc3bbe44

SHA512
bba506404e85243098aba6a39ad6dceb06669058842b5e0ddc884f95c749a722c4ed15b9f22f3810f73b0605343f39ff82ca71e4da9e8c4d8a95eb42d18cca45

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\Qt5Widgets.dll

Filesize
5.3MB

MD5
91439f0387898388cb1a3150c5848d73

SHA1
d57b3c8bb6ae88f98add39890c9a8c3fdc2a0f55

SHA256
9e38324e796eb66200498dbfdcda8ac92f92155a9accdc6c97f92f475ea4c8c2

SHA512
8a282440d5b2ba67ef4d9f490c0ef93946b60351b4019cb247eac67da92398b55745f6325fe6ab7f62088132614cc9f6332726e532e692f0b709bdcaa3999bac

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\Qt5Widgets.dll

Filesize
5.3MB

MD5
91439f0387898388cb1a3150c5848d73

SHA1
d57b3c8bb6ae88f98add39890c9a8c3fdc2a0f55

SHA256
9e38324e796eb66200498dbfdcda8ac92f92155a9accdc6c97f92f475ea4c8c2

SHA512
8a282440d5b2ba67ef4d9f490c0ef93946b60351b4019cb247eac67da92398b55745f6325fe6ab7f62088132614cc9f6332726e532e692f0b709bdcaa3999bac

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\VCRUNTIME140.dll

Filesize
95KB

MD5
f34eb034aa4a9735218686590cba2e8b

SHA1
2bc20acdcb201676b77a66fa7ec6b53fa2644713

SHA256
9d2b40f0395cc5d1b4d5ea17b84970c29971d448c37104676db577586d4ad1b1

SHA512
d27d5e65e8206bd7923cf2a3c4384fec0fc59e8bc29e25f8c03d039f3741c01d1a8c82979d7b88c10b209db31fbbec23909e976b3ee593dc33481f0050a445af

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\VCRUNTIME140_1.dll

Filesize
36KB

MD5
135359d350f72ad4bf716b764d39e749

SHA1
2e59d9bbcce356f0fece56c9c4917a5cacec63d7

SHA256
34048abaa070ecc13b318cea31425f4ca3edd133d350318ac65259e6058c8b32

SHA512
cf23513d63ab2192c78cae98bd3fea67d933212b630be111fa7e03be3e92af38e247eb2d3804437fd0fda70fdc87916cd24cf1d3911e9f3bfb2cc4ab72b459ba

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\downloadsjsp.dll

Filesize
87KB

MD5
162788a111c3ee1937295a3827f68b7c

SHA1
d999f5ca96474f518faf371d3f63843114c80614

SHA256
cd147aefcd9339a24cc6cff4a961dfc6842423a503eb6f50284a6a3eaafc17f2

SHA512
08d9b858d7afa32776bed868a0787078a108deaf49cde71d03f8f2aa9beeb74e25002e328b1497d4ab418ebe9b96b15c15c6ca5e0906e1bbf256358825d8f7ac

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\downloadsjsp.dll

Filesize
87KB

MD5
162788a111c3ee1937295a3827f68b7c

SHA1
d999f5ca96474f518faf371d3f63843114c80614

SHA256
cd147aefcd9339a24cc6cff4a961dfc6842423a503eb6f50284a6a3eaafc17f2

SHA512
08d9b858d7afa32776bed868a0787078a108deaf49cde71d03f8f2aa9beeb74e25002e328b1497d4ab418ebe9b96b15c15c6ca5e0906e1bbf256358825d8f7ac

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\downloadsms.dll

Filesize
496KB

MD5
56693e67d67908997d885ce0bdacfa97

SHA1
f5cecfa55765ee4115beb21473fbd5975b15b6fd

SHA256
44ad96a7a555ccc19e07fb507b7a274194c4c7435ebd798019218175dc30c810

SHA512
65bb46eed9c4bb5f5f21f549251ae67e578164176afc2438396fc8e75a10fb5dece19d93036f5bb4515a3e91bbc7a16625438e2d208bdd8d5d5814e7f2b7c525

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\downloadsms.dll

Filesize
496KB

MD5
56693e67d67908997d885ce0bdacfa97

SHA1
f5cecfa55765ee4115beb21473fbd5975b15b6fd

SHA256
44ad96a7a555ccc19e07fb507b7a274194c4c7435ebd798019218175dc30c810

SHA512
65bb46eed9c4bb5f5f21f549251ae67e578164176afc2438396fc8e75a10fb5dece19d93036f5bb4515a3e91bbc7a16625438e2d208bdd8d5d5814e7f2b7c525

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe

Filesize
5.4MB

MD5
af0e1046e67ed95adbdb90668964d3ab

SHA1
c7ae52bd3214d8cf864dd95a0399ceb90120a62c

SHA256
3d20a3544dd4e5e606525f74c7e323144cf564dcb7a6b9e8e94c0845e6ec800e

SHA512
dd3f8b3025531506628526640aa46ac8c05d3a06eb97b6ff3b32e425ee85104a269b8d4f00d886fd649b34f69dfc270c26288bebc7bfdf8fd5e324fb3bf7c046

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe

Filesize
5.4MB

MD5
af0e1046e67ed95adbdb90668964d3ab

SHA1
c7ae52bd3214d8cf864dd95a0399ceb90120a62c

SHA256
3d20a3544dd4e5e606525f74c7e323144cf564dcb7a6b9e8e94c0845e6ec800e

SHA512
dd3f8b3025531506628526640aa46ac8c05d3a06eb97b6ff3b32e425ee85104a269b8d4f00d886fd649b34f69dfc270c26288bebc7bfdf8fd5e324fb3bf7c046

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe

Filesize
5.4MB

MD5
af0e1046e67ed95adbdb90668964d3ab

SHA1
c7ae52bd3214d8cf864dd95a0399ceb90120a62c

SHA256
3d20a3544dd4e5e606525f74c7e323144cf564dcb7a6b9e8e94c0845e6ec800e

SHA512
dd3f8b3025531506628526640aa46ac8c05d3a06eb97b6ff3b32e425ee85104a269b8d4f00d886fd649b34f69dfc270c26288bebc7bfdf8fd5e324fb3bf7c046

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe

Filesize
125KB

MD5
7cf96519fbb09c34d31cac4d272cfb76

SHA1
47da0b81bee168efd8e43598b739002d62c8a492

SHA256
1401ecd7535e0d38455b3229806525086021904b95336438d4c851347e2cf215

SHA512
af2a0bc3bc0f94650b4e7603bc20dcbfee74064a2b8d0f66108b2b01645a87008170f69d693d4f96f0438a41d9c627ec09ee5085ad4cd05a0fc8fb2af55bd8d2

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe

Filesize
125KB

MD5
7cf96519fbb09c34d31cac4d272cfb76

SHA1
47da0b81bee168efd8e43598b739002d62c8a492

SHA256
1401ecd7535e0d38455b3229806525086021904b95336438d4c851347e2cf215

SHA512
af2a0bc3bc0f94650b4e7603bc20dcbfee74064a2b8d0f66108b2b01645a87008170f69d693d4f96f0438a41d9c627ec09ee5085ad4cd05a0fc8fb2af55bd8d2

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\iconengines\qsvgicon.dll

Filesize
44KB

MD5
54f9023c9f25fc683f1b442c0b5a5734

SHA1
4c19a7aea2fa942ce54c4771af826a6ec97ea485

SHA256
d651ad610745fcc04f53d148bf1f592894688d9a8db2a4c6c0f7886a77a31df5

SHA512
9a76de4c0ef818609d5ed132b473009bad67451d0bd55aa24584a208902ca28b04e2fc40e609a845f3d1173c0bcd6e82ce73b7eb09f3e739caec6a180a2ba894

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\imageformats\qgif.dll

Filesize
40KB

MD5
1eea75d8c80d0863a1c31921eee4601c

SHA1
a534ebff8f14a3bd629cedd40acd81f7cddf7fbc

SHA256
eb52fb17a02f760565236987909c23c905baf2d0cdb876a13791edada6c563e1

SHA512
d2be14b97c9758d8185d586dd35df30f90c94252bf24d5f9e82db4cb623fdd7b234d6d97ba4951b263a1a210433a8eaf38d82238e29e34b516f09960d21be398

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\imageformats\qicns.dll

Filesize
49KB

MD5
411cc6b11eb112fe54b39685778cf3c9

SHA1
02b44edb0faf891be5d4a6dde767f8f8897c007e

SHA256
40c3798b27811fc27a1cbfba4c60bf32491c98c9ae2bca973ce3fcd2e11124bc

SHA512
a0953c004c0ff095683a6874638ec0bc06becb94a8d9b9636b8d748302c16615875df3b160eefc0f614007ac56dea555024a963abb0ea70012d657f11e6f549e

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\imageformats\qico.dll

Filesize
41KB

MD5
34af9a4b24c8f3fb83cb0d263693cab0

SHA1
d39c9835c9e2ac2d15e04ab5cedf1596847edd66

SHA256
5f77bdc72e5024cd8cca51ca1905a8d77cce99399ae7a0686d98abd3df5eb455

SHA512
b4a7d383e90bae66edca7641dd0b6d02972f37b5f58a4218c51f305a868da2efdc91dc394f1ebc8fb7a404181a4024fcbc55f280a0dc04841b2bc656c3a0a9f2

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\imageformats\qjpeg.dll

Filesize
447KB

MD5
90564a7bbd984f6072cff8a5938138af

SHA1
898ff55492067256e70d24f6694aa9bc1abbaa94

SHA256
b6f871cb7e0c859af7004ded62764362e91acc536c8b37cce16ebe3502761e81

SHA512
2e84eda9fa79fd1795719323e9959007812f140621f9e4aa06649632364c5d3b1759480053de1335669e1c0ffe50a84048daf45ff59b01a6b2b909741ec607cb

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\imageformats\qsvg.dll

Filesize
34KB

MD5
ff5681f9f75da2cee375295028456740

SHA1
6eda3e9155120f35c28b9dec36c1d1aac9e398cf

SHA256
6c1c18d3ee7234eb0c773130bf5ae2c4bb7e3a4534a84208faaed94f51cd16b3

SHA512
d4b3105c50fdf10fc76e275267eb63bd34bdf1f5f351eea7d4f759de734bc9b613feb960800b568c597fb859829e1553d7b383663727ebfd10701e3243f47bef

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\imageformats\qtga.dll

Filesize
33KB

MD5
1785d6b8b241dc51a499991fcec21dfd

SHA1
e5834ab7d9dc59752bb8f9a46a71fdc968298e6f

SHA256
d01376aa70bff757dd60aa25b5ac38e246baa77a6b80d1a91c0fa12e930f9507

SHA512
79d47bfdd7845f6887de78f35137f1ba7768fd6a6e7871bb4ab0aaa3ddee8db3ede693f4469bf64378e2d58677248935dd1bdd7c1e66ccb66f2f4e5b8ed9a210

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\libcrypto-1_1-x64.dll

Filesize
2.7MB

MD5
8bf7134fd7c7b9f79fbaa46a820565fd

SHA1
c82732c10a0f03ef1868d2ca6a8c42ec430a8a02

SHA256
a8f38398b8e95919ce4f4eb4ce9e2db432b5b8da00b531e2f1633795b3fa622a

SHA512
9d48c50a08236df337ace9f7546d3db392d980d6b86111da0f1b72848d9a7e74aa05ec9eb83f35c4c0570334f5c3b8460e1864eb2ad9a7ff5dc67d0206616e61

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\libcrypto-1_1-x64.dll

Filesize
2.7MB

MD5
8bf7134fd7c7b9f79fbaa46a820565fd

SHA1
c82732c10a0f03ef1868d2ca6a8c42ec430a8a02

SHA256
a8f38398b8e95919ce4f4eb4ce9e2db432b5b8da00b531e2f1633795b3fa622a

SHA512
9d48c50a08236df337ace9f7546d3db392d980d6b86111da0f1b72848d9a7e74aa05ec9eb83f35c4c0570334f5c3b8460e1864eb2ad9a7ff5dc67d0206616e61

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\libssl-1_1-x64.dll

Filesize
669KB

MD5
8915e476444729db9f0a1c2ec7501c87

SHA1
01aecb1cc1e6821132729e6eb366b37c7933b8d5

SHA256
9a99670dcb874b67b47927611a1546c590b07d0580b62be57b1fa9a3df7934e7

SHA512
e1e7c9142339260811d31a32b9e2b0a7a44959f778b898e03ae968d26c98d72ea0bf3cfbac054520d3fa7808088391abca4c5f96db0114ff8b27a146b4d0fe03

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\libssl-1_1-x64.dll

Filesize
669KB

MD5
8915e476444729db9f0a1c2ec7501c87

SHA1
01aecb1cc1e6821132729e6eb366b37c7933b8d5

SHA256
9a99670dcb874b67b47927611a1546c590b07d0580b62be57b1fa9a3df7934e7

SHA512
e1e7c9142339260811d31a32b9e2b0a7a44959f778b898e03ae968d26c98d72ea0bf3cfbac054520d3fa7808088391abca4c5f96db0114ff8b27a146b4d0fe03

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\logger.dll

Filesize
32KB

MD5
f86d67751f21fdf101048da34d3de812

SHA1
6a99f27ef16ce1025bde7c8a0e9780739b22adc0

SHA256
b4e28856c976425995e79f08fe39de72c6fddb6b53ece7c25bd3cc2b7ac43a5f

SHA512
e0829655fb0b5e17bda36bf93b5e1293efd88b86fca07a7e88f715996ff263b9ee3a72dd57f0cc0b0a5bf7856f17e6f9ecb71871c6f01deae361b87a86d82932

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\logger.dll

Filesize
32KB

MD5
f86d67751f21fdf101048da34d3de812

SHA1
6a99f27ef16ce1025bde7c8a0e9780739b22adc0

SHA256
b4e28856c976425995e79f08fe39de72c6fddb6b53ece7c25bd3cc2b7ac43a5f

SHA512
e0829655fb0b5e17bda36bf93b5e1293efd88b86fca07a7e88f715996ff263b9ee3a72dd57f0cc0b0a5bf7856f17e6f9ecb71871c6f01deae361b87a86d82932

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\msvcp140.dll

Filesize
553KB

MD5
6da7f4530edb350cf9d967d969ccecf8

SHA1
3e2681ea91f60a7a9ef2407399d13c1ca6aa71e9

SHA256
9fee6f36547d6f6ea7ca0338655555dba6bb0f798bc60334d29b94d1547da4da

SHA512
1f77f900215a4966f7f4e5d23b4aaad203136cb8561f4e36f03f13659fe1ff4b81caa75fef557c890e108f28f0484ad2baa825559114c0daa588cf1de6c1afab

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\msvcp140.dll

Filesize
553KB

MD5
6da7f4530edb350cf9d967d969ccecf8

SHA1
3e2681ea91f60a7a9ef2407399d13c1ca6aa71e9

SHA256
9fee6f36547d6f6ea7ca0338655555dba6bb0f798bc60334d29b94d1547da4da

SHA512
1f77f900215a4966f7f4e5d23b4aaad203136cb8561f4e36f03f13659fe1ff4b81caa75fef557c890e108f28f0484ad2baa825559114c0daa588cf1de6c1afab

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\platforms\qwindows.dll

Filesize
1.4MB

MD5
ac584cbeb327e9d2364873f451e074be

SHA1
eb2d7b7f38c880ae4bc4f32c50e10e73ee15c816

SHA256
1fa4d2f13d22d9a859503d7b7c87ba39d379d9a14afcea7299d572eabb2bdf57

SHA512
4fca1fa9494799f382318d329a3040bc067d55e7cd99be6d768e975fb585f61f8c1360908284bb04c055dcf21a164464305e9255d52b1c57a0cfc49eea003203

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\platforms\qwindows.dll

Filesize
1.4MB

MD5
ac584cbeb327e9d2364873f451e074be

SHA1
eb2d7b7f38c880ae4bc4f32c50e10e73ee15c816

SHA256
1fa4d2f13d22d9a859503d7b7c87ba39d379d9a14afcea7299d572eabb2bdf57

SHA512
4fca1fa9494799f382318d329a3040bc067d55e7cd99be6d768e975fb585f61f8c1360908284bb04c055dcf21a164464305e9255d52b1c57a0cfc49eea003203

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\quazip.dll

Filesize
203KB

MD5
9a08a2b7ec7edd0150e236104aa4d1f3

SHA1
b7ba88484afe6ad111f64db81519a1dc2ec68508

SHA256
d373c86239b2cb562f05dde6aa2086c7276239e138fafaad99ce8b3bd4ea2582

SHA512
684cc71fd090b24909e6bdfafb2bcb97e29450ea73f924cc3e9f5489d43ab86c310cd45056e31f387f59fe549fe19cc009fc2ba9f7e882f3e6d116cef26adb12

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\quazip.dll

Filesize
203KB

MD5
9a08a2b7ec7edd0150e236104aa4d1f3

SHA1
b7ba88484afe6ad111f64db81519a1dc2ec68508

SHA256
d373c86239b2cb562f05dde6aa2086c7276239e138fafaad99ce8b3bd4ea2582

SHA512
684cc71fd090b24909e6bdfafb2bcb97e29450ea73f924cc3e9f5489d43ab86c310cd45056e31f387f59fe549fe19cc009fc2ba9f7e882f3e6d116cef26adb12

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\service.xml

Filesize
2KB

MD5
85c61b85b0ffe2609b00379a5512790d

SHA1
2dfaf069df408819b06916381ac80b3ec097214c

SHA256
24f6062b8679b4140b5c15900deefa8ba187ed5e3c5cb8efc91b26b31769664d

SHA512
3a18c17ddcd10cd89d1c666134f13be6ed441fbe2c36a9567e894c0e1674232d5882e696ad2d385bd5eb4d50b6a1b4225bb992389aad93a77b203318293ca6fa

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\styles\qwindowsvistastyle.dll

Filesize
142KB

MD5
085087d668776333d78d87ff579fce87

SHA1
861af820e28c6070fa22defbb527e55cdbe3590f

SHA256
59f3183245e4ea6a93f04eb3dc7460b3911397cb5a9f7aa429921b7957b62684

SHA512
10b2492ec88f0682264169478b966cb6584276d4dfb6a49d62ce21dff68013b3d1e17cfc51c658f5773d5cb9b374ec90205f1ebd07db70e8f0c76a96cda80e2e

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\styles\qwindowsvistastyle.dll

Filesize
142KB

MD5
085087d668776333d78d87ff579fce87

SHA1
861af820e28c6070fa22defbb527e55cdbe3590f

SHA256
59f3183245e4ea6a93f04eb3dc7460b3911397cb5a9f7aa429921b7957b62684

SHA512
10b2492ec88f0682264169478b966cb6584276d4dfb6a49d62ce21dff68013b3d1e17cfc51c658f5773d5cb9b374ec90205f1ebd07db70e8f0c76a96cda80e2e

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\vcruntime140.dll

Filesize
95KB

MD5
f34eb034aa4a9735218686590cba2e8b

SHA1
2bc20acdcb201676b77a66fa7ec6b53fa2644713

SHA256
9d2b40f0395cc5d1b4d5ea17b84970c29971d448c37104676db577586d4ad1b1

SHA512
d27d5e65e8206bd7923cf2a3c4384fec0fc59e8bc29e25f8c03d039f3741c01d1a8c82979d7b88c10b209db31fbbec23909e976b3ee593dc33481f0050a445af

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\vcruntime140.dll

Filesize
95KB

MD5
f34eb034aa4a9735218686590cba2e8b

SHA1
2bc20acdcb201676b77a66fa7ec6b53fa2644713

SHA256
9d2b40f0395cc5d1b4d5ea17b84970c29971d448c37104676db577586d4ad1b1

SHA512
d27d5e65e8206bd7923cf2a3c4384fec0fc59e8bc29e25f8c03d039f3741c01d1a8c82979d7b88c10b209db31fbbec23909e976b3ee593dc33481f0050a445af

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\vcruntime140.dll

Filesize
95KB

MD5
f34eb034aa4a9735218686590cba2e8b

SHA1
2bc20acdcb201676b77a66fa7ec6b53fa2644713

SHA256
9d2b40f0395cc5d1b4d5ea17b84970c29971d448c37104676db577586d4ad1b1

SHA512
d27d5e65e8206bd7923cf2a3c4384fec0fc59e8bc29e25f8c03d039f3741c01d1a8c82979d7b88c10b209db31fbbec23909e976b3ee593dc33481f0050a445af

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\vcruntime140_1.dll

Filesize
36KB

MD5
135359d350f72ad4bf716b764d39e749

SHA1
2e59d9bbcce356f0fece56c9c4917a5cacec63d7

SHA256
34048abaa070ecc13b318cea31425f4ca3edd133d350318ac65259e6058c8b32

SHA512
cf23513d63ab2192c78cae98bd3fea67d933212b630be111fa7e03be3e92af38e247eb2d3804437fd0fda70fdc87916cd24cf1d3911e9f3bfb2cc4ab72b459ba

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\vcruntime140_1.dll

Filesize
36KB

MD5
135359d350f72ad4bf716b764d39e749

SHA1
2e59d9bbcce356f0fece56c9c4917a5cacec63d7

SHA256
34048abaa070ecc13b318cea31425f4ca3edd133d350318ac65259e6058c8b32

SHA512
cf23513d63ab2192c78cae98bd3fea67d933212b630be111fa7e03be3e92af38e247eb2d3804437fd0fda70fdc87916cd24cf1d3911e9f3bfb2cc4ab72b459ba

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\vmsclshared.dll

Filesize
481KB

MD5
c5ec998da72d44adcb50d1b6544d5b3f

SHA1
63bec20d94dcf6e7bf7dbea41cff16d7120c4fee

SHA256
bb6fd71add89ad693227233598e4cb47f0f6d7d08b8168459e810a662b1f7e30

SHA512
24f71dc08eb2a1b5abb1effc3d71e8c0059fcb8d745e3cc0a8b47be8499727814cf7f0b7d0532f6fa9f861d142d00cfa30b3f6ea15c7437bb4800d2b4ffa7813

Download Submit
C:\Program Files\Softdeluxe\Free Download Manager\vmsclshared.dll

Filesize
481KB

MD5
c5ec998da72d44adcb50d1b6544d5b3f

SHA1
63bec20d94dcf6e7bf7dbea41cff16d7120c4fee

SHA256
bb6fd71add89ad693227233598e4cb47f0f6d7d08b8168459e810a662b1f7e30

SHA512
24f71dc08eb2a1b5abb1effc3d71e8c0059fcb8d745e3cc0a8b47be8499727814cf7f0b7d0532f6fa9f861d142d00cfa30b3f6ea15c7437bb4800d2b4ffa7813

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0820611471c1bb55fa7be7430c7c6329

SHA1
5ce7a9712722684223aced2522764c1e3a43fbb9

SHA256
f00d04749a374843bd118b41f669f8b0a20d76526c34b554c3ccac5ebd2f4f75

SHA512
77ea022b4265f3962f5e07a0a790f428c885da0cc11be0975285ce0eee4a2eec0a7cda9ea8f366dc2a946679b5dd927c5f94b527de6515856b68b8d08e435148

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
425e83cc5a7b1f8edfbec7d986058b01

SHA1
432a90a25e714c618ff30631d9fdbe3606b0d0df

SHA256
060a2e5f65b8f3b79a8d4a0c54b877cfe032f558beb0888d6f810aaeef8579bd

SHA512
4bf074de60e7849ade26119ef778fe67ea47691efff45f3d5e0b25de2d06fcc6f95a2cfcdbed85759a5c078bb371fe57de725babda2f44290b4dc42d7b6001af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\88171aed-2121-4769-b2c7-7035dfb6fbb7.tmp

Filesize
70KB

MD5
e5e3377341056643b0494b6842c0b544

SHA1
d53fd8e256ec9d5cef8ef5387872e544a2df9108

SHA256
e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25

SHA512
83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
568754f56d5b94a8b9c402b5ff1b56bc

SHA1
3f2c2daecf69f7328a44b40d1d162bb897656259

SHA256
c905eb24e22d8a11f1ea2cd87ace475573b1858c08a1496f96c1d291df0a4a19

SHA512
d2359cfead2d8116b2fc577850243ad9a7c9c053672ce9b6dc198f35268c4a909751c55ec9a7a391325bacb788c7f1ae8d5c26f183e53b8a58b96f337af25df8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe577138.TMP

Filesize
48B

MD5
7e2480dc83c3379b0f85548ec11f7fab

SHA1
02a181bed8d3b5b91abef4d568a9b1612e6694a5

SHA256
cff604a68db9d274b86faf06a2788c44a29ba8c95dc590ff91a8a0897418959f

SHA512
a31d18f3a489cf6b776867f4084c497baa74e2f5b3846736362130eb2b6d17699e1ef715b214c48e29ea18160760f0b50fa61f9a1402b382ac8ac296f3148656

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000001.dbtmp

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk

Filesize
2KB

MD5
8b4497a11a824a950d56d171eae02335

SHA1
2b5a81e34b9ee161ad198abba06426760a21bdca

SHA256
05bf6f8374babbf9bc3940ee500ff39caaf5546c22c6f7664848f3a1595bb73d

SHA512
82b412a816ab93ec3ce7eb9a66a974d258014e1bd1a97a63842aa6733707879fd92b61d034f3c0868c0979163328735b6a30f092217f85e3263b939a39bab42b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
5d0df773243b7b35eb184ef885fe7ed1

SHA1
f839759de1d10af9946cc4c9399f04b2a500e624

SHA256
25ab2dfbdcba89134b7b952422077d85fb6fe87707137057b09a95281c729524

SHA512
62e5ea5fc058ee18c3f9f32cc1cc380b662a9430f79d9cf3821e3a7468f989d29d96448d6643ef85fad37285a220df6c601404e253e25566b1929395defd2908

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
4KB

MD5
b41452dd5c5c10d3b77bd4e647c382b0

SHA1
af25938a9fd3bc96dd479c438b62c7b29ebfd775

SHA256
db301805b07d02e54cd623dc9670ba07281ca4742e532916257b8e64f99e3e61

SHA512
b7fd97b3cf81bf718e8f32a5d6a9018f9ab687923a59c5b2dd05b1513e661e93cc0252a65aa37840c5ae99be2b8101fdc64d723ca45f3ef84d0a068172a13b20

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
15ed22075b3c068b9e83831fa0019205

SHA1
75ec8f898d76aecb56f66bd5e39cc7e921ee6501

SHA256
7a95fb526b84bd3d13b4de92a1687a8164e6e181e657d76be72ba454a9781485

SHA512
8d0beba2b9da12cf253f113f26b117b42cf1f9bfa56a793fb5e2eb70707146397a2d2aa6f9a5579938c102f9f2ea68a4c7e716535ff4920fa69029b73bbb123b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
5a291c9850e806179a9f39ae948ed098

SHA1
97711ac332839a6748d46c88a0beba6a0cde4c45

SHA256
e5c23928474fa7596d28827c1d00ddd46c030a8a16c4f53f0a6ab6da488e6c2e

SHA512
769791babbdf4ef9b3cfe732491355da19df9bdf3c3e900262bc25d9c36cc63f9eb1f20ffc03f1697c3a0df7deb9d561eb51639921e999d24af59662cec2b011

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
d53ac35ab3976e67caeed75c4d44ffc1

SHA1
c139ab66d75dc06f98ada34b5baf4d5693266176

SHA256
647867c7236bcb78b7d585b476d82a101a077fac43c78dc59e612253fbf69437

SHA512
391355c71734ded913239a6db10a3202087e756bccc8e29411108f21b3f2460d9a9c606619aadd785285be70eddcf61ef9519441cd387cd3823c1399a6967cc2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
9KB

MD5
dc64587341fc99f059240d8d53e9c7a1

SHA1
23517bdeeabff1cce6482827e4ea9747e8f2061a

SHA256
bdc1e544ed69e42566bd2f151a06ec085d6ff646bc1aa79e55872dd41f00f840

SHA512
7d89825763dd19d2387bd5fcf58035103c74af2611dc97ea5b276bdd4b8104001c67a5fa3fa8d4b1749b31c620300ae2a75ce22edce977d0e4a23c4cff180c22

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
70a00ff83faa810ff8213e97e01930b8

SHA1
d2cb1fede3f9c69f2e7ae17d490d691ac7b9fa7b

SHA256
e1f4c6ca1f616d765c7f0a5fc91a64da61ec3f6f0a0851105713d0ba6edf09c1

SHA512
1d5be165e491b622f20ad08d4b824631612b129cc77494e9f14a252997d02a2e12d88df221f54fd466c77edafbc638ace532aaa88c3988c210f8fb02080e2202

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Softdeluxe\Free Download Manager\settings.ini.QOMZwk

Filesize
87B

MD5
4ace69409559c05d4cc059ba48c43d1a

SHA1
11f6896110280d2886101774be7e5346bb3753f1

SHA256
f1d372e23a2a6ab6323953082584ec4d3062d8869a5570505b4244dd3a3b1bd4

SHA512
bf0f13c7adc07e4caaae5461e9e89a868aa9e1eff66810efc53f2e1679e2e15c58e482a3a98a5c2825c3efa96255c126227258876f9d3d3cd97e34afc662d6ab

Download Submit
C:\Users\Admin\AppData\Local\Softdeluxe\Free Download Manager\settings.ini.lock

Filesize
56B

MD5
bc985e4aee37a57ce26e5909701b8258

SHA1
df6e0ab2e702a717bfda68814bddee8521b47653

SHA256
ee767f1ba491663317494a8e7b9e222b4b0a340f7ad4f8bebccfb9873465d6b2

SHA512
4a4618021d286b5dc92f7076f072e3a3863bb8a5e90769f5d0426d2f4bac7f5375601991b5683759c9ba639aaa772dfb57d12770da25578a7596fc113e5b0b6e

Download Submit
C:\Users\Admin\AppData\Local\Softdeluxe\Free Download Manager\settings.ini.xkrkkv

Filesize
229B

MD5
22cd59fc180677d7dc421281952a5233

SHA1
ec38fe529b7a447a89b1edd548a593b3cf293435

SHA256
0bf378a070729b324402277bb512dbbd3497b9bb728db110df17c76fac2fbf64

SHA512
8e0b4cb03fdb33f45681d5fa8970f8f21438270c1c4240f731f8054e57c86858665c696068a24e87f16c46182f6f4866b6d8caf49775ed375e36146d9ebbf429

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-TQ8HO.tmp\fdm_x64_setup.tmp

Filesize
2.5MB

MD5
869c50863faef0fa7052b5551698ed58

SHA1
feb12f73e0a68d43db51a35f04be3f9d2aac90a3

SHA256
7e49962115092d3709b9a3e68934972931bb900f23bf4b42ac90d250725e7d4e

SHA512
19076555396601758b0b62a9b9fc68bb96b83387c5a345c3e68f5794b67c45bec7905654fe1243e2daf3ae8fe11c2ad243e962633370535a7a3f41bcb7fec1df

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-TQ8HO.tmp\fdm_x64_setup.tmp

Filesize
2.5MB

MD5
869c50863faef0fa7052b5551698ed58

SHA1
feb12f73e0a68d43db51a35f04be3f9d2aac90a3

SHA256
7e49962115092d3709b9a3e68934972931bb900f23bf4b42ac90d250725e7d4e

SHA512
19076555396601758b0b62a9b9fc68bb96b83387c5a345c3e68f5794b67c45bec7905654fe1243e2daf3ae8fe11c2ad243e962633370535a7a3f41bcb7fec1df

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
3KB

MD5
122a4113aee72698bcb708f5b5ca8e18

SHA1
6f6d6fef4379f9fe7d9c28ec8fe29d921dfeb79c

SHA256
e87ce483b87ace5cc84859b9a1f081220ade71bfde6abeea86e86aad55c4a391

SHA512
e160a746a4a7c705140f9efe33f8d8305057dccf3d7c2822d5bd98d7e0cd4c16ef94552e065bdcbb5fbd69bbcb4c9721c50a71a2b2cbe449ee1393f98deaa3a4

Download Submit
memory/392-2527-0x00007FFDAB0A0000-0x00007FFDAB5F5000-memory.dmp

Filesize
5.3MB

Download
memory/936-2900-0x000001F8E3DB0000-0x000001F8E3DC0000-memory.dmp

Filesize
64KB

Download
memory/936-2622-0x00007FFDAB770000-0x00007FFDABB18000-memory.dmp

Filesize
3.7MB

Download
memory/936-2621-0x00007FF654740000-0x00007FF654CB4000-memory.dmp

Filesize
5.5MB

Download
memory/936-2629-0x00007FFDAB0A0000-0x00007FFDAB5F5000-memory.dmp

Filesize
5.3MB

Download
memory/992-3061-0x00007FFDAB770000-0x00007FFDABB18000-memory.dmp

Filesize
3.7MB

Download
memory/992-3065-0x00007FFDAB0A0000-0x00007FFDAB5F5000-memory.dmp

Filesize
5.3MB

Download
memory/992-3060-0x00007FF654740000-0x00007FF654CB4000-memory.dmp

Filesize
5.5MB

Download
memory/992-3206-0x0000014FC2520000-0x0000014FC2530000-memory.dmp

Filesize
64KB

Download
memory/1720-2759-0x00007FFDAB0A0000-0x00007FFDAB5F5000-memory.dmp

Filesize
5.3MB

Download
memory/1964-2183-0x0000028872C50000-0x00000288740A2000-memory.dmp

Filesize
20.3MB

Download
memory/1964-2091-0x00007FF654740000-0x00007FF654CB4000-memory.dmp

Filesize
5.5MB

Download
memory/1964-2093-0x00007FFDAA350000-0x00007FFDAA8A5000-memory.dmp

Filesize
5.3MB

Download
memory/1964-2090-0x00007FFDAB420000-0x00007FFDAB7C8000-memory.dmp

Filesize
3.7MB

Download
memory/2512-133-0x0000000000400000-0x00000000004CC000-memory.dmp

Filesize
816KB

Download
memory/2512-140-0x0000000000400000-0x00000000004CC000-memory.dmp

Filesize
816KB

Download
memory/2512-2526-0x0000000000400000-0x00000000004CC000-memory.dmp

Filesize
816KB

Download
memory/3320-3100-0x000001C5D8280000-0x000001C5D8281000-memory.dmp

Filesize
4KB

Download
memory/3320-3124-0x000001C5D8280000-0x000001C5D8281000-memory.dmp

Filesize
4KB

Download
memory/3320-2586-0x000001C5D5DB0000-0x000001C5D61F0000-memory.dmp

Filesize
4.2MB

Download
memory/3320-2588-0x000001C5D61F0000-0x000001C5D63F0000-memory.dmp

Filesize
2.0MB

Download
memory/3320-2590-0x000001C5D4920000-0x000001C5D4930000-memory.dmp

Filesize
64KB

Download
memory/3320-2524-0x00007FFDAB0A0000-0x00007FFDAB5F5000-memory.dmp

Filesize
5.3MB

Download
memory/3320-4617-0x000001C5DC180000-0x000001C5DC181000-memory.dmp

Filesize
4KB

Download
memory/3320-2522-0x00007FF654740000-0x00007FF654CB4000-memory.dmp

Filesize
5.5MB

Download
memory/3320-2523-0x00007FFDAB770000-0x00007FFDABB18000-memory.dmp

Filesize
3.7MB

Download
memory/3320-3133-0x000001C5D8620000-0x000001C5D8621000-memory.dmp

Filesize
4KB

Download
memory/3320-3132-0x000001C5D8620000-0x000001C5D8621000-memory.dmp

Filesize
4KB

Download
memory/3320-3131-0x000001C5D8620000-0x000001C5D8621000-memory.dmp

Filesize
4KB

Download
memory/3320-3126-0x000001C5D8620000-0x000001C5D8621000-memory.dmp

Filesize
4KB

Download
memory/3320-3099-0x000001C5D5910000-0x000001C5D5DA1000-memory.dmp

Filesize
4.6MB

Download
memory/3320-3130-0x000001C5D8280000-0x000001C5D8281000-memory.dmp

Filesize
4KB

Download
memory/3320-3101-0x000001C5D8280000-0x000001C5D8281000-memory.dmp

Filesize
4KB

Download
memory/3320-3102-0x000001C5D8280000-0x000001C5D8281000-memory.dmp

Filesize
4KB

Download
memory/3320-3103-0x000001C5D8280000-0x000001C5D8281000-memory.dmp

Filesize
4KB

Download
memory/3320-3104-0x000001C5D8280000-0x000001C5D8281000-memory.dmp

Filesize
4KB

Download
memory/3320-3105-0x000001C5D8280000-0x000001C5D8281000-memory.dmp

Filesize
4KB

Download
memory/3320-3106-0x000001C5D8280000-0x000001C5D8281000-memory.dmp

Filesize
4KB

Download
memory/3320-3107-0x000001C5D8280000-0x000001C5D8281000-memory.dmp

Filesize
4KB

Download
memory/3320-3122-0x000001C5D8280000-0x000001C5D8281000-memory.dmp

Filesize
4KB

Download
memory/3320-3110-0x000001C5D8280000-0x000001C5D8281000-memory.dmp

Filesize
4KB

Download
memory/3320-3112-0x000001C5D8280000-0x000001C5D8281000-memory.dmp

Filesize
4KB

Download
memory/3320-3111-0x000001C5D8280000-0x000001C5D8281000-memory.dmp

Filesize
4KB

Download
memory/3320-3108-0x000001C5D8280000-0x000001C5D8281000-memory.dmp

Filesize
4KB

Download
memory/3320-3113-0x000001C5D8280000-0x000001C5D8281000-memory.dmp

Filesize
4KB

Download
memory/3320-3116-0x000001C5D8280000-0x000001C5D8281000-memory.dmp

Filesize
4KB

Download
memory/3824-2579-0x00007FFDAB0A0000-0x00007FFDAB5F5000-memory.dmp

Filesize
5.3MB

Download
memory/4428-3109-0x00007FFDAB0A0000-0x00007FFDAB5F5000-memory.dmp

Filesize
5.3MB

Download
memory/4496-2198-0x00007FFDC9190000-0x00007FFDC9191000-memory.dmp

Filesize
4KB

Download
memory/4568-2108-0x00007FFDAA350000-0x00007FFDAA8A5000-memory.dmp

Filesize
5.3MB

Download
memory/4804-142-0x0000000000C80000-0x0000000000C81000-memory.dmp

Filesize
4KB

Download
memory/4804-141-0x0000000000400000-0x0000000000682000-memory.dmp

Filesize
2.5MB

Download
memory/4804-138-0x0000000000C80000-0x0000000000C81000-memory.dmp

Filesize
4KB

Download
memory/4804-2186-0x0000000000400000-0x0000000000682000-memory.dmp

Filesize
2.5MB

Download
memory/4804-2315-0x0000000000400000-0x0000000000682000-memory.dmp

Filesize
2.5MB

Download
memory/4804-265-0x0000000000400000-0x0000000000682000-memory.dmp

Filesize
2.5MB

Download
memory/4804-2054-0x0000000000400000-0x0000000000682000-memory.dmp

Filesize
2.5MB

Download
memory/4804-2525-0x0000000000400000-0x0000000000682000-memory.dmp

Filesize
2.5MB

Download