361e7727bfb51972b18bf5178f5c59bae195c07813a3f5ef96bdea5f82881bf0

Analysis

max time kernel
83s
max time network
81s
platform
windows7_x64
resource
win7-20230220-es
resource tags

arch:x64arch:x86image:win7-20230220-eslocale:es-esos:windows7-x64systemwindows
submitted
04/03/2023, 17:49

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

FurMark_1.33.0.0_Setup.exe
Size

14.2MB
MD5

ae967438546a8e387cd8f0d45767b81a
SHA1

e8acec7b59da003b09653d5909ee65b5c6d469da
SHA256

361e7727bfb51972b18bf5178f5c59bae195c07813a3f5ef96bdea5f82881bf0
SHA512

f6295e940868b707354513694eda6568ca7f6465501dae6a458187a989be41fb049b898626470ec79f6645aa079a302ac5d3700a6644ae5624eb7b32a3520c03
SSDEEP

393216:gKl4QZECX2gW4i++azueG8cuNbWiPRrVO:gKlfCCmg1gbXuNqiPlM

Score

7^/10

discovery upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 2 IoCs

Detects file using ACProtect software.

resource	yara_rule
behavioral1/files/0x0006000000014502-134.dat	acprotect
behavioral1/files/0x0006000000014502-133.dat	acprotect

Executes dropped EXE 2 IoCs

pid	Process
1684	FurMark_1.33.0.0_Setup.tmp
1200	FurMark.exe

Loads dropped DLL 7 IoCs

pid	Process
1096	FurMark_1.33.0.0_Setup.exe
1684	FurMark_1.33.0.0_Setup.tmp
1684	FurMark_1.33.0.0_Setup.tmp
1684	FurMark_1.33.0.0_Setup.tmp
1684	FurMark_1.33.0.0_Setup.tmp
1200	FurMark.exe
1200	FurMark.exe

UPX packed file 5 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/files/0x0006000000014502-134.dat	upx
behavioral1/files/0x0006000000014502-133.dat	upx
behavioral1/memory/1200-136-0x0000000010000000-0x00000000102A8000-memory.dmp	upx
behavioral1/memory/1200-142-0x0000000010000000-0x00000000102A8000-memory.dmp	upx
behavioral1/memory/1200-612-0x0000000010000000-0x00000000102A8000-memory.dmp	upx

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 31 IoCs

description	ioc	Process
File opened for modification	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\FreeImage.dll	FurMark_1.33.0.0_Setup.tmp
File opened for modification	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\core3d.dll	FurMark_1.33.0.0_Setup.tmp
File created	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\is-2LBHE.tmp	FurMark_1.33.0.0_Setup.tmp
File created	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\is-P6Q08.tmp	FurMark_1.33.0.0_Setup.tmp
File created	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\is-9VCSL.tmp	FurMark_1.33.0.0_Setup.tmp
File created	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\sound\is-4S2B9.tmp	FurMark_1.33.0.0_Setup.tmp
File opened for modification	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\gpushark.exe	FurMark_1.33.0.0_Setup.tmp
File created	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\unins000.dat	FurMark_1.33.0.0_Setup.tmp
File created	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\is-Q71D5.tmp	FurMark_1.33.0.0_Setup.tmp
File created	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\is-CMJSR.tmp	FurMark_1.33.0.0_Setup.tmp
File created	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\is-NCG92.tmp	FurMark_1.33.0.0_Setup.tmp
File created	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\is-CRB11.tmp	FurMark_1.33.0.0_Setup.tmp
File opened for modification	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\FurMark.exe	FurMark_1.33.0.0_Setup.tmp
File opened for modification	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\gpuz.exe	FurMark_1.33.0.0_Setup.tmp
File created	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\is-K37TP.tmp	FurMark_1.33.0.0_Setup.tmp
File opened for modification	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\zlib1.dll	FurMark_1.33.0.0_Setup.tmp
File created	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\is-U1J8P.tmp	FurMark_1.33.0.0_Setup.tmp
File created	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\is-01MRP.tmp	FurMark_1.33.0.0_Setup.tmp
File created	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\is-00T6S.tmp	FurMark_1.33.0.0_Setup.tmp
File opened for modification	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\unins000.dat	FurMark_1.33.0.0_Setup.tmp
File opened for modification	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\cpuburner.exe	FurMark_1.33.0.0_Setup.tmp
File created	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\is-C4E23.tmp	FurMark_1.33.0.0_Setup.tmp
File created	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\screenshots\is-0A861.tmp	FurMark_1.33.0.0_Setup.tmp
File opened for modification	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\FurMark_0001.txt	FurMark.exe
File created	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\is-R35RF.tmp	FurMark_1.33.0.0_Setup.tmp
File created	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\is-R9E5M.tmp	FurMark_1.33.0.0_Setup.tmp
File created	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\is-9NLHP.tmp	FurMark_1.33.0.0_Setup.tmp
File created	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\is-LG2HJ.tmp	FurMark_1.33.0.0_Setup.tmp
File created	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\is-L88QQ.tmp	FurMark_1.33.0.0_Setup.tmp
File created	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\is-D6OP4.tmp	FurMark_1.33.0.0_Setup.tmp
File created	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\is-DRPNK.tmp	FurMark_1.33.0.0_Setup.tmp

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	FurMark.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	FurMark.exe

Modifies Internet Explorer settings 1 TTPs 25 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{62B54EA1-BABD-11ED-84E7-7A574369CBCF} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\MINIE	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\MINIE\TabBandWidth = "500"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3430344531-3702557399-3004411149-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1684	FurMark_1.33.0.0_Setup.tmp
1684	FurMark_1.33.0.0_Setup.tmp

Suspicious use of FindShellTrayWindow 2 IoCs

pid	Process
1684	FurMark_1.33.0.0_Setup.tmp
1736	iexplore.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
1736	iexplore.exe
1736	iexplore.exe
916	IEXPLORE.EXE
916	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 19 IoCs

description	pid	Process	procid_target
PID 1096 wrote to memory of 1684	1096	FurMark_1.33.0.0_Setup.exe	28
PID 1096 wrote to memory of 1684	1096	FurMark_1.33.0.0_Setup.exe	28
PID 1096 wrote to memory of 1684	1096	FurMark_1.33.0.0_Setup.exe	28
PID 1096 wrote to memory of 1684	1096	FurMark_1.33.0.0_Setup.exe	28
PID 1096 wrote to memory of 1684	1096	FurMark_1.33.0.0_Setup.exe	28
PID 1096 wrote to memory of 1684	1096	FurMark_1.33.0.0_Setup.exe	28
PID 1096 wrote to memory of 1684	1096	FurMark_1.33.0.0_Setup.exe	28
PID 1684 wrote to memory of 1200	1684	FurMark_1.33.0.0_Setup.tmp	29
PID 1684 wrote to memory of 1200	1684	FurMark_1.33.0.0_Setup.tmp	29
PID 1684 wrote to memory of 1200	1684	FurMark_1.33.0.0_Setup.tmp	29
PID 1684 wrote to memory of 1200	1684	FurMark_1.33.0.0_Setup.tmp	29
PID 1684 wrote to memory of 1736	1684	FurMark_1.33.0.0_Setup.tmp	30
PID 1684 wrote to memory of 1736	1684	FurMark_1.33.0.0_Setup.tmp	30
PID 1684 wrote to memory of 1736	1684	FurMark_1.33.0.0_Setup.tmp	30
PID 1684 wrote to memory of 1736	1684	FurMark_1.33.0.0_Setup.tmp	30
PID 1736 wrote to memory of 916	1736	iexplore.exe	32
PID 1736 wrote to memory of 916	1736	iexplore.exe	32
PID 1736 wrote to memory of 916	1736	iexplore.exe	32
PID 1736 wrote to memory of 916	1736	iexplore.exe	32

C:\Users\Admin\AppData\Local\Temp\FurMark_1.33.0.0_Setup.exe
"C:\Users\Admin\AppData\Local\Temp\FurMark_1.33.0.0_Setup.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1096
- C:\Users\Admin\AppData\Local\Temp\is-R4JT1.tmp\FurMark_1.33.0.0_Setup.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-R4JT1.tmp\FurMark_1.33.0.0_Setup.tmp" /SL5="$70138,14036904,832512,C:\Users\Admin\AppData\Local\Temp\FurMark_1.33.0.0_Setup.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Drops file in Program Files directory
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:1684
- - C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\FurMark.exe
    "C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\FurMark.exe"
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Drops file in Program Files directory
    - Checks processor information in registry
    PID:1200
- - C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://ozone3d.net/redirect.php?id=201
    3⤵
    - Modifies Internet Explorer settings
    - Suspicious use of FindShellTrayWindow
    - Suspicious use of SetWindowsHookEx
    - Suspicious use of WriteProcessMemory
    PID:1736
  - - C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1736 CREDAT:275457 /prefetch:2
      4⤵
      Modifies Internet Explorer settings
      Suspicious use of SetWindowsHookEx
      PID:916

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\FreeImage.dll

Filesize
889KB

MD5
cb1c50b16863e835371a2a8fcea3a653

SHA1
9b98f2aefe5a2d7f7b27d0cf3422746a54635cec

SHA256
a2ed0dd0a52847645a05a2c61f64284cb5cbefa9cd8e168af5e8c6138ef7fe4b

SHA512
df619f4f85cd9bd464e9216f7b6a9414898cf7f5e293a741f033b5a7259da94e0b65860b8b3ca244afdb8eee93a9cfbe56af88d742760aa00353332897fe06de

Download Submit
C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\FurMark.exe

Filesize
2.9MB

MD5
7fbc9fb3913607ba9f7b91bfe50c6d8d

SHA1
f0dda8e236e30883955b5b3462ea91e85091d07b

SHA256
890e9a996e749035c510b327a00acd37021a76e6ce9c95cb2210c8d51f053418

SHA512
881caebb81430558e86114592e2875c7bc6edc4d08b4feaadd322532478af0af250b8140043b09f15578d61f2f2c5dd795c416e979ae8d8cbe6c1cf790717332

Download Submit
C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\FurMark.exe

Filesize
2.9MB

MD5
7fbc9fb3913607ba9f7b91bfe50c6d8d

SHA1
f0dda8e236e30883955b5b3462ea91e85091d07b

SHA256
890e9a996e749035c510b327a00acd37021a76e6ce9c95cb2210c8d51f053418

SHA512
881caebb81430558e86114592e2875c7bc6edc4d08b4feaadd322532478af0af250b8140043b09f15578d61f2f2c5dd795c416e979ae8d8cbe6c1cf790717332

Download Submit
C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\core3d.dll

Filesize
2.0MB

MD5
dc8c84bcffcd54c3f9d3f078a1907b84

SHA1
322b30f3ad527f06ab438c51121c7a1165c497ef

SHA256
07cb52467d1faaeab0bb3aff6a3f6e9bfb0c2f699db36b00beec137dbf652a63

SHA512
6ff46c9ae3475f7a79d8361b3b9862d2e3e3de465f17c57026a960685ec533bd238c7d5eeb08d3bab9ad619b1619e785d4763b487f1c474d58263167884ebcdb

Download Submit
C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\startup_options.xml

Filesize
1013B

MD5
b913978e5db3eaedc60d2e93b2e6880a

SHA1
4030fe568631e2b58839d0ba4c4211a94c0e6eb9

SHA256
f1542becf5b77d8eccb869b7f16f92f5ee9d602bc74f72adf9f132ef81dd2ef3

SHA512
54cb0886d3e9386492d63b6f6383820078d3afc0e1ce292efc7fa0c2adf05077757654dfa39eba54beeea11c6324a8a5a1a72649343088cd7e22238c6de820ba

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
1KB

MD5
eb736241bbd2b4d9ab4b321b271555d2

SHA1
b50e96b3ef5ea3cde9b43c6ddc0c4c6f277a0097

SHA256
9f320f00f68373486579b265849e7906fdb65bc01a3d09fc7fc4bad337793b23

SHA512
5617f7b939345ae03a5b7c48f04c10ee3f3249843b2585199ea4c37839118b852fd2fbec83b0e8e4e27db1f16a329f9fff4948482e60e68bff1a86e3204565a3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
61KB

MD5
e71c8443ae0bc2e282c73faead0a6dd3

SHA1
0c110c1b01e68edfacaeae64781a37b1995fa94b

SHA256
95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

SHA512
b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

Filesize
724B

MD5
f569e1d183b84e8078dc456192127536

SHA1
30c537463eed902925300dd07a87d820a713753f

SHA256
287bc80237497eb8681dbf136a56cc3870dd5bd12d48051525a280ae62aab413

SHA512
49553b65a8e3fc0bf98c1bc02bae5b22188618d8edf8e88e4e25932105796956ae8301c63c487e0afe368ea39a4a2af07935a808f5fb53287ef9287bc73e1012

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
410B

MD5
356685b220a8f1e0ed144e56d96d2c0f

SHA1
cf65d2a593f0e630066f3c5f4dab5b45b1dedac5

SHA256
3b9ada417aac91ea93b53ef81372dbffa26dced53c98c2f507270928009c79d9

SHA512
ca0c93cafe089fcc16ee521c92e74e48743cde9d818796cfbb13bb40528e2427316eb7a62cc77c1c1f20a06711362762498b43e6fb4a19048d260bc4146e0c4e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
410B

MD5
32598dd8c25d5a11f970c83cc30c65ba

SHA1
dbca9e2436c16b2a94d7da103991e262c88b5951

SHA256
b7ad7f52b2aaa40896b8fed0e4578230efef9b11f01abc7eb79c14ffcef31cd7

SHA512
1cdca0d68757640dd60e432596fb20a3175bd48d2f706f20fc4449016689ce0b70a1e117f5515f1454190e73fa7084598853e5883c92701b299a1b2982d1a61c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bc7a433ff72a5ef83f1eab72651afe79

SHA1
074ba713023fc2426c9d9484f7bb0405b247fff5

SHA256
04a4fdd870bd1416b39a2da789a9c421d6cf875b7b460616265621c4b3af1eea

SHA512
b7804035a1b212a41a37117d261e5a894b0a67258f82c019f0ced56e25dee2596e95302fea6d8100d153d56866ac1258031ad97cad39a7a81c738b45dc65e817

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bcd89fafc2b15dba24b6d5b7d43e3e26

SHA1
2b2b25822d4d631757059b70f191aa02caf8b63a

SHA256
c3cfefd6602d64e51e97e4fcf56232613367eaa62115d0c81678b490302c4b7d

SHA512
a8f508c5ae6083a81ab2e666dfceb44a056f30e0e9207114c316aff6936d247ae6f8d6565dac35d9c51d2ebd2760a1e446f8e3588166970d129ec3fd288733d9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e61572a9933b0904327cf7ad22bd43b2

SHA1
c4a0c64b1672afdde1970e4f4918114db687284c

SHA256
4694847ce121c598619ae119ccd1981620096828e075cd69ffa5f73d58531cba

SHA512
9edd11c12974d4742a7a7b2caa5fcfc15493efe63d3f3bc9808cd93ce707e3e365f9a9677d395a6ae11608c915be1a6a8aa7435a001cd79708e7f64714fa7bbb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c680fb3c0471b3af9d0103ba8d6213cb

SHA1
755a3fcab5a8fda7a296b28b803233dd4cdec2c3

SHA256
ff63574427205d25b6bff9ac516a362a26fafcb6232fe5374c4b9ed29d8ac752

SHA512
05dcd09d5387c61b708ac17c2f475a951e68af3000ad4af7effa0868330aa473bace748eac65eae95aeb58e5535f71b2b203c48c3f41af3725f125e344f886b2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a6282f0baf7ebcc9be9acfd6e37f33f0

SHA1
d47de4a667521961da4d62df601c88518c9ea720

SHA256
6b9bd0b360ad04b9108824ba39f2e885d079fdf52fa3cca6d635098ffa878066

SHA512
a139837a204b8cf0ddb43d2c3d18312f91485555e3b8944662f907e8ccf6e0b129bcf121da99cfbbfe97dd903a0a5760534800ba710d3aa953e7f5a18d41a9a2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

Filesize
392B

MD5
6fb87740db7b5300cb74411f520f2381

SHA1
f3438f9fab5827570fca32a9c857a080860b1ecd

SHA256
9907b57c175aec20ba74b206ad74abd827668968d06ad8e46f21073bf1d2d0cc

SHA512
a0d87ad512f9f129f265f0f9969666bb2f92177c54a76b8e8f84428ec39d2dc1efc8148844d20644b3887f115d51aced1688a653a3f7cc57038908c0de07757b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarD85D.tmp

Filesize
161KB

MD5
be2bec6e8c5653136d3e72fe53c98aa3

SHA1
a8182d6db17c14671c3d5766c72e58d87c0810de

SHA256
1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

SHA512
0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-R4JT1.tmp\FurMark_1.33.0.0_Setup.tmp

Filesize
3.0MB

MD5
2ceeb4c10c59d2a8f69aeb4268e283bd

SHA1
375ff3e139af2525b23e3ad2bec01629e1074b27

SHA256
58c3064ffbf1246e109261947ad2624fcc275fe30d671a8a4945edbebc2dba78

SHA512
2a684fcc7ca6c8139d0033b44bd8eb1822c22c52cc1bf51a3d560ebb384c184507c28951bb02ff4169f9c571e64234719e04f9703accf3380252cf8adbcde72f

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-R4JT1.tmp\FurMark_1.33.0.0_Setup.tmp

Filesize
3.0MB

MD5
2ceeb4c10c59d2a8f69aeb4268e283bd

SHA1
375ff3e139af2525b23e3ad2bec01629e1074b27

SHA256
58c3064ffbf1246e109261947ad2624fcc275fe30d671a8a4945edbebc2dba78

SHA512
2a684fcc7ca6c8139d0033b44bd8eb1822c22c52cc1bf51a3d560ebb384c184507c28951bb02ff4169f9c571e64234719e04f9703accf3380252cf8adbcde72f

Download Submit
\Program Files (x86)\Geeks3D\Benchmarks\FurMark\FreeImage.dll

Filesize
889KB

MD5
cb1c50b16863e835371a2a8fcea3a653

SHA1
9b98f2aefe5a2d7f7b27d0cf3422746a54635cec

SHA256
a2ed0dd0a52847645a05a2c61f64284cb5cbefa9cd8e168af5e8c6138ef7fe4b

SHA512
df619f4f85cd9bd464e9216f7b6a9414898cf7f5e293a741f033b5a7259da94e0b65860b8b3ca244afdb8eee93a9cfbe56af88d742760aa00353332897fe06de

Download Submit
\Program Files (x86)\Geeks3D\Benchmarks\FurMark\FurMark.exe

Filesize
2.9MB

MD5
7fbc9fb3913607ba9f7b91bfe50c6d8d

SHA1
f0dda8e236e30883955b5b3462ea91e85091d07b

SHA256
890e9a996e749035c510b327a00acd37021a76e6ce9c95cb2210c8d51f053418

SHA512
881caebb81430558e86114592e2875c7bc6edc4d08b4feaadd322532478af0af250b8140043b09f15578d61f2f2c5dd795c416e979ae8d8cbe6c1cf790717332

Download Submit
\Program Files (x86)\Geeks3D\Benchmarks\FurMark\FurMark.exe

Filesize
2.9MB

MD5
7fbc9fb3913607ba9f7b91bfe50c6d8d

SHA1
f0dda8e236e30883955b5b3462ea91e85091d07b

SHA256
890e9a996e749035c510b327a00acd37021a76e6ce9c95cb2210c8d51f053418

SHA512
881caebb81430558e86114592e2875c7bc6edc4d08b4feaadd322532478af0af250b8140043b09f15578d61f2f2c5dd795c416e979ae8d8cbe6c1cf790717332

Download Submit
\Program Files (x86)\Geeks3D\Benchmarks\FurMark\FurMark.exe

Filesize
2.9MB

MD5
7fbc9fb3913607ba9f7b91bfe50c6d8d

SHA1
f0dda8e236e30883955b5b3462ea91e85091d07b

SHA256
890e9a996e749035c510b327a00acd37021a76e6ce9c95cb2210c8d51f053418

SHA512
881caebb81430558e86114592e2875c7bc6edc4d08b4feaadd322532478af0af250b8140043b09f15578d61f2f2c5dd795c416e979ae8d8cbe6c1cf790717332

Download Submit
\Program Files (x86)\Geeks3D\Benchmarks\FurMark\core3d.dll

Filesize
2.0MB

MD5
dc8c84bcffcd54c3f9d3f078a1907b84

SHA1
322b30f3ad527f06ab438c51121c7a1165c497ef

SHA256
07cb52467d1faaeab0bb3aff6a3f6e9bfb0c2f699db36b00beec137dbf652a63

SHA512
6ff46c9ae3475f7a79d8361b3b9862d2e3e3de465f17c57026a960685ec533bd238c7d5eeb08d3bab9ad619b1619e785d4763b487f1c474d58263167884ebcdb

Download Submit
\Program Files (x86)\Geeks3D\Benchmarks\FurMark\unins000.exe

Filesize
3.1MB

MD5
9a8fdc5f3ab776eea6c3ff3e849eeadd

SHA1
491f95261d354d1a456462d97e77ad3c2045e987

SHA256
fcb8dc29b1dca490a6d72362177344c6568b8b69363ed25a8614f7ba0051af18

SHA512
b7ae02c5e0bda8c157a576c3508c32bbdb8c1ff378c37a0b3e463afed2929870a5e12b4a5ef8bdf6bb962e660a9ac7c803f10859eb576fec99ef4cff649fd79f

Download Submit
\Users\Admin\AppData\Local\Temp\is-R4JT1.tmp\FurMark_1.33.0.0_Setup.tmp

Filesize
3.0MB

MD5
2ceeb4c10c59d2a8f69aeb4268e283bd

SHA1
375ff3e139af2525b23e3ad2bec01629e1074b27

SHA256
58c3064ffbf1246e109261947ad2624fcc275fe30d671a8a4945edbebc2dba78

SHA512
2a684fcc7ca6c8139d0033b44bd8eb1822c22c52cc1bf51a3d560ebb384c184507c28951bb02ff4169f9c571e64234719e04f9703accf3380252cf8adbcde72f

Download Submit
memory/916-141-0x0000000001020000-0x0000000001022000-memory.dmp

Filesize
8KB

Download
memory/1096-54-0x0000000000400000-0x00000000004D8000-memory.dmp

Filesize
864KB

Download
memory/1096-140-0x0000000000400000-0x00000000004D8000-memory.dmp

Filesize
864KB

Download
memory/1096-63-0x0000000000400000-0x00000000004D8000-memory.dmp

Filesize
864KB

Download
memory/1200-142-0x0000000010000000-0x00000000102A8000-memory.dmp

Filesize
2.7MB

Download
memory/1200-136-0x0000000010000000-0x00000000102A8000-memory.dmp

Filesize
2.7MB

Download
memory/1200-612-0x0000000010000000-0x00000000102A8000-memory.dmp

Filesize
2.7MB

Download
memory/1684-123-0x0000000000400000-0x000000000071B000-memory.dmp

Filesize
3.1MB

Download
memory/1684-121-0x0000000000400000-0x000000000071B000-memory.dmp

Filesize
3.1MB

Download
memory/1684-139-0x0000000000400000-0x000000000071B000-memory.dmp

Filesize
3.1MB

Download
memory/1684-64-0x0000000000400000-0x000000000071B000-memory.dmp

Filesize
3.1MB

Download
memory/1684-62-0x00000000001D0000-0x00000000001D1000-memory.dmp

Filesize
4KB

Download
memory/1736-137-0x0000000002C60000-0x0000000002C70000-memory.dmp

Filesize
64KB

Download