Analysis Overview
SHA256
d6d58703b0ea83394d28fa0b31105ce5f0295b980563df1c085c4895245b79c1
Threat Level: Known bad
The file b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.zip was found to be: Known bad.
Malicious Activity Summary
Babadeda
Babadeda Crypter
NetSupport
Loads dropped DLL
Checks computer location settings
Executes dropped EXE
Adds Run key to start application
Maps connected drives based on registry
Checks installed software on the system
Enumerates physical storage devices
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Suspicious use of FindShellTrayWindow
MITRE ATT&CK Matrix V6
Analysis: static1
Detonation Overview
Reported
2023-03-21 14:41
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2023-03-21 14:40
Reported
2023-03-21 14:43
Platform
win7-20230220-en
Max time kernel
27s
Max time network
34s
Command Line
Signatures
Babadeda
Babadeda Crypter
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
Loads dropped DLL
Checks installed software on the system
Maps connected drives based on registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum | C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\SUMo.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\services\Disk\Enum\0 | C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\SUMo.exe | N/A |
Enumerates physical storage devices
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-1DSF1.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-1DSF1.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-1DSF1.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\SUMo.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.exe
"C:\Users\Admin\AppData\Local\Temp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.exe"
C:\Users\Admin\AppData\Local\Temp\is-4SS3G.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp
"C:\Users\Admin\AppData\Local\Temp\is-4SS3G.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp" /SL5="$70128,29807461,830464,C:\Users\Admin\AppData\Local\Temp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.exe"
C:\Users\Admin\AppData\Local\Temp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.exe
"C:\Users\Admin\AppData\Local\Temp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.exe" /VERYSILENT
C:\Users\Admin\AppData\Local\Temp\is-1DSF1.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp
"C:\Users\Admin\AppData\Local\Temp\is-1DSF1.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp" /SL5="$80128,29807461,830464,C:\Users\Admin\AppData\Local\Temp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.exe" /VERYSILENT
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\SUMo.exe
"C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\SUMo.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.kcsoftwares.com | udp |
| FR | 46.105.204.2:443 | www.kcsoftwares.com | tcp |
Files
memory/696-54-0x0000000000400000-0x00000000004D8000-memory.dmp
\Users\Admin\AppData\Local\Temp\is-4SS3G.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp
| MD5 | 2f19061194ae27c87b8b6f8eff0a2ca9 |
| SHA1 | ed3e04874f4ed4db839020a786d8ff49038c23d4 |
| SHA256 | fe614f6d3edb6f259cf91c93b2fc551ff2950eb8bbe7c879b9df5e4d722bfc5e |
| SHA512 | 2180b33b649da3c4a708faa276e3c167b749c654101c9d0ebbe7e673f7d415bbd6d7c1545b75244a3a8c00706e0d99e8320ab9d5c33f1b9776c0a314cb1f7033 |
C:\Users\Admin\AppData\Local\Temp\is-4SS3G.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp
| MD5 | 2f19061194ae27c87b8b6f8eff0a2ca9 |
| SHA1 | ed3e04874f4ed4db839020a786d8ff49038c23d4 |
| SHA256 | fe614f6d3edb6f259cf91c93b2fc551ff2950eb8bbe7c879b9df5e4d722bfc5e |
| SHA512 | 2180b33b649da3c4a708faa276e3c167b749c654101c9d0ebbe7e673f7d415bbd6d7c1545b75244a3a8c00706e0d99e8320ab9d5c33f1b9776c0a314cb1f7033 |
memory/696-67-0x0000000000400000-0x00000000004D8000-memory.dmp
memory/308-64-0x0000000000400000-0x0000000000713000-memory.dmp
memory/1100-63-0x0000000000400000-0x00000000004D8000-memory.dmp
\Users\Admin\AppData\Local\Temp\is-1DSF1.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp
| MD5 | 2f19061194ae27c87b8b6f8eff0a2ca9 |
| SHA1 | ed3e04874f4ed4db839020a786d8ff49038c23d4 |
| SHA256 | fe614f6d3edb6f259cf91c93b2fc551ff2950eb8bbe7c879b9df5e4d722bfc5e |
| SHA512 | 2180b33b649da3c4a708faa276e3c167b749c654101c9d0ebbe7e673f7d415bbd6d7c1545b75244a3a8c00706e0d99e8320ab9d5c33f1b9776c0a314cb1f7033 |
C:\Users\Admin\AppData\Local\Temp\is-1DSF1.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp
| MD5 | 2f19061194ae27c87b8b6f8eff0a2ca9 |
| SHA1 | ed3e04874f4ed4db839020a786d8ff49038c23d4 |
| SHA256 | fe614f6d3edb6f259cf91c93b2fc551ff2950eb8bbe7c879b9df5e4d722bfc5e |
| SHA512 | 2180b33b649da3c4a708faa276e3c167b749c654101c9d0ebbe7e673f7d415bbd6d7c1545b75244a3a8c00706e0d99e8320ab9d5c33f1b9776c0a314cb1f7033 |
C:\Users\Admin\AppData\Local\Temp\is-1DSF1.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp
| MD5 | 2f19061194ae27c87b8b6f8eff0a2ca9 |
| SHA1 | ed3e04874f4ed4db839020a786d8ff49038c23d4 |
| SHA256 | fe614f6d3edb6f259cf91c93b2fc551ff2950eb8bbe7c879b9df5e4d722bfc5e |
| SHA512 | 2180b33b649da3c4a708faa276e3c167b749c654101c9d0ebbe7e673f7d415bbd6d7c1545b75244a3a8c00706e0d99e8320ab9d5c33f1b9776c0a314cb1f7033 |
memory/524-192-0x0000000000240000-0x0000000000241000-memory.dmp
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\SUMo.exe
| MD5 | 85a5c9a3435594fb7e0d40d1289d4e5b |
| SHA1 | d841701a46fa6fa9444501ff3774f808758924b4 |
| SHA256 | fa1e530b966af389f22bc95b0b45ebecf3975e29d4346fd9f3af7bd9e2b3f9e6 |
| SHA512 | 74e65bf3b76ce36268ef432750280b95050a2512d047369d2cbb8d26f5cddbceb67cacc9043ab90238d2c8d2f65dded1c599425e96c4045c517709c83ff2ee6c |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\SUMo.exe
| MD5 | 85a5c9a3435594fb7e0d40d1289d4e5b |
| SHA1 | d841701a46fa6fa9444501ff3774f808758924b4 |
| SHA256 | fa1e530b966af389f22bc95b0b45ebecf3975e29d4346fd9f3af7bd9e2b3f9e6 |
| SHA512 | 74e65bf3b76ce36268ef432750280b95050a2512d047369d2cbb8d26f5cddbceb67cacc9043ab90238d2c8d2f65dded1c599425e96c4045c517709c83ff2ee6c |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\SUMo.exe
| MD5 | 85a5c9a3435594fb7e0d40d1289d4e5b |
| SHA1 | d841701a46fa6fa9444501ff3774f808758924b4 |
| SHA256 | fa1e530b966af389f22bc95b0b45ebecf3975e29d4346fd9f3af7bd9e2b3f9e6 |
| SHA512 | 74e65bf3b76ce36268ef432750280b95050a2512d047369d2cbb8d26f5cddbceb67cacc9043ab90238d2c8d2f65dded1c599425e96c4045c517709c83ff2ee6c |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\SUMo.exe
| MD5 | 85a5c9a3435594fb7e0d40d1289d4e5b |
| SHA1 | d841701a46fa6fa9444501ff3774f808758924b4 |
| SHA256 | fa1e530b966af389f22bc95b0b45ebecf3975e29d4346fd9f3af7bd9e2b3f9e6 |
| SHA512 | 74e65bf3b76ce36268ef432750280b95050a2512d047369d2cbb8d26f5cddbceb67cacc9043ab90238d2c8d2f65dded1c599425e96c4045c517709c83ff2ee6c |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\settings.ini
| MD5 | 5a28072951d7f69bdea56a515bbde684 |
| SHA1 | 90cf030b990eea1f721b3d51271bb55389af45bd |
| SHA256 | fe3fa20956179b36138c44e6c271ff317f60462443f04ecbac002df3680a1f80 |
| SHA512 | 8a3aaee43cdfdc86ffe27e368a9758f429aca533bd9659751ad24a830edf3a5744bbe7350b737a7198cb3dd5f9adf919263dcac67c938f2080a2e747d9d2f12f |
memory/524-317-0x0000000000400000-0x0000000000713000-memory.dmp
memory/1100-320-0x0000000000400000-0x00000000004D8000-memory.dmp
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\libcrypto-3.dll
| MD5 | 5d27bfcbd2ef03041c284a31511e638e |
| SHA1 | 3c6e1dbd5adbe3bbb4a4ff4864ceb5e03d627333 |
| SHA256 | 79cb81c74b994b2b2dd351bb567c82e64c666192e25b8d571d00caffd3fdef76 |
| SHA512 | b99a094b19ee6e71f33c3625ac3535826414c288c3ca5ff173d6b1be64bfb0180f6cb942821a59cc65729591bf48176f2f776150c6efd205710525f00012c3ee |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\libcrypto-3.dll
| MD5 | 5d27bfcbd2ef03041c284a31511e638e |
| SHA1 | 3c6e1dbd5adbe3bbb4a4ff4864ceb5e03d627333 |
| SHA256 | 79cb81c74b994b2b2dd351bb567c82e64c666192e25b8d571d00caffd3fdef76 |
| SHA512 | b99a094b19ee6e71f33c3625ac3535826414c288c3ca5ff173d6b1be64bfb0180f6cb942821a59cc65729591bf48176f2f776150c6efd205710525f00012c3ee |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\vcruntime140.dll
| MD5 | ba65db6bfef78a96aee7e29f1449bf8a |
| SHA1 | 06c7beb9fd1f33051b0e77087350903c652f4b77 |
| SHA256 | 141690572594dbd3618a4984712e9e36fc09c9906bb845ce1a9531ac8f7ad493 |
| SHA512 | ca63eeac10ef55d7e2e55479b25cf394e58aef1422951f361f762ab667f72a3454f55afc04e967e8cdd20cf3eebe97083e0438ea941916a09e7d091818ea830e |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-crt-runtime-l1-1-0.dll
| MD5 | 8bd7a27e6ca969d3eb46086d411ce05d |
| SHA1 | 3bbf6f55853b1487debca58d7cb5c877d0abd517 |
| SHA256 | 8edc95578b8c9ca93a65907e428fa2b57fef8370b902912689332bc61094904c |
| SHA512 | fee8359398efe6a995a214d4e47de43aba12d33bb9cb1de18659d332d94ef83a4a77618b6caa9f455b0c6da4c10ab459209d483b9e778d9b522771ca692ca454 |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-crt-runtime-l1-1-0.dll
| MD5 | 8bd7a27e6ca969d3eb46086d411ce05d |
| SHA1 | 3bbf6f55853b1487debca58d7cb5c877d0abd517 |
| SHA256 | 8edc95578b8c9ca93a65907e428fa2b57fef8370b902912689332bc61094904c |
| SHA512 | fee8359398efe6a995a214d4e47de43aba12d33bb9cb1de18659d332d94ef83a4a77618b6caa9f455b0c6da4c10ab459209d483b9e778d9b522771ca692ca454 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\ucrtbase.DLL
| MD5 | 5dafe0bfb955e780b3d50da4524b752f |
| SHA1 | 91c0d9fabe748d373215ba21b90278671b5f8957 |
| SHA256 | 6255112c9978c07a05c6feaee01cf4be74b2920dc7017fbc1a42f8f5d23c20f9 |
| SHA512 | 37fd37f3ad87838f596d1e8e497fe66d1a1c4128625ab456ec850179dd1e1f33cf4945d0faaf6cdbd1ed586ecfb7ff3e7cf10a88a823cc5eb06c2fc4fa16bff3 |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-core-timezone-l1-1-0.dll
| MD5 | a9c7db516186c8e367fed757e238c61a |
| SHA1 | 1318d6496e7146e773aca85be6d0e9b87a09e284 |
| SHA256 | ded52bac23633a03341969c5b98b0d94d24fa3284c1ddd0c489e453b39cec659 |
| SHA512 | 6aad003287afe86abccf34f6b15338c0c7380f4837805d919064a26380d2f3f7698515f927c148e618c12f0943d3621184bebc70a8b07eed64ad88689fbcc5cb |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-core-file-l2-1-0.dll
| MD5 | 422adad24e8da100f85bf3de86b5f302 |
| SHA1 | 7004b3ed8663b5890cd25e1a7899a766be912728 |
| SHA256 | e04642684dc7376839c570bc11e9b46cae14420f1a85f7562fd2c4d656a22956 |
| SHA512 | e689ecb1a1cb1e7735cb6a961fd054d87bcad01acf76950b14a3bf4e08ddb7a8d31805c203374ee081a4ec13c40b25b3dc83b3895b9bfbd9c135673e98e6ee63 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-core-localization-l1-2-0.dll
| MD5 | 602a35b140d9d68d7b3e488896158365 |
| SHA1 | f1ba615abb54ff786ddbc74dffffd56394bfc892 |
| SHA256 | 43b98f74476c86107c8317749f54a107e2955696e4f79d3d02683dd7034d1d52 |
| SHA512 | 4388947f90838cae8b5f8137c9ed2a099028b4341da8c574d536c6ad096bad0e217e105f0367750c70e3d3ca4857255b674955c71ecff0fda9c47a4b1951b8b6 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-core-synch-l1-2-0.dll
| MD5 | ed215daa7493bf93c5eadef178a261e0 |
| SHA1 | b20c8dc7ba00f98a326f5f4fd55329b72f8e5699 |
| SHA256 | 8b7c8fc657e0dab0f2506001ca4bb76e675ffd18a2b4d9c1e03b876e008a7a26 |
| SHA512 | 3ed052eada11c3dc44f81f330bd2a2526170515bc6a90281872a93ee49f9add8c9ad36b9a9e9185e251d664c1694d06625e0148e113addc32e53d705d2655f03 |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-core-processthreads-l1-1-1.dll
| MD5 | a07afa26ab56a8d3b8b16591a1962005 |
| SHA1 | 2b6f3143487f747911ee20f039f1ffb1381858ac |
| SHA256 | 6be230837149dc2a8c7772142a674c3f90930a55da7f91d791942d8276d5440b |
| SHA512 | b77b277d10cf6b8d209679684ead55b4347caef3213acdccdee35b5d4fe0e3fc136daf057830512c5473c4653a8d66357927c4b7d204c07d7508f792299d7fe9 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-core-file-l1-2-0.dll
| MD5 | 86279521328398e87699d248628eb13a |
| SHA1 | e4d4c39bda90635f1f5c2fc58b1304e2daac9caf |
| SHA256 | 3c9b67616fd0ceb3dd92e605918b08556683ebab5537aa76dff300fbd54b0337 |
| SHA512 | 2cc328955611ad8369ff9facf9c1aabe99a20c3ded2977ad86c69e0f54acd78fa6f572ed688625c8c63016826a10b3578e3c186ef2b39c4bf393ab5e399913a6 |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-crt-heap-l1-1-0.dll
| MD5 | cf5f256e8cd76ba85e6c3047f078814a |
| SHA1 | b7cde77313ceaae76a46c1111b33b3d8f47c4214 |
| SHA256 | 9382fc8d5cbcc23c5d05e6f48f4188af3f96efbbdc5a7ec05b37e252440ecfc1 |
| SHA512 | 856eff4fff1d11a725af9c3e5ceac6d02a89297a16e97edec171839aa12c468fc37d60ec5df06d507cee695f71b7fbd4bc0ba51b7934d886e66a43b249e62da5 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-crt-string-l1-1-0.dll
| MD5 | 00446e48d60abf044acc72b46d5c3afb |
| SHA1 | 0ccc0c5034ac063e1d4af851b0de1f4ea99aff97 |
| SHA256 | 82d26998b4b3c26dbc1c1fff9d6106109a081205081d3c0669e59d20d918bc5a |
| SHA512 | 69114f0efb3c853bffb55c15e5ad1b7919057a676056d57634a6a39916e232cde2dcdc49ea0f9751ddea6550ffa58f84b1f8918b3c9fd7e88c8b8f7eb4afeaf2 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-crt-stdio-l1-1-0.dll
| MD5 | f681a45c47ebb2c56c1465677ec33ff3 |
| SHA1 | 06bf7798c51325cf1806e14dea56ff98b05b7846 |
| SHA256 | 3a03d727d291be57057587227273af410eda935438d8a0a165ec63ae772809af |
| SHA512 | eeb05f1af7e1c714c658e9aa06e8c6dbeeb5f2e8dcf3fdb7b9b408018e41402d83893472114e0cf6d3a9a3bf54ec45c4f7a4840a09570d190277aa3514681ab8 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-crt-convert-l1-1-0.dll
| MD5 | c6385b316bb04ca36d76b077eeb9a61e |
| SHA1 | fc376f68798fecd41fb1c936eed1bce3f2ee6bef |
| SHA256 | 060636cfc58587b4344a6d0ff4f44dd77266f2bbdb877cb50cb1b44a7e3969bc |
| SHA512 | bddf0f34bedb17ecf1d270a0613f27d174ae04f920192d7d1af6c15245175318b29691e748c36e2ce0a3027495b2f5a0bb688ae16095fad9dcd8c283b6d1b1d4 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-crt-utility-l1-1-0.dll
| MD5 | 6376bf5bac3f0208f0a5d11415ccd444 |
| SHA1 | c3fe96e51c3f3e622dcedd2ddf8d23f9442361b8 |
| SHA256 | e36763df57cd26ec2b4d52e27de51a4ca6f18caf86cbac8307bf4817705f9a0e |
| SHA512 | 9614e423c850bdb584f18555825214d42106966b1ee71e75ba7407591aa5de407b43909ce972e1923df82e9a0e953597fe19646296962194ebeb1579493d91c2 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-crt-environment-l1-1-0.dll
| MD5 | 311e582d5d3d8421e883c4a8248eacc8 |
| SHA1 | c99e61d1446fce0f883a2aad261af22d77953a59 |
| SHA256 | 369cc4d3bb05f4160a0bc9683feb1df2e94d02f061e4b23d53c3a6e2230cd5e4 |
| SHA512 | 050ed1310e667e6bb22bb7952794745df1eee0c78f18240cc2217e748a11213d094b48153964c3da0ad8141da1709ece637315633396c77c035bb0565fa981b4 |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-crt-filesystem-l1-1-0.dll
| MD5 | 10731d3320c12abb62d3866d7e728cce |
| SHA1 | df4e131c825d1ca5cd14e00e5c04785d6ca508f7 |
| SHA256 | 9f3eb90963916194f167e98e049707b14fa84a3f11cb8cc7b940d95956601700 |
| SHA512 | 7eeef98682872fd95a38a03435546349c8488607e59870086b486b807e8b53893603175d9ad0f3b80c1924381daca8d14868a6079988a944b005783b4e2e358e |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\gif.dll
| MD5 | 6ae328d3f4584597d87224568ef416b1 |
| SHA1 | 87d29b395058ee0b852ccd0d7296edb8dd6e72a5 |
| SHA256 | 22b993cb00c647debb7957b7ab8608b42928bcb1068fac57c54e70fe6fbbe0d3 |
| SHA512 | c2d847b96873fc6f5b731044c9fc570f4e25962728e7a14f1a3c3cbd3fb36fcce59fdd6ab2f2ace5a78e42c323839d1a14c07d389abe40766ac48f65f86d111b |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\gif.dll
| MD5 | 6ae328d3f4584597d87224568ef416b1 |
| SHA1 | 87d29b395058ee0b852ccd0d7296edb8dd6e72a5 |
| SHA256 | 22b993cb00c647debb7957b7ab8608b42928bcb1068fac57c54e70fe6fbbe0d3 |
| SHA512 | c2d847b96873fc6f5b731044c9fc570f4e25962728e7a14f1a3c3cbd3fb36fcce59fdd6ab2f2ace5a78e42c323839d1a14c07d389abe40766ac48f65f86d111b |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\leptonica-1.82.0.dll
| MD5 | b1b025f906d60a22d930dd9f17cdadd2 |
| SHA1 | dd9c06f7a21bbb779756665a895b54bd70aa9a10 |
| SHA256 | ec9bd9d0294330bb1ef614352126490763806d21aaf949263b64e86e41bba540 |
| SHA512 | d8ca56717dad265e5708d831909fee71b00c1739442c62735d21732b049768e532c43fe4dbbeb05adf2765f7b048b2316ce5864bb93e33b98a02ac90021780e6 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\leptonica-1.82.0.dll
| MD5 | b1b025f906d60a22d930dd9f17cdadd2 |
| SHA1 | dd9c06f7a21bbb779756665a895b54bd70aa9a10 |
| SHA256 | ec9bd9d0294330bb1ef614352126490763806d21aaf949263b64e86e41bba540 |
| SHA512 | d8ca56717dad265e5708d831909fee71b00c1739442c62735d21732b049768e532c43fe4dbbeb05adf2765f7b048b2316ce5864bb93e33b98a02ac90021780e6 |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-crt-math-l1-1-0.dll
| MD5 | 78dfcb76dc8b42411dbc682f78f5c6eb |
| SHA1 | e50f6719fee44c70518cf8442737a688b5f45e62 |
| SHA256 | 8673dd898f899de831fc3052c8b8254b7b85ee7f2b9b6c422736668689c9b14f |
| SHA512 | 968bb3bc952f4057f74c9c8825fcc2db34b9c56166ee39db3bab3d4ecf51fb65af250a8a65340274a1a0c0eed73b6c8962df5d2fce586c1ef4e19706edd5e6e1 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-crt-math-l1-1-0.dll
| MD5 | 78dfcb76dc8b42411dbc682f78f5c6eb |
| SHA1 | e50f6719fee44c70518cf8442737a688b5f45e62 |
| SHA256 | 8673dd898f899de831fc3052c8b8254b7b85ee7f2b9b6c422736668689c9b14f |
| SHA512 | 968bb3bc952f4057f74c9c8825fcc2db34b9c56166ee39db3bab3d4ecf51fb65af250a8a65340274a1a0c0eed73b6c8962df5d2fce586c1ef4e19706edd5e6e1 |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-crt-locale-l1-1-0.dll
| MD5 | 60ffdc3ef20b127e3fd14a0719328c34 |
| SHA1 | b510833350328f79a79fa464ea9d5e9455643659 |
| SHA256 | 43c9ea4ddecf2f34852559cf0b40b5261e6701d3743ab219f48d43a312707ad9 |
| SHA512 | caef6ee08c9f6fabecef1f0be37ab34e2d4dc22f15a775b2f0dcacda1f0fcdf2259399e6fbab85f0f00e8e4b03d77fe88b85b901a9ba2f775a50f2da724da26e |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-crt-locale-l1-1-0.dll
| MD5 | 60ffdc3ef20b127e3fd14a0719328c34 |
| SHA1 | b510833350328f79a79fa464ea9d5e9455643659 |
| SHA256 | 43c9ea4ddecf2f34852559cf0b40b5261e6701d3743ab219f48d43a312707ad9 |
| SHA512 | caef6ee08c9f6fabecef1f0be37ab34e2d4dc22f15a775b2f0dcacda1f0fcdf2259399e6fbab85f0f00e8e4b03d77fe88b85b901a9ba2f775a50f2da724da26e |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\msvcp140.dll
| MD5 | fdd04dbbcf321eee5f4dd67266f476b0 |
| SHA1 | 65ffdfe2664a29a41fcf5039229ccecad5b825b9 |
| SHA256 | 21570bcb7a77e856f3113235d2b05b2b328d4bb71b4fd9ca4d46d99adac80794 |
| SHA512 | 04cfc3097fbce6ee1b7bac7bd63c3cffe7dca16f0ec9cd8fe657d8b7ebd06dcba272ff472f98c6385c3cfb9b1ac3f47be8ca6d3ea80ab4aeed44a0e2ce3185dd |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\MSVCP140.dll
| MD5 | fdd04dbbcf321eee5f4dd67266f476b0 |
| SHA1 | 65ffdfe2664a29a41fcf5039229ccecad5b825b9 |
| SHA256 | 21570bcb7a77e856f3113235d2b05b2b328d4bb71b4fd9ca4d46d99adac80794 |
| SHA512 | 04cfc3097fbce6ee1b7bac7bd63c3cffe7dca16f0ec9cd8fe657d8b7ebd06dcba272ff472f98c6385c3cfb9b1ac3f47be8ca6d3ea80ab4aeed44a0e2ce3185dd |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\infoware.dll
| MD5 | 72536dc4379ef32244e85e79aaca6bad |
| SHA1 | 15ef7dde5cf66cdd7805ebdbb12570de59be724b |
| SHA256 | 33367523ac36bffc608a35d2ff9f7cb8837f6a41c2b647aa1a3c10aa259e703c |
| SHA512 | 35bb838a9b3146d81087f21c9abc08191584f3da3b30c3e64c6fa11b60d922c20cb1c59bf3f3bca0b4fb309ee51b135e736af4009f565350cf9ff11fc78eb89f |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\infoware.dll
| MD5 | 72536dc4379ef32244e85e79aaca6bad |
| SHA1 | 15ef7dde5cf66cdd7805ebdbb12570de59be724b |
| SHA256 | 33367523ac36bffc608a35d2ff9f7cb8837f6a41c2b647aa1a3c10aa259e703c |
| SHA512 | 35bb838a9b3146d81087f21c9abc08191584f3da3b30c3e64c6fa11b60d922c20cb1c59bf3f3bca0b4fb309ee51b135e736af4009f565350cf9ff11fc78eb89f |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\createdb.dll
| MD5 | ac3e0298184d76ad86730e5b89867fb4 |
| SHA1 | bbcfdc1732507ac17b812db102a25728d7d8c755 |
| SHA256 | f210b8d8e984df19b27fb6184ed0212467c219b418b94b01003d5e6c11efdef3 |
| SHA512 | 68210ede444dfaea92edd57945cbe18a9e605a407aa7572fbc1d4bc61298789a1f8aa644d58e16c1f6df15eb395c3298847576cc3a33862d1c329fdd2ba91c99 |
memory/1676-357-0x0000000000170000-0x0000000000171000-memory.dmp
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\createdb.dll
| MD5 | ac3e0298184d76ad86730e5b89867fb4 |
| SHA1 | bbcfdc1732507ac17b812db102a25728d7d8c755 |
| SHA256 | f210b8d8e984df19b27fb6184ed0212467c219b418b94b01003d5e6c11efdef3 |
| SHA512 | 68210ede444dfaea92edd57945cbe18a9e605a407aa7572fbc1d4bc61298789a1f8aa644d58e16c1f6df15eb395c3298847576cc3a33862d1c329fdd2ba91c99 |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-crt-environment-l1-1-0.dll
| MD5 | 311e582d5d3d8421e883c4a8248eacc8 |
| SHA1 | c99e61d1446fce0f883a2aad261af22d77953a59 |
| SHA256 | 369cc4d3bb05f4160a0bc9683feb1df2e94d02f061e4b23d53c3a6e2230cd5e4 |
| SHA512 | 050ed1310e667e6bb22bb7952794745df1eee0c78f18240cc2217e748a11213d094b48153964c3da0ad8141da1709ece637315633396c77c035bb0565fa981b4 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-crt-filesystem-l1-1-0.dll
| MD5 | 10731d3320c12abb62d3866d7e728cce |
| SHA1 | df4e131c825d1ca5cd14e00e5c04785d6ca508f7 |
| SHA256 | 9f3eb90963916194f167e98e049707b14fa84a3f11cb8cc7b940d95956601700 |
| SHA512 | 7eeef98682872fd95a38a03435546349c8488607e59870086b486b807e8b53893603175d9ad0f3b80c1924381daca8d14868a6079988a944b005783b4e2e358e |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-crt-utility-l1-1-0.dll
| MD5 | 6376bf5bac3f0208f0a5d11415ccd444 |
| SHA1 | c3fe96e51c3f3e622dcedd2ddf8d23f9442361b8 |
| SHA256 | e36763df57cd26ec2b4d52e27de51a4ca6f18caf86cbac8307bf4817705f9a0e |
| SHA512 | 9614e423c850bdb584f18555825214d42106966b1ee71e75ba7407591aa5de407b43909ce972e1923df82e9a0e953597fe19646296962194ebeb1579493d91c2 |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-crt-time-l1-1-0.dll
| MD5 | 376b4a7a02f20ed3aede05039ec3daf0 |
| SHA1 | c9149b37f85cfc724bedc0ecd543d95280055de1 |
| SHA256 | b0b8fc7de3641c3f23d30a4792c8584db33db6133ee29135c70bb504e80e4a2c |
| SHA512 | ff7fba7cd8c9b55c1c87104d7d9074ef0eed524b02480ecf2c80e5cd489c568e1ed63bc62699a03272cab3dcbf20e6437e1f47ce112bcb3336d27ed2790430c5 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-crt-time-l1-1-0.dll
| MD5 | 376b4a7a02f20ed3aede05039ec3daf0 |
| SHA1 | c9149b37f85cfc724bedc0ecd543d95280055de1 |
| SHA256 | b0b8fc7de3641c3f23d30a4792c8584db33db6133ee29135c70bb504e80e4a2c |
| SHA512 | ff7fba7cd8c9b55c1c87104d7d9074ef0eed524b02480ecf2c80e5cd489c568e1ed63bc62699a03272cab3dcbf20e6437e1f47ce112bcb3336d27ed2790430c5 |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-crt-convert-l1-1-0.dll
| MD5 | c6385b316bb04ca36d76b077eeb9a61e |
| SHA1 | fc376f68798fecd41fb1c936eed1bce3f2ee6bef |
| SHA256 | 060636cfc58587b4344a6d0ff4f44dd77266f2bbdb877cb50cb1b44a7e3969bc |
| SHA512 | bddf0f34bedb17ecf1d270a0613f27d174ae04f920192d7d1af6c15245175318b29691e748c36e2ce0a3027495b2f5a0bb688ae16095fad9dcd8c283b6d1b1d4 |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-crt-stdio-l1-1-0.dll
| MD5 | f681a45c47ebb2c56c1465677ec33ff3 |
| SHA1 | 06bf7798c51325cf1806e14dea56ff98b05b7846 |
| SHA256 | 3a03d727d291be57057587227273af410eda935438d8a0a165ec63ae772809af |
| SHA512 | eeb05f1af7e1c714c658e9aa06e8c6dbeeb5f2e8dcf3fdb7b9b408018e41402d83893472114e0cf6d3a9a3bf54ec45c4f7a4840a09570d190277aa3514681ab8 |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-crt-string-l1-1-0.dll
| MD5 | 00446e48d60abf044acc72b46d5c3afb |
| SHA1 | 0ccc0c5034ac063e1d4af851b0de1f4ea99aff97 |
| SHA256 | 82d26998b4b3c26dbc1c1fff9d6106109a081205081d3c0669e59d20d918bc5a |
| SHA512 | 69114f0efb3c853bffb55c15e5ad1b7919057a676056d57634a6a39916e232cde2dcdc49ea0f9751ddea6550ffa58f84b1f8918b3c9fd7e88c8b8f7eb4afeaf2 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-crt-heap-l1-1-0.dll
| MD5 | cf5f256e8cd76ba85e6c3047f078814a |
| SHA1 | b7cde77313ceaae76a46c1111b33b3d8f47c4214 |
| SHA256 | 9382fc8d5cbcc23c5d05e6f48f4188af3f96efbbdc5a7ec05b37e252440ecfc1 |
| SHA512 | 856eff4fff1d11a725af9c3e5ceac6d02a89297a16e97edec171839aa12c468fc37d60ec5df06d507cee695f71b7fbd4bc0ba51b7934d886e66a43b249e62da5 |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-core-file-l1-2-0.dll
| MD5 | 86279521328398e87699d248628eb13a |
| SHA1 | e4d4c39bda90635f1f5c2fc58b1304e2daac9caf |
| SHA256 | 3c9b67616fd0ceb3dd92e605918b08556683ebab5537aa76dff300fbd54b0337 |
| SHA512 | 2cc328955611ad8369ff9facf9c1aabe99a20c3ded2977ad86c69e0f54acd78fa6f572ed688625c8c63016826a10b3578e3c186ef2b39c4bf393ab5e399913a6 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-core-processthreads-l1-1-1.dll
| MD5 | a07afa26ab56a8d3b8b16591a1962005 |
| SHA1 | 2b6f3143487f747911ee20f039f1ffb1381858ac |
| SHA256 | 6be230837149dc2a8c7772142a674c3f90930a55da7f91d791942d8276d5440b |
| SHA512 | b77b277d10cf6b8d209679684ead55b4347caef3213acdccdee35b5d4fe0e3fc136daf057830512c5473c4653a8d66357927c4b7d204c07d7508f792299d7fe9 |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-core-synch-l1-2-0.dll
| MD5 | ed215daa7493bf93c5eadef178a261e0 |
| SHA1 | b20c8dc7ba00f98a326f5f4fd55329b72f8e5699 |
| SHA256 | 8b7c8fc657e0dab0f2506001ca4bb76e675ffd18a2b4d9c1e03b876e008a7a26 |
| SHA512 | 3ed052eada11c3dc44f81f330bd2a2526170515bc6a90281872a93ee49f9add8c9ad36b9a9e9185e251d664c1694d06625e0148e113addc32e53d705d2655f03 |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-core-localization-l1-2-0.dll
| MD5 | 602a35b140d9d68d7b3e488896158365 |
| SHA1 | f1ba615abb54ff786ddbc74dffffd56394bfc892 |
| SHA256 | 43b98f74476c86107c8317749f54a107e2955696e4f79d3d02683dd7034d1d52 |
| SHA512 | 4388947f90838cae8b5f8137c9ed2a099028b4341da8c574d536c6ad096bad0e217e105f0367750c70e3d3ca4857255b674955c71ecff0fda9c47a4b1951b8b6 |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-core-file-l2-1-0.dll
| MD5 | 422adad24e8da100f85bf3de86b5f302 |
| SHA1 | 7004b3ed8663b5890cd25e1a7899a766be912728 |
| SHA256 | e04642684dc7376839c570bc11e9b46cae14420f1a85f7562fd2c4d656a22956 |
| SHA512 | e689ecb1a1cb1e7735cb6a961fd054d87bcad01acf76950b14a3bf4e08ddb7a8d31805c203374ee081a4ec13c40b25b3dc83b3895b9bfbd9c135673e98e6ee63 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\api-ms-win-core-timezone-l1-1-0.dll
| MD5 | a9c7db516186c8e367fed757e238c61a |
| SHA1 | 1318d6496e7146e773aca85be6d0e9b87a09e284 |
| SHA256 | ded52bac23633a03341969c5b98b0d94d24fa3284c1ddd0c489e453b39cec659 |
| SHA512 | 6aad003287afe86abccf34f6b15338c0c7380f4837805d919064a26380d2f3f7698515f927c148e618c12f0943d3621184bebc70a8b07eed64ad88689fbcc5cb |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\ucrtbase.dll
| MD5 | 5dafe0bfb955e780b3d50da4524b752f |
| SHA1 | 91c0d9fabe748d373215ba21b90278671b5f8957 |
| SHA256 | 6255112c9978c07a05c6feaee01cf4be74b2920dc7017fbc1a42f8f5d23c20f9 |
| SHA512 | 37fd37f3ad87838f596d1e8e497fe66d1a1c4128625ab456ec850179dd1e1f33cf4945d0faaf6cdbd1ed586ecfb7ff3e7cf10a88a823cc5eb06c2fc4fa16bff3 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\VCRUNTIME140.dll
| MD5 | ba65db6bfef78a96aee7e29f1449bf8a |
| SHA1 | 06c7beb9fd1f33051b0e77087350903c652f4b77 |
| SHA256 | 141690572594dbd3618a4984712e9e36fc09c9906bb845ce1a9531ac8f7ad493 |
| SHA512 | ca63eeac10ef55d7e2e55479b25cf394e58aef1422951f361f762ab667f72a3454f55afc04e967e8cdd20cf3eebe97083e0438ea941916a09e7d091818ea830e |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\jpeg62.dll
| MD5 | dc9710e9bede8b3e02e356691dce2903 |
| SHA1 | 8f92a58d6f49a1b7a5ab76b74bbc88d4cee02019 |
| SHA256 | ea85f913ac7f1472224ff9aacf07d72d65c39b0d79504259ccf678e97ac82819 |
| SHA512 | 335bfd92b458377169399e45634f6af453bceed2313c1170fab3b263dbfd73d053296ed1b2ad5ea0548d90d9e3b224daa3e684c990552ba201d5894e5dc8d38c |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\libpng16.dll
| MD5 | fc95df0925d9183a43c7f940094a8256 |
| SHA1 | 3bb64b0c5bcfc5f3ec8aa1c396b9bb3f40984091 |
| SHA256 | 95b74d8053cc88976911b289990c3f50a69e035a248f533c94c86bb29514a619 |
| SHA512 | c159c2cab06909526fdd292a3a3d615e9427eea20d8f93948b50078bf4220bb83f0200feba477aa25ee541faefa4bcc5487de5745a18c1077dad143b9ebbf85c |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\libpng16.dll
| MD5 | fc95df0925d9183a43c7f940094a8256 |
| SHA1 | 3bb64b0c5bcfc5f3ec8aa1c396b9bb3f40984091 |
| SHA256 | 95b74d8053cc88976911b289990c3f50a69e035a248f533c94c86bb29514a619 |
| SHA512 | c159c2cab06909526fdd292a3a3d615e9427eea20d8f93948b50078bf4220bb83f0200feba477aa25ee541faefa4bcc5487de5745a18c1077dad143b9ebbf85c |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\openjp2.dll
| MD5 | 0befbd26563d8ef2bc1f47384fd74e96 |
| SHA1 | 547c90fad821505b2a72b8147cccacdbd70300e4 |
| SHA256 | 7c4e95fb4ef2a251ffb397ca4342dcf55c65de54b6b1887a064e77501772ce9f |
| SHA512 | a558f1d34cc25a0970bf264e6f47023f6d371090ae4f94b1444a4d216e7ee9f55a2c37704a5f35fbfdd96fa0ad028c5819dd90afaf77cc0bae97456f0278a8b2 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\openjp2.dll
| MD5 | 0befbd26563d8ef2bc1f47384fd74e96 |
| SHA1 | 547c90fad821505b2a72b8147cccacdbd70300e4 |
| SHA256 | 7c4e95fb4ef2a251ffb397ca4342dcf55c65de54b6b1887a064e77501772ce9f |
| SHA512 | a558f1d34cc25a0970bf264e6f47023f6d371090ae4f94b1444a4d216e7ee9f55a2c37704a5f35fbfdd96fa0ad028c5819dd90afaf77cc0bae97456f0278a8b2 |
\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\jpeg62.dll
| MD5 | dc9710e9bede8b3e02e356691dce2903 |
| SHA1 | 8f92a58d6f49a1b7a5ab76b74bbc88d4cee02019 |
| SHA256 | ea85f913ac7f1472224ff9aacf07d72d65c39b0d79504259ccf678e97ac82819 |
| SHA512 | 335bfd92b458377169399e45634f6af453bceed2313c1170fab3b263dbfd73d053296ed1b2ad5ea0548d90d9e3b224daa3e684c990552ba201d5894e5dc8d38c |
memory/1676-383-0x0000000010000000-0x00000000105DF000-memory.dmp
memory/1676-384-0x0000000003F60000-0x000000000401C000-memory.dmp
memory/1676-390-0x0000000003F60000-0x000000000401C000-memory.dmp
memory/1676-391-0x0000000003F60000-0x000000000401C000-memory.dmp
memory/1676-393-0x0000000003F60000-0x000000000401C000-memory.dmp
memory/1676-398-0x0000000003F60000-0x000000000401C000-memory.dmp
memory/1676-396-0x0000000003F60000-0x000000000401C000-memory.dmp
memory/1676-401-0x0000000003F60000-0x000000000401C000-memory.dmp
memory/1676-408-0x0000000001180000-0x00000000013A8000-memory.dmp
memory/1676-410-0x0000000003190000-0x00000000031AC000-memory.dmp
memory/1676-411-0x0000000010000000-0x00000000105DF000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2023-03-21 14:40
Reported
2023-03-21 14:43
Platform
win10v2004-20230220-en
Max time kernel
149s
Max time network
157s
Command Line
Signatures
Babadeda
Babadeda Crypter
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
NetSupport
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-144354903-2550862337-1367551827-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\is-P51FP.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-144354903-2550862337-1367551827-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\is-F3TUK.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp | N/A |
Executes dropped EXE
Loads dropped DLL
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\System Management = "C:\\Users\\Admin\\AppData\\Local\\Softros Systems\\Softros LAN Messenger\\SUMo.exe" | C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\SUMo.exe | N/A |
Checks installed software on the system
Maps connected drives based on registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum\0 | C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\SUMo.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum | C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\SUMo.exe | N/A |
Enumerates physical storage devices
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-F3TUK.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-F3TUK.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeSecurityPrivilege | N/A | C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\SUMo.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-F3TUK.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\SUMo.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\SUMo.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.exe
"C:\Users\Admin\AppData\Local\Temp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.exe"
C:\Users\Admin\AppData\Local\Temp\is-P51FP.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp
"C:\Users\Admin\AppData\Local\Temp\is-P51FP.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp" /SL5="$D0160,29807461,830464,C:\Users\Admin\AppData\Local\Temp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.exe"
C:\Users\Admin\AppData\Local\Temp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.exe
"C:\Users\Admin\AppData\Local\Temp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.exe" /VERYSILENT
C:\Users\Admin\AppData\Local\Temp\is-F3TUK.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp
"C:\Users\Admin\AppData\Local\Temp\is-F3TUK.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp" /SL5="$E0160,29807461,830464,C:\Users\Admin\AppData\Local\Temp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.exe" /VERYSILENT
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\SUMo.exe
"C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\SUMo.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 164.113.223.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.192.144.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 199.176.139.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.74.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.kcsoftwares.com | udp |
| FR | 46.105.204.2:443 | www.kcsoftwares.com | tcp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | manigiajabae32.com | udp |
| US | 8.8.8.8:53 | geo.netsupportsoftware.com | udp |
| GB | 45.61.138.73:2006 | manigiajabae32.com | tcp |
| GB | 51.142.119.24:80 | geo.netsupportsoftware.com | tcp |
| US | 8.8.8.8:53 | 42.220.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.138.61.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.119.142.51.in-addr.arpa | udp |
| US | 52.152.110.14:443 | tcp | |
| US | 52.152.110.14:443 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | 210.81.184.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.254.224.20.in-addr.arpa | udp |
| US | 52.152.110.14:443 | tcp | |
| US | 52.152.110.14:443 | tcp | |
| US | 52.152.110.14:443 | tcp | |
| US | 52.152.110.14:443 | tcp | |
| US | 52.152.110.14:443 | tcp | |
| US | 52.152.110.14:443 | tcp | |
| US | 209.197.3.8:80 | tcp | |
| US | 52.152.110.14:443 | tcp | |
| US | 52.152.110.14:443 | tcp | |
| US | 52.152.110.14:443 | tcp | |
| US | 52.152.110.14:443 | tcp |
Files
memory/3872-133-0x0000000000400000-0x00000000004D8000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-P51FP.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp
| MD5 | 2f19061194ae27c87b8b6f8eff0a2ca9 |
| SHA1 | ed3e04874f4ed4db839020a786d8ff49038c23d4 |
| SHA256 | fe614f6d3edb6f259cf91c93b2fc551ff2950eb8bbe7c879b9df5e4d722bfc5e |
| SHA512 | 2180b33b649da3c4a708faa276e3c167b749c654101c9d0ebbe7e673f7d415bbd6d7c1545b75244a3a8c00706e0d99e8320ab9d5c33f1b9776c0a314cb1f7033 |
memory/1436-139-0x00000000027F0000-0x00000000027F1000-memory.dmp
memory/4208-141-0x0000000000400000-0x00000000004D8000-memory.dmp
memory/1436-143-0x0000000000400000-0x0000000000713000-memory.dmp
memory/3872-145-0x0000000000400000-0x00000000004D8000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-F3TUK.tmp\b715f22a9e37049d09b06c26ca899c4be3c6c21386f70d6d357b3bd481ee1794.tmp
| MD5 | 2f19061194ae27c87b8b6f8eff0a2ca9 |
| SHA1 | ed3e04874f4ed4db839020a786d8ff49038c23d4 |
| SHA256 | fe614f6d3edb6f259cf91c93b2fc551ff2950eb8bbe7c879b9df5e4d722bfc5e |
| SHA512 | 2180b33b649da3c4a708faa276e3c167b749c654101c9d0ebbe7e673f7d415bbd6d7c1545b75244a3a8c00706e0d99e8320ab9d5c33f1b9776c0a314cb1f7033 |
memory/1404-150-0x00000000008C0000-0x00000000008C1000-memory.dmp
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\SUMo.exe
| MD5 | 85a5c9a3435594fb7e0d40d1289d4e5b |
| SHA1 | d841701a46fa6fa9444501ff3774f808758924b4 |
| SHA256 | fa1e530b966af389f22bc95b0b45ebecf3975e29d4346fd9f3af7bd9e2b3f9e6 |
| SHA512 | 74e65bf3b76ce36268ef432750280b95050a2512d047369d2cbb8d26f5cddbceb67cacc9043ab90238d2c8d2f65dded1c599425e96c4045c517709c83ff2ee6c |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\SUMo.exe
| MD5 | 85a5c9a3435594fb7e0d40d1289d4e5b |
| SHA1 | d841701a46fa6fa9444501ff3774f808758924b4 |
| SHA256 | fa1e530b966af389f22bc95b0b45ebecf3975e29d4346fd9f3af7bd9e2b3f9e6 |
| SHA512 | 74e65bf3b76ce36268ef432750280b95050a2512d047369d2cbb8d26f5cddbceb67cacc9043ab90238d2c8d2f65dded1c599425e96c4045c517709c83ff2ee6c |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\SUMo.exe
| MD5 | 85a5c9a3435594fb7e0d40d1289d4e5b |
| SHA1 | d841701a46fa6fa9444501ff3774f808758924b4 |
| SHA256 | fa1e530b966af389f22bc95b0b45ebecf3975e29d4346fd9f3af7bd9e2b3f9e6 |
| SHA512 | 74e65bf3b76ce36268ef432750280b95050a2512d047369d2cbb8d26f5cddbceb67cacc9043ab90238d2c8d2f65dded1c599425e96c4045c517709c83ff2ee6c |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\settings.ini
| MD5 | 5a28072951d7f69bdea56a515bbde684 |
| SHA1 | 90cf030b990eea1f721b3d51271bb55389af45bd |
| SHA256 | fe3fa20956179b36138c44e6c271ff317f60462443f04ecbac002df3680a1f80 |
| SHA512 | 8a3aaee43cdfdc86ffe27e368a9758f429aca533bd9659751ad24a830edf3a5744bbe7350b737a7198cb3dd5f9adf919263dcac67c938f2080a2e747d9d2f12f |
memory/1780-394-0x0000000002670000-0x0000000002671000-memory.dmp
memory/1404-396-0x0000000000400000-0x0000000000713000-memory.dmp
memory/4208-398-0x0000000000400000-0x00000000004D8000-memory.dmp
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\libcrypto-3.dll
| MD5 | 5d27bfcbd2ef03041c284a31511e638e |
| SHA1 | 3c6e1dbd5adbe3bbb4a4ff4864ceb5e03d627333 |
| SHA256 | 79cb81c74b994b2b2dd351bb567c82e64c666192e25b8d571d00caffd3fdef76 |
| SHA512 | b99a094b19ee6e71f33c3625ac3535826414c288c3ca5ff173d6b1be64bfb0180f6cb942821a59cc65729591bf48176f2f776150c6efd205710525f00012c3ee |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\libcrypto-3.dll
| MD5 | 5d27bfcbd2ef03041c284a31511e638e |
| SHA1 | 3c6e1dbd5adbe3bbb4a4ff4864ceb5e03d627333 |
| SHA256 | 79cb81c74b994b2b2dd351bb567c82e64c666192e25b8d571d00caffd3fdef76 |
| SHA512 | b99a094b19ee6e71f33c3625ac3535826414c288c3ca5ff173d6b1be64bfb0180f6cb942821a59cc65729591bf48176f2f776150c6efd205710525f00012c3ee |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\VCRUNTIME140.dll
| MD5 | ba65db6bfef78a96aee7e29f1449bf8a |
| SHA1 | 06c7beb9fd1f33051b0e77087350903c652f4b77 |
| SHA256 | 141690572594dbd3618a4984712e9e36fc09c9906bb845ce1a9531ac8f7ad493 |
| SHA512 | ca63eeac10ef55d7e2e55479b25cf394e58aef1422951f361f762ab667f72a3454f55afc04e967e8cdd20cf3eebe97083e0438ea941916a09e7d091818ea830e |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\libunmap.dll
| MD5 | 53634bc76f19ea065981ac1b02225df9 |
| SHA1 | 7d1cb4ae535c30d2443c4b8f14927300c8449839 |
| SHA256 | e9053b628bf89440e0ad4874a5c234fe058539f20f9bf02d36c7492fed70857a |
| SHA512 | 3b46f34b4d370f44f219f0a404ae1f9a53897ddaabfb7665197dc16b538a13d9ee89af7053fd74998dc38321af8f076759f535d5a855f6ff5212d88704c79d3a |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\tesseract52.dll
| MD5 | fb01d25df4779f55ad1deea0ed3a8f2d |
| SHA1 | ac023743506cc4a20b1e0cd5c47d7933313fab93 |
| SHA256 | 93015a0a258424a2103b9520914faaabb98c7660b8387cd92d650f53260d5bf7 |
| SHA512 | ed1d39de0c4085493a8c6accd9780f932b8542d8e8613d8d77953b5067b93dda43adbd82c3923e0209d28f936e6078e48f9d7f7443fbb1c23fe8136562426a19 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\libpng16.dll
| MD5 | fc95df0925d9183a43c7f940094a8256 |
| SHA1 | 3bb64b0c5bcfc5f3ec8aa1c396b9bb3f40984091 |
| SHA256 | 95b74d8053cc88976911b289990c3f50a69e035a248f533c94c86bb29514a619 |
| SHA512 | c159c2cab06909526fdd292a3a3d615e9427eea20d8f93948b50078bf4220bb83f0200feba477aa25ee541faefa4bcc5487de5745a18c1077dad143b9ebbf85c |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\zstd.dll
| MD5 | 03ece33189fd8dc46ce2175ee18e46a9 |
| SHA1 | f027f3a0485b0b771249bb749c1fac3ec7c46888 |
| SHA256 | 8a25f1678e5133273ac073fa8c0e7cf1e4ebd3d945e2176052152da4f117eeb4 |
| SHA512 | 85e3d736e420fed1f26c560ccd97537f3ed3560d341d7add76921cb6c96e0f8116bb82b6c1d12f97fc13f436f91ca3d426e0fded2e4fcbb52574846a83aec42c |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\liblzma.dll
| MD5 | c0433de8fa35793e62667f6e9bd7f2a1 |
| SHA1 | 48e1205b590194b94dfef97897392ca355f78d5e |
| SHA256 | f870e3df60826778baef972833c00068b345cf39a568d6f39a3e8dc92a28dfe5 |
| SHA512 | 7bcb56f9ff7814e258bcc5945ddb535f355f269da8ad766614222d77f2f726a0a9169fa5ded74e73b0ecf63defec9f2530c61e4ce0ce2d1b4d0ccbc1870effc3 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\zstd.dll
| MD5 | 03ece33189fd8dc46ce2175ee18e46a9 |
| SHA1 | f027f3a0485b0b771249bb749c1fac3ec7c46888 |
| SHA256 | 8a25f1678e5133273ac073fa8c0e7cf1e4ebd3d945e2176052152da4f117eeb4 |
| SHA512 | 85e3d736e420fed1f26c560ccd97537f3ed3560d341d7add76921cb6c96e0f8116bb82b6c1d12f97fc13f436f91ca3d426e0fded2e4fcbb52574846a83aec42c |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\liblzma.dll
| MD5 | c0433de8fa35793e62667f6e9bd7f2a1 |
| SHA1 | 48e1205b590194b94dfef97897392ca355f78d5e |
| SHA256 | f870e3df60826778baef972833c00068b345cf39a568d6f39a3e8dc92a28dfe5 |
| SHA512 | 7bcb56f9ff7814e258bcc5945ddb535f355f269da8ad766614222d77f2f726a0a9169fa5ded74e73b0ecf63defec9f2530c61e4ce0ce2d1b4d0ccbc1870effc3 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\webpmux.dll
| MD5 | 3ad28bf0e0b806e52709b052bb3bf59f |
| SHA1 | 38533b5a814be276266dac5abaa78ddf6f3ab721 |
| SHA256 | a6ca310783b9e829c28dc2b7b12fe79dbc3543a04c3a76af320dc65e3733296d |
| SHA512 | d9e1494a3f9a51c410e7aedf5735f367b13b7ec9bb600db11f9977aaadbd14f71bba51c1eacff054012a34f37f6f30871a542f54d2ef08a575883934ea69593c |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\ld
| MD5 | 9af9a3c729ae54c65bca2f6b195cd264 |
| SHA1 | 66def2a81bd5c6fdfccbc1988a1932cea73f6c76 |
| SHA256 | 1843f39639bcb3efac444f50026ea1a57cd96ec016ff4ac8c607e0649d22d99d |
| SHA512 | d17ad63ca397e53ea5899ac6941877d5da5db0692d1e446e9087e062558ea379035dcde75e7f277dbcc100d7bb9dc81213566c199593bfde2f7edcc93400a46f |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\bz2.dll
| MD5 | bb1ea7cade180a0c012c2289c7d820cc |
| SHA1 | 67a17ae0aed053d8fb071450dff8f843a1255112 |
| SHA256 | 30998439b2fbc620f3f87799f8a98e8519f26b227bf498877b11dfb52147b698 |
| SHA512 | 3b10462ae03ea57bfad298c4d59da247b8ad971aeec0c9ad439a72b1756ee627fba23fe9044df9a8301b0fe1099bbb9988869ccce1102314052a49bf0cbdf317 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\zlib1.dll
| MD5 | 7cfdbfec8b16876767f5895fae94f6cd |
| SHA1 | 49644b75dc5ef3e1f6e122f8b6e5569b74b1e2a5 |
| SHA256 | 322062f0287317d3f41180bf79e54c4ddf4646a08fcd55263fd05ad56b8e1cba |
| SHA512 | 02a10c91098b79cf4b53dfeb595283cd0bcd5b70ddc803f401600d321a54d3ce51ec24962473a47b9679b573a2223ff7f02be57866bfd961cea3f1a81bcea683 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\webp.dll
| MD5 | 49a5a7951db2476d6242a858a0461fc4 |
| SHA1 | 1696f8060aebff50af0ac4650893378bd5152285 |
| SHA256 | c7db9a648d5abaf0247b68c48e08e74220dc7757514710e6748b1f482d66c5b8 |
| SHA512 | e725704c004c47bc6b3c802ab626443cbfc02cc6563b85c25ff09d28382556e07e42b3a897d463828b20af10e1a189e81d0b759ed0043c03d35ebacdd3cae80d |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\tiff.dll
| MD5 | 74f1a9dd7e8d945cd555cfe5a24120a7 |
| SHA1 | 642e3d2db14cc1b367e0c324e38883a201f3e766 |
| SHA256 | a630ef0230f081f9e512c72df1879b015d9ccac7f8447716d3379e7be561d88c |
| SHA512 | 27b4730bcccd094de96f9355c3d40b87e1e68ab94355ecc578e7618537bed42c25bbd232690eba61ae701f80c3e8fcb4d33584df3e606ba54372bcd13921e3ad |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\webp.dll
| MD5 | 49a5a7951db2476d6242a858a0461fc4 |
| SHA1 | 1696f8060aebff50af0ac4650893378bd5152285 |
| SHA256 | c7db9a648d5abaf0247b68c48e08e74220dc7757514710e6748b1f482d66c5b8 |
| SHA512 | e725704c004c47bc6b3c802ab626443cbfc02cc6563b85c25ff09d28382556e07e42b3a897d463828b20af10e1a189e81d0b759ed0043c03d35ebacdd3cae80d |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\libpng16.dll
| MD5 | fc95df0925d9183a43c7f940094a8256 |
| SHA1 | 3bb64b0c5bcfc5f3ec8aa1c396b9bb3f40984091 |
| SHA256 | 95b74d8053cc88976911b289990c3f50a69e035a248f533c94c86bb29514a619 |
| SHA512 | c159c2cab06909526fdd292a3a3d615e9427eea20d8f93948b50078bf4220bb83f0200feba477aa25ee541faefa4bcc5487de5745a18c1077dad143b9ebbf85c |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\webpmux.dll
| MD5 | 3ad28bf0e0b806e52709b052bb3bf59f |
| SHA1 | 38533b5a814be276266dac5abaa78ddf6f3ab721 |
| SHA256 | a6ca310783b9e829c28dc2b7b12fe79dbc3543a04c3a76af320dc65e3733296d |
| SHA512 | d9e1494a3f9a51c410e7aedf5735f367b13b7ec9bb600db11f9977aaadbd14f71bba51c1eacff054012a34f37f6f30871a542f54d2ef08a575883934ea69593c |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\tiff.dll
| MD5 | 74f1a9dd7e8d945cd555cfe5a24120a7 |
| SHA1 | 642e3d2db14cc1b367e0c324e38883a201f3e766 |
| SHA256 | a630ef0230f081f9e512c72df1879b015d9ccac7f8447716d3379e7be561d88c |
| SHA512 | 27b4730bcccd094de96f9355c3d40b87e1e68ab94355ecc578e7618537bed42c25bbd232690eba61ae701f80c3e8fcb4d33584df3e606ba54372bcd13921e3ad |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\archive.dll
| MD5 | 7b7f24a8128471195f967efb50c0ac50 |
| SHA1 | 464e68a0766e3f8d52863327100664f09f33248c |
| SHA256 | 6bd8ad484fe5e0b2a757d39283de5bfa492a1ffb6aa0ed5c9b7987960ade1a4e |
| SHA512 | ceedcf39126d1d4ec471ccdd0a166e533e1a2aab7307860757a6656488fa5b788d56061c2c7f3add7dfa8decf92dcfab23724270244715f35c003eaaba9a01fc |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\libcurl.dll
| MD5 | 72a826e28e82a394aab487e3421d8436 |
| SHA1 | 466757a94a1855b2a51390d333891c2a30b97434 |
| SHA256 | 622d6094ea54d84865f8d27e33f165ee5329f35c7840381fce3277afbbca0a6a |
| SHA512 | d26dfa8a54d176d3e710125cd3b6f3195381cff44f6f408f0dece84c8840e7e711ccb6568a2bd5d9c69b7641714fe2117713c1bfa1840fa8b7b6414f7ab2579a |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\openjp2.dll
| MD5 | 0befbd26563d8ef2bc1f47384fd74e96 |
| SHA1 | 547c90fad821505b2a72b8147cccacdbd70300e4 |
| SHA256 | 7c4e95fb4ef2a251ffb397ca4342dcf55c65de54b6b1887a064e77501772ce9f |
| SHA512 | a558f1d34cc25a0970bf264e6f47023f6d371090ae4f94b1444a4d216e7ee9f55a2c37704a5f35fbfdd96fa0ad028c5819dd90afaf77cc0bae97456f0278a8b2 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\bz2.dll
| MD5 | bb1ea7cade180a0c012c2289c7d820cc |
| SHA1 | 67a17ae0aed053d8fb071450dff8f843a1255112 |
| SHA256 | 30998439b2fbc620f3f87799f8a98e8519f26b227bf498877b11dfb52147b698 |
| SHA512 | 3b10462ae03ea57bfad298c4d59da247b8ad971aeec0c9ad439a72b1756ee627fba23fe9044df9a8301b0fe1099bbb9988869ccce1102314052a49bf0cbdf317 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\zlib1.dll
| MD5 | 7cfdbfec8b16876767f5895fae94f6cd |
| SHA1 | 49644b75dc5ef3e1f6e122f8b6e5569b74b1e2a5 |
| SHA256 | 322062f0287317d3f41180bf79e54c4ddf4646a08fcd55263fd05ad56b8e1cba |
| SHA512 | 02a10c91098b79cf4b53dfeb595283cd0bcd5b70ddc803f401600d321a54d3ce51ec24962473a47b9679b573a2223ff7f02be57866bfd961cea3f1a81bcea683 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\openjp2.dll
| MD5 | 0befbd26563d8ef2bc1f47384fd74e96 |
| SHA1 | 547c90fad821505b2a72b8147cccacdbd70300e4 |
| SHA256 | 7c4e95fb4ef2a251ffb397ca4342dcf55c65de54b6b1887a064e77501772ce9f |
| SHA512 | a558f1d34cc25a0970bf264e6f47023f6d371090ae4f94b1444a4d216e7ee9f55a2c37704a5f35fbfdd96fa0ad028c5819dd90afaf77cc0bae97456f0278a8b2 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\jpeg62.dll
| MD5 | dc9710e9bede8b3e02e356691dce2903 |
| SHA1 | 8f92a58d6f49a1b7a5ab76b74bbc88d4cee02019 |
| SHA256 | ea85f913ac7f1472224ff9aacf07d72d65c39b0d79504259ccf678e97ac82819 |
| SHA512 | 335bfd92b458377169399e45634f6af453bceed2313c1170fab3b263dbfd73d053296ed1b2ad5ea0548d90d9e3b224daa3e684c990552ba201d5894e5dc8d38c |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\jpeg62.dll
| MD5 | dc9710e9bede8b3e02e356691dce2903 |
| SHA1 | 8f92a58d6f49a1b7a5ab76b74bbc88d4cee02019 |
| SHA256 | ea85f913ac7f1472224ff9aacf07d72d65c39b0d79504259ccf678e97ac82819 |
| SHA512 | 335bfd92b458377169399e45634f6af453bceed2313c1170fab3b263dbfd73d053296ed1b2ad5ea0548d90d9e3b224daa3e684c990552ba201d5894e5dc8d38c |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\gif.dll
| MD5 | 6ae328d3f4584597d87224568ef416b1 |
| SHA1 | 87d29b395058ee0b852ccd0d7296edb8dd6e72a5 |
| SHA256 | 22b993cb00c647debb7957b7ab8608b42928bcb1068fac57c54e70fe6fbbe0d3 |
| SHA512 | c2d847b96873fc6f5b731044c9fc570f4e25962728e7a14f1a3c3cbd3fb36fcce59fdd6ab2f2ace5a78e42c323839d1a14c07d389abe40766ac48f65f86d111b |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\libcurl.dll
| MD5 | 72a826e28e82a394aab487e3421d8436 |
| SHA1 | 466757a94a1855b2a51390d333891c2a30b97434 |
| SHA256 | 622d6094ea54d84865f8d27e33f165ee5329f35c7840381fce3277afbbca0a6a |
| SHA512 | d26dfa8a54d176d3e710125cd3b6f3195381cff44f6f408f0dece84c8840e7e711ccb6568a2bd5d9c69b7641714fe2117713c1bfa1840fa8b7b6414f7ab2579a |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\gif.dll
| MD5 | 6ae328d3f4584597d87224568ef416b1 |
| SHA1 | 87d29b395058ee0b852ccd0d7296edb8dd6e72a5 |
| SHA256 | 22b993cb00c647debb7957b7ab8608b42928bcb1068fac57c54e70fe6fbbe0d3 |
| SHA512 | c2d847b96873fc6f5b731044c9fc570f4e25962728e7a14f1a3c3cbd3fb36fcce59fdd6ab2f2ace5a78e42c323839d1a14c07d389abe40766ac48f65f86d111b |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\archive.dll
| MD5 | 7b7f24a8128471195f967efb50c0ac50 |
| SHA1 | 464e68a0766e3f8d52863327100664f09f33248c |
| SHA256 | 6bd8ad484fe5e0b2a757d39283de5bfa492a1ffb6aa0ed5c9b7987960ade1a4e |
| SHA512 | ceedcf39126d1d4ec471ccdd0a166e533e1a2aab7307860757a6656488fa5b788d56061c2c7f3add7dfa8decf92dcfab23724270244715f35c003eaaba9a01fc |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\leptonica-1.82.0.dll
| MD5 | b1b025f906d60a22d930dd9f17cdadd2 |
| SHA1 | dd9c06f7a21bbb779756665a895b54bd70aa9a10 |
| SHA256 | ec9bd9d0294330bb1ef614352126490763806d21aaf949263b64e86e41bba540 |
| SHA512 | d8ca56717dad265e5708d831909fee71b00c1739442c62735d21732b049768e532c43fe4dbbeb05adf2765f7b048b2316ce5864bb93e33b98a02ac90021780e6 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\libssl-3.dll
| MD5 | 6a92cec97792669dec4c1e06f957ed4e |
| SHA1 | 6789eb64b31fd5ab643cd91b2ba3afcfde22e7a2 |
| SHA256 | 84b912710d6648269bfc96ded14c9f3fc98a45f4adab07a993e86c3defb1f65d |
| SHA512 | bd185182334a423bec23e6931da62afd3a95bd2b93860b328f78ed2d02a811ac492f30178239d589fda0976ec3170d89b611cdccc190222bacbf1182b2ffd1d2 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\libssl-3.dll
| MD5 | 6a92cec97792669dec4c1e06f957ed4e |
| SHA1 | 6789eb64b31fd5ab643cd91b2ba3afcfde22e7a2 |
| SHA256 | 84b912710d6648269bfc96ded14c9f3fc98a45f4adab07a993e86c3defb1f65d |
| SHA512 | bd185182334a423bec23e6931da62afd3a95bd2b93860b328f78ed2d02a811ac492f30178239d589fda0976ec3170d89b611cdccc190222bacbf1182b2ffd1d2 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\infoware.dll
| MD5 | 72536dc4379ef32244e85e79aaca6bad |
| SHA1 | 15ef7dde5cf66cdd7805ebdbb12570de59be724b |
| SHA256 | 33367523ac36bffc608a35d2ff9f7cb8837f6a41c2b647aa1a3c10aa259e703c |
| SHA512 | 35bb838a9b3146d81087f21c9abc08191584f3da3b30c3e64c6fa11b60d922c20cb1c59bf3f3bca0b4fb309ee51b135e736af4009f565350cf9ff11fc78eb89f |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\tesseract52.dll
| MD5 | fb01d25df4779f55ad1deea0ed3a8f2d |
| SHA1 | ac023743506cc4a20b1e0cd5c47d7933313fab93 |
| SHA256 | 93015a0a258424a2103b9520914faaabb98c7660b8387cd92d650f53260d5bf7 |
| SHA512 | ed1d39de0c4085493a8c6accd9780f932b8542d8e8613d8d77953b5067b93dda43adbd82c3923e0209d28f936e6078e48f9d7f7443fbb1c23fe8136562426a19 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\msvcp140.dll
| MD5 | fdd04dbbcf321eee5f4dd67266f476b0 |
| SHA1 | 65ffdfe2664a29a41fcf5039229ccecad5b825b9 |
| SHA256 | 21570bcb7a77e856f3113235d2b05b2b328d4bb71b4fd9ca4d46d99adac80794 |
| SHA512 | 04cfc3097fbce6ee1b7bac7bd63c3cffe7dca16f0ec9cd8fe657d8b7ebd06dcba272ff472f98c6385c3cfb9b1ac3f47be8ca6d3ea80ab4aeed44a0e2ce3185dd |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\leptonica-1.82.0.dll
| MD5 | b1b025f906d60a22d930dd9f17cdadd2 |
| SHA1 | dd9c06f7a21bbb779756665a895b54bd70aa9a10 |
| SHA256 | ec9bd9d0294330bb1ef614352126490763806d21aaf949263b64e86e41bba540 |
| SHA512 | d8ca56717dad265e5708d831909fee71b00c1739442c62735d21732b049768e532c43fe4dbbeb05adf2765f7b048b2316ce5864bb93e33b98a02ac90021780e6 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\infoware.dll
| MD5 | 72536dc4379ef32244e85e79aaca6bad |
| SHA1 | 15ef7dde5cf66cdd7805ebdbb12570de59be724b |
| SHA256 | 33367523ac36bffc608a35d2ff9f7cb8837f6a41c2b647aa1a3c10aa259e703c |
| SHA512 | 35bb838a9b3146d81087f21c9abc08191584f3da3b30c3e64c6fa11b60d922c20cb1c59bf3f3bca0b4fb309ee51b135e736af4009f565350cf9ff11fc78eb89f |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\MSVCP140.dll
| MD5 | fdd04dbbcf321eee5f4dd67266f476b0 |
| SHA1 | 65ffdfe2664a29a41fcf5039229ccecad5b825b9 |
| SHA256 | 21570bcb7a77e856f3113235d2b05b2b328d4bb71b4fd9ca4d46d99adac80794 |
| SHA512 | 04cfc3097fbce6ee1b7bac7bd63c3cffe7dca16f0ec9cd8fe657d8b7ebd06dcba272ff472f98c6385c3cfb9b1ac3f47be8ca6d3ea80ab4aeed44a0e2ce3185dd |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\createdb.dll
| MD5 | ac3e0298184d76ad86730e5b89867fb4 |
| SHA1 | bbcfdc1732507ac17b812db102a25728d7d8c755 |
| SHA256 | f210b8d8e984df19b27fb6184ed0212467c219b418b94b01003d5e6c11efdef3 |
| SHA512 | 68210ede444dfaea92edd57945cbe18a9e605a407aa7572fbc1d4bc61298789a1f8aa644d58e16c1f6df15eb395c3298847576cc3a33862d1c329fdd2ba91c99 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\libunmap.dll
| MD5 | 53634bc76f19ea065981ac1b02225df9 |
| SHA1 | 7d1cb4ae535c30d2443c4b8f14927300c8449839 |
| SHA256 | e9053b628bf89440e0ad4874a5c234fe058539f20f9bf02d36c7492fed70857a |
| SHA512 | 3b46f34b4d370f44f219f0a404ae1f9a53897ddaabfb7665197dc16b538a13d9ee89af7053fd74998dc38321af8f076759f535d5a855f6ff5212d88704c79d3a |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\vcruntime140.dll
| MD5 | ba65db6bfef78a96aee7e29f1449bf8a |
| SHA1 | 06c7beb9fd1f33051b0e77087350903c652f4b77 |
| SHA256 | 141690572594dbd3618a4984712e9e36fc09c9906bb845ce1a9531ac8f7ad493 |
| SHA512 | ca63eeac10ef55d7e2e55479b25cf394e58aef1422951f361f762ab667f72a3454f55afc04e967e8cdd20cf3eebe97083e0438ea941916a09e7d091818ea830e |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\createdb.dll
| MD5 | ac3e0298184d76ad86730e5b89867fb4 |
| SHA1 | bbcfdc1732507ac17b812db102a25728d7d8c755 |
| SHA256 | f210b8d8e984df19b27fb6184ed0212467c219b418b94b01003d5e6c11efdef3 |
| SHA512 | 68210ede444dfaea92edd57945cbe18a9e605a407aa7572fbc1d4bc61298789a1f8aa644d58e16c1f6df15eb395c3298847576cc3a33862d1c329fdd2ba91c99 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\libnl.dll
| MD5 | 71c9425b931174f36cf53b617256bb58 |
| SHA1 | 567c1c118d6ea7a040b6cfe06afd5db30f0960f4 |
| SHA256 | 4df4cd57dbe4c6cca7a032a0c45d0102696e2307548295ab7f62eea9c5ffbb85 |
| SHA512 | 0939cb0158e4cdb6146fc19428e89250e811bb37c238878fbe41bd3b06336f6b36da94b24415520ffd99df790780bfb9e3ef416a621582fce17d9bafeb62b095 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\libnl.dll
| MD5 | 71c9425b931174f36cf53b617256bb58 |
| SHA1 | 567c1c118d6ea7a040b6cfe06afd5db30f0960f4 |
| SHA256 | 4df4cd57dbe4c6cca7a032a0c45d0102696e2307548295ab7f62eea9c5ffbb85 |
| SHA512 | 0939cb0158e4cdb6146fc19428e89250e811bb37c238878fbe41bd3b06336f6b36da94b24415520ffd99df790780bfb9e3ef416a621582fce17d9bafeb62b095 |
memory/1780-452-0x0000000006240000-0x00000000062FC000-memory.dmp
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\Docs\License.rtf
| MD5 | f71d7c866af458c94ed87633b2c9096f |
| SHA1 | 1fe72e749ef0e9cc484867065f2fd36bc31b5d0e |
| SHA256 | fd58f84212f2b2e9f44d9465ca89ba28a252d00f095d6f1a2945c921110ce38d |
| SHA512 | a4f45e9a927c42dcf320995182b50d9c4e539e2fcef867e297305b9de19bd2f2c2502c3fd6f9da20f1450bd0256b25ddfcf30b3193602920ba4d7121b67a5922 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\Languages\Turkish.lng
| MD5 | 72fae535f28eb9b6f41a842021139554 |
| SHA1 | c9391daf5471c56b82afbed88ca9235fa964fdfc |
| SHA256 | 5d6e1be09c4d43490443038848e08a0ecd5d54abb5de676615dc7c9eff06762d |
| SHA512 | 041325653b4e2b117f80610474dd605276216118d008a0deb99ca5fa661632f1700d8b4fc7948a924ea915c996c6229539a915ed32912975b67897384580fbba |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\Languages\ChineseSimplified.lng
| MD5 | e0826138c74a3f2b571bbc4e81ac6da0 |
| SHA1 | 462393e5d24098a7618c8206f4dad0e0b4f6722e |
| SHA256 | 920dd99c4829a1a7892d665e8d99706f3aac36c1bf90430571d8af06cd114565 |
| SHA512 | 3f71686b71d513e356a0e74f41933517a2aa236f828c37fcf40cc9e34a4ca6780fb7661eeb027ec943d9fc53325194e3bd39183a1fa90d3ba7ff85d6a7e67ac9 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\Sounds\Message.wav
| MD5 | 4ac92f57e55c531dfb376ef7f5e22648 |
| SHA1 | fe0cdfb931c99ba312051557a360f25b53ba6ce0 |
| SHA256 | 961b34d05391ca12102de2687cdc22c71b32fca93b9000c6e0fade61fbb53071 |
| SHA512 | 62573fd17af9442b285a734ca73773ef8049593ac70b5f976d1c4f951e82486deaeb722c16282102fe85a5f95c65e8d84e273fbe5640170521385b1b8f85267a |
memory/1780-470-0x0000000006240000-0x00000000062FC000-memory.dmp
memory/1780-476-0x0000000000360000-0x0000000000588000-memory.dmp
memory/1780-474-0x0000000006240000-0x00000000062FC000-memory.dmp
memory/1780-471-0x0000000006240000-0x00000000062FC000-memory.dmp
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\Docs\Purchase.rtf
| MD5 | b392301580d0592a840bf0404db43822 |
| SHA1 | 41d121708548252196158f4b4df20b43b9e7f505 |
| SHA256 | 339a69c1321030931fbef876221254ea7febaafe627444f1ce7686e55f79c208 |
| SHA512 | 6e979a29a6bc698baebb58f54a2c5ea1ad4c63e73d3892199725c01700b772003a7ca51be91a4e2da7687a4d801060455909a91ade24c32a465b384353650b64 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\NSM.ini
| MD5 | 99f493dce7fab330dc47f0cab8fe6172 |
| SHA1 | 16906fb5988303bb462b65ff4ece23539a12f4b5 |
| SHA256 | e0ed36c897eaa5352fab181c20020b60df4c58986193d6aaf5bf3e3ecdc4c05d |
| SHA512 | 2c58171c30aec8ae131a7c32162856fce551b55f861d0d9fb0e27a91bd7084388df5860392f80cdbc6df6e64e97d8bf2cae587c3d6b7c142ce711ae8e240bb01 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\Docs\ReadMe.rtf
| MD5 | 6e1b8492852580a08176dce9ded7b6c5 |
| SHA1 | f890743f1b264fd14a3014c3d4180805694911d8 |
| SHA256 | acf18aafed903e8b649f537d69c5f81a3762324f472c62740513346c07700402 |
| SHA512 | 0b8554725ffa85ea4b6f93b8fa2285d76c6c12202e7ef9a689e266e5638555ccd0335bc4d1eacc95fccf84d8d939c3fc6673058bb059dfe0eb67ef36f5d8ad08 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\client32.ini
| MD5 | f37bd9c7476eb71f5dc3c73c27ffdc35 |
| SHA1 | 9f8ac70e60c713ae9f0eded7f36b13eaf2efa9b4 |
| SHA256 | 4a1146a85504a0e99904f3c99c4708105960a01e8fdc16d0dcd18a7f171565ef |
| SHA512 | 22a8009a2f2f552a5ca5b6e0c4a4f0c3812b594f4837f21032db048e94f1de28166ce1c562ec1562a5eb708853b6a4974d9827d251cdd39584ceff9adb6c7dcf |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\nskbfltr.inf
| MD5 | 26e28c01461f7e65c402bdf09923d435 |
| SHA1 | 1d9b5cfcc30436112a7e31d5e4624f52e845c573 |
| SHA256 | d96856cd944a9f1587907cacef974c0248b7f4210f1689c1e6bcac5fed289368 |
| SHA512 | c30ec66fecb0a41e91a31804be3a8b6047fc3789306adc106c723b3e5b166127766670c7da38d77d3694d99a8cddb26bc266ee21dba60a148cdf4d6ee10d27d7 |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\NSM.LIC
| MD5 | 2f189eab3c35777e3b85d9da00a24069 |
| SHA1 | 07ddb1e8598109b3a66177af391daed89d198580 |
| SHA256 | c1fafdee6d924e0520d851cb63d9ce8cdcb2b55bb495ea1b025ff2e143e7f447 |
| SHA512 | ffc1b8e7d3baf34bb93de8f7b9aa98a3502fc125ba1fd2a1471e466e8960855160607b49c8792d8e2c48de9b7b68f2afc70ba6d18966a614b36c4c6a28650ccd |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\Docs\Download Microsoft Installer Package.url
| MD5 | e4b92148e17b51a861fd39606b7cd093 |
| SHA1 | 29acd371b0ce72df1f220c8ed4d9e76d8b246d9c |
| SHA256 | a1b48ea5547e9fb008a3ad653b3d03a3ec528c137bd0a0fab030da0310f5b62d |
| SHA512 | 0e62305e8e6e0abd6f5a98513c6dc77cc6660a788723698d3e4c3d94ccde3ecad1daafb43cdb016f08189ea7bc700fa0bc0e0b6363c98bb7fdfd61ddf99effee |
C:\Users\Admin\AppData\Local\Softros Systems\Softros LAN Messenger\Docs\Purchase the License Online.url
| MD5 | 3d9be67b20871e9d5332aca5400ffda3 |
| SHA1 | b3a6c3efaa7784c26418a3ce2e37d493434e7ea0 |
| SHA256 | bb73158f3919309e5dce9e6254697931720a6ce3bd806aae3cada6e55c4f1c8d |
| SHA512 | 131f84951832ef6b9c47e0e1163674dbce4182712dcce37830ced975c29a61fa06e72d155dd3d3ef0472d37797b13d22efeb49d9e9eb7aedc62ef81dffed7afe |
memory/1780-479-0x0000000006240000-0x00000000062FC000-memory.dmp
memory/1780-477-0x0000000006240000-0x00000000062FC000-memory.dmp
memory/1780-480-0x0000000006240000-0x00000000062FC000-memory.dmp
memory/1780-483-0x0000000010000000-0x00000000105DF000-memory.dmp
memory/1780-486-0x0000000004610000-0x000000000462C000-memory.dmp
memory/1780-488-0x0000000002670000-0x0000000002671000-memory.dmp
memory/1780-500-0x0000000006240000-0x00000000062FC000-memory.dmp