f980e92af3341650819ca6c985294ebe0aa78d38bdfe249536d7ec7f2efc6ecf

Analysis

max time kernel
218s
max time network
204s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
28-03-2023 21:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

clipgrab-3.9.7-dotinstaller.exe
Size

2.8MB
MD5

0f29445baa824f6729cbda3d90b15cec
SHA1

572195b4193529d842653e678eeec7dc3544ee2f
SHA256

f980e92af3341650819ca6c985294ebe0aa78d38bdfe249536d7ec7f2efc6ecf
SHA512

a05bb0cb18d3c7e0ce5795397beeaee90078c272afccf5211d911eae4bc39078bed7da22c528e77ed4daea1c1b4e736c2f361cdb6e525e4132ba4793e433cc81
SSDEEP

49152:9qe3f6PUk/4g+H98AHaCfu6rtWBu1SSmqOIzDamifOL9T9vEXv:MSiPUk/XE9vBugtL1SNaRLh9vEXv

Score

8^/10

discovery

Malware Config

Signatures

Downloads MZ/PE file

Executes dropped EXE 7 IoCs

pid	Process
1508	clipgrab-3.9.7-dotinstaller.tmp
776	clipgrab-3.9.7-portable.exe
896	clipgrab-3.9.7-portable.tmp
2008	vc_redist.x86.exe
268	vc_redist.x86.exe
1668	clipgrab.exe
336	ffmpeg.exe

Loads dropped DLL 31 IoCs

pid	Process
1720	clipgrab-3.9.7-dotinstaller.exe
1508	clipgrab-3.9.7-dotinstaller.tmp
1508	clipgrab-3.9.7-dotinstaller.tmp
1508	clipgrab-3.9.7-dotinstaller.tmp
776	clipgrab-3.9.7-portable.exe
896	clipgrab-3.9.7-portable.tmp
896	clipgrab-3.9.7-portable.tmp
896	clipgrab-3.9.7-portable.tmp
896	clipgrab-3.9.7-portable.tmp
2008	vc_redist.x86.exe
268	vc_redist.x86.exe
1668	clipgrab.exe
1668	clipgrab.exe
1668	clipgrab.exe
1668	clipgrab.exe
1668	clipgrab.exe
1668	clipgrab.exe
1668	clipgrab.exe
1668	clipgrab.exe
1668	clipgrab.exe
1668	clipgrab.exe
1668	clipgrab.exe
1668	clipgrab.exe
1668	clipgrab.exe
1668	clipgrab.exe
1668	clipgrab.exe
1668	clipgrab.exe
1668	clipgrab.exe
1668	clipgrab.exe
1668	clipgrab.exe
1668	clipgrab.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\ClipGrab\python\is-K2KQH.tmp	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\QtWebEngineProcess.exe	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\Qt5Quick.dll	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\platforms\qwindows.dll	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\is-VVP0U.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\python\is-CB135.tmp	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\position\qtposition_winrt.dll	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\Qt5Network.dll	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\resources\is-A0RE3.tmp	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\python\python37.dll	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\Qt5Gui.dll	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\python\is-9LIDV.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\python\is-H321S.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\python\is-GFHVK.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\imageformats\is-0MVV6.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\python\is-CVKD1.tmp	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\python\libcrypto-1_1.dll	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\python\is-AFDK3.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\python\is-MLPLQ.tmp	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\ffmpeg.exe	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\imageformats\qwbmp.dll	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\python\is-A8U17.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\python\is-LAUAT.tmp	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\Qt5Xml.dll	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\is-8OPG6.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\position\is-7AFEC.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\translations\qtwebengine_locales\is-NEGEK.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\python\is-4GVEN.tmp	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\python\python3.dll	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\is-Q8E9T.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\is-UDF45.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\python\is-V8GEC.tmp	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\imageformats\qwebp.dll	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\imageformats\qgif.dll	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\is-F0QRP.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\python\is-CISVJ.tmp	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\python\sqlite3.dll	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\Qt5Svg.dll	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\styles\qwindowsvistastyle.dll	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\is-NA9QT.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\is-5H5C0.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\is-H2HT4.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\is-QBULJ.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\resources\is-N1K79.tmp	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\python\vcruntime140.dll	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\Qt5PrintSupport.dll	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\styles\is-5K82E.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\iconengines\is-H9ETS.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\python\is-NKNUK.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\python\is-TKL61.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\is-GA9T6.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\position\is-39RMJ.tmp	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\Qt5Widgets.dll	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\is-EIDLO.tmp	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\python\is-QEO7N.tmp	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\Qt5QuickWidgets.dll	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\Qt5WebEngineCore.dll	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\libcrypto-1_1.dll	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\is-6UJKP.tmp	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\imageformats\qsvg.dll	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\is-M9L9J.tmp	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\position\qtposition_positionpoll.dll	clipgrab-3.9.7-portable.tmp
File opened for modification	C:\Program Files (x86)\ClipGrab\Qt5WebEngineWidgets.dll	clipgrab-3.9.7-portable.tmp
File created	C:\Program Files (x86)\ClipGrab\is-4VKMR.tmp	clipgrab-3.9.7-portable.tmp

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Modifies system certificate store 2 TTPs 8 IoCs

evasion spyware trojan

Install Root Certificate

T1130

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6\Blob = 0f000000010000001400000007eeabaf80a9ef4ae1b2cb9b4b5fc70d0428e6a953000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00b000000010000002e00000053007400610072006600690065006c006400200054006500630068006e006f006c006f0067006900650073000000090000000100000016000000301406082b0601050507030406082b06010505070301140000000100000014000000a848b4242fc6ea24a0d78e3cb93c5c78d79833e41d00000001000000100000005959ddbc9c7632ba0a05f06316846fe6030000000100000014000000317a2ad07f2b335ef5a1c34e4b57e8b7d8f1fca62000000001000000eb020000308202e730820250020101300d06092a864886f70d01010505003081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d301e170d3939303632363030313935345a170d3139303632363030313935345a3081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100ce3a71cae5abc8599255d7abd8740ef9eed9f655475965470e0555dceb98363c5c535dd330cf38ecbd4189ed254209246b0a5eb37cdd522d4ce6d4d67d5a59a965d449132d244d1c506fb5c185543bfe71e4d35c42f980e0911a0a5b393667f33f557c1b3fb45f647334e3b412bf8764f8da12ff3727c1b343bbef7b6e2e69f70203010001300d06092a864886f70d0101050500038181003b7f506f6f509499496238381f4bf8a5c83ea78281f62bc7e8c5cee83a1082cb18008e4dbda8587fa17900b5bbe98daf41d90f34ee218119a0324928f4c48e56d55233fd50d57e996c03e4c94cfccb6cab66b34a218ce5b50c323e10b2cc6ca1dc9a984c025bf3ceb99ea5720e4ab73f3ce61668f8beed744cbc5bd5621f43dd	clipgrab-3.9.7-dotinstaller.tmp
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6\Blob = 19000000010000001000000044ba5fd9039fc9b56fd8aadccd597ca6030000000100000014000000317a2ad07f2b335ef5a1c34e4b57e8b7d8f1fca61d00000001000000100000005959ddbc9c7632ba0a05f06316846fe6140000000100000014000000a848b4242fc6ea24a0d78e3cb93c5c78d79833e4090000000100000016000000301406082b0601050507030406082b060105050703010b000000010000002e00000053007400610072006600690065006c006400200054006500630068006e006f006c006f006700690065007300000053000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00f000000010000001400000007eeabaf80a9ef4ae1b2cb9b4b5fc70d0428e6a92000000001000000eb020000308202e730820250020101300d06092a864886f70d01010505003081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d301e170d3939303632363030313935345a170d3139303632363030313935345a3081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100ce3a71cae5abc8599255d7abd8740ef9eed9f655475965470e0555dceb98363c5c535dd330cf38ecbd4189ed254209246b0a5eb37cdd522d4ce6d4d67d5a59a965d449132d244d1c506fb5c185543bfe71e4d35c42f980e0911a0a5b393667f33f557c1b3fb45f647334e3b412bf8764f8da12ff3727c1b343bbef7b6e2e69f70203010001300d06092a864886f70d0101050500038181003b7f506f6f509499496238381f4bf8a5c83ea78281f62bc7e8c5cee83a1082cb18008e4dbda8587fa17900b5bbe98daf41d90f34ee218119a0324928f4c48e56d55233fd50d57e996c03e4c94cfccb6cab66b34a218ce5b50c323e10b2cc6ca1dc9a984c025bf3ceb99ea5720e4ab73f3ce61668f8beed744cbc5bd5621f43dd	clipgrab-3.9.7-dotinstaller.tmp
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6\Blob = 040000000100000010000000a923759bba49366e31c2dbf2e766ba870f000000010000001400000007eeabaf80a9ef4ae1b2cb9b4b5fc70d0428e6a953000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00b000000010000002e00000053007400610072006600690065006c006400200054006500630068006e006f006c006f0067006900650073000000090000000100000016000000301406082b0601050507030406082b06010505070301140000000100000014000000a848b4242fc6ea24a0d78e3cb93c5c78d79833e41d00000001000000100000005959ddbc9c7632ba0a05f06316846fe6030000000100000014000000317a2ad07f2b335ef5a1c34e4b57e8b7d8f1fca619000000010000001000000044ba5fd9039fc9b56fd8aadccd597ca62000000001000000eb020000308202e730820250020101300d06092a864886f70d01010505003081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d301e170d3939303632363030313935345a170d3139303632363030313935345a3081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100ce3a71cae5abc8599255d7abd8740ef9eed9f655475965470e0555dceb98363c5c535dd330cf38ecbd4189ed254209246b0a5eb37cdd522d4ce6d4d67d5a59a965d449132d244d1c506fb5c185543bfe71e4d35c42f980e0911a0a5b393667f33f557c1b3fb45f647334e3b412bf8764f8da12ff3727c1b343bbef7b6e2e69f70203010001300d06092a864886f70d0101050500038181003b7f506f6f509499496238381f4bf8a5c83ea78281f62bc7e8c5cee83a1082cb18008e4dbda8587fa17900b5bbe98daf41d90f34ee218119a0324928f4c48e56d55233fd50d57e996c03e4c94cfccb6cab66b34a218ce5b50c323e10b2cc6ca1dc9a984c025bf3ceb99ea5720e4ab73f3ce61668f8beed744cbc5bd5621f43dd	clipgrab-3.9.7-dotinstaller.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A	clipgrab-3.9.7-dotinstaller.tmp
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 0f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e6500b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f007200690074007900000053000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c009000000010000002a000000302806082b0601050507030106082b0601050507030206082b0601050507030406082b06010505070303140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e71d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a2000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794	clipgrab-3.9.7-dotinstaller.tmp
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 040000000100000010000000324a4bbbc863699bbe749ac6dd1d4624030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a1d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e709000000010000002a000000302806082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030353000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f00720069007400790000000f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e6502000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794	clipgrab-3.9.7-dotinstaller.tmp
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 190000000100000010000000fd960962ac6938e0d4b0769aa1a64e260f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e6500b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f007200690074007900000053000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c009000000010000002a000000302806082b0601050507030106082b0601050507030206082b0601050507030406082b06010505070303140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e71d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a040000000100000010000000324a4bbbc863699bbe749ac6dd1d46242000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794	clipgrab-3.9.7-dotinstaller.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6	clipgrab-3.9.7-dotinstaller.tmp

Script User-Agent 2 IoCs

Uses user-agent string associated with script host/environment.

description	flow	ioc
HTTP User-Agent header	2	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	10	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
1668	clipgrab.exe

Suspicious behavior: EnumeratesProcesses 3 IoCs

pid	Process
896	clipgrab-3.9.7-portable.tmp
896	clipgrab-3.9.7-portable.tmp
1668	clipgrab.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1508	clipgrab-3.9.7-dotinstaller.tmp

Suspicious use of FindShellTrayWindow 2 IoCs

pid	Process
1508	clipgrab-3.9.7-dotinstaller.tmp
896	clipgrab-3.9.7-portable.tmp

Suspicious use of SetWindowsHookEx 7 IoCs

pid	Process
1508	clipgrab-3.9.7-dotinstaller.tmp
1668	clipgrab.exe
1668	clipgrab.exe
1668	clipgrab.exe
1668	clipgrab.exe
1668	clipgrab.exe
1668	clipgrab.exe

Suspicious use of WriteProcessMemory 43 IoCs

description	pid	Process	procid_target
PID 1720 wrote to memory of 1508	1720	clipgrab-3.9.7-dotinstaller.exe	28
PID 1720 wrote to memory of 1508	1720	clipgrab-3.9.7-dotinstaller.exe	28
PID 1720 wrote to memory of 1508	1720	clipgrab-3.9.7-dotinstaller.exe	28
PID 1720 wrote to memory of 1508	1720	clipgrab-3.9.7-dotinstaller.exe	28
PID 1720 wrote to memory of 1508	1720	clipgrab-3.9.7-dotinstaller.exe	28
PID 1720 wrote to memory of 1508	1720	clipgrab-3.9.7-dotinstaller.exe	28
PID 1720 wrote to memory of 1508	1720	clipgrab-3.9.7-dotinstaller.exe	28
PID 1508 wrote to memory of 776	1508	clipgrab-3.9.7-dotinstaller.tmp	29
PID 1508 wrote to memory of 776	1508	clipgrab-3.9.7-dotinstaller.tmp	29
PID 1508 wrote to memory of 776	1508	clipgrab-3.9.7-dotinstaller.tmp	29
PID 1508 wrote to memory of 776	1508	clipgrab-3.9.7-dotinstaller.tmp	29
PID 1508 wrote to memory of 776	1508	clipgrab-3.9.7-dotinstaller.tmp	29
PID 1508 wrote to memory of 776	1508	clipgrab-3.9.7-dotinstaller.tmp	29
PID 1508 wrote to memory of 776	1508	clipgrab-3.9.7-dotinstaller.tmp	29
PID 776 wrote to memory of 896	776	clipgrab-3.9.7-portable.exe	30
PID 776 wrote to memory of 896	776	clipgrab-3.9.7-portable.exe	30
PID 776 wrote to memory of 896	776	clipgrab-3.9.7-portable.exe	30
PID 776 wrote to memory of 896	776	clipgrab-3.9.7-portable.exe	30
PID 776 wrote to memory of 896	776	clipgrab-3.9.7-portable.exe	30
PID 776 wrote to memory of 896	776	clipgrab-3.9.7-portable.exe	30
PID 776 wrote to memory of 896	776	clipgrab-3.9.7-portable.exe	30
PID 896 wrote to memory of 2008	896	clipgrab-3.9.7-portable.tmp	32
PID 896 wrote to memory of 2008	896	clipgrab-3.9.7-portable.tmp	32
PID 896 wrote to memory of 2008	896	clipgrab-3.9.7-portable.tmp	32
PID 896 wrote to memory of 2008	896	clipgrab-3.9.7-portable.tmp	32
PID 896 wrote to memory of 2008	896	clipgrab-3.9.7-portable.tmp	32
PID 896 wrote to memory of 2008	896	clipgrab-3.9.7-portable.tmp	32
PID 896 wrote to memory of 2008	896	clipgrab-3.9.7-portable.tmp	32
PID 2008 wrote to memory of 268	2008	vc_redist.x86.exe	33
PID 2008 wrote to memory of 268	2008	vc_redist.x86.exe	33
PID 2008 wrote to memory of 268	2008	vc_redist.x86.exe	33
PID 2008 wrote to memory of 268	2008	vc_redist.x86.exe	33
PID 2008 wrote to memory of 268	2008	vc_redist.x86.exe	33
PID 2008 wrote to memory of 268	2008	vc_redist.x86.exe	33
PID 2008 wrote to memory of 268	2008	vc_redist.x86.exe	33
PID 1508 wrote to memory of 1668	1508	clipgrab-3.9.7-dotinstaller.tmp	34
PID 1508 wrote to memory of 1668	1508	clipgrab-3.9.7-dotinstaller.tmp	34
PID 1508 wrote to memory of 1668	1508	clipgrab-3.9.7-dotinstaller.tmp	34
PID 1508 wrote to memory of 1668	1508	clipgrab-3.9.7-dotinstaller.tmp	34
PID 1668 wrote to memory of 336	1668	clipgrab.exe	35
PID 1668 wrote to memory of 336	1668	clipgrab.exe	35
PID 1668 wrote to memory of 336	1668	clipgrab.exe	35
PID 1668 wrote to memory of 336	1668	clipgrab.exe	35

C:\Users\Admin\AppData\Local\Temp\clipgrab-3.9.7-dotinstaller.exe
"C:\Users\Admin\AppData\Local\Temp\clipgrab-3.9.7-dotinstaller.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1720
- C:\Users\Admin\AppData\Local\Temp\is-BS8HR.tmp\clipgrab-3.9.7-dotinstaller.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-BS8HR.tmp\clipgrab-3.9.7-dotinstaller.tmp" /SL5="$90126,1907617,1111552,C:\Users\Admin\AppData\Local\Temp\clipgrab-3.9.7-dotinstaller.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Modifies system certificate store
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:1508
- - C:\Users\Admin\AppData\Local\Temp\is-5EKPE.tmp\clipgrab-3.9.7-portable.exe
    "C:\Users\Admin\AppData\Local\Temp\is-5EKPE.tmp\clipgrab-3.9.7-portable.exe" /VERYSILENT
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious use of WriteProcessMemory
    PID:776
  - - C:\Users\Admin\AppData\Local\Temp\is-IE0TI.tmp\clipgrab-3.9.7-portable.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-IE0TI.tmp\clipgrab-3.9.7-portable.tmp" /SL5="$1019E,72952445,791040,C:\Users\Admin\AppData\Local\Temp\is-5EKPE.tmp\clipgrab-3.9.7-portable.exe" /VERYSILENT
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Drops file in Program Files directory
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of FindShellTrayWindow
      Suspicious use of WriteProcessMemory
      PID:896
    - - C:\Users\Admin\AppData\Local\Temp\is-KQOOF.tmp\vc_redist.x86.exe
        
        "C:\Users\Admin\AppData\Local\Temp\is-KQOOF.tmp\vc_redist.x86.exe" /install /passive /silent /norestart
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious use of WriteProcessMemory
        
        PID:2008
      - C:\Windows\Temp\{02688985-F097-4E81-9BD3-1EFA72E7F0AB}\.cr\vc_redist.x86.exe
        
        "C:\Windows\Temp\{02688985-F097-4E81-9BD3-1EFA72E7F0AB}\.cr\vc_redist.x86.exe" -burn.clean.room="C:\Users\Admin\AppData\Local\Temp\is-KQOOF.tmp\vc_redist.x86.exe" -burn.filehandle.attached=180 -burn.filehandle.self=188 /install /passive /silent /norestart
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:268
- - C:\Program Files (x86)\ClipGrab\clipgrab.exe
    "C:\Program Files (x86)\ClipGrab\clipgrab.exe"
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious behavior: AddClipboardFormatListener
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of SetWindowsHookEx
    - Suspicious use of WriteProcessMemory
    PID:1668
  - - C:\Program Files (x86)\ClipGrab\ffmpeg.exe
      ffmpeg -v quiet
      4⤵
      Executes dropped EXE
      PID:336
  - - C:\Program Files (x86)\ClipGrab\ffmpeg.exe
      ffmpeg -formats
      4⤵
      PID:824

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

T1130

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\ClipGrab\Qt5Core.dll

Filesize
4.9MB

MD5
357cf7f517757f0689030f196dd7edc0

SHA1
248ae43e160e80c81718a9f26544be4e535cf20a

SHA256
fd3dd9dcc286e6d36cb7b3fc90c8f7f683d2e9eb449e0433af70118e726d3fe1

SHA512
f938d4e81c46bb2d4cea587a9040e6a9eac44942654e07f6b17b3e4d27d31d03b3b5226004a2e981e6c9eaf0c2faf42957607f278c9978f6033c901c93217b7f

Download Submit
C:\Program Files (x86)\ClipGrab\Qt5Gui.dll

Filesize
5.1MB

MD5
c8bb97d7265ae7327eab7432c6496cf3

SHA1
c8ecab5cc7872a08ebb81edd00e95db85d56d6b5

SHA256
bd149755a4b0b7d721f9a355717855f488b16d8cbe177d0d88d9990359f5d4d5

SHA512
ec8c71336ff97e54252b3f8558a0471f8a14821ae91f90a32f1e9284eddfba6106d85eff25d5cf19d5273acaedb9ec23daf84e273ec0d6939e3c694e5da47085

Download Submit
C:\Program Files (x86)\ClipGrab\Qt5Network.dll

Filesize
1.0MB

MD5
08b5fcf0369a4923befb05a3e7b91998

SHA1
4d44449f027120d59bd0c9725dcfe02102acc82e

SHA256
de3ef3d9ac16b03a6da9cc076bba081142ccd4a306777b6d1bbaa60980e20723

SHA512
629a3c3b3fd6c36a0a9ec93bbd325bd78e5044279720a32eb79041b08989f575c99992f352d710c167b79c19498fa002ae85afbb080302fb001ed0b44465eb06

Download Submit
C:\Program Files (x86)\ClipGrab\Qt5Positioning.dll

Filesize
259KB

MD5
92aa5c44793603758874f87ecc5c88ce

SHA1
f368193467f61e0edb4864422085e70770c88d76

SHA256
798cc99af70288093bfd09a5addfd55a80f9652e7dc79f0b51f7760c47de2c9e

SHA512
459b97983c236ad76438615dad7174aa64561c9a0d9fcda7f290411237d97411f503d2dbb2d90f0c61fc229a872971a96ab61bf7b9bfb8b1ea840f4621d10910

Download Submit
C:\Program Files (x86)\ClipGrab\Qt5PrintSupport.dll

Filesize
267KB

MD5
c9d5c7d715bbf74c31aab14893698778

SHA1
ee62edb71acb9eda4cb5f213a0b94940b972d7b3

SHA256
12717098b4d3f5f09ec19d091d1beb26d6df35e586bee511b9138be42d644e4a

SHA512
ee67880a737d1ec7c14cf84f20994bd34d8c8e39fc1763b634c311bc200ab6153f2f6760b217517a6190ccdf8076f4f9055062a011b3115c653c0ae4c5837330

Download Submit
C:\Program Files (x86)\ClipGrab\Qt5Qml.dll

Filesize
3.2MB

MD5
b92764b31b080972ad0682a0ba794db1

SHA1
a4b3b253da4078a0b9d536873a6e79a4ba070ad2

SHA256
4706a5ef8f1092da9d60af8722546ce8f23c98db7450c3f72521d4651aeb2a52

SHA512
077c7c285c038cec271fe21a2b77eaadf3ec7d6a288d24234d6e351bead294b7bb903ea2759cb852d8e3d0354fbac926292639375d82d4dbeb85e4c515ef4369

Download Submit
C:\Program Files (x86)\ClipGrab\Qt5Quick.dll

Filesize
3.0MB

MD5
7a517d5ee706c979876b97c789be8968

SHA1
7efc77f592389f94aa6980ecd3da7d39c960765f

SHA256
beb08a06b24ae1668441d47fbd434daa40ef6c4c45963351a0a6acdcd550bc31

SHA512
2656d980b31c5f6c34fae8b9ea719c06481195af6ff8b93a6297cae74783a2eaf6b808d539add7a1490e159ee19d2889308adb48491d719097d5459a7f798287

Download Submit
C:\Program Files (x86)\ClipGrab\Qt5QuickWidgets.dll

Filesize
64KB

MD5
42ce360f532e7e835ee94ee1226e1c19

SHA1
6c596c32575f081c86524742fcb11aa5e44ad213

SHA256
6b12b555d3bc465e106a26603b4bead895134ecd90b3201773415eab64cc69ac

SHA512
8f2772be5a6e375f06439f58c4b26277f93b8b777c950640c4699de6e0b0a99f7f33ebc6eac4b3a87a1e1b644c573b7ae5de9289d399fa41d732867c1bf95508

Download Submit
C:\Program Files (x86)\ClipGrab\Qt5WebChannel.dll

Filesize
96KB

MD5
2a65f4f49a88417222bcf109b59247ef

SHA1
a165ff1b21ff45c11783b63f2f4e9f270f84f05e

SHA256
632a5d720f3f6371721f94e4665ac13988afde722d155aaa5364a27cbd46d3ac

SHA512
c260fdb3454994e15582feec31b63e8418c9b1d705ee06ac09aa4ac77782ac79f722c9c883714e462ef919834ddd569ea7fff2b7d616a2b210966013c8ad9add

Download Submit
C:\Program Files (x86)\ClipGrab\Qt5WebEngineCore.dll

Filesize
56.7MB

MD5
cfa7e9d45cff6a9db2735ad94a1fac03

SHA1
f2b5ca141315a2bc064ea61df186f85b0d141eb5

SHA256
4ae899629fc79404bd166219bdde96a5cd169b7470375fb0f9c845c652402a65

SHA512
ed11a789437d3aca2036fbe364649f0b079f79d72fa6810063a0f12bf8a5b6e99dbe9af4d73202af2790e2569261f434a92a089984f15a820bea63ce6095b561

Download Submit
C:\Program Files (x86)\ClipGrab\Qt5WebEngineWidgets.dll

Filesize
187KB

MD5
9c30ad3a2ba28362ac506f50221e881d

SHA1
02497e8d0544d91318a2b6619b7c154cebee1073

SHA256
ce773742d6d80df75e9e462bd38bf237508541b3243dad57c48b4eb24f4ff3f1

SHA512
50bb8ac0f02bebe6aaa09554bfe8dd575681810239edeeb696b8170a8f4c3457a4ff3bf2e7ad9ed1b6a6c54f81201988c8e347f1fbff4e2ea2d348a72ca9aa70

Download Submit
C:\Program Files (x86)\ClipGrab\Qt5Widgets.dll

Filesize
4.3MB

MD5
db7034b133d238447a6f3704b65bbceb

SHA1
c834d45162f38f461a8eafe737301eb22056e913

SHA256
53d9f928141382a5ef60039562b200e03d18e8720f16fb0ee8072b45e94202a7

SHA512
837b7e675b752c372973ecb4a53de568fc087e5f3896916614d504405a0a1ae78d1be59f173c2a0b28b4b139924736208de2eb6ee767c78894b7834fae9bf9f1

Download Submit
C:\Program Files (x86)\ClipGrab\Qt5Xml.dll

Filesize
149KB

MD5
fd0f95e872b99b61f0b7276e0ff76c28

SHA1
a90b20be2f436362782ac18182637f8dca1e9719

SHA256
9150d32aa158f9c555cc3b845fc8f776684f11ec014b47a96d498faad67e7a31

SHA512
25a4e5d74315f64171c16929da0fa049db9dd835cb912e2909bf442fc6383a424cdd52aec58c6eb6d335697651deff16f688ecac8c11310a1fe7383996bdcd94

Download Submit
C:\Program Files (x86)\ClipGrab\clipgrab.exe

Filesize
1.1MB

MD5
57cdd2bc92aee7d3d213561188e565d4

SHA1
fb34ba0178b5764b6ccc9d228796196ee172980e

SHA256
10770da581cc85d55a286d42a0428accafe6c7910bc640cc4264da7fb26dafa4

SHA512
ac00f5021cbc34b7ca160364cdde0a404353d8fc9e6a46866884268880c7b753e91741c48b413d6f7a5ff28a4e3d98bd7485550b46009a7c5b42dd0a877f3856

Download Submit
C:\Program Files (x86)\ClipGrab\clipgrab.exe

Filesize
1.1MB

MD5
57cdd2bc92aee7d3d213561188e565d4

SHA1
fb34ba0178b5764b6ccc9d228796196ee172980e

SHA256
10770da581cc85d55a286d42a0428accafe6c7910bc640cc4264da7fb26dafa4

SHA512
ac00f5021cbc34b7ca160364cdde0a404353d8fc9e6a46866884268880c7b753e91741c48b413d6f7a5ff28a4e3d98bd7485550b46009a7c5b42dd0a877f3856

Download Submit
C:\Program Files (x86)\ClipGrab\clipgrab.exe

Filesize
1.1MB

MD5
57cdd2bc92aee7d3d213561188e565d4

SHA1
fb34ba0178b5764b6ccc9d228796196ee172980e

SHA256
10770da581cc85d55a286d42a0428accafe6c7910bc640cc4264da7fb26dafa4

SHA512
ac00f5021cbc34b7ca160364cdde0a404353d8fc9e6a46866884268880c7b753e91741c48b413d6f7a5ff28a4e3d98bd7485550b46009a7c5b42dd0a877f3856

Download Submit
C:\Program Files (x86)\ClipGrab\ffmpeg.exe

Filesize
12.1MB

MD5
66307033061a09377fabcf404799b43f

SHA1
a9f3c0ab0716dfe6e52b7d3552cce96ab1ff65c6

SHA256
7e9fd2dd23807ba88b480b4b6cd2b86ea94380a4adca67c59d0d11804d5e4ade

SHA512
d643468041336bc06814e028f1735f9fab243c5b2d2e6ce03391a7b5f0e8f79725db422aba8d18b92198059f371ff4ae20f60b653538d0f672f3b5fd3356d1d4

Download Submit
C:\Program Files (x86)\ClipGrab\ffmpeg.exe

Filesize
14.9MB

MD5
4384f83b06ba739ebbd76f9d476b5a13

SHA1
5aa80ce44c18a9e2b381eb11da99dfe3849c79af

SHA256
2edafd95adf3cd20dd4f34796db90ab51de053664110e8c6ddbf59bff681e5f0

SHA512
2028e8a82eac997780b70163496e4f3fac796f8ce10827bb0d6fd1bd304369e06e80abb37d9f419ea5f5dbe526637df6d104e890fa1a350440bded9564df41d5

Download Submit
C:\Program Files (x86)\ClipGrab\ffmpeg.exe

Filesize
8.4MB

MD5
f00a7a83ec68e8bd04206f37016df1b4

SHA1
d49ccc031a8f8467fe761c26264b1269784d8a0c

SHA256
96754d5d8d07cd0d4f646e410b9f245af947916e684f097f44a3d50568556396

SHA512
cc37442ab45e796ef6f309b42ea23a8227c5af3ff5552081cf502f9e6da40399b7589533c38428e0cc341498374c650416debb3538688c61cd27c184e60b7842

Download Submit
C:\Program Files (x86)\ClipGrab\libEGL.DLL

Filesize
21KB

MD5
55813372944c5acaca0e38c22902a6e6

SHA1
8c3fbdcacecc971aac8823a52eb83082669220a3

SHA256
fc219ad27720cfb1b223d748c1b5bdd78886235f4254bfe8e0adaf168c7e9849

SHA512
73f504a1f7cda4082f370387304db701672d95409886362dd70f8599fc17a5b577d2b37dd8f012cecb6d6dffe4321906c2a07cdd7e12e2d31bb9df0fb2e97a7f

Download Submit
C:\Program Files (x86)\ClipGrab\libGLESv2.dll

Filesize
2.7MB

MD5
02c59344a65e9893d7d2d0d79b570429

SHA1
d07d73aab1beaeeef57c03330add64afa5f20160

SHA256
adba2649650fa580fb301b69a74aa4ad0b8796a6b35179ff0a938be510db1b7d

SHA512
222ffdb94f4df18d25e5d77cb76ff95c0704dbd696796880bdc7c23c930546435ac5060233f3be9a5b2c058a721c15ffc542b9ba84aafe28dfc77498037f21df

Download Submit
C:\Program Files (x86)\ClipGrab\opengl32sw.dll

Filesize
12.4MB

MD5
929549c065fad99dbfe3732a05c1250e

SHA1
3db9dbea2855fbf910e102c5441887544f8fa6fc

SHA256
477072d209cf491b86037d822451f9cbd77abbd4637b5e4b5de3e5d9f0f60873

SHA512
69b2e76e997ad7e34bc17d9858f6c97fdfc2e2bcca5cb5361e904ae4fd3c969ce8d8a577cda6027cdaea06fc2e8f469b5e23368ead1c10cad791afaf201179fa

Download Submit
C:\Program Files (x86)\ClipGrab\platforms\qwindows.dll

Filesize
1.2MB

MD5
b190c721612ac9d169f8b3a8f8b48a29

SHA1
206442dd161e878f1a6f83f3ebdb9208b56abfff

SHA256
ccb562f817d7015c78da4098bc576e7eaf3df1ebd55afb58d75f12dace9c761f

SHA512
951bc91302fcb1a28b7093f6867b379a90188733cec329efedb465ae27ae1a526a2d5f997816b26ed123d2401a9aa2854d26a003a65318f50e3a695d7948f6b7

Download Submit
C:\Program Files (x86)\ClipGrab\styles\qwindowsvistastyle.dll

Filesize
125KB

MD5
c1cc204987a532be5e7f22b2bec82815

SHA1
03ea72517453ab137c3b85194cbf8bf08c05d032

SHA256
f08b95bac860f6292342e5e2e3e506a603cd8d7f4a0e4a1b5d8fafa7c30cd65d

SHA512
684d653a777361d732b7383a7b699809e8c1e74bb04eff2b74a92ec860c305290014f5627eb56597ea1f3d1d5ed0e4167c0c62778e176d2d8615fe07404290af

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
61KB

MD5
e71c8443ae0bc2e282c73faead0a6dd3

SHA1
0c110c1b01e68edfacaeae64781a37b1995fa94b

SHA256
95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

SHA512
b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
649d1e3a986cc960642a96047a45883c

SHA1
c87c0d940c8f7b6af802ca07d99f373463073b4a

SHA256
ec3f7183c956ec3cb6334977834348b268fcfc5ccac7f5667c889652a7d6d067

SHA512
60f6027a2ee12cdf05b56ce0851211b10eaf6b2053a751a52bce898e332aafec6529c1240e2d1f07cc6c25906830ce5d7f962014a1578e6085b9ef02868ba911

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar24B8.tmp

Filesize
161KB

MD5
be2bec6e8c5653136d3e72fe53c98aa3

SHA1
a8182d6db17c14671c3d5766c72e58d87c0810de

SHA256
1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

SHA512
0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-5EKPE.tmp\clipgrab-3.9.7-portable.exe

Filesize
70.3MB

MD5
962d6f9e7331b8f3eb2fa4acb15f5f61

SHA1
2e1a7e9ec7159e564814a599657d42dc01ef9858

SHA256
0ae8656f4c65673d75544cff54721cbfc586edd6e8b4b2a2070930684920411e

SHA512
f8721fc68703d6a6ab9188bce1d64774447f02f378dd4b4d267f7fb4b01d42c4520feede2855ab426d92dfc538a1d272d7a88e65871015a95654c3d8f321d3be

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-5EKPE.tmp\clipgrab-3.9.7-portable.exe

Filesize
70.3MB

MD5
962d6f9e7331b8f3eb2fa4acb15f5f61

SHA1
2e1a7e9ec7159e564814a599657d42dc01ef9858

SHA256
0ae8656f4c65673d75544cff54721cbfc586edd6e8b4b2a2070930684920411e

SHA512
f8721fc68703d6a6ab9188bce1d64774447f02f378dd4b4d267f7fb4b01d42c4520feede2855ab426d92dfc538a1d272d7a88e65871015a95654c3d8f321d3be

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-5EKPE.tmp\clipgrab-3.9.7-portable.exe

Filesize
70.3MB

MD5
962d6f9e7331b8f3eb2fa4acb15f5f61

SHA1
2e1a7e9ec7159e564814a599657d42dc01ef9858

SHA256
0ae8656f4c65673d75544cff54721cbfc586edd6e8b4b2a2070930684920411e

SHA512
f8721fc68703d6a6ab9188bce1d64774447f02f378dd4b4d267f7fb4b01d42c4520feede2855ab426d92dfc538a1d272d7a88e65871015a95654c3d8f321d3be

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-5EKPE.tmp\finish.png

Filesize
2KB

MD5
7afaf9e0e99fd80fa1023a77524f5587

SHA1
e20c9c27691810b388c73d2ca3e67e109c2b69b6

SHA256
760b70612bb9bd967c2d15a5133a50ccce8c0bd46a6464d76875298dcc45dea0

SHA512
a090626e7b7f67fb5aa207aae0cf65c3a27e1b85e22c9728eee7475bd9bb7375ca93baaecc662473f9a427b4f505d55f2c61ba36bda460e4e6947fe22eedb044

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-5EKPE.tmp\loader.gif

Filesize
10KB

MD5
f23a523b82ad9103a9ac1dcc33eca72f

SHA1
5363bb6b51923441ef56638576307cc252f05a71

SHA256
59853c413b0813ded6f1e557959768d6662f010f49884d36b62c13038fac739c

SHA512
514ec63f7ed80d0708f7e2355fad8a558b4dcf2d0122ff98fe7c3ca1f40e7cd04e8869ca7a3b95622c0848c0d99306d7e791b86ca69b9e240beae959ca6285be

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-5EKPE.tmp\logo.png

Filesize
9KB

MD5
2c050a55ade91ca10c94c41fdceaa8cb

SHA1
178fd0ee1c184fe681d89bff0ff8b89392723a67

SHA256
43262c9cc6328d67007b97a8eb36c924d05d45a383349e61b067f35677e1ad6e

SHA512
425825cbe2a417f10832c37fc0e571ca3e3f9b940f93f9f8ec8fcff2df896a52ff753386c30e03836d588b6bf355323dbea2e3a0cbf756f8f3c7065335cbfeac

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-BS8HR.tmp\clipgrab-3.9.7-dotinstaller.tmp

Filesize
3.2MB

MD5
aadc16c8ad4312196df3aa1d9f6386d3

SHA1
ff4d78923e0d957e6a66b3c06efecc435c396c7a

SHA256
04fade43204ecbbb378114a023b3db4a3aebe8258ff3b3846156e80a9c5cf4a3

SHA512
51621ec71d530d75e4a537381edf03bc48b234dd861547c950573febf5709a1716ee797368854512edf1950a4e1f4f8bbe292417a0dd238600338a39e2454e04

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-IE0TI.tmp\clipgrab-3.9.7-portable.tmp

Filesize
2.5MB

MD5
ae7b203e80eaa5afb50768049bb3de50

SHA1
cc0b5d64c2af21a3b24e167352df8ae93acd30d3

SHA256
ffe5d85efc5b75b4c99b07f5819d1fb3b9b1b42e67c903ef86f013bdedad7112

SHA512
a94cc199a4fa8a67496169de972bef84dd0e411502c5f74438ec0e7d18626ef3278d9c3aae1b0d025776849dbed5ec8e06d714b4bd48a43e48e2a167f7d52748

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-IE0TI.tmp\clipgrab-3.9.7-portable.tmp

Filesize
2.5MB

MD5
ae7b203e80eaa5afb50768049bb3de50

SHA1
cc0b5d64c2af21a3b24e167352df8ae93acd30d3

SHA256
ffe5d85efc5b75b4c99b07f5819d1fb3b9b1b42e67c903ef86f013bdedad7112

SHA512
a94cc199a4fa8a67496169de972bef84dd0e411502c5f74438ec0e7d18626ef3278d9c3aae1b0d025776849dbed5ec8e06d714b4bd48a43e48e2a167f7d52748

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-KQOOF.tmp\vc_redist.x86.exe

Filesize
14.0MB

MD5
310f8aadd8055f8b8eba1a6528be7d10

SHA1
3ee9622151e4b50837fcdfac1b085430f0181f4e

SHA256
54ad46ae80984aa48cae6361213692c96b3639e322730d28c7fb93b183c761da

SHA512
2872a30939f7ee20b494806574cf5b8b5a0976f8fe69bdbd77dde2483ce2a9e5458ff3636147e49a449e941a44ca2d79239e3da62fddb69fc5bced8ee1004ee5

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-KQOOF.tmp\vc_redist.x86.exe

Filesize
14.0MB

MD5
310f8aadd8055f8b8eba1a6528be7d10

SHA1
3ee9622151e4b50837fcdfac1b085430f0181f4e

SHA256
54ad46ae80984aa48cae6361213692c96b3639e322730d28c7fb93b183c761da

SHA512
2872a30939f7ee20b494806574cf5b8b5a0976f8fe69bdbd77dde2483ce2a9e5458ff3636147e49a449e941a44ca2d79239e3da62fddb69fc5bced8ee1004ee5

Download Submit
C:\Windows\Temp\{02688985-F097-4E81-9BD3-1EFA72E7F0AB}\.cr\vc_redist.x86.exe

Filesize
881KB

MD5
9df0848b2753e9255f1a6b4cdc9a5a3e

SHA1
051469cd9e786b720ef6b70c35a1e184a643f520

SHA256
59089badd61acb47a07748c9018d3a959cf58f07de9902b0c45dffae3e566090

SHA512
518a78e77515b2fb21c5f66a760473a1f8ab5050e9bc65a4715ab178e568079f11f65fc173db59dd021b69fe0b606c42e50bf5f09a34ba2009a7b71e88033452

Download Submit
C:\Windows\Temp\{02688985-F097-4E81-9BD3-1EFA72E7F0AB}\.cr\vc_redist.x86.exe

Filesize
881KB

MD5
9df0848b2753e9255f1a6b4cdc9a5a3e

SHA1
051469cd9e786b720ef6b70c35a1e184a643f520

SHA256
59089badd61acb47a07748c9018d3a959cf58f07de9902b0c45dffae3e566090

SHA512
518a78e77515b2fb21c5f66a760473a1f8ab5050e9bc65a4715ab178e568079f11f65fc173db59dd021b69fe0b606c42e50bf5f09a34ba2009a7b71e88033452

Download Submit
C:\Windows\Temp\{CEDC30A7-7CBD-4782-AB17-C283C7CA640D}\.ba\1055\license.rtf

Filesize
177KB

MD5
f1a281f74d3e91d16dd26d1f313cd8a9

SHA1
ddb2ca9032c5a9c091eac53b679f6ba428077b00

SHA256
f79108a254f876e0f6bbcb05a9effbe25dc252e7ea256bfe3fd28ceb79737f25

SHA512
484c5ca26275427e1fb74d3217a22a0e4aac409aba973e78d7ad68834e7ad1d86c7855d34b227925200f941d288dfc09477b2d7dfe0856810c6c847297b8d625

Download Submit
C:\Windows\Temp\{CEDC30A7-7CBD-4782-AB17-C283C7CA640D}\.ba\logo.png

Filesize
1KB

MD5
d6bd210f227442b3362493d046cea233

SHA1
ff286ac8370fc655aea0ef35e9cf0bfcb6d698de

SHA256
335a256d4779ec5dcf283d007fb56fd8211bbcaf47dcd70fe60ded6a112744ef

SHA512
464aaab9e08de610ad34b97d4076e92dc04c2cdc6669f60bfc50f0f9ce5d71c31b8943bd84cee1a04fb9ab5bbed3442bd41d9cb21a0dd170ea97c463e1ce2b5b

Download Submit
\Program Files (x86)\ClipGrab\Qt5Core.dll

Filesize
4.9MB

MD5
357cf7f517757f0689030f196dd7edc0

SHA1
248ae43e160e80c81718a9f26544be4e535cf20a

SHA256
fd3dd9dcc286e6d36cb7b3fc90c8f7f683d2e9eb449e0433af70118e726d3fe1

SHA512
f938d4e81c46bb2d4cea587a9040e6a9eac44942654e07f6b17b3e4d27d31d03b3b5226004a2e981e6c9eaf0c2faf42957607f278c9978f6033c901c93217b7f

Download Submit
\Program Files (x86)\ClipGrab\Qt5Gui.dll

Filesize
5.1MB

MD5
c8bb97d7265ae7327eab7432c6496cf3

SHA1
c8ecab5cc7872a08ebb81edd00e95db85d56d6b5

SHA256
bd149755a4b0b7d721f9a355717855f488b16d8cbe177d0d88d9990359f5d4d5

SHA512
ec8c71336ff97e54252b3f8558a0471f8a14821ae91f90a32f1e9284eddfba6106d85eff25d5cf19d5273acaedb9ec23daf84e273ec0d6939e3c694e5da47085

Download Submit
\Program Files (x86)\ClipGrab\Qt5Network.dll

Filesize
1.0MB

MD5
08b5fcf0369a4923befb05a3e7b91998

SHA1
4d44449f027120d59bd0c9725dcfe02102acc82e

SHA256
de3ef3d9ac16b03a6da9cc076bba081142ccd4a306777b6d1bbaa60980e20723

SHA512
629a3c3b3fd6c36a0a9ec93bbd325bd78e5044279720a32eb79041b08989f575c99992f352d710c167b79c19498fa002ae85afbb080302fb001ed0b44465eb06

Download Submit
\Program Files (x86)\ClipGrab\Qt5Positioning.dll

Filesize
259KB

MD5
92aa5c44793603758874f87ecc5c88ce

SHA1
f368193467f61e0edb4864422085e70770c88d76

SHA256
798cc99af70288093bfd09a5addfd55a80f9652e7dc79f0b51f7760c47de2c9e

SHA512
459b97983c236ad76438615dad7174aa64561c9a0d9fcda7f290411237d97411f503d2dbb2d90f0c61fc229a872971a96ab61bf7b9bfb8b1ea840f4621d10910

Download Submit
\Program Files (x86)\ClipGrab\Qt5PrintSupport.dll

Filesize
267KB

MD5
c9d5c7d715bbf74c31aab14893698778

SHA1
ee62edb71acb9eda4cb5f213a0b94940b972d7b3

SHA256
12717098b4d3f5f09ec19d091d1beb26d6df35e586bee511b9138be42d644e4a

SHA512
ee67880a737d1ec7c14cf84f20994bd34d8c8e39fc1763b634c311bc200ab6153f2f6760b217517a6190ccdf8076f4f9055062a011b3115c653c0ae4c5837330

Download Submit
\Program Files (x86)\ClipGrab\Qt5Qml.dll

Filesize
3.2MB

MD5
b92764b31b080972ad0682a0ba794db1

SHA1
a4b3b253da4078a0b9d536873a6e79a4ba070ad2

SHA256
4706a5ef8f1092da9d60af8722546ce8f23c98db7450c3f72521d4651aeb2a52

SHA512
077c7c285c038cec271fe21a2b77eaadf3ec7d6a288d24234d6e351bead294b7bb903ea2759cb852d8e3d0354fbac926292639375d82d4dbeb85e4c515ef4369

Download Submit
\Program Files (x86)\ClipGrab\Qt5Quick.dll

Filesize
3.0MB

MD5
7a517d5ee706c979876b97c789be8968

SHA1
7efc77f592389f94aa6980ecd3da7d39c960765f

SHA256
beb08a06b24ae1668441d47fbd434daa40ef6c4c45963351a0a6acdcd550bc31

SHA512
2656d980b31c5f6c34fae8b9ea719c06481195af6ff8b93a6297cae74783a2eaf6b808d539add7a1490e159ee19d2889308adb48491d719097d5459a7f798287

Download Submit
\Program Files (x86)\ClipGrab\Qt5QuickWidgets.dll

Filesize
64KB

MD5
42ce360f532e7e835ee94ee1226e1c19

SHA1
6c596c32575f081c86524742fcb11aa5e44ad213

SHA256
6b12b555d3bc465e106a26603b4bead895134ecd90b3201773415eab64cc69ac

SHA512
8f2772be5a6e375f06439f58c4b26277f93b8b777c950640c4699de6e0b0a99f7f33ebc6eac4b3a87a1e1b644c573b7ae5de9289d399fa41d732867c1bf95508

Download Submit
\Program Files (x86)\ClipGrab\Qt5WebChannel.dll

Filesize
96KB

MD5
2a65f4f49a88417222bcf109b59247ef

SHA1
a165ff1b21ff45c11783b63f2f4e9f270f84f05e

SHA256
632a5d720f3f6371721f94e4665ac13988afde722d155aaa5364a27cbd46d3ac

SHA512
c260fdb3454994e15582feec31b63e8418c9b1d705ee06ac09aa4ac77782ac79f722c9c883714e462ef919834ddd569ea7fff2b7d616a2b210966013c8ad9add

Download Submit
\Program Files (x86)\ClipGrab\Qt5WebEngineCore.dll

Filesize
56.7MB

MD5
cfa7e9d45cff6a9db2735ad94a1fac03

SHA1
f2b5ca141315a2bc064ea61df186f85b0d141eb5

SHA256
4ae899629fc79404bd166219bdde96a5cd169b7470375fb0f9c845c652402a65

SHA512
ed11a789437d3aca2036fbe364649f0b079f79d72fa6810063a0f12bf8a5b6e99dbe9af4d73202af2790e2569261f434a92a089984f15a820bea63ce6095b561

Download Submit
\Program Files (x86)\ClipGrab\Qt5WebEngineWidgets.dll

Filesize
187KB

MD5
9c30ad3a2ba28362ac506f50221e881d

SHA1
02497e8d0544d91318a2b6619b7c154cebee1073

SHA256
ce773742d6d80df75e9e462bd38bf237508541b3243dad57c48b4eb24f4ff3f1

SHA512
50bb8ac0f02bebe6aaa09554bfe8dd575681810239edeeb696b8170a8f4c3457a4ff3bf2e7ad9ed1b6a6c54f81201988c8e347f1fbff4e2ea2d348a72ca9aa70

Download Submit
\Program Files (x86)\ClipGrab\Qt5Widgets.dll

Filesize
4.3MB

MD5
db7034b133d238447a6f3704b65bbceb

SHA1
c834d45162f38f461a8eafe737301eb22056e913

SHA256
53d9f928141382a5ef60039562b200e03d18e8720f16fb0ee8072b45e94202a7

SHA512
837b7e675b752c372973ecb4a53de568fc087e5f3896916614d504405a0a1ae78d1be59f173c2a0b28b4b139924736208de2eb6ee767c78894b7834fae9bf9f1

Download Submit
\Program Files (x86)\ClipGrab\Qt5Xml.dll

Filesize
149KB

MD5
fd0f95e872b99b61f0b7276e0ff76c28

SHA1
a90b20be2f436362782ac18182637f8dca1e9719

SHA256
9150d32aa158f9c555cc3b845fc8f776684f11ec014b47a96d498faad67e7a31

SHA512
25a4e5d74315f64171c16929da0fa049db9dd835cb912e2909bf442fc6383a424cdd52aec58c6eb6d335697651deff16f688ecac8c11310a1fe7383996bdcd94

Download Submit
\Program Files (x86)\ClipGrab\clipgrab.exe

Filesize
1.1MB

MD5
57cdd2bc92aee7d3d213561188e565d4

SHA1
fb34ba0178b5764b6ccc9d228796196ee172980e

SHA256
10770da581cc85d55a286d42a0428accafe6c7910bc640cc4264da7fb26dafa4

SHA512
ac00f5021cbc34b7ca160364cdde0a404353d8fc9e6a46866884268880c7b753e91741c48b413d6f7a5ff28a4e3d98bd7485550b46009a7c5b42dd0a877f3856

Download Submit
\Program Files (x86)\ClipGrab\clipgrab.exe

Filesize
1.1MB

MD5
57cdd2bc92aee7d3d213561188e565d4

SHA1
fb34ba0178b5764b6ccc9d228796196ee172980e

SHA256
10770da581cc85d55a286d42a0428accafe6c7910bc640cc4264da7fb26dafa4

SHA512
ac00f5021cbc34b7ca160364cdde0a404353d8fc9e6a46866884268880c7b753e91741c48b413d6f7a5ff28a4e3d98bd7485550b46009a7c5b42dd0a877f3856

Download Submit
\Program Files (x86)\ClipGrab\ffmpeg.exe

Filesize
11.4MB

MD5
e0c2d321287c325fd003595ee6c7958f

SHA1
9c8e795f479e31a7831e77373ffb6fd52ff74222

SHA256
7eb0c1b3bc0d0ddabf8473449c97f3d9c8e814a885371bf59281d6c18c926a97

SHA512
7b6c8fd6d9cf1f37f09e7cf251c0feba7db6b0d5574fea0402eabaa8c758f73f7a839780f6f77c533d1793bfe737fe60dccfaa342a59c41ab25478725cfbaf2c

Download Submit
\Program Files (x86)\ClipGrab\ffmpeg.exe

Filesize
14.9MB

MD5
2bf74a8dcf1727a976fe06dc19eaad89

SHA1
513c85d8f08d0be726933f4e40d7700cf9aecdb4

SHA256
09323414f7aa189a5bc2c5bff0410cc9d145685a8e51c9d93e1573f7efd769e7

SHA512
e8a4c50c4ead0bfe44649d8579b3a6d355c18bc329684cd11bdaf2ded57b77cbc620f0f47f78d69e17a1b2f7208a8b151372dc9ea759b9a4af19511534c5c1ff

Download Submit
\Program Files (x86)\ClipGrab\ffmpeg.exe

Filesize
6.9MB

MD5
f8fdd94814a8adbbab9daa1fa0c66054

SHA1
6819f43a31dbf564f63268e35b9fbdb6dfc66043

SHA256
13951f56e3bbb35264a45e2275575f47c2b84c9c2b849841e6e208638be17d61

SHA512
8df2fe5a72747ebd8fcd6f7f6f213ccd6c091f9cbe7aab0330911dcfd38006ffb52ada3ad3705d39ce81f04b4343086b7af874b0581d6a7fe963a832b79b914e

Download Submit
\Program Files (x86)\ClipGrab\libEGL.dll

Filesize
21KB

MD5
55813372944c5acaca0e38c22902a6e6

SHA1
8c3fbdcacecc971aac8823a52eb83082669220a3

SHA256
fc219ad27720cfb1b223d748c1b5bdd78886235f4254bfe8e0adaf168c7e9849

SHA512
73f504a1f7cda4082f370387304db701672d95409886362dd70f8599fc17a5b577d2b37dd8f012cecb6d6dffe4321906c2a07cdd7e12e2d31bb9df0fb2e97a7f

Download Submit
\Program Files (x86)\ClipGrab\libGLESV2.dll

Filesize
2.7MB

MD5
02c59344a65e9893d7d2d0d79b570429

SHA1
d07d73aab1beaeeef57c03330add64afa5f20160

SHA256
adba2649650fa580fb301b69a74aa4ad0b8796a6b35179ff0a938be510db1b7d

SHA512
222ffdb94f4df18d25e5d77cb76ff95c0704dbd696796880bdc7c23c930546435ac5060233f3be9a5b2c058a721c15ffc542b9ba84aafe28dfc77498037f21df

Download Submit
\Program Files (x86)\ClipGrab\opengl32sw.dll

Filesize
12.9MB

MD5
5d77df00dc53d2e536606cf58d9df851

SHA1
917ca14cc4a6b9d0b1a6b769e324fb1f924d7bb1

SHA256
9f1014e51ffc6adf81e856cd82fdf8ec0265e3428fa595bc50fea7bad44222f2

SHA512
7c511b233e1a9fa4b0422345af8d8972d809f02ffb75ae616997ecc912e9a38ce413352eab60f780bd5eecccdb30abcd99ff7d659858f7289b45750d447a6541

Download Submit
\Program Files (x86)\ClipGrab\platforms\qwindows.dll

Filesize
1.2MB

MD5
b190c721612ac9d169f8b3a8f8b48a29

SHA1
206442dd161e878f1a6f83f3ebdb9208b56abfff

SHA256
ccb562f817d7015c78da4098bc576e7eaf3df1ebd55afb58d75f12dace9c761f

SHA512
951bc91302fcb1a28b7093f6867b379a90188733cec329efedb465ae27ae1a526a2d5f997816b26ed123d2401a9aa2854d26a003a65318f50e3a695d7948f6b7

Download Submit
\Program Files (x86)\ClipGrab\styles\qwindowsvistastyle.dll

Filesize
125KB

MD5
c1cc204987a532be5e7f22b2bec82815

SHA1
03ea72517453ab137c3b85194cbf8bf08c05d032

SHA256
f08b95bac860f6292342e5e2e3e506a603cd8d7f4a0e4a1b5d8fafa7c30cd65d

SHA512
684d653a777361d732b7383a7b699809e8c1e74bb04eff2b74a92ec860c305290014f5627eb56597ea1f3d1d5ed0e4167c0c62778e176d2d8615fe07404290af

Download Submit
\Program Files (x86)\ClipGrab\unins000.exe

Filesize
2.5MB

MD5
713651dc6a72f22021036563f4bfb3b9

SHA1
a09bead30eaa159688bef41f86b5843e61b65f28

SHA256
69605ea2bb1301ab9dc8b17523a013de325d02f5b35d47ab6cc0fb9a3855ca07

SHA512
c66749b235273cb6872a7938ae55c4aaa809297aaa0e4c063b542690b4485e6f20fe5ac2da92068a926ec3beace10361c6868815e9fe0ac33fcfbf3b2138dc91

Download Submit
\Users\Admin\AppData\Local\Temp\is-5EKPE.tmp\botva2.dll

Filesize
37KB

MD5
67965a5957a61867d661f05ae1f4773e

SHA1
f14c0a4f154dc685bb7c65b2d804a02a0fb2360d

SHA256
450b9b0ba25bf068afbc2b23d252585a19e282939bf38326384ea9112dfd0105

SHA512
c6942818b9026dc5db2d62999d32cf99fe7289f79a28b8345af17acf9d13b2229a5e917a48ff1f6d59715bdbcb00c1625e0302abcfe10ca7e0475762e0a3f41b

Download Submit
\Users\Admin\AppData\Local\Temp\is-5EKPE.tmp\clipgrab-3.9.7-portable.exe

Filesize
70.3MB

MD5
962d6f9e7331b8f3eb2fa4acb15f5f61

SHA1
2e1a7e9ec7159e564814a599657d42dc01ef9858

SHA256
0ae8656f4c65673d75544cff54721cbfc586edd6e8b4b2a2070930684920411e

SHA512
f8721fc68703d6a6ab9188bce1d64774447f02f378dd4b4d267f7fb4b01d42c4520feede2855ab426d92dfc538a1d272d7a88e65871015a95654c3d8f321d3be

Download Submit
\Users\Admin\AppData\Local\Temp\is-5EKPE.tmp\zbShieldUtils.dll

Filesize
2.0MB

MD5
e1f18a22199c6f6aa5d87b24e5b39ef1

SHA1
0dcd8f90b575f6f1d10d6789fe769fa26daafd0e

SHA256
62c56c8cf2ac6521ce047b73aa99b6d3952ca53f11d34b00e98d17674a2fc10d

SHA512
5a10a2f096adce6e7db3a40bc3ea3fd44d602966e606706ee5a780703f211de7f77656c79c296390baee1e008dc3ce327eaaf5d78bbae20108670c5bc809a190

Download Submit
\Users\Admin\AppData\Local\Temp\is-BS8HR.tmp\clipgrab-3.9.7-dotinstaller.tmp

Filesize
3.2MB

MD5
aadc16c8ad4312196df3aa1d9f6386d3

SHA1
ff4d78923e0d957e6a66b3c06efecc435c396c7a

SHA256
04fade43204ecbbb378114a023b3db4a3aebe8258ff3b3846156e80a9c5cf4a3

SHA512
51621ec71d530d75e4a537381edf03bc48b234dd861547c950573febf5709a1716ee797368854512edf1950a4e1f4f8bbe292417a0dd238600338a39e2454e04

Download Submit
\Users\Admin\AppData\Local\Temp\is-IE0TI.tmp\clipgrab-3.9.7-portable.tmp

Filesize
2.5MB

MD5
ae7b203e80eaa5afb50768049bb3de50

SHA1
cc0b5d64c2af21a3b24e167352df8ae93acd30d3

SHA256
ffe5d85efc5b75b4c99b07f5819d1fb3b9b1b42e67c903ef86f013bdedad7112

SHA512
a94cc199a4fa8a67496169de972bef84dd0e411502c5f74438ec0e7d18626ef3278d9c3aae1b0d025776849dbed5ec8e06d714b4bd48a43e48e2a167f7d52748

Download Submit
\Users\Admin\AppData\Local\Temp\is-KQOOF.tmp\vc_redist.x86.exe

Filesize
14.0MB

MD5
310f8aadd8055f8b8eba1a6528be7d10

SHA1
3ee9622151e4b50837fcdfac1b085430f0181f4e

SHA256
54ad46ae80984aa48cae6361213692c96b3639e322730d28c7fb93b183c761da

SHA512
2872a30939f7ee20b494806574cf5b8b5a0976f8fe69bdbd77dde2483ce2a9e5458ff3636147e49a449e941a44ca2d79239e3da62fddb69fc5bced8ee1004ee5

Download Submit
\Windows\Temp\{02688985-F097-4E81-9BD3-1EFA72E7F0AB}\.cr\vc_redist.x86.exe

Filesize
881KB

MD5
9df0848b2753e9255f1a6b4cdc9a5a3e

SHA1
051469cd9e786b720ef6b70c35a1e184a643f520

SHA256
59089badd61acb47a07748c9018d3a959cf58f07de9902b0c45dffae3e566090

SHA512
518a78e77515b2fb21c5f66a760473a1f8ab5050e9bc65a4715ab178e568079f11f65fc173db59dd021b69fe0b606c42e50bf5f09a34ba2009a7b71e88033452

Download Submit
\Windows\Temp\{CEDC30A7-7CBD-4782-AB17-C283C7CA640D}\.ba\wixstdba.dll

Filesize
191KB

MD5
eab9caf4277829abdf6223ec1efa0edd

SHA1
74862ecf349a9bedd32699f2a7a4e00b4727543d

SHA256
a4efbdb2ce55788ffe92a244cb775efd475526ef5b61ad78de2bcdfaddac7041

SHA512
45b15ade68e0a90ea7300aeb6dca9bc9e347a63dba5ce72a635957564d1bdf0b1584a5e34191916498850fc7b3b7ecfbcbfcb246b39dbf59d47f66bc825c6fd2

Download Submit
memory/776-241-0x0000000000400000-0x00000000004CE000-memory.dmp

Filesize
824KB

Download
memory/776-513-0x0000000000400000-0x00000000004CE000-memory.dmp

Filesize
824KB

Download
memory/776-295-0x0000000000400000-0x00000000004CE000-memory.dmp

Filesize
824KB

Download
memory/896-255-0x0000000000240000-0x0000000000241000-memory.dmp

Filesize
4KB

Download
memory/896-422-0x0000000000400000-0x0000000000685000-memory.dmp

Filesize
2.5MB

Download
memory/896-298-0x0000000000400000-0x0000000000685000-memory.dmp

Filesize
2.5MB

Download
memory/896-512-0x0000000000400000-0x0000000000685000-memory.dmp

Filesize
2.5MB

Download
memory/1508-210-0x0000000000400000-0x000000000073F000-memory.dmp

Filesize
3.2MB

Download
memory/1508-250-0x0000000000400000-0x000000000073F000-memory.dmp

Filesize
3.2MB

Download
memory/1508-519-0x0000000000400000-0x000000000073F000-memory.dmp

Filesize
3.2MB

Download
memory/1508-211-0x0000000003B50000-0x0000000003B5F000-memory.dmp

Filesize
60KB

Download
memory/1508-520-0x0000000003B50000-0x0000000003B5F000-memory.dmp

Filesize
60KB

Download
memory/1508-208-0x00000000003D0000-0x00000000003D1000-memory.dmp

Filesize
4KB

Download
memory/1508-201-0x0000000003B50000-0x0000000003B5F000-memory.dmp

Filesize
60KB

Download
memory/1508-176-0x0000000000400000-0x000000000073F000-memory.dmp

Filesize
3.2MB

Download
memory/1508-61-0x00000000003D0000-0x00000000003D1000-memory.dmp

Filesize
4KB

Download
memory/1668-587-0x0000000000320000-0x000000000032A000-memory.dmp

Filesize
40KB

Download
memory/1720-54-0x0000000000400000-0x000000000051D000-memory.dmp

Filesize
1.1MB

Download
memory/1720-165-0x0000000000400000-0x000000000051D000-memory.dmp

Filesize
1.1MB

Download