Overview

overview

8

Static

static

1

picwish-setup.exe

windows10-1703-x64

8

picwish-setup.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    77s
  • max time network
    83s
  • platform
    windows10-1703_x64
  • resource
    win10-20230220-es
  • resource tags

    arch:x64arch:x86image:win10-20230220-eslocale:es-esos:windows10-1703-x64systemwindows
  • submitted
    30-03-2023 13:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    picwish-setup.exe

  • Size

    1.9MB

  • MD5

    e5a1cdc09c01b092a93b522c6f5854db

  • SHA1

    bf6cace29da031b9ec7ea45d2db3ca77e7506eef

  • SHA256

    02330d74ea7107a7f09db8e42214f87411ca1e462434937adad8c222382d2eea

  • SHA512

    7511574898933988308fc8739c8b9ebc6b5d35550d351cc396338ca831e03062f727bdd3c6b8e6f5a1efb1c70985e0ea0de60c8939ccb0438b0b5e495d4eb809

  • SSDEEP

    49152:ZQR6QAuAMLVImaAfqTTCEyNCSay7ATGGqogQxu2le5oUb2w:Zo6QLAMZoCEyNCfYogQa

Score
8/10
discoveryevasion

Malware Config

Signatures

  • Downloads MZ/PE file
  • Modifies Windows Firewall 1 TTPs 3 IoCs
    evasion
  • Checks computer location settings 2 TTPs 3 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 4 IoCs
  • Loads dropped DLL 1 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 3 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Modifies Internet Explorer settings 1 TTPs 11 IoCs
    adwarespyware
  • Modifies registry class 64 IoCs
  • Script User-Agent 1 IoCs

    Uses user-agent string associated with script host/environment.

  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious behavior: MapViewOfSection 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 13 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 21 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\picwish-setup.exe
    "C:\Users\Admin\AppData\Local\Temp\picwish-setup.exe"
    1⤵
    • Checks computer location settings
    • Suspicious use of WriteProcessMemory
    PID:4684
    • C:\Users\Admin\AppData\Local\Temp\installer.exe
      "C:\Users\Admin\AppData\Local\Temp\installer.exe" /VERYSILENT /SUPPRESSMSGBOXES /FORCECLOSEAPPLICATIONS /DIR="C:\Program Files (x86)\PicWish\PicWish" /LANG=Spanish
      2⤵
      • Executes dropped EXE
      • Suspicious use of WriteProcessMemory
      PID:4920
      • C:\Users\Admin\AppData\Local\Temp\is-S8QO7.tmp\installer.tmp
        "C:\Users\Admin\AppData\Local\Temp\is-S8QO7.tmp\installer.tmp" /SL5="$D01F4,19157114,749568,C:\Users\Admin\AppData\Local\Temp\installer.exe" /VERYSILENT /SUPPRESSMSGBOXES /FORCECLOSEAPPLICATIONS /DIR="C:\Program Files (x86)\PicWish\PicWish" /LANG=Spanish
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • Drops file in Program Files directory
        • Modifies Internet Explorer settings
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of WriteProcessMemory
        PID:3740
        • C:\Windows\SysWOW64\netsh.exe
          "C:\Windows\system32\netsh.exe" advfirewall firewall delete rule name="PicWish" program="C:\Program Files (x86)\PicWish\PicWish\PicWish.exe"
          4⤵
          • Modifies Windows Firewall
          PID:3224
        • C:\Windows\SysWOW64\netsh.exe
          "C:\Windows\system32\netsh.exe" advfirewall firewall add rule name="PicWish" dir=in action=allow program="C:\Program Files (x86)\PicWish\PicWish\PicWish.exe" enable=yes
          4⤵
          • Modifies Windows Firewall
          PID:5040
        • C:\Windows\SysWOW64\netsh.exe
          "C:\Windows\system32\netsh.exe" advfirewall firewall add rule name="PicWish" dir=out action=allow program="C:\Program Files (x86)\PicWish\PicWish\PicWish.exe" enable=yes
          4⤵
          • Modifies Windows Firewall
          PID:3432
        • C:\Users\Admin\AppData\Local\Temp\is-HD5LQ.tmp\PinTaskbarTool.exe
          "C:\Users\Admin\AppData\Local\Temp\is-HD5LQ.tmp\PinTaskbarTool.exe" /unpin "C:\Program Files (x86)\PicWish\PicWish\PicWish.exe"
          4⤵
          • Checks computer location settings
          • Executes dropped EXE
          • Modifies registry class
          • Suspicious use of AdjustPrivilegeToken
          PID:2216
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
    1⤵
    • Drops file in Windows directory
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:2160
  • C:\Windows\system32\browser_broker.exe
    C:\Windows\system32\browser_broker.exe -Embedding
    1⤵
    • Modifies Internet Explorer settings
    PID:3356
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Modifies registry class
    • Suspicious behavior: MapViewOfSection
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4940
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of AdjustPrivilegeToken
    PID:1064
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Modifies registry class
    • Suspicious use of AdjustPrivilegeToken
    PID:4524
  • C:\Program Files (x86)\PicWish\PicWish\PicWish.exe
    "C:\Program Files (x86)\PicWish\PicWish\PicWish.exe"
    1⤵
    • Checks computer location settings
    • Executes dropped EXE
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3388

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files (x86)\PicWish\PicWish\Aliyun.Log.dll
    Filesize

    77KB

    MD5

    dcb7d24b7c24bdc474a4ddbce4404c97

    SHA1

    ddb03f0e22f632f28edbcd31208c35288d42d57e

    SHA256

    06d8f6f58ef29fd50fa89b5bf5e5a4f2a2c4cc39583d78fbb90e931914cb572f

    SHA512

    6e404ac3bd956e88df83ff067ea8188f3e1c1bc2319110073a108a5106495b1a4829dd3e0652a5bd3ee4d4c20ea86b589de2e46e29f139e3456a21bf7639d4a1

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\CommonServiceLocator.dll
    Filesize

    9KB

    MD5

    181fa402215022dd2e5a19d89db1392d

    SHA1

    90dd2343c497389798cc0aba53863eecdd5e65d8

    SHA256

    0901248381ecd6cb362727a7905f0ebe7b791317b4502f39a8caaaca3326a244

    SHA512

    a442e768a477b9237cd165610e11267d7fbfe608980663c20e597276b343fa745e830104f77e8a76fe705587f5e386ccc797e9676b073ae09da77472ed6d04a8

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\GalaSoft.MvvmLight.Extras.dll
    Filesize

    21KB

    MD5

    810e42e2bbfb536bdc01abf882a24938

    SHA1

    7bd37217aaf5ec27d2f993bb4212b0b8ab94d220

    SHA256

    cb4d844434a8ffbd33531470e094524be27b88ca42b2c2197492bbe8246ea1bb

    SHA512

    176769ef15d87373c53cc39241126bd39ce57b18af0df4d9d2cf68645868dd53090cb5ab93b8ba78303a3e6b5f3888d2150e6def57b26462df1b12fe7450f650

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\GalaSoft.MvvmLight.Platform.dll
    Filesize

    13KB

    MD5

    5b958b4229538ac23099ce9ed6f37de4

    SHA1

    32cd46e39c4f6334d28788d5e3afaa19d4fd1041

    SHA256

    2a1114c99533aae7442b298336247350b55caa193c06454ea606d6a394656573

    SHA512

    87b6a509d1cb262e6ba198819ffec3b8e03e4672b031ff918fe406307f750192a73c73dcd8140d8be5dcc8286a79e779fad59189ae7ac759cec6223e55b9b899

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\GalaSoft.MvvmLight.dll
    Filesize

    29KB

    MD5

    af04687248da9e95a7ff65ab538d0bcf

    SHA1

    7511184300e2b6f70bc92333392386a812b2dabf

    SHA256

    b097fca120a9e76fa870d82662bdd233adbf08fc34a3c509f31cc5ced0ac1ecf

    SHA512

    a5eab337f6386de5fb2cc809730bac7d17cdfb309afea32e65e9d8c457f97ac3e3f03cebd48535cf253e28f3aa600f234631c2060ec59acb917cb5f135f4b67a

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\Google.ProtocolBuffers.dll
    Filesize

    311KB

    MD5

    ef320e5a8bf540bc51a40786e629c9cf

    SHA1

    496d21952b74b8cc2681653fdffcda7de626ff4c

    SHA256

    a0d084502641c4ce258f42a9478ab37f797a5def8ef22af6be96a72678176277

    SHA512

    a42579a7836373ffeac435bfb2374ef82c09798973c7f03029f35fae1b8e6191ff7765981b65fd6a00f76dfdc1297f224e27388ce357148a14f248a00a45c1ce

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\LZ4Sharp.dll
    Filesize

    28KB

    MD5

    9b06c02ee1e4681437fcaac0a9128ea7

    SHA1

    8790f74c6bd5f0e97e95c6fecadcabe27a76b649

    SHA256

    f7d86e9097d16bfc170cbfad5e18a20bd9a48381308ba537695389594d8b53bf

    SHA512

    7219445240a7898f7c5b5b8d01913cb887923a21cb6d74d97a359e67ef40ebc2affc03f28f101c71384fbbe5e5fb9aa8b6f2776cb7c13f0fb76138660a5a67ec

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\Lang\ChineseSimplified.xml
    Filesize

    25KB

    MD5

    34a639866decb2f05c927d46ee7c4c3d

    SHA1

    6a3e83ce7f421188b0aa26f10669ec94391db51e

    SHA256

    7be41b434602f9585f75de3daea2f99a1e25db5998e71140041f97894ae18bdd

    SHA512

    76004d40b6c68a11471b9391a3b49474f0a4f65d56cf19fe99fff1e74abf47a3c6b941b329f0a2c922ad97810f41eb8144bcc4e638a04401a7cb58501327f0af

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\Lang\ChineseTraditional.xml
    Filesize

    24KB

    MD5

    580193647a96361423f5413e5a8049f7

    SHA1

    08596d85ea98f95f235700d0c51cfe36bc4db023

    SHA256

    1efafcdee4bdd8f8913518ac26046c792112b5a0319e7e83d3c87f4513f83bf6

    SHA512

    0633af45443f8d3dca49c99ea57ea2a609eba77f82bebbe0ff11e18f6314bdce1c3d7d6ae10e14792bfdd63f545fc6275df40aced606598e65d2da4a1d77cf00

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\Lang\English.xml
    Filesize

    23KB

    MD5

    63b84c27c36ceb107c7ee28e44e79ffd

    SHA1

    089db3574d9da3fb0d520999d1c9737db1a3d8d8

    SHA256

    26e33b3e657b4b5ab4d9368770bb005d72e87bd27a4c21bf41c0c6a3ee4008a2

    SHA512

    d1ca62f92ffe094b64f87fee8a032c3bf20e08bdfc096897c174de243c1ffd592575a41c03ce84b16ded65550e2d40cfbde9114980eef5382a68eb799d462703

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\Lang\French.xml
    Filesize

    26KB

    MD5

    b88e3ac581e3a2de7c98e7367852e211

    SHA1

    9ae6c2ddc3a4a93fab9765f121fd386c9ded46e2

    SHA256

    e5166ff3e9bcf1bc22038921f7f5f203be0eec3ac9025bf7bcff4c06eeb85f25

    SHA512

    4aa1be4afa1775d03c14144bfd21883b4a77786c4544746d207d3302c751b4d5d58b6523dac04c831b4005598da716e76753e2eac3342d70c36c8432e555a916

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\Lang\German.xml
    Filesize

    25KB

    MD5

    59783d1615e3e1658ebd886ca085aff0

    SHA1

    84a920944f5fd7d92742d10f0053eaa5fd917433

    SHA256

    e218edbd9e2dce9de4095d62640452c3450540ae0abe1f7ac024d19337c5f160

    SHA512

    240bca14cf875b00a8d28f95f839d550700e90e094d66c53fc46ee5ded44b1d90573e5b533b6455b37e1ba4a6314cf999399276534a9fa97f062f563140d9986

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\Lang\Japanese.xml
    Filesize

    27KB

    MD5

    9f06b49fa53725eaa1c4006f38ec074e

    SHA1

    efb889c1ba12def410b9f21f4e0b7c43a585c1e1

    SHA256

    ae1f3774f612509371494ae5e32905eb8df23618bd381b4021ae93f45bb3f780

    SHA512

    fcc32bd7432d1e40dea1ffa2fd9f0b2d43b878f6001136538227ac5f81479a0dcdb4f2fe2b6d33969e16249e355e04744e62ea1828b2d77796c520bc54cfca12

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\Lang\Portuguese.xml
    Filesize

    24KB

    MD5

    3e7f9a63b47852af9c21598fe9af2142

    SHA1

    b9cb2347008d219bbb608f22a2c7a3fb31bc44f1

    SHA256

    8ae07f2599a61bc0539bdb4abb7f189b2cab6b099ec4c77b1d5ea39531ff87f1

    SHA512

    4dcef99403624d6990e1ef744397cfa1e5ea95e6bfac267d47d2f8dbf598b38069d2ee2222b5e91d2cac9a7a50d7181daa53321a4f86cd6f0ccbab0a463d3679

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\Lang\PortugueseBrazil.xml
    Filesize

    24KB

    MD5

    b69bf7e25c8b4e28ddf20d3740ffa3b0

    SHA1

    0ce419199e7b3c9fa6cb9e357dd7b1ca3120fd66

    SHA256

    c8bbab10771cac60c855728d42c8ac656829c7e118e95236495cf40971ff3953

    SHA512

    28f511d3fb7906bfefd134bf7aa4a233eb9b6d03b16a54f06235d2c1fc16c4cca9086f5460abdc7a7bc0c9bb87cae5335804e0b6624cfdb8209ea06872d6ee19

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\Lang\Spanish.xml
    Filesize

    25KB

    MD5

    a31d2e88f72c65b82df06a29b53d3ab9

    SHA1

    cc3f63c81890636c6e51320e3aaaafe016e2f3df

    SHA256

    9f1b9cff8f57ed9957caecf4b58656a57e728a716776fdf6230695260af5435b

    SHA512

    b55d590209a31f94509007128c1caf45dd2ae701a084a2fd39e8d4e74326f18f05e5dacb3eb74e0294ae756a00301416c35b038346a79ba60f47984b00fd47b6

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\LiteDB.dll
    Filesize

    478KB

    MD5

    6f6c0343f59fac35010a72d1f25bc459

    SHA1

    4f7b39dcbf32c14575bfcceccc9722721b00c66b

    SHA256

    87e27fac0e872614aff5a1bd7b93727d10352fe42c1e4b9bc2f41fcdd344b750

    SHA512

    9b0d20cdc921f0e338cb4d3fd39976eb860b38f6518afc4dadc041ff7d9ad5d13b8ca69fb142af8407a63f0471eda182b04d1c33ba70bbea29a39df8e3373b3c

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\Newtonsoft.Json.dll
    Filesize

    514KB

    MD5

    c53737821b861d454d5248034c3c097c

    SHA1

    6b0da75617a2269493dc1a685d7a0b07f2e48c75

    SHA256

    575e30f98e4ea42c9e516edc8bbb29ad8b50b173a3e6b36b5ba39e133cce9406

    SHA512

    289543f5eea472e9027030e24011bea1e49e91059241fe6eb732e78f51822313e47d1e4769fa1c9c7d6139f6a97dcfef2946836b3383e8643988bf8908162fb9

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\PicWish.CustomControl.dll
    Filesize

    258KB

    MD5

    c8ec4a00fea09874591a1547a70e227e

    SHA1

    91ab4d892bcf725712c92f31ba50f81f01bfb7e9

    SHA256

    9199c67649e8093995993123f326c7de1f00aa29d1813dbb90825382ecac34da

    SHA512

    bc6024718c244dc19c73dbda801872d8dd64371ea8d5a558956c2b50cb82abd78ff0cf4ef1ec475407295b8631efc83e3df7dfc9cad14492457ecc222dcd3f2d

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\PicWish.Resource.dll
    Filesize

    9.4MB

    MD5

    8b5377e340d27b8168029779b25d6abe

    SHA1

    e905e17ade4d83b99bff541579bb92fbb43d1208

    SHA256

    e9269bb815b0609fc9ecb538797ea9b24f3ab2f03f009b0b40ff4979fc24f976

    SHA512

    052a06568c4329725a16a850c92341ce03a619219f12bf5f98baf3e0f130b7691e1d5f9aad264f1335caadee0a7f6eddbfd91634a8b0e97078fe3ed99101b048

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\PicWish.exe
    Filesize

    5.3MB

    MD5

    337a99676e8b4bca9fd0dbf30cc6f625

    SHA1

    4dde02b794ed38b68b7102f5812db7db97e5356e

    SHA256

    5cf339259d857d366b199672e2f2054eb5e33babae1cac6af22b8bf94b86abfe

    SHA512

    d8cf70e1afaad4c0f27549e78ffd0e8866b6f5b0561190caf576dead5163d94543434cbc741df8f7208d9eae7ddd7761cb0116c1e39e7811ca50f6c52c25e0eb

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\PicWish.exe
    Filesize

    5.3MB

    MD5

    337a99676e8b4bca9fd0dbf30cc6f625

    SHA1

    4dde02b794ed38b68b7102f5812db7db97e5356e

    SHA256

    5cf339259d857d366b199672e2f2054eb5e33babae1cac6af22b8bf94b86abfe

    SHA512

    d8cf70e1afaad4c0f27549e78ffd0e8866b6f5b0561190caf576dead5163d94543434cbc741df8f7208d9eae7ddd7761cb0116c1e39e7811ca50f6c52c25e0eb

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\PicWish.exe
    Filesize

    5.3MB

    MD5

    337a99676e8b4bca9fd0dbf30cc6f625

    SHA1

    4dde02b794ed38b68b7102f5812db7db97e5356e

    SHA256

    5cf339259d857d366b199672e2f2054eb5e33babae1cac6af22b8bf94b86abfe

    SHA512

    d8cf70e1afaad4c0f27549e78ffd0e8866b6f5b0561190caf576dead5163d94543434cbc741df8f7208d9eae7ddd7761cb0116c1e39e7811ca50f6c52c25e0eb

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\PicWish.exe.config
    Filesize

    2KB

    MD5

    42c775c09ac6f0b279f7f2ea09e450cc

    SHA1

    01c96bbc775e07de97b6482fd69e39ef1956249d

    SHA256

    87d6127ee203a3be08b38087a263950e3495349b8696120dbae23978a2b1af37

    SHA512

    812206e25307dfe6f05f2c2c193e5e636e2db4e8e95eb51609cc51bf1944795d98026beaa5e14fb7ad73d6cbec3683f3a434c928838653f7a43e845cf50bd999

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\SharpVectors.Converters.Wpf.dll
    Filesize

    130KB

    MD5

    3f4ede50034cc5c476052ce3ee240d69

    SHA1

    206690d920b4de81c78f59d92758de4676d7cc36

    SHA256

    ada64205ff0036da2d880fc63de40917849e04108b7049003d204326adf9b92e

    SHA512

    89e8f56e3a9a28f6a4ac46e96e981436ab3c33339489cb42ab5c99fd8de404e0ea45b8566ad5308335596712dbd61118e6eae65e43c7dfe16af0e48e6d9c6280

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\SharpVectors.Core.dll
    Filesize

    179KB

    MD5

    cdd59706adc76e83412c9d59ded994be

    SHA1

    4f099d2139eec21c5563aaa27ba6238a5ede80c6

    SHA256

    f17545eb8c444b587c8fe5a40782bf699c1543e3fa728bf12bd5b9383beb3b80

    SHA512

    3f2ca21f6c8709a77394e1600b51db2fa90b607533151b9caddbc6e7e5f531d1dfccee4a5596188f81d7de05e85739b6564ffbc21dd3a86ff210f8eaac9ce934

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\SharpVectors.Css.dll
    Filesize

    89KB

    MD5

    8f0f9d50e275ae88bbbd9c8653cbe9d0

    SHA1

    cd242425a28aca8b230e165ec80da9a4b39a2b4d

    SHA256

    d3711842c4d3f17268c3e38e26ee50a93d38c539c8b9159d6236f789ad1e6985

    SHA512

    485de01505b4589855afe9b8433a73e26c8bf0f3c47a5ade1c0bdbdfe93ca496ac75c0b07c7d6129da21e48fdc54ab69e403748fa4da833ca7300fc03d6411e3

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\SharpVectors.Dom.dll
    Filesize

    32KB

    MD5

    c2c3ed996a141a6440de39dbd13ec777

    SHA1

    4dd8c82bb385f3ee166d3731b0c36464900c1845

    SHA256

    8235e63093dad1604cc33bf355f2efc49cca7b2ba3c3d1cc37c98bfc856c661b

    SHA512

    00c470767fbca5cb3a0d491da8ab0050984039aa5d8ee2e2b986ca897450b3a1081eb5acb9c706ae5311c8d53efa9cd484c47e07e84883a06765dce2a0df93ad

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\SharpVectors.Model.dll
    Filesize

    1.0MB

    MD5

    a31602e067542b1a79932690c93741cb

    SHA1

    ddb47f578223fc127549741fcb0343f5c38d2037

    SHA256

    6a739b85b241378d9d78b490053db2053ab7690fb45677f64157fd0de4e3b794

    SHA512

    9c8ed4cfa6e61efcffe31a7cf2f52f3dc7d429e71fed670a843a028bebebb18982672f3d6158e5ee00449ab8354607eb88805712c6e9332ae6d121a97298e85c

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\SharpVectors.Rendering.Wpf.dll
    Filesize

    225KB

    MD5

    cefd5b31fe148b6d48763d8f88ac4bbb

    SHA1

    1cc71edc00cfd9c96b4f6b4e9d9762c81d4799ca

    SHA256

    1133ee4026690ec2c59369c1211f4ac3ef0c862620c9812c27a2c9893d2c6f19

    SHA512

    35e032911482a388e02bc258f15d3f98531fee2b8889fe083b1841de98aa542259e7c56733506ff06a4485f8794116805570e33f201128b4d6d46ced2736b65f

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\SharpVectors.Runtime.Wpf.dll
    Filesize

    71KB

    MD5

    8da5cf5784c04e6b068c5d508b962641

    SHA1

    a4ced8562a9ed08c99ecc739aa83d191b1af8c61

    SHA256

    11ff9a3f74202409b0681535f34a223a1164f34527960990b63e966b3fa86141

    SHA512

    e8bd6511c1fc31a81c54fe45205dfcc30d91f6fb84f5a25e841aa5845241f2b5ce0cab6ef362558928ce3c1d185e1d953c16e578cb180a45c55d54a3daba6919

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\log4net.dll
    Filesize

    264KB

    MD5

    46319a38ce5d09020d2ac56b67829c6c

    SHA1

    ffe64ca4d4bc9e1dab1d195982d22121a6baa058

    SHA256

    1d45a6afa38f0b10814063f2a42e6efce45752853667650e765844b8566b3332

    SHA512

    0de61771a92ee71470e51bccf66d3a39c105ae23d60e73d8e4e7d44135dff4c8d1dddff9bbb6be72ff083d51c784e5ca829a6adefee87fd901d2de58db0ddb03

    Download Submit
  • C:\Program Files (x86)\PicWish\PicWish\websocket-sharp.dll
    Filesize

    250KB

    MD5

    863e1abfe419267917e058a2f41c4651

    SHA1

    3db44c482c3a99428e3fe01c9268f50f4ca3e060

    SHA256

    d5167719bb575cdb6107093a126857c68a9e1c00c2c966774c280cbb3ba0c909

    SHA512

    49857102b7d68e73caeaba81462a5048b527d5c763b43dc55ab31c6f9880de20d0d88f9ae2ab3735dc255b06743bb6b902a9b297ff815db1baba2cd415a30543

    Download Submit
  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\B24P2V5X\analytics[1].js
    Filesize

    49KB

    MD5

    54e51056211dda674100cc5b323a58ad

    SHA1

    26dc5034cb6c7f3bbe061edd37c7fc6006cb835b

    SHA256

    5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

    SHA512

    e305d190287c28ca0cc2e45b909a304194175bb08351ad3f22825b1d632b1a217fb4b90dfd395637932307a8e0cc01da2f47831fa4eda91a18e49efe6685b74b

    Download Submit
  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CMB7DWUK\bat[1].js
    Filesize

    39KB

    MD5

    b51ab1f965c96f271cc08617eeebc57a

    SHA1

    f7a52e401d28ac7fe5ba78711d4e2f0cad0e365c

    SHA256

    a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

    SHA512

    f516dd50f1af64eaabdb5457ef1ade46c778235f6fe226e437797c2b7660c672cd2c773d5f7b2cc55b32403e7a0d8c493395d0aa983db23360594027acbfaa11

    Download Submit
  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\W4IX9MO2\secure.livechatinc[1].xml
    Filesize

    99B

    MD5

    c0c93aeafc240863449662ef89df3150

    SHA1

    45ca9ec9fa8491c9685479185f18b20e5da3a233

    SHA256

    3420cc6be5e73c64f7771f89626aeaf5126fae37d2b8dd2c6439830b7ba38876

    SHA512

    9fb64d2ad9534768b47560834de0f293861f5db9577d83752b8725ac655f01c9e9cc250f742db2bf8ad538bb7e6f245367550cd5f7620229b0180aa92f8b38fe

    Download Submit
  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\W4IX9MO2\secure.livechatinc[1].xml
    Filesize

    1KB

    MD5

    6ff95573abd08e50cb27cffd59081694

    SHA1

    996f2ed6ab781ac071fadd4d515a43558434e81e

    SHA256

    ba4da481d5fbe4fcc1abd18ff3c0e9783cfaf36257bf8b034477b662e176d092

    SHA512

    c2d3f74cacf26fe22857d2b37f3ce7adcaed4671a8e53d317b6dc742d5e61ba7f34d6e7c214a959d9a95d7313269b6e5f2b4eb56b0ab015c12d32ff3986a9ed7

    Download Submit
  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\W4IX9MO2\secure.livechatinc[1].xml
    Filesize

    1KB

    MD5

    3fada843f79c9ee2fedbdb4b30b28dd5

    SHA1

    0683145bdf9d8121b563bc22b5891bcbdb59eed0

    SHA256

    4832d2fadcb1b3fd02047b1d6f6c3f81a52a3112c3d24f0f8ef82b530d0fbad9

    SHA512

    3d3bf74770e7f8ad0c508234c1ddc13012720b18f024acf98df74494232350d6ba39adbedb7b6f79c9955f9ccea90cfc8013a1e15716afce25e03ad570991f47

    Download Submit
  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\W4IX9MO2\secure.livechatinc[1].xml
    Filesize

    1KB

    MD5

    3fada843f79c9ee2fedbdb4b30b28dd5

    SHA1

    0683145bdf9d8121b563bc22b5891bcbdb59eed0

    SHA256

    4832d2fadcb1b3fd02047b1d6f6c3f81a52a3112c3d24f0f8ef82b530d0fbad9

    SHA512

    3d3bf74770e7f8ad0c508234c1ddc13012720b18f024acf98df74494232350d6ba39adbedb7b6f79c9955f9ccea90cfc8013a1e15716afce25e03ad570991f47

    Download Submit
  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\W4IX9MO2\secure.livechatinc[1].xml
    Filesize

    1KB

    MD5

    f06e03365bf6c670876866bcd283284a

    SHA1

    de6b12277d7fb02699437b61aa44fee016ce32c5

    SHA256

    3626825bb9e33b6f15d7f722eefc3af1b684f4e2d0742bcb209cdf329568e214

    SHA512

    412051b71c767faf20ecfa573ea1acbd16df5cb203b0eaa95d7261ecb0cb42358522bd67412ebb7adbae5dab7a3fa3e571cb6d041536cb990786cfa32cbe9ac5

    Download Submit
  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\W4IX9MO2\secure.livechatinc[1].xml
    Filesize

    1KB

    MD5

    f06e03365bf6c670876866bcd283284a

    SHA1

    de6b12277d7fb02699437b61aa44fee016ce32c5

    SHA256

    3626825bb9e33b6f15d7f722eefc3af1b684f4e2d0742bcb209cdf329568e214

    SHA512

    412051b71c767faf20ecfa573ea1acbd16df5cb203b0eaa95d7261ecb0cb42358522bd67412ebb7adbae5dab7a3fa3e571cb6d041536cb990786cfa32cbe9ac5

    Download Submit
  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\W4IX9MO2\secure.livechatinc[1].xml
    Filesize

    1KB

    MD5

    35d532885a0b525b251200134285cfea

    SHA1

    a97ab07037de81daa3daa47d16624c4c8ad4d40f

    SHA256

    abc2dafbb06efc5c52c8abbc7861ef95ed7c404adb4625c8a358ef040080a243

    SHA512

    dee916bbd8f339990ba1441788659dd6b718a1983668605f51a1f2c244503516e20da3cc57e461de2195ca36542d9bb43e587933ad3f31a6502e3984322c986d

    Download Submit
  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\W4IX9MO2\secure.livechatinc[1].xml
    Filesize

    1KB

    MD5

    f1fafdac3c6c9bfc6fd528a7dc139349

    SHA1

    59c6d9cbc6f8dc0145d24c5e5da03c62f35fc939

    SHA256

    c03e55633aa48343b9f6c2569abde0d62e0b15217935c212e9eaac8e2b3231c8

    SHA512

    d6088e2578ce812d340d2b39ca66826f5eb6726023594c4c2697bab97b1885f2f8e975730abf2945a06c76ef0613b0e45da3a67b2a48a35c0f55a1c3949f50c6

    Download Submit
  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\XQQB94EF\picwish[1].xml
    Filesize

    214B

    MD5

    332be512a6c5b6d5e9986e6f6200afec

    SHA1

    01e6266710a0cdb60197526691f40135b8b26c07

    SHA256

    bc7b8619eebdf43899a57df43582b476d3d7285c2145dda4fc54d60e5734e500

    SHA512

    6cb6e2ab62c66764965b52bc275ed3ea44b95b2b0cfeb6225a6761b0813fe8f443174403267e6d2dca05ee4751b1d70814201dc6feee4fc45685d7d5d8ec40d6

    Download Submit
  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\I9BLAX79\favicon[1].png
    Filesize

    786B

    MD5

    697eabec8e8ff504c281fd552ee3ac72

    SHA1

    892830a8ffdb9fc9564ce1ff83d5117850c347e2

    SHA256

    b4e140e822e1aa034c24105be3ba92839a1eac6d5b667d11df56cf04783d9c7d

    SHA512

    ae14cee39d722e627d3c542905b91e0a78a83d4b25e513c64b7f00f1095f1e22b2a850d1a99979247f935af7c772c712a48f2df38bbc6d61352b4e052b828e90

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Setup Log 2023-03-30 #001.txt
    Filesize

    22KB

    MD5

    4c913828bce31e167897fa87263ce6e7

    SHA1

    5560eb6c4121c469101907c867e1ebba6ce6190d

    SHA256

    0bf1726872584a25583bc9573e4a0f2aebea2d35a642927911719a40283bccce

    SHA512

    c5431272bd5e08c00069cf3a3ed1fc498663c0f6ece19082770a46915754b9b6a06d0858fc627275d488ed752df83fd73113a1c4eb9c04e74ac201fd3c5d7ba9

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\installer.exe
    Filesize

    19.1MB

    MD5

    58c88bd3498b2748870f54e6e9fc6b97

    SHA1

    be2348348c2b9620c742eed0f3c452fbbac28cd5

    SHA256

    03e462d23ea4c8deed26292b4965bf4c0da3d60ae683dfe48fa9319558d0ae83

    SHA512

    f5c5e289287ade4c5b1345081d35085dd6e6a9eccace5e4607bcede3e20eb7fde02e2635e11facc4d872c86092bef19c963ba64c5bc94c7ec386b8ccc42224b4

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\installer.exe
    Filesize

    19.1MB

    MD5

    58c88bd3498b2748870f54e6e9fc6b97

    SHA1

    be2348348c2b9620c742eed0f3c452fbbac28cd5

    SHA256

    03e462d23ea4c8deed26292b4965bf4c0da3d60ae683dfe48fa9319558d0ae83

    SHA512

    f5c5e289287ade4c5b1345081d35085dd6e6a9eccace5e4607bcede3e20eb7fde02e2635e11facc4d872c86092bef19c963ba64c5bc94c7ec386b8ccc42224b4

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\installer.exe
    Filesize

    19.1MB

    MD5

    58c88bd3498b2748870f54e6e9fc6b97

    SHA1

    be2348348c2b9620c742eed0f3c452fbbac28cd5

    SHA256

    03e462d23ea4c8deed26292b4965bf4c0da3d60ae683dfe48fa9319558d0ae83

    SHA512

    f5c5e289287ade4c5b1345081d35085dd6e6a9eccace5e4607bcede3e20eb7fde02e2635e11facc4d872c86092bef19c963ba64c5bc94c7ec386b8ccc42224b4

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\is-HD5LQ.tmp\PinTaskbarTool.exe
    Filesize

    10KB

    MD5

    c00880561224f037feef7cd3dcd11314

    SHA1

    3435536555e29c387fd6f55f9d52381e6287fa94

    SHA256

    114963fc2ad618e25837b6f2d1f55d8e616216fe16c21af99c113889d39e92a7

    SHA512

    63050120886d8432c7632a7b8d4798176714156ce5934ec06971220e117a0ecd8fe76da482b51f95a00de579635db3056a8220493361ba69080f2b26bdf5e941

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\is-HD5LQ.tmp\PinTaskbarTool.exe
    Filesize

    10KB

    MD5

    c00880561224f037feef7cd3dcd11314

    SHA1

    3435536555e29c387fd6f55f9d52381e6287fa94

    SHA256

    114963fc2ad618e25837b6f2d1f55d8e616216fe16c21af99c113889d39e92a7

    SHA512

    63050120886d8432c7632a7b8d4798176714156ce5934ec06971220e117a0ecd8fe76da482b51f95a00de579635db3056a8220493361ba69080f2b26bdf5e941

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\is-S8QO7.tmp\installer.tmp
    Filesize

    2.4MB

    MD5

    3700f8cfed50376dc316f5cea9c7ce00

    SHA1

    614e53ec724d8e5adaa99722d698002fe0a8975d

    SHA256

    26cd6ea5dbdec06aadfe022f3c23a5546a217bfa93ff0bb1c95326e0e900ea75

    SHA512

    df79f7264a42a007ce0f8a68a1735f7f0e7d2dec6385e63308bc5b675ec247c36359af37f3a48d2289eaf1e57a6a74f2e7070c74005dcbb422de06a63cc76491

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\is-S8QO7.tmp\installer.tmp
    Filesize

    2.4MB

    MD5

    3700f8cfed50376dc316f5cea9c7ce00

    SHA1

    614e53ec724d8e5adaa99722d698002fe0a8975d

    SHA256

    26cd6ea5dbdec06aadfe022f3c23a5546a217bfa93ff0bb1c95326e0e900ea75

    SHA512

    df79f7264a42a007ce0f8a68a1735f7f0e7d2dec6385e63308bc5b675ec247c36359af37f3a48d2289eaf1e57a6a74f2e7070c74005dcbb422de06a63cc76491

    Download Submit
  • C:\Users\Admin\AppData\Roaming\PicWish\PicWish\Config.ini
    Filesize

    131B

    MD5

    25e625216d270290f27751271198a4a6

    SHA1

    a6c1651874da2684af9ad7cf921a791e67a06665

    SHA256

    2c453d9f889634bb14c9583a8acf28696ccc3d2994b10180d41be6595553cfc3

    SHA512

    efe745cbebb1eb30e502f3848fc7deef9632f5b3aff79d9167debaf1eb1a8aac57c8920ff99430beec96ad79e06ae1c7eeec1f0fe1f9970bc59564202dd51dc9

    Download Submit
  • C:\Users\Admin\AppData\Roaming\PicWish\PicWish\config.ini
    Filesize

    131B

    MD5

    25e625216d270290f27751271198a4a6

    SHA1

    a6c1651874da2684af9ad7cf921a791e67a06665

    SHA256

    2c453d9f889634bb14c9583a8acf28696ccc3d2994b10180d41be6595553cfc3

    SHA512

    efe745cbebb1eb30e502f3848fc7deef9632f5b3aff79d9167debaf1eb1a8aac57c8920ff99430beec96ad79e06ae1c7eeec1f0fe1f9970bc59564202dd51dc9

    Download Submit
  • C:\Users\Admin\AppData\Roaming\PicWish\PicWish\config.ini
    Filesize

    131B

    MD5

    25e625216d270290f27751271198a4a6

    SHA1

    a6c1651874da2684af9ad7cf921a791e67a06665

    SHA256

    2c453d9f889634bb14c9583a8acf28696ccc3d2994b10180d41be6595553cfc3

    SHA512

    efe745cbebb1eb30e502f3848fc7deef9632f5b3aff79d9167debaf1eb1a8aac57c8920ff99430beec96ad79e06ae1c7eeec1f0fe1f9970bc59564202dd51dc9

    Download Submit
  • C:\Users\Admin\AppData\Roaming\PicWish\PicWish\log\Apowersoft.CommUtilities.Native.log
    Filesize

    641B

    MD5

    1b4eefe5a947999a689351e81369529e

    SHA1

    8f8a7bd9a7d2d04cffe516ce0c3f538b22e41eb5

    SHA256

    9d455c4f3771d84ac4d72d72e6d5c80a2dac3a962d137f2c555d78b64852ed58

    SHA512

    312416f39d0beac9ff32da6e2ac41e6177dfa3db7ec2b32f9e8cecfcd936994188f961ccbd2658d687bf334f0b63dee243a7acb45fb84123b340379d15fc7c43

    Download Submit
  • C:\Users\Admin\AppData\Roaming\PicWish\PicWish\log\Apowersoft.CommUtilities.Native.log
    Filesize

    4KB

    MD5

    5695af613ffbb515349d2cd917afeefa

    SHA1

    aa86a80825d432cae3892a4d5a5c18b767aef97b

    SHA256

    96e8c6fe08fd454291ded14b8e6a1d909af4f7390474350ea4ee3b1d75bd7405

    SHA512

    cacbce526c20d2d81c3f7b977498ce8bd35b7214eb65afe520e59e093fb477bac4c929f9339fd49d9dcf106fafac136019e9561ba3862ebefd7382323d70b618

    Download Submit
  • \Users\Admin\AppData\Local\Temp\is-HD5LQ.tmp\isxdl.dll
    Filesize

    130KB

    MD5

    f7b445a6cb2064d7b459451e86ca6b0e

    SHA1

    b05b74a1988c10df8c73eb9ca1a41af2a49647b7

    SHA256

    bd03543c37feb48432e166fe3898abc2a7fe854b1113ee4d5d284633b4605377

    SHA512

    9cf6d791132660d5246f55d25018ad0cf2791de9f6032531b9aca9a6c84396b8aeca7a9c0410f835637659f396817d8ba40f45d3b80c7907cccbe275a345a465

    Download Submit
  • memory/1064-461-0x0000027F255E0000-0x0000027F256E0000-memory.dmp
    Filesize

    1024KB

    Download
  • memory/1064-453-0x0000027F254E0000-0x0000027F255E0000-memory.dmp
    Filesize

    1024KB

    Download
  • memory/1064-734-0x0000027F12ED0000-0x0000027F12EE0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/1064-733-0x0000027F12ED0000-0x0000027F12EE0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/1064-613-0x0000027F26DE0000-0x0000027F26E00000-memory.dmp
    Filesize

    128KB

    Download
  • memory/1064-589-0x0000027F26E00000-0x0000027F26E20000-memory.dmp
    Filesize

    128KB

    Download
  • memory/1064-520-0x0000027F25FB0000-0x0000027F260B0000-memory.dmp
    Filesize

    1024KB

    Download
  • memory/1064-487-0x0000027F25380000-0x0000027F253A0000-memory.dmp
    Filesize

    128KB

    Download
  • memory/1064-736-0x0000027F12ED0000-0x0000027F12EE0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/1064-735-0x0000027F12ED0000-0x0000027F12EE0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/1064-448-0x0000027F254E0000-0x0000027F255E0000-memory.dmp
    Filesize

    1024KB

    Download
  • memory/1064-421-0x0000027F25240000-0x0000027F25340000-memory.dmp
    Filesize

    1024KB

    Download
  • memory/1064-418-0x0000027F253A0000-0x0000027F253C0000-memory.dmp
    Filesize

    128KB

    Download
  • memory/1064-737-0x0000027F12ED0000-0x0000027F12EE0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/1064-739-0x0000027F12ED0000-0x0000027F12EE0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/1064-370-0x0000027F241A0000-0x0000027F241A2000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1064-368-0x0000027F24180000-0x0000027F24182000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1064-738-0x0000027F12ED0000-0x0000027F12EE0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/1064-361-0x0000027F24100000-0x0000027F24102000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1064-740-0x0000027F12ED0000-0x0000027F12EE0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2160-394-0x0000019D414D0000-0x0000019D414D1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/2160-332-0x0000019D3B780000-0x0000019D3B782000-memory.dmp
    Filesize

    8KB

    Download
  • memory/2160-330-0x0000019D3B600000-0x0000019D3B601000-memory.dmp
    Filesize

    4KB

    Download
  • memory/2160-311-0x0000019D3B900000-0x0000019D3B910000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2160-293-0x0000019D3B120000-0x0000019D3B130000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2160-334-0x0000019D40320000-0x0000019D40322000-memory.dmp
    Filesize

    8KB

    Download
  • memory/2160-335-0x0000019D40210000-0x0000019D40212000-memory.dmp
    Filesize

    8KB

    Download
  • memory/2160-399-0x0000019D414E0000-0x0000019D414E1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/2216-270-0x0000000005560000-0x0000000005570000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2216-268-0x0000000005430000-0x000000000544E000-memory.dmp
    Filesize

    120KB

    Download
  • memory/2216-267-0x0000000004D50000-0x0000000004DC6000-memory.dmp
    Filesize

    472KB

    Download
  • memory/2216-266-0x0000000000580000-0x0000000000588000-memory.dmp
    Filesize

    32KB

    Download
  • memory/3388-1342-0x00000296DD5F0000-0x00000296DD600000-memory.dmp
    Filesize

    64KB

    Download
  • memory/3388-1470-0x00000296DF3C0000-0x00000296DF3D8000-memory.dmp
    Filesize

    96KB

    Download
  • memory/3388-1420-0x00000296DEB40000-0x00000296DEB62000-memory.dmp
    Filesize

    136KB

    Download
  • memory/3388-1419-0x00000296DEBD0000-0x00000296DEC56000-memory.dmp
    Filesize

    536KB

    Download
  • memory/3388-1416-0x00000296C4D10000-0x00000296C4D2C000-memory.dmp
    Filesize

    112KB

    Download
  • memory/3388-1415-0x00000296C4D00000-0x00000296C4D0C000-memory.dmp
    Filesize

    48KB

    Download
  • memory/3388-1410-0x00000296DE900000-0x00000296DEB3C000-memory.dmp
    Filesize

    2.2MB

    Download
  • memory/3388-1409-0x00000296DD560000-0x00000296DD5A4000-memory.dmp
    Filesize

    272KB

    Download
  • memory/3388-1378-0x00000296DD510000-0x00000296DD556000-memory.dmp
    Filesize

    280KB

    Download
  • memory/3388-1351-0x00000296C3430000-0x00000296C3436000-memory.dmp
    Filesize

    24KB

    Download
  • memory/3388-1343-0x00000296DDF60000-0x00000296DE062000-memory.dmp
    Filesize

    1.0MB

    Download
  • memory/3388-1433-0x00000296DEB70000-0x00000296DEB80000-memory.dmp
    Filesize

    64KB

    Download
  • memory/3388-1338-0x00000296C3410000-0x00000296C3420000-memory.dmp
    Filesize

    64KB

    Download
  • memory/3388-1440-0x00000296DF690000-0x00000296DFBB6000-memory.dmp
    Filesize

    5.1MB

    Download
  • memory/3388-1441-0x00000296DD5F0000-0x00000296DD600000-memory.dmp
    Filesize

    64KB

    Download
  • memory/3388-1449-0x00000296DEC70000-0x00000296DEC78000-memory.dmp
    Filesize

    32KB

    Download
  • memory/3388-1336-0x00000296C33F0000-0x00000296C3404000-memory.dmp
    Filesize

    80KB

    Download
  • memory/3388-1453-0x00000296DEC90000-0x00000296DEC9C000-memory.dmp
    Filesize

    48KB

    Download
  • memory/3388-1334-0x00000296DD990000-0x00000296DDE4A000-memory.dmp
    Filesize

    4.7MB

    Download
  • memory/3388-1454-0x00000296DECA0000-0x00000296DECA8000-memory.dmp
    Filesize

    32KB

    Download
  • memory/3388-1455-0x00000296DECB0000-0x00000296DECB8000-memory.dmp
    Filesize

    32KB

    Download
  • memory/3388-1456-0x00000296DECC0000-0x00000296DECC8000-memory.dmp
    Filesize

    32KB

    Download
  • memory/3388-1457-0x00000296DECD0000-0x00000296DECD8000-memory.dmp
    Filesize

    32KB

    Download
  • memory/3388-1458-0x00000296DF2B0000-0x00000296DF2B8000-memory.dmp
    Filesize

    32KB

    Download
  • memory/3388-1459-0x00000296DF2C0000-0x00000296DF2C8000-memory.dmp
    Filesize

    32KB

    Download
  • memory/3388-1460-0x00000296DF2D0000-0x00000296DF2D8000-memory.dmp
    Filesize

    32KB

    Download
  • memory/3388-1461-0x00000296DF2E0000-0x00000296DF2E8000-memory.dmp
    Filesize

    32KB

    Download
  • memory/3388-1463-0x00000296DF2F0000-0x00000296DF2FA000-memory.dmp
    Filesize

    40KB

    Download
  • memory/3388-1317-0x00000296C33E0000-0x00000296C33F2000-memory.dmp
    Filesize

    72KB

    Download
  • memory/3388-1466-0x00000296DF320000-0x00000296DF33A000-memory.dmp
    Filesize

    104KB

    Download
  • memory/3388-1468-0x00000296DF380000-0x00000296DF3BE000-memory.dmp
    Filesize

    248KB

    Download
  • memory/3388-1314-0x00000296C33A0000-0x00000296C33AE000-memory.dmp
    Filesize

    56KB

    Download
  • memory/3388-1310-0x00000296C33D0000-0x00000296C33D8000-memory.dmp
    Filesize

    32KB

    Download
  • memory/3388-1422-0x00000296DECE0000-0x00000296DED5E000-memory.dmp
    Filesize

    504KB

    Download
  • memory/3388-1307-0x00000296C33C0000-0x00000296C33CA000-memory.dmp
    Filesize

    40KB

    Download
  • memory/3388-1299-0x00000296C33B0000-0x00000296C33BE000-memory.dmp
    Filesize

    56KB

    Download
  • memory/3388-1473-0x00000296DF440000-0x00000296DF494000-memory.dmp
    Filesize

    336KB

    Download
  • memory/3388-1293-0x00000296DD600000-0x00000296DD896000-memory.dmp
    Filesize

    2.6MB

    Download
  • memory/3388-1474-0x00000296E0520000-0x00000296E0E7E000-memory.dmp
    Filesize

    9.4MB

    Download
  • memory/3388-1475-0x00000296DF310000-0x00000296DF318000-memory.dmp
    Filesize

    32KB

    Download
  • memory/3388-1476-0x00000296DF340000-0x00000296DF348000-memory.dmp
    Filesize

    32KB

    Download
  • memory/3388-1480-0x00000296DF4D0000-0x00000296DF4F6000-memory.dmp
    Filesize

    152KB

    Download
  • memory/3388-1281-0x00000296C2B40000-0x00000296C308E000-memory.dmp
    Filesize

    5.3MB

    Download
  • memory/3388-1482-0x00000296DF350000-0x00000296DF35A000-memory.dmp
    Filesize

    40KB

    Download
  • memory/3388-1484-0x00000296DF500000-0x00000296DF534000-memory.dmp
    Filesize

    208KB

    Download
  • memory/3388-1486-0x00000296DFBC0000-0x00000296DFCCC000-memory.dmp
    Filesize

    1.0MB

    Download
  • memory/3388-1488-0x00000296DF400000-0x00000296DF41C000-memory.dmp
    Filesize

    112KB

    Download
  • memory/3388-1490-0x00000296DF300000-0x00000296DF30E000-memory.dmp
    Filesize

    56KB

    Download
  • memory/3388-1494-0x00000296DF580000-0x00000296DF5C0000-memory.dmp
    Filesize

    256KB

    Download
  • memory/3388-1495-0x00000296DF360000-0x00000296DF372000-memory.dmp
    Filesize

    72KB

    Download
  • memory/3388-1510-0x00000296DD5F0000-0x00000296DD600000-memory.dmp
    Filesize

    64KB

    Download
  • memory/3388-1504-0x00000296DD5F0000-0x00000296DD600000-memory.dmp
    Filesize

    64KB

    Download
  • memory/3388-1503-0x00000296DD5F0000-0x00000296DD600000-memory.dmp
    Filesize

    64KB

    Download
  • memory/3388-1502-0x00000296DF4A0000-0x00000296DF4C0000-memory.dmp
    Filesize

    128KB

    Download
  • memory/3388-1501-0x00000296DFD20000-0x00000296DFD66000-memory.dmp
    Filesize

    280KB

    Download
  • memory/3388-1500-0x00000296DF5C0000-0x00000296DF5F8000-memory.dmp
    Filesize

    224KB

    Download
  • memory/3388-1497-0x00000296DF610000-0x00000296DF654000-memory.dmp
    Filesize

    272KB

    Download
  • memory/3388-1499-0x00000296DF3E0000-0x00000296DF3E8000-memory.dmp
    Filesize

    32KB

    Download
  • memory/3740-278-0x0000000000400000-0x0000000000680000-memory.dmp
    Filesize

    2.5MB

    Download
  • memory/3740-279-0x00000000006E0000-0x00000000006E1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3740-144-0x00000000006E0000-0x00000000006E1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3740-282-0x0000000000400000-0x0000000000680000-memory.dmp
    Filesize

    2.5MB

    Download
  • memory/4920-138-0x0000000000400000-0x00000000004C5000-memory.dmp
    Filesize

    788KB

    Download
  • memory/4920-259-0x0000000000400000-0x00000000004C5000-memory.dmp
    Filesize

    788KB

    Download
  • memory/4920-283-0x0000000000400000-0x00000000004C5000-memory.dmp
    Filesize

    788KB

    Download