c84ce4f35dfe0ada475f680551d653d264855a1d477ead3af5c0564e8b74a4a7

Analysis

max time kernel
450s
max time network
485s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
31-03-2023 16:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

CairoSetup_64bit.exe
Size

3.5MB
MD5

1f69e8a557b018eaacbe77d7242095ef
SHA1

afd6f7fc776979f0ff4e36aa243b3a56ba8489e4
SHA256

c84ce4f35dfe0ada475f680551d653d264855a1d477ead3af5c0564e8b74a4a7
SHA512

73c690204af95930e27b29f704f6802ef67a545bbbb41309b70ba5a67b8e3335bab5f6ba6bf7cb72679d4c9c648dff519a1c0c582442a2f955a1b409b30eb984
SSDEEP

49152:6pDzGV9EVA5Nm2VkrORk8+hJplCe7ye1sCqkrH0RKOrCbpS/vFdQ1aNv:6JzGIVATZV7RkplyWq6XOrGS3Qkv

Score

7^/10

discovery persistence

Malware Config

Signatures

Executes dropped EXE 5 IoCs

Processes:

CairoDesktop.exeCairoDesktop.exeCairoDesktop.exeCairoDesktop.exeCairoDesktop.exe

pid process

2020 CairoDesktop.exe
1500 CairoDesktop.exe
1000 CairoDesktop.exe
1976 CairoDesktop.exe
984 CairoDesktop.exe

Loads dropped DLL 43 IoCs

Processes:

CairoSetup_64bit.exeexplorer.exeCairoDesktop.exeCairoDesktop.exeCairoDesktop.exeCairoDesktop.exeCairoDesktop.exe

pid	process
1404	CairoSetup_64bit.exe
1404	CairoSetup_64bit.exe
1404	CairoSetup_64bit.exe
1404	CairoSetup_64bit.exe
1404	CairoSetup_64bit.exe
1928	explorer.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
1252
1252
1252
1500	CairoDesktop.exe
1500	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
1000	CairoDesktop.exe
1000	CairoDesktop.exe
1252
1252
1252
1976	CairoDesktop.exe
1976	CairoDesktop.exe
1252
984	CairoDesktop.exe
984	CairoDesktop.exe
1252
1252
1252
1252
1252

Adds Run key to start application 2 TTPs 2 IoCs

persistence

Registry Run Keys / Startup Folder

T1060

Modify Registry

T1112

Processes:

CairoSetup_64bit.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-3499517378-2376672570-1134980332-1000\Software\Microsoft\Windows\CurrentVersion\Run	CairoSetup_64bit.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3499517378-2376672570-1134980332-1000\Software\Microsoft\Windows\CurrentVersion\Run\CairoShell = "C:\\Program Files\\Cairo Shell\\CairoDesktop.exe"	CairoSetup_64bit.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 62 IoCs

Processes:

CairoSetup_64bit.exe

description	ioc	process
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.DependencyInjection.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\System.Text.Json.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\ManagedShell.WindowsTray.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\System.ServiceProcess.ServiceController.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\ManagedShell.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\System.Runtime.CompilerServices.Unsafe.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Themes\Flat.xaml	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Bcl.AsyncInterfaces.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.Logging.Configuration.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.Logging.EventLog.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\System.Diagnostics.DiagnosticSource.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\System.Diagnostics.EventLog.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\CairoDesktop.Application.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.Primitives.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\RemoveCairo.exe	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\CairoDesktop.Infrastructure.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\ManagedShell.WindowsTasks.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.Configuration.FileExtensions.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.Hosting.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.Logging.Abstractions.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.Configuration.UserSecrets.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\System.ValueTuple.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\CairoDesktop.Interop.WinSparkle.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\CairoDesktop.Localization.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\CairoDesktop.MenuBarExtensions.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\ManagedShell.AppBar.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.Configuration.EnvironmentVariables.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\ManagedShell.Common.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.Configuration.Json.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\ManagedShell.UWPInterop.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\System.Security.Principal.Windows.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\WinSparkle.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\ManagedShell.ShellFolders.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.Configuration.Binder.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.Configuration.CommandLine.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\System.Memory.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\System.Text.Encodings.Web.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\CairoDesktop.Common.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.FileProviders.Abstractions.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.Logging.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\System.Buffers.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.Logging.Debug.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\System.Numerics.Vectors.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\CairoDesktop.AppGrabber.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\CairoDesktop.Interop.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\CairoDesktop.exe	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.FileSystemGlobbing.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.Hosting.Abstractions.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\CairoDesktop.exe.config	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\ManagedShell.Interop.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.Configuration.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.Options.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Themes\White.xaml	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.FileProviders.Physical.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.Logging.Console.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.Logging.EventSource.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.Options.ConfigurationExtensions.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\CairoDesktop.Configuration.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.Configuration.Abstractions.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\Microsoft.Extensions.DependencyInjection.Abstractions.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\System.Data.OleDb.dll	CairoSetup_64bit.exe
File created	C:\Program Files\Cairo Shell\System.Threading.Tasks.Extensions.dll	CairoSetup_64bit.exe

Drops file in Windows directory 2 IoCs

Processes:

CairoDesktop.exe

description	ioc	process
File opened for modification	C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-A90000000001}\SC_Reader.exe	CairoDesktop.exe
File opened for modification	\??\c:\windows\installer\{ac76ba86-7ad7-1033-7b44-a90000000001}\sc_reader.exe	CairoDesktop.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Modifies Internet Explorer settings 1 TTPs 3 IoCs

adware spyware

Modify Registry

T1112

Processes:

IEXPLORE.EXE

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-3499517378-2376672570-1134980332-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3499517378-2376672570-1134980332-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-3499517378-2376672570-1134980332-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

CairoDesktop.exe

pid process

2020 CairoDesktop.exe

Suspicious use of AdjustPrivilegeToken 6 IoCs

Processes:

CairoDesktop.exeAUDIODG.EXE

description	pid	process
Token: SeDebugPrivilege	2020	CairoDesktop.exe
Token: 33	1560	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1560	AUDIODG.EXE
Token: 33	1560	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1560	AUDIODG.EXE
Token: SeShutdownPrivilege	2020	CairoDesktop.exe

Suspicious use of FindShellTrayWindow 16 IoCs

Processes:

CairoDesktop.exe

pid	process
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe

Suspicious use of SendNotifyMessage 8 IoCs

Processes:

CairoDesktop.exe

pid	process
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe
2020	CairoDesktop.exe

Suspicious use of SetWindowsHookEx 3 IoCs

Processes:

IEXPLORE.EXECairoDesktop.exe

pid process

1480 IEXPLORE.EXE
1480 IEXPLORE.EXE
2020 CairoDesktop.exe

pid	process
1480	IEXPLORE.EXE
1480	IEXPLORE.EXE
2020	CairoDesktop.exe

Suspicious use of WriteProcessMemory 7 IoCs

Processes:

CairoSetup_64bit.exeexplorer.exe

description	pid	process	target process
PID 1404 wrote to memory of 940	1404	CairoSetup_64bit.exe	explorer.exe
PID 1404 wrote to memory of 940	1404	CairoSetup_64bit.exe	explorer.exe
PID 1404 wrote to memory of 940	1404	CairoSetup_64bit.exe	explorer.exe
PID 1404 wrote to memory of 940	1404	CairoSetup_64bit.exe	explorer.exe
PID 1928 wrote to memory of 2020	1928	explorer.exe	CairoDesktop.exe
PID 1928 wrote to memory of 2020	1928	explorer.exe	CairoDesktop.exe
PID 1928 wrote to memory of 2020	1928	explorer.exe	CairoDesktop.exe

C:\Users\Admin\AppData\Local\Temp\CairoSetup_64bit.exe
"C:\Users\Admin\AppData\Local\Temp\CairoSetup_64bit.exe"
1⤵
- Loads dropped DLL
- Adds Run key to start application
- Drops file in Program Files directory
- Suspicious use of WriteProcessMemory
PID:1404

C:\Windows\explorer.exe
"C:\Windows\explorer.exe" "C:\Program Files\Cairo Shell\CairoDesktop.exe"
2⤵
PID:940

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:668 CREDAT:275457 /prefetch:2
1⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:1480

C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1928

C:\Program Files\Cairo Shell\CairoDesktop.exe
"C:\Program Files\Cairo Shell\CairoDesktop.exe"
2⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Windows directory
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2020

C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
1⤵
PID:1972

C:\Program Files\Cairo Shell\CairoDesktop.exe
"C:\Program Files\Cairo Shell\CairoDesktop.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
PID:1500

C:\Program Files\Cairo Shell\CairoDesktop.exe
"C:\Program Files\Cairo Shell\CairoDesktop.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
PID:1000

C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
1⤵
PID:1592

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x524
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1560

C:\Program Files\Cairo Shell\CairoDesktop.exe
"C:\Program Files\Cairo Shell\CairoDesktop.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
PID:1976

C:\Program Files\Cairo Shell\CairoDesktop.exe
"C:\Program Files\Cairo Shell\CairoDesktop.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
PID:984

C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
1⤵
PID:1908

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Cairo Shell\CairoDesktop.AppGrabber.dll
Filesize
88KB

MD5
c58805c39cc8e3f9ea6f102172e14a77

SHA1
4d0712f7ce24dc759198ed1c76243a99d22e706d

SHA256
05f704fed2c0c5673557ff6c1143e599a2189f38b5098f9e30597356f67a7d4d

SHA512
441c53a2ace26e06b0895064e4d1f21aa5af9ceb683c7a3cce4f294561c262a2179ab2e2ffb662c5fc54b564097299a4740ebfeee86cdabc960d29c0d07229d4

Download Submit
C:\Program Files\Cairo Shell\CairoDesktop.Application.dll
Filesize
6KB

MD5
0d6fecc43dbb8ee3910c985730c2a1e1

SHA1
4936dca8457501d61a7571f2da54f3ac1e195f6e

SHA256
62f9ee880ce6134449fc8a8071ba0cdc574941eec148537412770b2368113901

SHA512
533fa5b6ccdbd78bdbc09f0f593417f48e229ae5d06705f8ce4f38122b28e82f3143314af851f05b3b8026eb1f88c0b085d486a6bb7c09ba856ac73079ce3f10

Download Submit
C:\Program Files\Cairo Shell\CairoDesktop.Common.dll
Filesize
76KB

MD5
51be70923da08565c91428fbcb181bc8

SHA1
b1293b4fcfc8491392ed521a5838602d0abb97c9

SHA256
d6f8fcd3e58b1abdded17d1ab316663d32a9e5fb718963236877ffdb65fd9c44

SHA512
7769527efa9a4ee76ef70c9f2a158643327d5167062146ea2ca0640b1f356c4d9d45d7390d649304d417137ce7605e2b7475648e3f2d3197b7de3beab029886f

Download Submit
C:\Program Files\Cairo Shell\CairoDesktop.Configuration.dll
Filesize
28KB

MD5
4586c3525b5c52cfd7aa479556f57c41

SHA1
3c3f429cf242ac21f50e940759b774d3caa1f1fb

SHA256
e457df504e1c9c04b13570d181214826fbb748bcc5204cae47f0e9248265ab87

SHA512
ccdef6dfc4cdd2ab7d7e89b807e93bf557a00a3dede8e515e52d58e722824ab2f88069493c53ca80adf224e703de0575dd7645257c1d8c59e44f2f06de4655bd

Download Submit
C:\Program Files\Cairo Shell\CairoDesktop.Infrastructure.dll
Filesize
16KB

MD5
486017ba593a0adca22dd1455bd2a2b8

SHA1
39fb6f22047ed86f9e38f19d869f3920b36c6df5

SHA256
460f8016bb8357783af8829cc4ed1d4c06a21f65d1d4bd40ad3e317cc8341b55

SHA512
0681024994d7395b82d48eecd4825f969d0d2845579b8fcdba4e5210727840617acdfc2665e3a8bfd10a50cf368e17bda199df4716b816a052a8c586b853d72e

Download Submit
C:\Program Files\Cairo Shell\CairoDesktop.Interop.WinSparkle.dll
Filesize
6KB

MD5
be36b7d0fd6e33e0629bcc4f66d9ac89

SHA1
16a79cd6c16f8d18051c61040751abd44e894c02

SHA256
5541424725b1c01c022454e4213727985edc59a6e5bcef8249457fcef1bec4bb

SHA512
af76e7802d57434f0b0c1f9ce05812d67835fdd18a58835caa91fab67b899f507da5ef7dbe7b4d8013c16d9937321e1c9614e9f02dd066710e287094452d7dd7

Download Submit
C:\Program Files\Cairo Shell\CairoDesktop.MenuBarExtensions.dll
Filesize
50KB

MD5
c815ba5f42fdebe9063d839db87ea046

SHA1
79d8ef2ee4ef87d8b7b7bd49ae5a1e2739763847

SHA256
d26b9bc8d5524c945ed5951852b4e8efd3af3b660a53eb3d9dc4157e0a19ab11

SHA512
c8bfaf66b9085615265bcd2d41eb5a281343a24233e837d26a1a4a3833d39813b6d09fffeef764b1604e1e73e782761648a1e2bf22898a192ffdb07058e31123

Download Submit
C:\Program Files\Cairo Shell\CairoDesktop.exe
Filesize
1.6MB

MD5
4f8e875f1d5490cc55fcbe00c609e8c3

SHA1
479d84322f6bba49a68a0c9aff891576fd759ead

SHA256
41590054262e4d027e86b4e2b53613d4eea2f0d69de1f29438a9c1734e726edb

SHA512
4069eeff9e292a187e4abe570ac30e6e7e0910ce05e4fb3edb235d4dad88747cd2da04560ef5d6c7ef63b79162499c389189fcc9cc80c633016d9a7f78391a4d

Download Submit
C:\Program Files\Cairo Shell\CairoDesktop.exe
Filesize
1.6MB

MD5
4f8e875f1d5490cc55fcbe00c609e8c3

SHA1
479d84322f6bba49a68a0c9aff891576fd759ead

SHA256
41590054262e4d027e86b4e2b53613d4eea2f0d69de1f29438a9c1734e726edb

SHA512
4069eeff9e292a187e4abe570ac30e6e7e0910ce05e4fb3edb235d4dad88747cd2da04560ef5d6c7ef63b79162499c389189fcc9cc80c633016d9a7f78391a4d

Download Submit
C:\Program Files\Cairo Shell\CairoDesktop.exe
Filesize
1.6MB

MD5
4f8e875f1d5490cc55fcbe00c609e8c3

SHA1
479d84322f6bba49a68a0c9aff891576fd759ead

SHA256
41590054262e4d027e86b4e2b53613d4eea2f0d69de1f29438a9c1734e726edb

SHA512
4069eeff9e292a187e4abe570ac30e6e7e0910ce05e4fb3edb235d4dad88747cd2da04560ef5d6c7ef63b79162499c389189fcc9cc80c633016d9a7f78391a4d

Download Submit
C:\Program Files\Cairo Shell\CairoDesktop.exe.config
Filesize
1KB

MD5
b27921af3506979223cd8da75e81a5c4

SHA1
a1647cabb3929dfed8fe76739202e4d8625251cb

SHA256
fc12b53263b0d169f7a2325c16c96172967ee8ecb5dd4b123a8053c178d1785b

SHA512
975fc9be10397ad69e07aa9030377a8adbee083411b964ebada0fd6b149093dd9d601a6e83e4d7d04d57b3ce94b8317ef398eb1f75ff6cf6bc4b663660aa55b9

Download Submit
C:\Program Files\Cairo Shell\ManagedShell.AppBar.dll
Filesize
25KB

MD5
1a95f15149e90ebb30d7d284ddbaddae

SHA1
08ae72c235cda2b5b3497b08f070dd390a2dadcc

SHA256
9ff2be79076b70fd596350df8034284f7aaa8bbee54ca9ccf1b4131a7b928b3d

SHA512
07f273b3ac46e63c68205554828430b615f3854779cc73855ba890d0bdf899c56f6160feb506cd2d9d369392917d378e799fe177419e71b3c77ff5c3f4b77957

Download Submit
C:\Program Files\Cairo Shell\ManagedShell.Common.dll
Filesize
63KB

MD5
2e686e234c0c639b4a025ff569a1dbb1

SHA1
2ba6e6db7198c9f90c2d61fdd8c75146227c23b6

SHA256
ec6ad6e49c8f9d828f059416a4f55e273c4a20f5423f8c7078537c633a5fbfe9

SHA512
9af4247d669d3960e6893d41cfc83f52bac23315591a5dc95517d52a7654c9711129b7bd54a95b1ab7cdf47452144b94bbd94c7ac8851306df2441f2eeae980f

Download Submit
C:\Program Files\Cairo Shell\ManagedShell.Interop.dll
Filesize
55KB

MD5
a8ec6456bc656d2501185b60cb42460b

SHA1
a7f6d3f3932221bbb232ae1c6507bce05bd36d61

SHA256
1ab482781fd46cc440c412e28e9592fbab442e19294d0110e100014bb86ec4d6

SHA512
56c9464357239b0ec2a16b5ee593cac1061e82315a9761d1777305ba9e136c9b173cb00e56effe6959d2a1ef226c7cd0d338b38bce1cc6be87028ada25dbee1a

Download Submit
C:\Program Files\Cairo Shell\ManagedShell.ShellFolders.dll
Filesize
43KB

MD5
3d4da04bb9c02add14f49894cd095f9a

SHA1
eee616e2bd25673ff9d050284724005644abbeac

SHA256
8320eb9c8fa163e1422a96abfd98b1ca6173db7beb78d1952e335efcfc97eded

SHA512
9f6b03ec83a1ca04d03b1c94cc9366400120eb9dfe6e3888a145e846918c01b5c401692dae416249e26e19589e3ba3eb5ec022c462dae425f3938d1d1e50e492

Download Submit
C:\Program Files\Cairo Shell\ManagedShell.WindowsTasks.dll
Filesize
31KB

MD5
572e3db2965b658a1869a5e5ab20da54

SHA1
bdebd5aa2b3238f4f2ec65761e632a3c380f50aa

SHA256
b3905b1aac03585361c04d021ba8ef71ca57030f778497d86fd8764c50f5f3b6

SHA512
1c620212f31e828724c69bb7ede1809bc8dfe6f7f666d763b1b04b1ab828214fc41357d5c2e402fc3e17401c6a0fe3c42b90fb9b023b9c983dfc51b107979aa1

Download Submit
C:\Program Files\Cairo Shell\ManagedShell.WindowsTray.dll
Filesize
36KB

MD5
53247a5aa6c2897d57414926ab2812d0

SHA1
7c18bb73095a054019ca616c16fec859971a2afe

SHA256
7a8b285d93ebf68fc901a6ce9a8080887834f2e89bc8bbc7be31d2c187ddc282

SHA512
bcbb3d794398feefdb9b7dcb60145a6572c468d49b0e2541a886e7a047ac2d58b40975e35844b9adb27687af15c8d8e744c0bf2626f7d283db61c7181b01d1ac

Download Submit
C:\Program Files\Cairo Shell\ManagedShell.dll
Filesize
7KB

MD5
ff24391856b3b3c1f920f36af40429f7

SHA1
26c19bff8c81535fb212df90cfd4fc80e283e040

SHA256
667c5ff319ef13b89af1ba5660a4c2ebfc09b63dc272ae55453e331f4ba49d4a

SHA512
2aeb7d847652b4a741614343d0fae8723c460153b914ffca0f8e90a3ae854369ccad325912de75a0f702c2a3a135f5879d11e12ed93025def71aa5072653aacf

Download Submit
C:\Program Files\Cairo Shell\Microsoft.Bcl.AsyncInterfaces.dll
Filesize
21KB

MD5
48efe61d6ca3054309907b532d576d2a

SHA1
f36403aabb16540c93fb35245ec0b4e435628aae

SHA256
295af2142d9214f3fd84eafe4778dca119be7e0229f14b6ba8d5269c2f1e2e78

SHA512
778e7c4675d8fde9e083230213d2efa19aa6924fe892ed74fa1ea2ec16743bb14b99b51856e75eaef632d57be7f36dd1bc7ce39a7c2b0435b2f3211bb19836a3

Download Submit
C:\Program Files\Cairo Shell\Microsoft.Extensions.Configuration.Abstractions.dll
Filesize
24KB

MD5
700a883d56bb05b55ae1a7e80f4187a5

SHA1
4957c67dcddc2a143d5fc9717516594d0d71d7c8

SHA256
4891b08c0157568e97b003936391841fb08684e96339c9ab6e9b060c0b2cc46c

SHA512
b61e0287c56b976a0cb0e1b354bded2dec15de05fdde89a63105ac59c04327d6f31403858e519a83014cd451b03cd6f1504a714c9f69f25c6b591cb362f395c6

Download Submit
C:\Program Files\Cairo Shell\Microsoft.Extensions.Configuration.Binder.dll
Filesize
33KB

MD5
244a31f1347f473a666e9029bd2cd8cd

SHA1
c5581b7ee7b4aecc2dbe5c93df01613c2e95d765

SHA256
ae8a3884e65a8a036b30f9fee071271090de347b9fe18f592716199194033480

SHA512
fe8d7541a5235fd4be2073b54c32fc8b57ea417941a0e556da696efa4c0f63dd1ff99577ff1089fa677f1b741903f7db3a272506b4fe92ef36c5c719650ff798

Download Submit
C:\Program Files\Cairo Shell\Microsoft.Extensions.Configuration.CommandLine.dll
Filesize
22KB

MD5
7bac24b985beb7db445e2c0f9ec408be

SHA1
ebf47f78b19ea48972442661ed3dde438ca0ad59

SHA256
f6c70d449e1f64f2f67ceefa9504b11fd3bbe11e3c302938a34e3d4e0a64ffe3

SHA512
0f10da43c5d891fd1e5bbc8b1a8f2a1e489f817a8a55c9f43b7b394665ea2e2c591236951db5d094948354f64c7865ac06ee020367881e3ad28ff7e6642d0f76

Download Submit
C:\Program Files\Cairo Shell\Microsoft.Extensions.Configuration.FileExtensions.dll
Filesize
25KB

MD5
b8ddf2be0d46bef2ff86b5ce53e60e3e

SHA1
d418af94ee80ac1615152d83d282582ffa86ba15

SHA256
f8c75555c27ea00ab4e5827f8e5266031e5ac541df5a66f5e154ded253a5c000

SHA512
d946e04cb989ccc8ba5544d4bae0370e36d2b1fce0186cc1f35ecdbb1934e48d8e19d1091e950e3fc2b2324870405aa19e198fadd2e7c99fff84b1a9c52adbb6

Download Submit
C:\Program Files\Cairo Shell\Microsoft.Extensions.Configuration.dll
Filesize
35KB

MD5
20bcb7b7ff500617f7d6f83e24da4bf1

SHA1
e0ebeef17de306248258f36b7c9c5ebc9039c47a

SHA256
28c12f7523feae61f93b9a799bd9b1b6e7c0a41dacbad658e13b08098440c762

SHA512
be63dd374c96181170d083321d9606eb34bd3c15677d8bdaa9fbf1a199f39487478a4a3f9cebf36a67332903c845940f97822bfc24194936b2b3057a11a59c12

Download Submit
C:\Program Files\Cairo Shell\Microsoft.Extensions.DependencyInjection.Abstractions.dll
Filesize
46KB

MD5
405bf969e7e50ef47422e54fa33605c8

SHA1
4f3c5c8803212719ee74c60813b9ae08604684b3

SHA256
95a7c66abd60ba45a2020ac3d42702fd9823f7b6db2ceec6a37c9e9b0602fed1

SHA512
d04978227453e3341fbdc6a8730da193f1c5e19a2635e02cb5d6eb6fef7c3ea53cf7df5df16230c12693cdaaccc90add812c5ad0a6ed0749e8de75c03602502a

Download Submit
C:\Program Files\Cairo Shell\Microsoft.Extensions.DependencyInjection.dll
Filesize
82KB

MD5
f2a9c263e730b94057d26d8e6562e342

SHA1
e36e4c8100585db5c7dbd07ff66f4adad8ccd37f

SHA256
d6de20035b25367a82da6180c45511d9077374c5f96f6cc5fedd2107d61efb9c

SHA512
976fff499e641484a176801ca904221270220d07a1ffe14c03a9b3f32372a264ebe25e704dc63ec18f1bc2a430afa6a098847c327d695a3d19359422a300d4e9

Download Submit
C:\Program Files\Cairo Shell\Microsoft.Extensions.FileProviders.Abstractions.dll
Filesize
20KB

MD5
69881b0560e8413fc8bbce8a1c3d2139

SHA1
a7869818d674286d0edc59ed3badbec3ffa9fde0

SHA256
090b71568672cc7a268618d5150cb237962a45a258d34e18088e0f7984317cca

SHA512
fdc3e0fd52c19d2edd96fa3745c70c348e792f0ff17be05872aff4c89484e36de387d726eda6b4ee726bc21d6b8ab8bd653b0928016fd81e885bdea156204416

Download Submit
C:\Program Files\Cairo Shell\Microsoft.Extensions.FileProviders.Physical.dll
Filesize
41KB

MD5
336c05a49cd80d9b84f6279d50cb36c5

SHA1
97fc65b3320cd2f85042e8b680a76fd02b3dacb3

SHA256
b00b024aed951ae739d0a32bdcc9fbb0a2c00063a21b74ea7cf8037db713ebd3

SHA512
4f2edce62c926c951d72fc3ce970c949c7ea122edb37da6ccfd156b107551dc9fe198bf690e19b3e53df0e8b05b2bb5cba26a56dcbc0bc58cc977e3a93a68a93

Download Submit
C:\Program Files\Cairo Shell\Microsoft.Extensions.Hosting.Abstractions.dll
Filesize
27KB

MD5
dccc304c4c6f2c29a20bb9f41490cb8e

SHA1
9d0ca24bb87f3982272d49931aa53b8cdcf52ea7

SHA256
a24b4efe56966c3376a14875454e43fcf735519a98b98efc6ff23b6f3ce81ac5

SHA512
fe0f947e2d8346cba0723eabb2d66bcb4b98f86a1099549720cc2eb23b30f609c6445b1bc042e8b5d291493588826ed555b5da8ca813e0c693d594cfe4b482b9

Download Submit
C:\Program Files\Cairo Shell\Microsoft.Extensions.Hosting.dll
Filesize
56KB

MD5
97df252d85fb10b05bd7accf8f12b2a7

SHA1
df1a20467b56dbba7b36b2b0990fe6440397e64a

SHA256
8e596ee436a9378811b68469843d16650e0e2e1436d12e71bbd80d08158e16f2

SHA512
40d70f04527ebac2a8619c310af2d049f2815f4bb1d14e2ccf9dca201d2c681c2fc37ee628f131e221c30143bcb0c53dad82fa83bd11f677de9dc63c47cdd580

Download Submit
C:\Program Files\Cairo Shell\Microsoft.Extensions.Logging.Abstractions.dll
Filesize
62KB

MD5
fe77ef146f8474bfb1e5b6561ec0d1b6

SHA1
555339e73b09ff9ed242c2dfd160aaeaa7324f6e

SHA256
1c7331fa649f821e9384a3fc06fc07651d78c30e6809ffd34549628c6408a930

SHA512
4b96dbf8e1f56d8136f346399ca40c3a8ceb6962d01d254d64c4cd598994cabcf90ca631d73a3713d699db1333e16547190ba5d0d1dc3dbdc126d2bf32a277cf

Download Submit
C:\Program Files\Cairo Shell\Microsoft.Extensions.Logging.dll
Filesize
43KB

MD5
d3cfeaa9d2058d998d07c43d7d06d05d

SHA1
dcbe5d91b1926c9a48bf858011ada234754bc32f

SHA256
4d1ca57435ba7d3193a1657cbda1c66ad39cf4f449a069332544f73ee2e779e4

SHA512
dce2d7d816c3d9b1283c1e3b77e6397f1b6abf5791acfab1b329f8e5fd7150b4783ca9c5614581fa56e355443dee6332da40cbe0fab9cbe884b0cba0e781f3dc

Download Submit
C:\Program Files\Cairo Shell\Microsoft.Extensions.Options.ConfigurationExtensions.dll
Filesize
22KB

MD5
ce56feb81612037814a712844725a9bb

SHA1
4bfb7289451ecfe756738922af3a3ca18683e1ac

SHA256
43f4bf9114f6bbbc70fb3399c2ee343d2e85a55963d18e2fc3f25a1a7ea1aed3

SHA512
f4a59f2c0bed402f064fdace90757634245956dc105a236e1b0046e969f42a9c02cdc733de24398bf6e8605acd996a9968ae2942ad4d8a6483411ec6c8d967d0

Download Submit
C:\Program Files\Cairo Shell\Microsoft.Extensions.Options.dll
Filesize
57KB

MD5
5049528911a59a6092392a28697af351

SHA1
ac4eca8d761cb23fd716629a8e5c26020cf532e2

SHA256
ac83168b7316e7b9f8e0806d3cce8030d2f41ad08caa085bfd4e877f5ae65827

SHA512
c6073879dafcf98d39ea4b56a94e66aa9cd9492d81670904c1ffbfe8d709207d27e4c890f8ba379f65690060aaa99cdb65c6d4f1344dfb56045ffdb4abee1f87

Download Submit
C:\Program Files\Cairo Shell\Microsoft.Extensions.Primitives.dll
Filesize
42KB

MD5
4360e5ddde76b62461762f72f85b1d79

SHA1
26f641b14e70ed7fc51e32590b65623ed2cdef6f

SHA256
60df37bef5b47e822c02cf8547de3b2a836973e517efbaf090f14086d5155c9b

SHA512
5b2b345f1468094f050d8ace375a13ef1c44f3c3e5a1644c7395a9518bed9e965b4b511d650299b1ff844d9062e342998245c7de308b5252b5c875b3ea4e97be

Download Submit
C:\Program Files\Cairo Shell\System.Diagnostics.DiagnosticSource.dll
Filesize
162KB

MD5
5feb12f4d71c2edeedc693e876fef299

SHA1
adedf5042aeae3a0482125c01ee4334b04c5e585

SHA256
81e664880042e451495a1be22624ab4ab5e8a06803eeda5bdda7c69df2439815

SHA512
06dbd0a560739f6b445b97ff2db77e12864709a025c556f07e762b1c4ea34554f09daf1caadd3bdf1b76ac30a44e532ca3bbbcad234eecec50a598d0803b6ed7

Download Submit
C:\Program Files\Cairo Shell\System.Threading.Tasks.Extensions.dll
Filesize
25KB

MD5
e1e9d7d46e5cd9525c5927dc98d9ecc7

SHA1
2242627282f9e07e37b274ea36fac2d3cd9c9110

SHA256
4f81ffd0dc7204db75afc35ea4291769b07c440592f28894260eea76626a23c6

SHA512
da7ab8c0100e7d074f0e680b28d241940733860dfbdc5b8c78428b76e807f27e44d1c5ec95ee80c0b5098e8c5d5da4d48bce86800164f9734a05035220c3ff11

Download Submit
C:\Program Files\Cairo Shell\WinSparkle.dll
Filesize
2.2MB

MD5
9b21b3de80d5934fa648e981f57bf6f8

SHA1
78f7d30eaf10af802398c48f2c62bcd8e8583946

SHA256
d51cc319cbd735a5a21636e1b0f9dc9545435cd1e4ab360fce5dac2e34c38b63

SHA512
436f9316cbf2cb081e97e12bfc4b78e60ec594a6a4f5b4ed8593ab228b54ba8d7595ebf8497d78494022425141ac67c71ce88c01c7f03ad0b1b4fbf11b80a695

Download Submit
C:\Users\Admin\AppData\Local\Cairo_Development_Team\CairoDesktop.exe_Url_1xk1diablde0yx3u1m2ylt1tezc2aobn\0.4.245.61259\04qsmz3r.newcfg
Filesize
1014B

MD5
e496a10dc699f4bbc9ced098f2a94d15

SHA1
531e5ce9ec97159871847f98765f384d99ed34a4

SHA256
fd2ae6c812dbce0dfedfd612340de209dbbc0bdecbe87362b3c0489aa50541e9

SHA512
479288eda3b3aabb6ac8b93e13edf60639f28f6c6300d52314758b71137f94e51b7b6c24148c1ecc642512878f245f6cc6d8dd518bc84b7c29d2874094b0612f

Download Submit
C:\Users\Admin\AppData\Local\Cairo_Development_Team\CairoDesktop.exe_Url_1xk1diablde0yx3u1m2ylt1tezc2aobn\0.4.245.61259\bu0ju1j2.newcfg
Filesize
1KB

MD5
9b6d5c6bbe3ef4f14a84c42600e93b0a

SHA1
0b764ff6d1c7c62831d67be546e929c7fbe893f3

SHA256
45afd9679a9c0cc862444932ce4001ef130f8fe1847b8a65f2cb0f8e7649f08e

SHA512
4252afbe581055b4230ec446df7b674be71473ffc47246ad1a212bc49a2c22e7ce96d401fe81f6fba910e8abf406fd25dd3b6e612500445b8211da71d452f9c9

Download Submit
C:\Users\Admin\AppData\Local\Cairo_Development_Team\CairoDesktop.exe_Url_1xk1diablde0yx3u1m2ylt1tezc2aobn\0.4.245.61259\bxmga0zm.newcfg
Filesize
1006B

MD5
cce999da65e5aa8bac629d072b2e04e6

SHA1
72823f7c7b885ca3ca32db02cdc83de7c66875fe

SHA256
199ab7e6bf57ff5436e7a1d8fe04b71b3ce905677f012038cbc9362ac473164a

SHA512
942a03655fa63557f1cdbe4f95c65ad712ebe012d03a32406e8f240028a0da0d82226dda9cc1a2f547c872378c4a455d55a7c951caa97db18e212396b5a8608b

Download Submit
C:\Users\Admin\AppData\Local\Cairo_Development_Team\CairoDesktop.exe_Url_1xk1diablde0yx3u1m2ylt1tezc2aobn\0.4.245.61259\tt1yccg5.newcfg
Filesize
1KB

MD5
4a2d8db11e5cfb1f14c39188eba763de

SHA1
97611af123d1807e745817729c64e92adcae2344

SHA256
4f126681047d5fb966f15f75a2ee4978e981af353b88aee3cf97667a27d75f99

SHA512
5adb8c0036a3a1ed23d819aa2003a86e92b4ef5adf88738ca10e11acac7ef061c39f0dcfe1bdd0fd1d8696a24022d0b209134d961ea8da972b658066518ba0b6

Download Submit
C:\Users\Admin\AppData\Local\Cairo_Development_Team\CairoDesktop.exe_Url_1xk1diablde0yx3u1m2ylt1tezc2aobn\0.4.245.61259\user.config
Filesize
884B

MD5
29b4d256ae1225e34597fc6c2c7ee915

SHA1
ffc3bf706c1aa5e833f19dbc494a0eee9cb39854

SHA256
81aa3a7e7e26e5e63f9b66495918b79c37766af1ad43a74facf076c444bfb2d9

SHA512
0f9424cae30d9615109dbbc171d6f71797a9abe00478c70d621198d41d3bc00bef036882617d35813add89c7b141c31559a42982e3e824351415da113be9d654

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsyF2C9.tmp\InstallOptions.dll
Filesize
15KB

MD5
ece25721125d55aa26cdfe019c871476

SHA1
b87685ae482553823bf95e73e790de48dc0c11ba

SHA256
c7fef6457989d97fecc0616a69947927da9d8c493f7905dc8475c748f044f3cf

SHA512
4e384735d03c943f5eb3396bb3a9cb42c9d8a5479fe2871de5b8bc18db4bbd6e2c5f8fd71b6840512a7249e12a1c63e0e760417e4baa3dc30f51375588410480

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsyF2C9.tmp\System.dll
Filesize
12KB

MD5
cff85c549d536f651d4fb8387f1976f2

SHA1
d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

SHA256
8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

SHA512
531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsyF2C9.tmp\UserInfo.dll
Filesize
4KB

MD5
2f69afa9d17a5245ec9b5bb03d56f63c

SHA1
e0a133222136b3d4783e965513a690c23826aec9

SHA256
e54989d2b83e7282d0bec56b098635146aab5d5a283f1f89486816851ef885a0

SHA512
bfd4af50e41ebc56e30355c722c2a55540a5bbddb68f1522ef7aabfe4f5f2a20e87fa9677ee3cdb3c0bf5bd3988b89d1224d32c9f23342a16e46c542d8dc0926

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsyF2C9.tmp\ioSpecial.ini
Filesize
1KB

MD5
8519ad6ad9e8053acec1adfb4786c97b

SHA1
e9928375ef09b28fdfe3d010b3bff899237a9e8f

SHA256
6fcd13a9e28a06719bc7f8691502d727ade04348f0f57c472453399c9f043f9d

SHA512
7d32185f6dc8b18c28541598346b11d71d0d4ff0796480690a1e898bf96b0ed0134ffb50fced4f06e2c171789a4a1ce7f6f158bce806ad66863dc8176967d74e

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsyF2C9.tmp\ioSpecial.ini
Filesize
1KB

MD5
009606b5f44b13714a4adaaa40da440d

SHA1
5270a5e7ac3d0717936071efca71b1e791b81cae

SHA256
f6a061dcb8d507991a2d2b552d21584b2b57cb26546332c237820d0bdf34af16

SHA512
f5ea223f492aac13cb4aff451fb49c5f8a2c9ef53e7a32ccbaec8e88089c939993b0340c3b2910e12b1a92cd8e4e81cf6febf3496fc0e2f9a5461ce81caeeaac

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsyF2C9.tmp\ioSpecial.ini
Filesize
1KB

MD5
fecdf939246047b6e3dda01c7400a52a

SHA1
75ab55b6865638189af65f3af70bcf9a296fc6c1

SHA256
b898c16fbbfbd58b267d867d77d849b9f4dc3296975f4c8c1e2861774d7b9a4c

SHA512
8fb5f84b9b359581725b90011614cc81545067b97ea001a89c6060d65ad4df9a905c69d0407f87e713ecfa2376d9e99514e2764465778b7bbc38a40b0e1af976

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsyF2C9.tmp\ioSpecial.ini
Filesize
1KB

MD5
96656923d6c48a636c72f41c04a45ae7

SHA1
a86da8220fcbd8677f38329437e8f9054f94c505

SHA256
98e403b525727dec3070b953f59d0dd37e4de4380a400a8200b6edb2ff2d9da2

SHA512
6ad4378939a7f970934c6d95d0763e8b140587ee05a5800e80aa7b1fde8bb4a721bdd755dc3cd0b1bfe7c0a0b1d4126176aa5d3e61b69d5c39b12e60012115e9

Download Submit
\Program Files\Cairo Shell\CairoDesktop.AppGrabber.dll
Filesize
88KB

MD5
c58805c39cc8e3f9ea6f102172e14a77

SHA1
4d0712f7ce24dc759198ed1c76243a99d22e706d

SHA256
05f704fed2c0c5673557ff6c1143e599a2189f38b5098f9e30597356f67a7d4d

SHA512
441c53a2ace26e06b0895064e4d1f21aa5af9ceb683c7a3cce4f294561c262a2179ab2e2ffb662c5fc54b564097299a4740ebfeee86cdabc960d29c0d07229d4

Download Submit
\Program Files\Cairo Shell\CairoDesktop.AppGrabber.dll
Filesize
88KB

MD5
c58805c39cc8e3f9ea6f102172e14a77

SHA1
4d0712f7ce24dc759198ed1c76243a99d22e706d

SHA256
05f704fed2c0c5673557ff6c1143e599a2189f38b5098f9e30597356f67a7d4d

SHA512
441c53a2ace26e06b0895064e4d1f21aa5af9ceb683c7a3cce4f294561c262a2179ab2e2ffb662c5fc54b564097299a4740ebfeee86cdabc960d29c0d07229d4

Download Submit
\Program Files\Cairo Shell\CairoDesktop.Application.dll
Filesize
6KB

MD5
0d6fecc43dbb8ee3910c985730c2a1e1

SHA1
4936dca8457501d61a7571f2da54f3ac1e195f6e

SHA256
62f9ee880ce6134449fc8a8071ba0cdc574941eec148537412770b2368113901

SHA512
533fa5b6ccdbd78bdbc09f0f593417f48e229ae5d06705f8ce4f38122b28e82f3143314af851f05b3b8026eb1f88c0b085d486a6bb7c09ba856ac73079ce3f10

Download Submit
\Program Files\Cairo Shell\CairoDesktop.Application.dll
Filesize
6KB

MD5
0d6fecc43dbb8ee3910c985730c2a1e1

SHA1
4936dca8457501d61a7571f2da54f3ac1e195f6e

SHA256
62f9ee880ce6134449fc8a8071ba0cdc574941eec148537412770b2368113901

SHA512
533fa5b6ccdbd78bdbc09f0f593417f48e229ae5d06705f8ce4f38122b28e82f3143314af851f05b3b8026eb1f88c0b085d486a6bb7c09ba856ac73079ce3f10

Download Submit
\Program Files\Cairo Shell\CairoDesktop.Application.dll
Filesize
6KB

MD5
0d6fecc43dbb8ee3910c985730c2a1e1

SHA1
4936dca8457501d61a7571f2da54f3ac1e195f6e

SHA256
62f9ee880ce6134449fc8a8071ba0cdc574941eec148537412770b2368113901

SHA512
533fa5b6ccdbd78bdbc09f0f593417f48e229ae5d06705f8ce4f38122b28e82f3143314af851f05b3b8026eb1f88c0b085d486a6bb7c09ba856ac73079ce3f10

Download Submit
\Program Files\Cairo Shell\CairoDesktop.Application.dll
Filesize
6KB

MD5
0d6fecc43dbb8ee3910c985730c2a1e1

SHA1
4936dca8457501d61a7571f2da54f3ac1e195f6e

SHA256
62f9ee880ce6134449fc8a8071ba0cdc574941eec148537412770b2368113901

SHA512
533fa5b6ccdbd78bdbc09f0f593417f48e229ae5d06705f8ce4f38122b28e82f3143314af851f05b3b8026eb1f88c0b085d486a6bb7c09ba856ac73079ce3f10

Download Submit
\Program Files\Cairo Shell\CairoDesktop.Common.dll
Filesize
76KB

MD5
51be70923da08565c91428fbcb181bc8

SHA1
b1293b4fcfc8491392ed521a5838602d0abb97c9

SHA256
d6f8fcd3e58b1abdded17d1ab316663d32a9e5fb718963236877ffdb65fd9c44

SHA512
7769527efa9a4ee76ef70c9f2a158643327d5167062146ea2ca0640b1f356c4d9d45d7390d649304d417137ce7605e2b7475648e3f2d3197b7de3beab029886f

Download Submit
\Program Files\Cairo Shell\CairoDesktop.Common.dll
Filesize
76KB

MD5
51be70923da08565c91428fbcb181bc8

SHA1
b1293b4fcfc8491392ed521a5838602d0abb97c9

SHA256
d6f8fcd3e58b1abdded17d1ab316663d32a9e5fb718963236877ffdb65fd9c44

SHA512
7769527efa9a4ee76ef70c9f2a158643327d5167062146ea2ca0640b1f356c4d9d45d7390d649304d417137ce7605e2b7475648e3f2d3197b7de3beab029886f

Download Submit
\Program Files\Cairo Shell\CairoDesktop.Configuration.dll
Filesize
28KB

MD5
4586c3525b5c52cfd7aa479556f57c41

SHA1
3c3f429cf242ac21f50e940759b774d3caa1f1fb

SHA256
e457df504e1c9c04b13570d181214826fbb748bcc5204cae47f0e9248265ab87

SHA512
ccdef6dfc4cdd2ab7d7e89b807e93bf557a00a3dede8e515e52d58e722824ab2f88069493c53ca80adf224e703de0575dd7645257c1d8c59e44f2f06de4655bd

Download Submit
\Program Files\Cairo Shell\CairoDesktop.Configuration.dll
Filesize
28KB

MD5
4586c3525b5c52cfd7aa479556f57c41

SHA1
3c3f429cf242ac21f50e940759b774d3caa1f1fb

SHA256
e457df504e1c9c04b13570d181214826fbb748bcc5204cae47f0e9248265ab87

SHA512
ccdef6dfc4cdd2ab7d7e89b807e93bf557a00a3dede8e515e52d58e722824ab2f88069493c53ca80adf224e703de0575dd7645257c1d8c59e44f2f06de4655bd

Download Submit
\Program Files\Cairo Shell\CairoDesktop.Infrastructure.dll
Filesize
16KB

MD5
486017ba593a0adca22dd1455bd2a2b8

SHA1
39fb6f22047ed86f9e38f19d869f3920b36c6df5

SHA256
460f8016bb8357783af8829cc4ed1d4c06a21f65d1d4bd40ad3e317cc8341b55

SHA512
0681024994d7395b82d48eecd4825f969d0d2845579b8fcdba4e5210727840617acdfc2665e3a8bfd10a50cf368e17bda199df4716b816a052a8c586b853d72e

Download Submit
\Program Files\Cairo Shell\CairoDesktop.Infrastructure.dll
Filesize
16KB

MD5
486017ba593a0adca22dd1455bd2a2b8

SHA1
39fb6f22047ed86f9e38f19d869f3920b36c6df5

SHA256
460f8016bb8357783af8829cc4ed1d4c06a21f65d1d4bd40ad3e317cc8341b55

SHA512
0681024994d7395b82d48eecd4825f969d0d2845579b8fcdba4e5210727840617acdfc2665e3a8bfd10a50cf368e17bda199df4716b816a052a8c586b853d72e

Download Submit
\Program Files\Cairo Shell\CairoDesktop.Interop.WinSparkle.dll
Filesize
6KB

MD5
be36b7d0fd6e33e0629bcc4f66d9ac89

SHA1
16a79cd6c16f8d18051c61040751abd44e894c02

SHA256
5541424725b1c01c022454e4213727985edc59a6e5bcef8249457fcef1bec4bb

SHA512
af76e7802d57434f0b0c1f9ce05812d67835fdd18a58835caa91fab67b899f507da5ef7dbe7b4d8013c16d9937321e1c9614e9f02dd066710e287094452d7dd7

Download Submit
\Program Files\Cairo Shell\CairoDesktop.Interop.WinSparkle.dll
Filesize
6KB

MD5
be36b7d0fd6e33e0629bcc4f66d9ac89

SHA1
16a79cd6c16f8d18051c61040751abd44e894c02

SHA256
5541424725b1c01c022454e4213727985edc59a6e5bcef8249457fcef1bec4bb

SHA512
af76e7802d57434f0b0c1f9ce05812d67835fdd18a58835caa91fab67b899f507da5ef7dbe7b4d8013c16d9937321e1c9614e9f02dd066710e287094452d7dd7

Download Submit
\Program Files\Cairo Shell\CairoDesktop.MenuBarExtensions.dll
Filesize
50KB

MD5
c815ba5f42fdebe9063d839db87ea046

SHA1
79d8ef2ee4ef87d8b7b7bd49ae5a1e2739763847

SHA256
d26b9bc8d5524c945ed5951852b4e8efd3af3b660a53eb3d9dc4157e0a19ab11

SHA512
c8bfaf66b9085615265bcd2d41eb5a281343a24233e837d26a1a4a3833d39813b6d09fffeef764b1604e1e73e782761648a1e2bf22898a192ffdb07058e31123

Download Submit
\Program Files\Cairo Shell\CairoDesktop.MenuBarExtensions.dll
Filesize
50KB

MD5
c815ba5f42fdebe9063d839db87ea046

SHA1
79d8ef2ee4ef87d8b7b7bd49ae5a1e2739763847

SHA256
d26b9bc8d5524c945ed5951852b4e8efd3af3b660a53eb3d9dc4157e0a19ab11

SHA512
c8bfaf66b9085615265bcd2d41eb5a281343a24233e837d26a1a4a3833d39813b6d09fffeef764b1604e1e73e782761648a1e2bf22898a192ffdb07058e31123

Download Submit
\Program Files\Cairo Shell\CairoDesktop.exe
Filesize
1.6MB

MD5
4f8e875f1d5490cc55fcbe00c609e8c3

SHA1
479d84322f6bba49a68a0c9aff891576fd759ead

SHA256
41590054262e4d027e86b4e2b53613d4eea2f0d69de1f29438a9c1734e726edb

SHA512
4069eeff9e292a187e4abe570ac30e6e7e0910ce05e4fb3edb235d4dad88747cd2da04560ef5d6c7ef63b79162499c389189fcc9cc80c633016d9a7f78391a4d

Download Submit
\Program Files\Cairo Shell\CairoDesktop.exe
Filesize
1.6MB

MD5
4f8e875f1d5490cc55fcbe00c609e8c3

SHA1
479d84322f6bba49a68a0c9aff891576fd759ead

SHA256
41590054262e4d027e86b4e2b53613d4eea2f0d69de1f29438a9c1734e726edb

SHA512
4069eeff9e292a187e4abe570ac30e6e7e0910ce05e4fb3edb235d4dad88747cd2da04560ef5d6c7ef63b79162499c389189fcc9cc80c633016d9a7f78391a4d

Download Submit
\Program Files\Cairo Shell\CairoDesktop.exe
Filesize
1.6MB

MD5
4f8e875f1d5490cc55fcbe00c609e8c3

SHA1
479d84322f6bba49a68a0c9aff891576fd759ead

SHA256
41590054262e4d027e86b4e2b53613d4eea2f0d69de1f29438a9c1734e726edb

SHA512
4069eeff9e292a187e4abe570ac30e6e7e0910ce05e4fb3edb235d4dad88747cd2da04560ef5d6c7ef63b79162499c389189fcc9cc80c633016d9a7f78391a4d

Download Submit
\Program Files\Cairo Shell\CairoDesktop.exe
Filesize
1.6MB

MD5
4f8e875f1d5490cc55fcbe00c609e8c3

SHA1
479d84322f6bba49a68a0c9aff891576fd759ead

SHA256
41590054262e4d027e86b4e2b53613d4eea2f0d69de1f29438a9c1734e726edb

SHA512
4069eeff9e292a187e4abe570ac30e6e7e0910ce05e4fb3edb235d4dad88747cd2da04560ef5d6c7ef63b79162499c389189fcc9cc80c633016d9a7f78391a4d

Download Submit
\Program Files\Cairo Shell\CairoDesktop.exe
Filesize
1.6MB

MD5
4f8e875f1d5490cc55fcbe00c609e8c3

SHA1
479d84322f6bba49a68a0c9aff891576fd759ead

SHA256
41590054262e4d027e86b4e2b53613d4eea2f0d69de1f29438a9c1734e726edb

SHA512
4069eeff9e292a187e4abe570ac30e6e7e0910ce05e4fb3edb235d4dad88747cd2da04560ef5d6c7ef63b79162499c389189fcc9cc80c633016d9a7f78391a4d

Download Submit
\Program Files\Cairo Shell\WinSparkle.dll
Filesize
2.2MB

MD5
9b21b3de80d5934fa648e981f57bf6f8

SHA1
78f7d30eaf10af802398c48f2c62bcd8e8583946

SHA256
d51cc319cbd735a5a21636e1b0f9dc9545435cd1e4ab360fce5dac2e34c38b63

SHA512
436f9316cbf2cb081e97e12bfc4b78e60ec594a6a4f5b4ed8593ab228b54ba8d7595ebf8497d78494022425141ac67c71ce88c01c7f03ad0b1b4fbf11b80a695

Download Submit
\Users\Admin\AppData\Local\Temp\nsyF2C9.tmp\InstallOptions.dll
Filesize
15KB

MD5
ece25721125d55aa26cdfe019c871476

SHA1
b87685ae482553823bf95e73e790de48dc0c11ba

SHA256
c7fef6457989d97fecc0616a69947927da9d8c493f7905dc8475c748f044f3cf

SHA512
4e384735d03c943f5eb3396bb3a9cb42c9d8a5479fe2871de5b8bc18db4bbd6e2c5f8fd71b6840512a7249e12a1c63e0e760417e4baa3dc30f51375588410480

Download Submit
\Users\Admin\AppData\Local\Temp\nsyF2C9.tmp\InstallOptions.dll
Filesize
15KB

MD5
ece25721125d55aa26cdfe019c871476

SHA1
b87685ae482553823bf95e73e790de48dc0c11ba

SHA256
c7fef6457989d97fecc0616a69947927da9d8c493f7905dc8475c748f044f3cf

SHA512
4e384735d03c943f5eb3396bb3a9cb42c9d8a5479fe2871de5b8bc18db4bbd6e2c5f8fd71b6840512a7249e12a1c63e0e760417e4baa3dc30f51375588410480

Download Submit
\Users\Admin\AppData\Local\Temp\nsyF2C9.tmp\System.dll
Filesize
12KB

MD5
cff85c549d536f651d4fb8387f1976f2

SHA1
d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

SHA256
8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

SHA512
531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

Download Submit
\Users\Admin\AppData\Local\Temp\nsyF2C9.tmp\UserInfo.dll
Filesize
4KB

MD5
2f69afa9d17a5245ec9b5bb03d56f63c

SHA1
e0a133222136b3d4783e965513a690c23826aec9

SHA256
e54989d2b83e7282d0bec56b098635146aab5d5a283f1f89486816851ef885a0

SHA512
bfd4af50e41ebc56e30355c722c2a55540a5bbddb68f1522ef7aabfe4f5f2a20e87fa9677ee3cdb3c0bf5bd3988b89d1224d32c9f23342a16e46c542d8dc0926

Download Submit
memory/2020-341-0x0000000002070000-0x000000000207E000-memory.dmp

Filesize
56KB

Download
memory/2020-389-0x000000001B900000-0x000000001B90C000-memory.dmp

Filesize
48KB

Download
memory/2020-387-0x000000001B910000-0x000000001B920000-memory.dmp

Filesize
64KB

Download
memory/2020-391-0x000000001B920000-0x000000001B936000-memory.dmp

Filesize
88KB

Download
memory/2020-383-0x000000001B020000-0x000000001B02C000-memory.dmp

Filesize
48KB

Download
memory/2020-381-0x000000001B8E0000-0x000000001B8FA000-memory.dmp

Filesize
104KB

Download
memory/2020-395-0x000000001B940000-0x000000001B958000-memory.dmp

Filesize
96KB

Download
memory/2020-371-0x000000001B010000-0x000000001B01C000-memory.dmp

Filesize
48KB

Download
memory/2020-397-0x000000001BD60000-0x000000001BD6A000-memory.dmp

Filesize
40KB

Download
memory/2020-399-0x000000001BD70000-0x000000001BD7A000-memory.dmp

Filesize
40KB

Download
memory/2020-367-0x000000001B000000-0x000000001B00A000-memory.dmp

Filesize
40KB

Download
memory/2020-365-0x000000001ABB0000-0x000000001ABB8000-memory.dmp

Filesize
32KB

Download
memory/2020-361-0x000000001AFE0000-0x000000001AFF4000-memory.dmp

Filesize
80KB

Download
memory/2020-400-0x000000001BD90000-0x000000001BD98000-memory.dmp

Filesize
32KB

Download
memory/2020-401-0x000000001BDD0000-0x000000001BE50000-memory.dmp

Filesize
512KB

Download
memory/2020-402-0x000000001BDD0000-0x000000001BE50000-memory.dmp

Filesize
512KB

Download
memory/2020-404-0x000000001BDA0000-0x000000001BDB4000-memory.dmp

Filesize
80KB

Download
memory/2020-359-0x000000001AFC0000-0x000000001AFD2000-memory.dmp

Filesize
72KB

Download
memory/2020-410-0x000000001BE60000-0x000000001BE6E000-memory.dmp

Filesize
56KB

Download
memory/2020-357-0x000000001ABA0000-0x000000001ABAA000-memory.dmp

Filesize
40KB

Download
memory/2020-408-0x000000001BE50000-0x000000001BE60000-memory.dmp

Filesize
64KB

Download
memory/2020-355-0x000000001AB90000-0x000000001AB9A000-memory.dmp

Filesize
40KB

Download
memory/2020-406-0x000000001BDC0000-0x000000001BDC8000-memory.dmp

Filesize
32KB

Download
memory/2020-353-0x000000001AB80000-0x000000001AB8A000-memory.dmp

Filesize
40KB

Download
memory/2020-351-0x000000001AB70000-0x000000001AB7E000-memory.dmp

Filesize
56KB

Download
memory/2020-412-0x000000001BE70000-0x000000001BE82000-memory.dmp

Filesize
72KB

Download
memory/2020-416-0x000000001CAF0000-0x000000001CAF6000-memory.dmp

Filesize
24KB

Download
memory/2020-349-0x000000001AAE0000-0x000000001AAEE000-memory.dmp

Filesize
56KB

Download
memory/2020-347-0x0000000002080000-0x000000000208C000-memory.dmp

Filesize
48KB

Download
memory/2020-345-0x00000000022C0000-0x00000000022EC000-memory.dmp

Filesize
176KB

Download
memory/2020-343-0x0000000002110000-0x0000000002128000-memory.dmp

Filesize
96KB

Download
memory/2020-339-0x0000000002060000-0x0000000002070000-memory.dmp

Filesize
64KB

Download
memory/2020-419-0x000000001CB10000-0x000000001CB36000-memory.dmp

Filesize
152KB

Download
memory/2020-420-0x000000001CBA0000-0x000000001CBA8000-memory.dmp

Filesize
32KB

Download
memory/2020-421-0x000000001CB80000-0x000000001CB8A000-memory.dmp

Filesize
40KB

Download
memory/2020-424-0x000000001CB90000-0x000000001CB9A000-memory.dmp

Filesize
40KB

Download
memory/2020-425-0x000000001CB90000-0x000000001CB9A000-memory.dmp

Filesize
40KB

Download
memory/2020-426-0x000000001D260000-0x000000001D2BC000-memory.dmp

Filesize
368KB

Download
memory/2020-337-0x0000000002050000-0x000000000205A000-memory.dmp

Filesize
40KB

Download
memory/2020-335-0x0000000002040000-0x000000000204A000-memory.dmp

Filesize
40KB

Download
memory/2020-485-0x000000001BDD0000-0x000000001BE50000-memory.dmp

Filesize
512KB

Download
memory/2020-486-0x000000001BDD0000-0x000000001BE50000-memory.dmp

Filesize
512KB

Download
memory/2020-493-0x000000001CB90000-0x000000001CB9A000-memory.dmp

Filesize
40KB

Download
memory/2020-333-0x00000000008E0000-0x00000000008F2000-memory.dmp

Filesize
72KB

Download
memory/2020-854-0x000000001C660000-0x000000001C661000-memory.dmp

Filesize
4KB

Download
memory/2020-331-0x00000000008D0000-0x00000000008D6000-memory.dmp

Filesize
24KB

Download
memory/2020-327-0x000000013F190000-0x000000013F336000-memory.dmp

Filesize
1.6MB

Download
memory/2020-1083-0x000000001BDD0000-0x000000001BE50000-memory.dmp

Filesize
512KB

Download
memory/2020-1128-0x000000001BDD0000-0x000000001BE50000-memory.dmp

Filesize
512KB

Download