Overview

overview

7

Static

static

1

OpenRailsSetup.exe

windows7-x64

7

OpenRailsSetup.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    212s
  • max time network
    254s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    31-03-2023 18:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    OpenRailsSetup.exe

  • Size

    23.2MB

  • MD5

    8dffc24f78f71f2272c33f25be6b0be8

  • SHA1

    a4a49f250f346c5793eecd538fe4e6bd81dc3d75

  • SHA256

    52e5f6917d31474ec92aee87b32831011defaf0bdd2bfc52ac9272e929440b8f

  • SHA512

    b8ab4a5476b40b95480471d7e4eac25dcd225c922aa357a1e6584af6d985a6efc7b39a32925b1db80a563fb81eb325b93155dd06d47053bb84fc24e6d81d654c

  • SSDEEP

    393216:7XgdaUT5HaM0HhE3jI8oL8pW7C3QhvpGKxPpLUAUWzoMFcno6+OvXMO0VU3kLUTJ:7XgdR1muU8oQT38RxqWzp6o6+AP0VU+K

Score
7/10
discovery

Malware Config

Signatures

  • Executes dropped EXE 3 IoCs
  • Loads dropped DLL 24 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Drops desktop.ini file(s) 7 IoCs
  • Enumerates connected drives 3 TTPs 64 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Drops file in System32 directory 23 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 29 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Checks processor information in registry 2 TTPs 4 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies data under HKEY_USERS 64 IoCs
  • Modifies registry class 64 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of WriteProcessMemory 43 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

    persistence
  • Uses Volume Shadow Copy WMI provider

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware
  • Uses Volume Shadow Copy service COM API

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware

Processes

  • C:\Users\Admin\AppData\Local\Temp\OpenRailsSetup.exe
    "C:\Users\Admin\AppData\Local\Temp\OpenRailsSetup.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1348
    • C:\Users\Admin\AppData\Local\Temp\is-8KACF.tmp\OpenRailsSetup.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-8KACF.tmp\OpenRailsSetup.tmp" /SL5="$A0122,23962851,56832,C:\Users\Admin\AppData\Local\Temp\OpenRailsSetup.exe"
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Drops file in Program Files directory
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of WriteProcessMemory
      PID:1900
      • C:\Windows\SysWOW64\msiexec.exe
        "msiexec.exe" /qn /i "C:\Users\Admin\AppData\Local\Temp\is-82SKD.tmp\xnafx31_redist.msi"
        3⤵
        • Enumerates connected drives
        • Suspicious use of AdjustPrivilegeToken
        PID:320
      • C:\Program Files (x86)\Open Rails\OpenRails.exe
        "C:\Program Files (x86)\Open Rails\OpenRails.exe"
        3⤵
        • Executes dropped EXE
        PID:2600
  • C:\Windows\system32\msiexec.exe
    C:\Windows\system32\msiexec.exe /V
    1⤵
    • Enumerates connected drives
    • Drops file in Program Files directory
    • Drops file in Windows directory
    • Modifies data under HKEY_USERS
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:292
    • C:\Windows\syswow64\MsiExec.exe
      "C:\Windows\syswow64\MsiExec.exe" /Y "C:\Program Files (x86)\Common Files\Microsoft Shared\XNA\Framework\Shared\xnavisualizer.dll"
      2⤵
      • Loads dropped DLL
      • Modifies registry class
      PID:1940
    • C:\Program Files (x86)\Microsoft XNA\XNA Game Studio\v3.1\Redist\DX Redist\DXSETUP.exe
      "C:\Program Files (x86)\Microsoft XNA\XNA Game Studio\v3.1\Redist\DX Redist\DXSETUP.exe" /silent
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Drops file in System32 directory
      • Drops file in Windows directory
      • Modifies data under HKEY_USERS
      • Modifies registry class
      PID:1704
  • C:\Windows\system32\vssvc.exe
    C:\Windows\system32\vssvc.exe
    1⤵
      PID:772
    • C:\Windows\system32\DrvInst.exe
      DrvInst.exe "1" "200" "STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot19" "" "" "61530dda3" "0000000000000000" "0000000000000060" "000000000000005C"
      1⤵
      • Drops file in Windows directory
      • Modifies data under HKEY_USERS
      PID:1956
    • C:\Windows\ehome\ehshell.exe
      "C:\Windows\ehome\ehshell.exe"
      1⤵
      • Drops file in Windows directory
      • Checks processor information in registry
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of WriteProcessMemory
      PID:2904
      • C:\Program Files (x86)\Windows Media Player\wmplayer.exe
        "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /SkipFUE /RemoteOCXLaunch /SuppressDialogs
        2⤵
        • Drops desktop.ini file(s)
        • Enumerates connected drives
        • Modifies registry class
        PID:1156
    • C:\Windows\system32\AUDIODG.EXE
      C:\Windows\system32\AUDIODG.EXE 0x57c
      1⤵
        PID:2972
      • C:\Program Files\DVD Maker\DVDMaker.exe
        "C:\Program Files\DVD Maker\DVDMaker.exe"
        1⤵
        • Suspicious use of WriteProcessMemory
        PID:2756
        • C:\Program Files (x86)\Windows Media Player\setup_wm.exe
          "C:\Program Files (x86)\Windows Media Player\setup_wm.exe" /SysTrayAndQuit /UpdateClientID:DvdMaker
          2⤵
            PID:1772

        Network

        MITRE ATT&CK Matrix ATT&CK v6

        Initial Access

        Execution

        Persistence

        Privilege Escalation

        Defense Evasion

        Credential Access

        Discovery

        Query Registry

        4
        T1012

        Peripheral Device Discovery

        1
        T1120

        System Information Discovery

        3
        T1082

        Lateral Movement

        Collection

        Exfiltration

        Command and Control

        Impact

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\PROGRA~2\MI2BC0~1\XNAGAM~1\v3.1\Redist\DXREDI~1\Apr2007_d3dx9_33_x86.cab
          Filesize

          1.5MB

          MD5

          3676d740157493e80e7b8641289c003c

          SHA1

          8135aeeab67151dd4e2418d4907077f646e72873

          SHA256

          219441f975c200352a12dc3d8f82811fc7b53ed28d63761327933afbb660f876

          SHA512

          abfc5ea36a7368a34193c8f3771ae4e36c0d570ae0a20b11892184cd4e384d6abe6542769e3c890293b4e640faecf6392f84f5733017d8d86c65456caa24c6f7

          Download Submit
        • C:\PROGRA~2\MI2BC0~1\XNAGAM~1\v3.1\Redist\DXREDI~1\Apr2007_xinput_x86.cab
          Filesize

          55KB

          MD5

          f83f54f45ac15a32dc17614c4f6882d4

          SHA1

          fc8542fcd33bb9e669806409f677edec9bfb64fb

          SHA256

          5ab7bb15394e4ece850da5453413ab1de2ea97d5c93f86482b75073aaa05da9c

          SHA512

          e4dcccc3a4299d262b94b24ff4b29394bed71e211b80a8a457acc4ab89325500082e6a9b597bc7b1dbc35746d01a9aa038a9c3a401aa42a426fcc3d15f410c9a

          Download Submit
        • C:\PROGRA~2\MI2BC0~1\XNAGAM~1\v3.1\Redist\DXREDI~1\Mar2009_X3DAudio_x86.cab
          Filesize

          20KB

          MD5

          091e6730378d71a960b9973fe6f8c6b6

          SHA1

          629c927ab065ecda1b51c7a1971cf84f66e207a2

          SHA256

          fe25e5f2bcd5e231c79d2817cb659239ea5685390044ad3ff8bbbbad5ecba4a8

          SHA512

          e1c526b8ba5370b7ada21559b721e1c77305e7eb80e093370f79d2dbe77c87da746748a3ea95426f6875ac9188e45c5fea771c756636f7a8f92c445757aae7ca

          Download Submit
        • C:\PROGRA~2\MI2BC0~1\XNAGAM~1\v3.1\Redist\DXREDI~1\Mar2009_XACT_x86.cab
          Filesize

          90KB

          MD5

          5cc975ac008c328267012f461a70e342

          SHA1

          7225c986e22f8eecb18ce3ba58d7569f1b98f66f

          SHA256

          2c61222f2996817cdb10a76866bfa1e6462af74a3adf2ae01f6e753993b40f68

          SHA512

          981d4d746906b40bbedd8fed4ab5f03808d155e053fa817d4e450108f623997032d421cbb7eb753681a963450b48bbd8743795305caead2d255ea59485e46593

          Download Submit
        • C:\PROGRA~2\MI2BC0~1\XNAGAM~1\v3.1\Redist\DXREDI~1\Mar2009_XAudio_x86.cab
          Filesize

          266KB

          MD5

          61c7a3bd64c42b0e66f9f597e3ccfe7b

          SHA1

          c68ea0d84deb51aa510a4351930f6fe42004065f

          SHA256

          edfcd459618b11d264a83757f2bdfeb9a795132df3fb607eaab2e421212f4363

          SHA512

          a191789a8733808120fe55b9c93f6fd027d83f07213af4f98919cadfaa1d033cb47325ff483149c97048b1bfe63dd6d6564059b173aa05a16817a213102b617d

          Download Submit
        • C:\PROGRA~2\MI2BC0~1\XNAGAM~1\v3.1\Redist\DXREDI~1\Oct2006_d3dx9_31_x86.cab
          Filesize

          1.1MB

          MD5

          9c3f0ccb936558112334d57e9dc81f2a

          SHA1

          3dce0cf278789eb5f0684414e8e9071b3518a9dd

          SHA256

          e69504f902ffa31e4155fc29d0ce3f65fb8e513af1cbc5e18125847c900e3ff3

          SHA512

          1676500a1db2a40e38ea5fc1cdca975b9889ef4740098f2ffc8bc5032f209fa3204237e5e4870a11172844a398ea8f26323169574b49f83cb0e78e30ae8892cf

          Download Submit
        • C:\PROGRA~2\MI2BC0~1\XNAGAM~1\v3.1\Redist\DXREDI~1\dxupdate.cab
          Filesize

          93KB

          MD5

          97aa144de2e1c1d98a7a77a351358c8e

          SHA1

          2088a2ce109b9321094c1b0577d6750bb611599d

          SHA256

          891baa8a7f577326030edc6bc20ec766a4d0b23f28ad4f13ab08fd898cee74fd

          SHA512

          0e7a6a14affe4cfe1f07c31db6e55299275a03cd7eb03073406010f1a930930a6d7780f1609a079e3e23f1f0f935bab81f23483218c82e8c88b33842197f6bc2

          Download Submit
        • C:\Program Files (x86)\Common Files\Microsoft Shared\XNA\Framework\Shared\xnavisualizer.dll
          Filesize

          46KB

          MD5

          1408d5fbcd66d0552604165a322b8aff

          SHA1

          f79236d7c15ebd7d6c2c7943b8284373060dcb6e

          SHA256

          1da07ed72f49f4fbcef04b9573a956d1571b7d42da74ab9c69e4385d45e16320

          SHA512

          f6f7902919eef0089aa25f95b05a6242d5c16250720bc7bef6128a02d98f9536dec68472e06784d301e9377eeeee75eca9abbfcaf26cd38b9410c7ad2ca8fada

          Download Submit
        • C:\Program Files (x86)\Microsoft XNA\XNA Game Studio\v3.1\Redist\DX Redist\DSETUP32.DLL
          Filesize

          1.6MB

          MD5

          7c7cc9feb1026678c48bbabe84ea57c2

          SHA1

          4fe9c466fc65cf07af0e1440743b1822ab65849b

          SHA256

          a5c6df12f9fe2edab2a22fe7abf3cb17eac110a6fd469f2570ba04afc88ad767

          SHA512

          d9cca6dfd5966d45342b87afb6091bc8ad3beff039f9bc9c523f8118dc6723337c279cd652c19624250ed3934d8f4a2b15670652867c0114b7e785bbab4212e0

          Download Submit
        • C:\Program Files (x86)\Microsoft XNA\XNA Game Studio\v3.1\Redist\DX Redist\DXSETUP.exe
          Filesize

          512KB

          MD5

          11dd6e8ab9759d1ac91ffe0d0e4949cb

          SHA1

          2a86774d0c87050d5c7aa9738cc3975303a40d0e

          SHA256

          16953a202265db5655b3dd972b855619728da76545a2f94bcbb6c43262f48d5b

          SHA512

          06828f51b3866f7c2b29861707bf8552b742e366783115b3062f08a9c0005c96507ecf1fff92ad41dc0318ad715176c39c84ff0424372b080bf7c031e4f307de

          Download Submit
        • C:\Program Files (x86)\Microsoft XNA\XNA Game Studio\v3.1\Redist\DX Redist\DXSETUP.exe
          Filesize

          512KB

          MD5

          11dd6e8ab9759d1ac91ffe0d0e4949cb

          SHA1

          2a86774d0c87050d5c7aa9738cc3975303a40d0e

          SHA256

          16953a202265db5655b3dd972b855619728da76545a2f94bcbb6c43262f48d5b

          SHA512

          06828f51b3866f7c2b29861707bf8552b742e366783115b3062f08a9c0005c96507ecf1fff92ad41dc0318ad715176c39c84ff0424372b080bf7c031e4f307de

          Download Submit
        • C:\Program Files (x86)\Microsoft XNA\XNA Game Studio\v3.1\Redist\DX Redist\dsetup.dll
          Filesize

          91KB

          MD5

          4d48dbe4d3a06c497435014e5c583f34

          SHA1

          159cbc37080b7ea3ceae8d25125b99f9f4948341

          SHA256

          9d47b4fa2dcce6a02a51324cfb97f5e153086c2eb8832b211e175cbe5fb850b3

          SHA512

          b8029bde36e4d6581916c131ec51d74f4a2b03abf5a238c503e1c7b19980d0946606375f0b4c3bd10b9c514e084368c356be8536b282bee887037d7d7f139732

          Download Submit
        • C:\Program Files (x86)\Open Rails\OpenRails.exe
          Filesize

          30KB

          MD5

          fe5ec10e4b14d7f71c5c928416e3d481

          SHA1

          8bb8c0b427518267ff87f8eb458bf14e894127dc

          SHA256

          e7f5d90e5e878f9f46929ec5f0d474c9035f11b5f3e53e90dafc900f0b567fce

          SHA512

          cefdb33ca6b70cc464ec4af4aa9eebefa0ebb074d64de755d3f41d90533749db8380f35a327bd597f6dbb63b4a33ebf38cf95c826913dd3f59e902178e2bb6b1

          Download Submit
        • C:\Program Files (x86)\Open Rails\OpenRails.exe
          Filesize

          30KB

          MD5

          fe5ec10e4b14d7f71c5c928416e3d481

          SHA1

          8bb8c0b427518267ff87f8eb458bf14e894127dc

          SHA256

          e7f5d90e5e878f9f46929ec5f0d474c9035f11b5f3e53e90dafc900f0b567fce

          SHA512

          cefdb33ca6b70cc464ec4af4aa9eebefa0ebb074d64de755d3f41d90533749db8380f35a327bd597f6dbb63b4a33ebf38cf95c826913dd3f59e902178e2bb6b1

          Download Submit
        • C:\Program Files (x86)\Open Rails\OpenRails.exe
          Filesize

          30KB

          MD5

          fe5ec10e4b14d7f71c5c928416e3d481

          SHA1

          8bb8c0b427518267ff87f8eb458bf14e894127dc

          SHA256

          e7f5d90e5e878f9f46929ec5f0d474c9035f11b5f3e53e90dafc900f0b567fce

          SHA512

          cefdb33ca6b70cc464ec4af4aa9eebefa0ebb074d64de755d3f41d90533749db8380f35a327bd597f6dbb63b4a33ebf38cf95c826913dd3f59e902178e2bb6b1

          Download Submit
        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c05e5226e16723471c510f0b5dfa6764

          SHA1

          fb522c20da640fa46a819623a5e980c144d0bb64

          SHA256

          64de411bc8539da505d4512b07b1d3eaeb8953ddb93938e40da80550e8125e35

          SHA512

          cd5f0744f31dbfce5fd54399227c5dc96f3d8e6a78b8e55352335fed3a7fd1c12d4675ca55a9027416223ed62f4ec9410413af0b1ebd95fefec19edd7a7c5832

          Download Submit
        • C:\Users\Admin\AppData\Local\Temp\CabF548.tmp
          Filesize

          61KB

          MD5

          fc4666cbca561e864e7fdf883a9e6661

          SHA1

          2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

          SHA256

          10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

          SHA512

          c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

          Download Submit
        • C:\Users\Admin\AppData\Local\Temp\DX5D6D.tmp\Mar2009_X3DAudio_x86.inf
          Filesize

          1KB

          MD5

          c1501e224e63e7c7fbdbfb7734a8e4f0

          SHA1

          c6aff4de1b44499d304649b782346b0a6decdbd8

          SHA256

          aabd029d75f25244bae4ca17dbf9c4feebec0d5f121fcd388c175c3360be1bac

          SHA512

          e29f985810029a43a987ba45c905aae84d0615330e6fcedf81806a403f59c8861fdbb31935b0c610378d8131d38ac6798c778f5c6fada9f51838cd8a8cfcaa99

          Download Submit
        • C:\Users\Admin\AppData\Local\Temp\DX5D6D.tmp\Mar2009_XACT_x86.inf
          Filesize

          1KB

          MD5

          25b4458970583bd63b3e21ca5eda19b4

          SHA1

          a41a7c318342365d64f94da5c2b9d0490895d684

          SHA256

          764c3caeb1725a11701ca7119fdc49b3219553b79f9a5c1a02b20991391e5a21

          SHA512

          4239e25d6701e28a58424361d2bbcd27abcd91308ee2b5abde611304b0c2caf3cd807c8aaf3665569a565664b12c53e17aca73703ece809b9f26487d9f9a3778

          Download Submit
        • C:\Users\Admin\AppData\Local\Temp\DX5D6D.tmp\Mar2009_XAudio_x86.inf
          Filesize

          1KB

          MD5

          ce1394e17492dac92e0257482272617c

          SHA1

          f1babf395b608a9966cb5d89d85d131ce8263576

          SHA256

          1b66e4d80f9843fc73b0a6097fb8ed5f3d2cfd5cfb5c328904d2c370bd87bb3e

          SHA512

          c5b800c6d519d147e37b459b3c667d2e05b6e344ac38be69aee40dc1e20b232c9a123f0f6ec8fb5909ba8d76fbb24a626ffb2f76b08bb3d3984d6ad6541d6a9c

          Download Submit
        • C:\Users\Admin\AppData\Local\Temp\DX5D6D.tmp\X3DAudio1_6.dll
          Filesize

          21KB

          MD5

          e763798cad2a90b6ab61854f50cd47dd

          SHA1

          419f2c98d2a3f419db1b1e9b5f4f7c3b9b636c1d

          SHA256

          574d14ab9a641c6cbadd78f2cd6c088b64b59c3646057952e63cad7d2778e1c3

          SHA512

          b455b0078786b7ff8362f7404095037a5332603383707a6dd493f381eae3e28135696fb4863e1915ea01c0f12ce10d021a18ab91cbab06b4d20142e0b38833fd

          Download Submit
        • C:\Users\Admin\AppData\Local\Temp\DX5D6D.tmp\XAPOFX1_3.dll
          Filesize

          67KB

          MD5

          c4479a4547390e3c5ef28d453abde4f5

          SHA1

          9b3af3d2ffcf52cc6628cb486372be2870771637

          SHA256

          c6956ac2ee59f71e86784138b5443de6970a1274ac161945b8a44dc1d535db84

          SHA512

          94a55bbff8a285d6b91ae72b70664b2c1a067890db175e20265be2d57a4b29deec52f08f0aba8ae07ed30dfcf96889ab835b971d2bf567758d3f7b881a7e5324

          Download Submit
        • C:\Users\Admin\AppData\Local\Temp\DX5D6D.tmp\XAudio2_4.dll
          Filesize

          505KB

          MD5

          e684c5fa18adf9ea14737757413bf727

          SHA1

          1dd454144e8c0f3aaf24db0b77f03737914d9a72

          SHA256

          bcde4317debd0052b1436a6fda60e1dcb1e308979498117fa0cb50061f38101c

          SHA512

          9686f92745a30fd9e442ff6a24dd89410aa483ccd46edbefce0fe378645292255a323e1aae146180e8a4ecd15765a996df959a302d5cdbc6dfa4c5fcb8252e4d

          Download Submit
        • C:\Users\Admin\AppData\Local\Temp\DX5D6D.tmp\apr2007_d3dx9_33_x86.inf
          Filesize

          1KB

          MD5

          044cae9c30c88bda73727243f5e5206d

          SHA1

          de744e349cf4ea458b10657d510966d21ad08d67

          SHA256

          349a09a2791d697bffffc61410a536cdcf258f0d7c86dda44a297e8aec4bdf00

          SHA512

          18e501142004afbcd28b41bdd3a9b19e2eebc047d7858ee11a9135f19759cfd8c643ff074a51e937bbcab7162888fd95effc146be21fe63dfc300ef03ed44056

          Download Submit
        • C:\Users\Admin\AppData\Local\Temp\DX5D6D.tmp\apr2007_xinput_x86.inf
          Filesize

          1KB

          MD5

          e188f534500688cec2e894d3533997b4

          SHA1

          f073f8515b94cb23b703ab5cdb3a5cfcc10b3333

          SHA256

          1c798cb80e9e46ce03356ea7316e1eff5d3a88ccdd7cbfbfcdce73cded23b4e5

          SHA512

          332ccb25c5ed92ae48c5805a330534d985d6b41f9220af0844d407b2019396fcefea7076b409439f5ab8a9ca6819b65c07ada7bd3aa1222429966dc5a440d4f7

          Download Submit
        • C:\Users\Admin\AppData\Local\Temp\DX5D6D.tmp\d3dx9_31.dll
          Filesize

          2.3MB

          MD5

          797e24743937d67d69f28f2cf5052ee8

          SHA1

          7d39afbf94675487a9ff7e41d2dbb8daedf7ad00

          SHA256

          e2065619fe6eb0034833b1dc0369deb4a6edc3110e38a1132eeafcf430c578a5

          SHA512

          8804d0d95688a932c7bf7e1a023179de8df3a5436e356b36d803cb9781f3a378adb9fe69d03b28362755b808cbeb2cc718ab920672270de0b954996996328f5e

          Download Submit
        • C:\Users\Admin\AppData\Local\Temp\DX5D6D.tmp\d3dx9_33.dll
          Filesize

          3.3MB

          MD5

          cdb1cd22baff21f48606b3c1a18b000b

          SHA1

          9315b5db975a34dbebdb4dcae652ba1db01c482c

          SHA256

          c6b7b2ad7742dde5dd8d1a35fdc1c185e586e551ad9c74d3fb21759cd8ca4da8

          SHA512

          c5fb24de8f1ee6fc1ed6e74580b5d22599ea4eb6c3589645fff0b15dc8dca051c4917e60fbc00ca86542dd63a8f5e40da92ea77e24826c0c6bdba9b58c36d4db

          Download Submit
        • C:\Users\Admin\AppData\Local\Temp\DX5D6D.tmp\dxupdate.inf
          Filesize

          11KB

          MD5

          c01a575c4c7f9d6d35c82ce779b41549

          SHA1

          cc099e7c95cbd0954709610f3a99863cb925b9a6

          SHA256

          1ac921b8409344f13f62b8fddabc6857048faca3b5f892f2a5f246a045894c60

          SHA512

          2be9f2e460bd9f6c8cb9171aac3e0210a954fb123d9d69726fb7fd375c48726f7ddef5dc6fcf7cbb3543eedd54020db2309d1adda7aecdcc7668ceefbfabd012

          Download Submit
        • C:\Users\Admin\AppData\Local\Temp\DX5D6D.tmp\oct2006_d3dx9_31_x86.inf
          Filesize

          1KB

          MD5

          8f7aa1f0f2389f3cac574652f5d6672d

          SHA1

          921f2161cf46c6314a330ff52c83f8a3f1058f0d

          SHA256

          a1c61096019a6ae1a9f31e3fe67aa2bb7e9e451967959d7088344f3f20ab572e

          SHA512

          a85c03ccaa27adf3c75287529f18e84f526cf91785e0f4281db0eb86feba78522603e21def19bd2a33e03ceaedd9109b8af1dbda4a3fe93fe6eb95366b6df747

          Download Submit
        • C:\Users\Admin\AppData\Local\Temp\DX5D6D.tmp\xactengine3_4.dll
          Filesize

          229KB

          MD5

          686f8d1b4926d48227a06acd4d41cd1e

          SHA1

          324fd1d21a42f0c30bb071beb2cd5db9abbf3138

          SHA256

          d3bad7995b998f2c95dbb33020a198ef5a248825321032f051619f353d46182b

          SHA512

          6ed69ab933492870b7fbf4e178999b835846075fe103e65f9a0f9b1ad8d47c9277f31a7a0fb53f3620b591b103b02bfa8efec530d7372680f585b82e128edcc4

          Download Submit
        • C:\Users\Admin\AppData\Local\Temp\DX5D6D.tmp\xinput1_3.dll
          Filesize

          79KB

          MD5

          77f595dee5ffacea72b135b1fce1312e

          SHA1

          d2a710b332de3ef7a576e0aed27b0ae66892b7e9

          SHA256

          8d540d484ea41e374fd0107d55d253f87ded4ce780d515d8fd59bbe8c98970a7

          SHA512

          a8683050d7758c248052c11ac6a46c9a0b3b3773902cca478c1961b6d9d2d57c75a8c925ba5af4499989c0f44b34eaf57abafafa26506c31e5e4769fb3439746

          Download Submit
        • C:\Users\Admin\AppData\Local\Temp\is-82SKD.tmp\xnafx31_redist.msi
          Filesize

          7.3MB

          MD5

          52873853e4981d5b9147c93472bb4ee7

          SHA1

          bdd33b677c9576a63ff2a6f65e12c0563cc116e6

          SHA256

          187e7e6b08fe35428d945612a7d258bfed25fad53cc54882983abdc73fe60f91

          SHA512

          5dec691498a57f89d74b383d81096efa948e8c0ee430b1d74bbbb3dbeda366bbde8a7258587456aa939dbce5bb075f209ba4088c7fd599425945f349f1791ec6

          Download Submit
        • C:\Users\Admin\AppData\Local\Temp\is-8KACF.tmp\OpenRailsSetup.tmp
          Filesize

          691KB

          MD5

          9303156631ee2436db23827e27337be4

          SHA1

          018e0d5b6ccf7000e36af30cebeb8adc5667e5fa

          SHA256

          bae22f27c12bce1faeb64b6eb733302aff5867baa8eed832397a7ce284a86ff4

          SHA512

          9fe100fafb1c74728109667b5a2261a31e49c45723de748adaa1d9cb9f8daa389b871056c70066fa3a05be82a5017c8dd590ae149a56d824a9e250d31091a40f

          Download Submit
        • C:\Users\Admin\AppData\Local\Temp\is-8KACF.tmp\OpenRailsSetup.tmp
          Filesize

          691KB

          MD5

          9303156631ee2436db23827e27337be4

          SHA1

          018e0d5b6ccf7000e36af30cebeb8adc5667e5fa

          SHA256

          bae22f27c12bce1faeb64b6eb733302aff5867baa8eed832397a7ce284a86ff4

          SHA512

          9fe100fafb1c74728109667b5a2261a31e49c45723de748adaa1d9cb9f8daa389b871056c70066fa3a05be82a5017c8dd590ae149a56d824a9e250d31091a40f

          Download Submit
        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Libraries\Music.library-ms
          Filesize

          3KB

          MD5

          ff28ded611e55fc4ee11db810f5ef53d

          SHA1

          2d17266995b338aeb38681c67a0b1139d6d6d121

          SHA256

          d9ba06604bc4325a1e34d6766f6bf5bf588ff7ed59afa6a79f27b46137778f5c

          SHA512

          0d92771b1890d8ee8c6d83f191c13bc09be144c6f67bde96ca75b395bb3508b1c91c3eb77df283794c6e6aa22387c2941c9411df3dece5e3b3c9f533ceb6e4b6

          Download Submit
        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\74d7f43c1561fc1e.customDestinations-ms~RF6eba4b.TMP
          Filesize

          1KB

          MD5

          b285d57438b3c3acc58444be02153af3

          SHA1

          bd52bf63afb52479f223a25ffab1370c00a58d49

          SHA256

          c16223f30e1aa695f0f85db88cfc1a110c1f243bf55a6c3769133b4565141105

          SHA512

          c8a5f89f75d5d75e7952dd8b07930b281c504416dc3295f5637b73141231ae9aa05d5ce68c7d3a5147192f45bc50b63bb30e57ee66210f6cf1e2400158b209f1

          Download Submit
        • C:\Windows\Installer\6cf23c.msi
          Filesize

          7.3MB

          MD5

          52873853e4981d5b9147c93472bb4ee7

          SHA1

          bdd33b677c9576a63ff2a6f65e12c0563cc116e6

          SHA256

          187e7e6b08fe35428d945612a7d258bfed25fad53cc54882983abdc73fe60f91

          SHA512

          5dec691498a57f89d74b383d81096efa948e8c0ee430b1d74bbbb3dbeda366bbde8a7258587456aa939dbce5bb075f209ba4088c7fd599425945f349f1791ec6

          Download Submit
        • C:\Windows\Logs\DirectX.log
          Filesize

          9KB

          MD5

          787e5fe07959d6b25ff950d269b1b98c

          SHA1

          16d15d4e21a992a2583dada7241411e56bb31358

          SHA256

          036f4a37052eab4e401cffc125cfecef3ffb55d5862ef76a51de45219458116b

          SHA512

          1b0b82f5dcb29e9dc02c6b8ad836594fa9e233b425f484dd48a8117d895c02b72f8cd99dafbf9b2279f8fff0693b1a53344def935ad98af166e78293f3c8cb55

          Download Submit
        • C:\Windows\Logs\DirectX.log
          Filesize

          9KB

          MD5

          787e5fe07959d6b25ff950d269b1b98c

          SHA1

          16d15d4e21a992a2583dada7241411e56bb31358

          SHA256

          036f4a37052eab4e401cffc125cfecef3ffb55d5862ef76a51de45219458116b

          SHA512

          1b0b82f5dcb29e9dc02c6b8ad836594fa9e233b425f484dd48a8117d895c02b72f8cd99dafbf9b2279f8fff0693b1a53344def935ad98af166e78293f3c8cb55

          Download Submit
        • C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
          Filesize

          109KB

          MD5

          9d4a35fcef4dbe2a14a39ba0b506b185

          SHA1

          d04f8e3221db7697aef238ebb9334cfbb16adc7b

          SHA256

          53ec6474b2386c8fcaf4b1d8ac30cfa233e669c38dff774d2899c7bbda57cd46

          SHA512

          c618009f7ec3a2c7170dd2ee22dfbb7be708074790f3568c0a1a56f21ef5db018cbf272fe2426ba9cd4998ae4248478b1a6f65a85aa3d73a6b5ae8ae0b24b952

          Download Submit
        • C:\Windows\assembly\GAC_32\Microsoft.Xna.Framework.Game\3.1.0.0__6d5c3888ef60e27d\Microsoft.Xna.Framework.Game.dll
          Filesize

          96KB

          MD5

          2bc25ba0985c4e432abc6b2d6d0ac7fb

          SHA1

          2a683138ce030c910d07577c868a90a282b3020f

          SHA256

          397430d6c47fe3b1e0f55f1d426e145f9b6a88565a2b11b418b69e9f66886e44

          SHA512

          5df396311e4cf0ca31613aee9ed00ea425ad9ea1a7299d02b974895a0b7fe52f3a9a9ba4bab6fac36c6879bff1b1f8870265f2029109cf2c93349b490989d929

          Download Submit
        • C:\Windows\assembly\GAC_32\Microsoft.Xna.Framework\3.1.0.0__6d5c3888ef60e27d\Microsoft.Xna.Framework.dll
          Filesize

          1010KB

          MD5

          6cdc5524d71705426b48138e1648c749

          SHA1

          72d4d3cb46a02b60985430997d74fb6315189032

          SHA256

          c4f8f4c7ecb4ec6b367a6273271d740ca5d85f79927b7e0154ab160acaf93e3b

          SHA512

          5d00bc72988b931c736724fdab901c47e1ace4ec2b1b3baae3755f29b4dc73ace0fb99645d3debf82f67f28fc2eba7ad3def2ff9a23171619454420e5692a1e9

          Download Submit
        • \Program Files (x86)\Common Files\microsoft shared\XNA\Framework\Shared\xnavisualizer.dll
          Filesize

          46KB

          MD5

          1408d5fbcd66d0552604165a322b8aff

          SHA1

          f79236d7c15ebd7d6c2c7943b8284373060dcb6e

          SHA256

          1da07ed72f49f4fbcef04b9573a956d1571b7d42da74ab9c69e4385d45e16320

          SHA512

          f6f7902919eef0089aa25f95b05a6242d5c16250720bc7bef6128a02d98f9536dec68472e06784d301e9377eeeee75eca9abbfcaf26cd38b9410c7ad2ca8fada

          Download Submit
        • \Program Files (x86)\Microsoft XNA\XNA Game Studio\v3.1\Redist\DX Redist\DSETUP.dll
          Filesize

          91KB

          MD5

          4d48dbe4d3a06c497435014e5c583f34

          SHA1

          159cbc37080b7ea3ceae8d25125b99f9f4948341

          SHA256

          9d47b4fa2dcce6a02a51324cfb97f5e153086c2eb8832b211e175cbe5fb850b3

          SHA512

          b8029bde36e4d6581916c131ec51d74f4a2b03abf5a238c503e1c7b19980d0946606375f0b4c3bd10b9c514e084368c356be8536b282bee887037d7d7f139732

          Download Submit
        • \Program Files (x86)\Microsoft XNA\XNA Game Studio\v3.1\Redist\DX Redist\DSETUP.dll
          Filesize

          91KB

          MD5

          4d48dbe4d3a06c497435014e5c583f34

          SHA1

          159cbc37080b7ea3ceae8d25125b99f9f4948341

          SHA256

          9d47b4fa2dcce6a02a51324cfb97f5e153086c2eb8832b211e175cbe5fb850b3

          SHA512

          b8029bde36e4d6581916c131ec51d74f4a2b03abf5a238c503e1c7b19980d0946606375f0b4c3bd10b9c514e084368c356be8536b282bee887037d7d7f139732

          Download Submit
        • \Program Files (x86)\Microsoft XNA\XNA Game Studio\v3.1\Redist\DX Redist\DSETUP.dll
          Filesize

          91KB

          MD5

          4d48dbe4d3a06c497435014e5c583f34

          SHA1

          159cbc37080b7ea3ceae8d25125b99f9f4948341

          SHA256

          9d47b4fa2dcce6a02a51324cfb97f5e153086c2eb8832b211e175cbe5fb850b3

          SHA512

          b8029bde36e4d6581916c131ec51d74f4a2b03abf5a238c503e1c7b19980d0946606375f0b4c3bd10b9c514e084368c356be8536b282bee887037d7d7f139732

          Download Submit
        • \Program Files (x86)\Microsoft XNA\XNA Game Studio\v3.1\Redist\DX Redist\DSETUP.dll
          Filesize

          91KB

          MD5

          4d48dbe4d3a06c497435014e5c583f34

          SHA1

          159cbc37080b7ea3ceae8d25125b99f9f4948341

          SHA256

          9d47b4fa2dcce6a02a51324cfb97f5e153086c2eb8832b211e175cbe5fb850b3

          SHA512

          b8029bde36e4d6581916c131ec51d74f4a2b03abf5a238c503e1c7b19980d0946606375f0b4c3bd10b9c514e084368c356be8536b282bee887037d7d7f139732

          Download Submit
        • \Program Files (x86)\Microsoft XNA\XNA Game Studio\v3.1\Redist\DX Redist\DSETUP.dll
          Filesize

          91KB

          MD5

          4d48dbe4d3a06c497435014e5c583f34

          SHA1

          159cbc37080b7ea3ceae8d25125b99f9f4948341

          SHA256

          9d47b4fa2dcce6a02a51324cfb97f5e153086c2eb8832b211e175cbe5fb850b3

          SHA512

          b8029bde36e4d6581916c131ec51d74f4a2b03abf5a238c503e1c7b19980d0946606375f0b4c3bd10b9c514e084368c356be8536b282bee887037d7d7f139732

          Download Submit
        • \Program Files (x86)\Microsoft XNA\XNA Game Studio\v3.1\Redist\DX Redist\DSETUP.dll
          Filesize

          91KB

          MD5

          4d48dbe4d3a06c497435014e5c583f34

          SHA1

          159cbc37080b7ea3ceae8d25125b99f9f4948341

          SHA256

          9d47b4fa2dcce6a02a51324cfb97f5e153086c2eb8832b211e175cbe5fb850b3

          SHA512

          b8029bde36e4d6581916c131ec51d74f4a2b03abf5a238c503e1c7b19980d0946606375f0b4c3bd10b9c514e084368c356be8536b282bee887037d7d7f139732

          Download Submit
        • \Program Files (x86)\Microsoft XNA\XNA Game Studio\v3.1\Redist\DX Redist\DSETUP.dll
          Filesize

          91KB

          MD5

          4d48dbe4d3a06c497435014e5c583f34

          SHA1

          159cbc37080b7ea3ceae8d25125b99f9f4948341

          SHA256

          9d47b4fa2dcce6a02a51324cfb97f5e153086c2eb8832b211e175cbe5fb850b3

          SHA512

          b8029bde36e4d6581916c131ec51d74f4a2b03abf5a238c503e1c7b19980d0946606375f0b4c3bd10b9c514e084368c356be8536b282bee887037d7d7f139732

          Download Submit
        • \Program Files (x86)\Microsoft XNA\XNA Game Studio\v3.1\Redist\DX Redist\DSETUP.dll
          Filesize

          91KB

          MD5

          4d48dbe4d3a06c497435014e5c583f34

          SHA1

          159cbc37080b7ea3ceae8d25125b99f9f4948341

          SHA256

          9d47b4fa2dcce6a02a51324cfb97f5e153086c2eb8832b211e175cbe5fb850b3

          SHA512

          b8029bde36e4d6581916c131ec51d74f4a2b03abf5a238c503e1c7b19980d0946606375f0b4c3bd10b9c514e084368c356be8536b282bee887037d7d7f139732

          Download Submit
        • \Program Files (x86)\Microsoft XNA\XNA Game Studio\v3.1\Redist\DX Redist\DSETUP.dll
          Filesize

          91KB

          MD5

          4d48dbe4d3a06c497435014e5c583f34

          SHA1

          159cbc37080b7ea3ceae8d25125b99f9f4948341

          SHA256

          9d47b4fa2dcce6a02a51324cfb97f5e153086c2eb8832b211e175cbe5fb850b3

          SHA512

          b8029bde36e4d6581916c131ec51d74f4a2b03abf5a238c503e1c7b19980d0946606375f0b4c3bd10b9c514e084368c356be8536b282bee887037d7d7f139732

          Download Submit
        • \Program Files (x86)\Microsoft XNA\XNA Game Studio\v3.1\Redist\DX Redist\DSETUP.dll
          Filesize

          91KB

          MD5

          4d48dbe4d3a06c497435014e5c583f34

          SHA1

          159cbc37080b7ea3ceae8d25125b99f9f4948341

          SHA256

          9d47b4fa2dcce6a02a51324cfb97f5e153086c2eb8832b211e175cbe5fb850b3

          SHA512

          b8029bde36e4d6581916c131ec51d74f4a2b03abf5a238c503e1c7b19980d0946606375f0b4c3bd10b9c514e084368c356be8536b282bee887037d7d7f139732

          Download Submit
        • \Program Files (x86)\Microsoft XNA\XNA Game Studio\v3.1\Redist\DX Redist\DSETUP.dll
          Filesize

          91KB

          MD5

          4d48dbe4d3a06c497435014e5c583f34

          SHA1

          159cbc37080b7ea3ceae8d25125b99f9f4948341

          SHA256

          9d47b4fa2dcce6a02a51324cfb97f5e153086c2eb8832b211e175cbe5fb850b3

          SHA512

          b8029bde36e4d6581916c131ec51d74f4a2b03abf5a238c503e1c7b19980d0946606375f0b4c3bd10b9c514e084368c356be8536b282bee887037d7d7f139732

          Download Submit
        • \Program Files (x86)\Microsoft XNA\XNA Game Studio\v3.1\Redist\DX Redist\DSETUP.dll
          Filesize

          91KB

          MD5

          4d48dbe4d3a06c497435014e5c583f34

          SHA1

          159cbc37080b7ea3ceae8d25125b99f9f4948341

          SHA256

          9d47b4fa2dcce6a02a51324cfb97f5e153086c2eb8832b211e175cbe5fb850b3

          SHA512

          b8029bde36e4d6581916c131ec51d74f4a2b03abf5a238c503e1c7b19980d0946606375f0b4c3bd10b9c514e084368c356be8536b282bee887037d7d7f139732

          Download Submit
        • \Program Files (x86)\Microsoft XNA\XNA Game Studio\v3.1\Redist\DX Redist\DSETUP.dll
          Filesize

          91KB

          MD5

          4d48dbe4d3a06c497435014e5c583f34

          SHA1

          159cbc37080b7ea3ceae8d25125b99f9f4948341

          SHA256

          9d47b4fa2dcce6a02a51324cfb97f5e153086c2eb8832b211e175cbe5fb850b3

          SHA512

          b8029bde36e4d6581916c131ec51d74f4a2b03abf5a238c503e1c7b19980d0946606375f0b4c3bd10b9c514e084368c356be8536b282bee887037d7d7f139732

          Download Submit
        • \Program Files (x86)\Microsoft XNA\XNA Game Studio\v3.1\Redist\DX Redist\dsetup32.dll
          Filesize

          1.6MB

          MD5

          7c7cc9feb1026678c48bbabe84ea57c2

          SHA1

          4fe9c466fc65cf07af0e1440743b1822ab65849b

          SHA256

          a5c6df12f9fe2edab2a22fe7abf3cb17eac110a6fd469f2570ba04afc88ad767

          SHA512

          d9cca6dfd5966d45342b87afb6091bc8ad3beff039f9bc9c523f8118dc6723337c279cd652c19624250ed3934d8f4a2b15670652867c0114b7e785bbab4212e0

          Download Submit
        • \Program Files (x86)\Open Rails\OpenRails.exe
          Filesize

          30KB

          MD5

          fe5ec10e4b14d7f71c5c928416e3d481

          SHA1

          8bb8c0b427518267ff87f8eb458bf14e894127dc

          SHA256

          e7f5d90e5e878f9f46929ec5f0d474c9035f11b5f3e53e90dafc900f0b567fce

          SHA512

          cefdb33ca6b70cc464ec4af4aa9eebefa0ebb074d64de755d3f41d90533749db8380f35a327bd597f6dbb63b4a33ebf38cf95c826913dd3f59e902178e2bb6b1

          Download Submit
        • \Program Files (x86)\Open Rails\OpenRails.exe
          Filesize

          30KB

          MD5

          fe5ec10e4b14d7f71c5c928416e3d481

          SHA1

          8bb8c0b427518267ff87f8eb458bf14e894127dc

          SHA256

          e7f5d90e5e878f9f46929ec5f0d474c9035f11b5f3e53e90dafc900f0b567fce

          SHA512

          cefdb33ca6b70cc464ec4af4aa9eebefa0ebb074d64de755d3f41d90533749db8380f35a327bd597f6dbb63b4a33ebf38cf95c826913dd3f59e902178e2bb6b1

          Download Submit
        • \Users\Admin\AppData\Local\Temp\DX5D6D.tmp\dxupdate.dll
          Filesize

          169KB

          MD5

          190f5151b667f65c68ec7857f5d1ac9e

          SHA1

          c41b2117ddc8d60eb66d2f6703604224b3bfac86

          SHA256

          aa277fb688c35b40806bfe35bd083fbd6f47f053393cec3eece5a4adc4265ada

          SHA512

          d42caf4e9b6e0b0d988a1a8be7e5f051ed994b499f0825911fd48a63551b15f3566b7957a436a87f66c5cd9b0f908a074e0f2790e5abd7c7183c45cb7d88a5ed

          Download Submit
        • \Users\Admin\AppData\Local\Temp\DX5D6D.tmp\dxupdate.dll
          Filesize

          169KB

          MD5

          190f5151b667f65c68ec7857f5d1ac9e

          SHA1

          c41b2117ddc8d60eb66d2f6703604224b3bfac86

          SHA256

          aa277fb688c35b40806bfe35bd083fbd6f47f053393cec3eece5a4adc4265ada

          SHA512

          d42caf4e9b6e0b0d988a1a8be7e5f051ed994b499f0825911fd48a63551b15f3566b7957a436a87f66c5cd9b0f908a074e0f2790e5abd7c7183c45cb7d88a5ed

          Download Submit
        • \Users\Admin\AppData\Local\Temp\is-82SKD.tmp\_isetup\_shfoldr.dll
          Filesize

          22KB

          MD5

          92dc6ef532fbb4a5c3201469a5b5eb63

          SHA1

          3e89ff837147c16b4e41c30d6c796374e0b8e62c

          SHA256

          9884e9d1b4f8a873ccbd81f8ad0ae257776d2348d027d811a56475e028360d87

          SHA512

          9908e573921d5dbc3454a1c0a6c969ab8a81cc2e8b5385391d46b1a738fb06a76aa3282e0e58d0d2ffa6f27c85668cd5178e1500b8a39b1bbae04366ae6a86d3

          Download Submit
        • \Users\Admin\AppData\Local\Temp\is-82SKD.tmp\_isetup\_shfoldr.dll
          Filesize

          22KB

          MD5

          92dc6ef532fbb4a5c3201469a5b5eb63

          SHA1

          3e89ff837147c16b4e41c30d6c796374e0b8e62c

          SHA256

          9884e9d1b4f8a873ccbd81f8ad0ae257776d2348d027d811a56475e028360d87

          SHA512

          9908e573921d5dbc3454a1c0a6c969ab8a81cc2e8b5385391d46b1a738fb06a76aa3282e0e58d0d2ffa6f27c85668cd5178e1500b8a39b1bbae04366ae6a86d3

          Download Submit
        • \Users\Admin\AppData\Local\Temp\is-8KACF.tmp\OpenRailsSetup.tmp
          Filesize

          691KB

          MD5

          9303156631ee2436db23827e27337be4

          SHA1

          018e0d5b6ccf7000e36af30cebeb8adc5667e5fa

          SHA256

          bae22f27c12bce1faeb64b6eb733302aff5867baa8eed832397a7ce284a86ff4

          SHA512

          9fe100fafb1c74728109667b5a2261a31e49c45723de748adaa1d9cb9f8daa389b871056c70066fa3a05be82a5017c8dd590ae149a56d824a9e250d31091a40f

          Download Submit
        • \Windows\SysWOW64\XAudio2_4.dll
          Filesize

          505KB

          MD5

          e684c5fa18adf9ea14737757413bf727

          SHA1

          1dd454144e8c0f3aaf24db0b77f03737914d9a72

          SHA256

          bcde4317debd0052b1436a6fda60e1dcb1e308979498117fa0cb50061f38101c

          SHA512

          9686f92745a30fd9e442ff6a24dd89410aa483ccd46edbefce0fe378645292255a323e1aae146180e8a4ecd15765a996df959a302d5cdbc6dfa4c5fcb8252e4d

          Download Submit
        • \Windows\SysWOW64\xactengine3_4.dll
          Filesize

          229KB

          MD5

          686f8d1b4926d48227a06acd4d41cd1e

          SHA1

          324fd1d21a42f0c30bb071beb2cd5db9abbf3138

          SHA256

          d3bad7995b998f2c95dbb33020a198ef5a248825321032f051619f353d46182b

          SHA512

          6ed69ab933492870b7fbf4e178999b835846075fe103e65f9a0f9b1ad8d47c9277f31a7a0fb53f3620b591b103b02bfa8efec530d7372680f585b82e128edcc4

          Download Submit
        • memory/292-545-0x00000000026D0000-0x00000000027D2000-memory.dmp
          Filesize

          1.0MB

          Download
        • memory/292-548-0x00000000007A0000-0x00000000007BC000-memory.dmp
          Filesize

          112KB

          Download
        • memory/1156-1779-0x00000000000A0000-0x00000000000A1000-memory.dmp
          Filesize

          4KB

          Download
        • memory/1156-1812-0x00000000000A0000-0x00000000000A1000-memory.dmp
          Filesize

          4KB

          Download
        • memory/1348-1862-0x0000000000400000-0x0000000000414000-memory.dmp
          Filesize

          80KB

          Download
        • memory/1348-62-0x0000000000400000-0x0000000000414000-memory.dmp
          Filesize

          80KB

          Download
        • memory/1348-54-0x0000000000400000-0x0000000000414000-memory.dmp
          Filesize

          80KB

          Download
        • memory/1900-1849-0x0000000000400000-0x00000000004BD000-memory.dmp
          Filesize

          756KB

          Download
        • memory/1900-1747-0x0000000000400000-0x00000000004BD000-memory.dmp
          Filesize

          756KB

          Download
        • memory/1900-1749-0x0000000000400000-0x00000000004BD000-memory.dmp
          Filesize

          756KB

          Download
        • memory/1900-70-0x0000000000240000-0x0000000000241000-memory.dmp
          Filesize

          4KB

          Download
        • memory/1900-61-0x0000000000240000-0x0000000000241000-memory.dmp
          Filesize

          4KB

          Download
        • memory/1900-72-0x0000000000400000-0x00000000004BD000-memory.dmp
          Filesize

          756KB

          Download
        • memory/1900-1861-0x0000000000400000-0x00000000004BD000-memory.dmp
          Filesize

          756KB

          Download
        • memory/1900-1827-0x0000000000400000-0x00000000004BD000-memory.dmp
          Filesize

          756KB

          Download
        • memory/1900-76-0x0000000000400000-0x00000000004BD000-memory.dmp
          Filesize

          756KB

          Download
        • memory/1900-63-0x0000000000400000-0x00000000004BD000-memory.dmp
          Filesize

          756KB

          Download
        • memory/1900-583-0x0000000000400000-0x00000000004BD000-memory.dmp
          Filesize

          756KB

          Download
        • memory/1900-497-0x0000000000400000-0x00000000004BD000-memory.dmp
          Filesize

          756KB

          Download
        • memory/2600-1877-0x0000000000BA0000-0x0000000000C20000-memory.dmp
          Filesize

          512KB

          Download
        • memory/2600-1876-0x0000000001200000-0x000000000120C000-memory.dmp
          Filesize

          48KB

          Download
        • memory/2756-1878-0x0000000000150000-0x0000000000151000-memory.dmp
          Filesize

          4KB

          Download
        • memory/2904-1769-0x000000001ADE0000-0x000000001ADE1000-memory.dmp
          Filesize

          4KB

          Download
        • memory/2904-1811-0x0000000001EB0000-0x0000000001F30000-memory.dmp
          Filesize

          512KB

          Download
        • memory/2904-1785-0x000000001ADE0000-0x000000001ADE1000-memory.dmp
          Filesize

          4KB

          Download
        • memory/2904-1782-0x0000000001EB0000-0x0000000001F30000-memory.dmp
          Filesize

          512KB

          Download
        • memory/2904-1781-0x0000000001EB0000-0x0000000001F30000-memory.dmp
          Filesize

          512KB

          Download
        • memory/2904-1837-0x00000000203C0000-0x00000000203F7000-memory.dmp
          Filesize

          220KB

          Download
        • memory/2904-1840-0x000000001FC10000-0x000000001FC1A000-memory.dmp
          Filesize

          40KB

          Download
        • memory/2904-1841-0x000000001FC10000-0x000000001FC1A000-memory.dmp
          Filesize

          40KB

          Download
        • memory/2904-1778-0x0000000001EB0000-0x0000000001F30000-memory.dmp
          Filesize

          512KB

          Download
        • memory/2904-1777-0x0000000001EB0000-0x0000000001F30000-memory.dmp
          Filesize

          512KB

          Download
        • memory/2904-1772-0x0000000001EB0000-0x0000000001F30000-memory.dmp
          Filesize

          512KB

          Download
        • memory/2904-1768-0x000000001CA10000-0x000000001CAC8000-memory.dmp
          Filesize

          736KB

          Download
        • memory/2904-1767-0x000000001B3C0000-0x000000001B45E000-memory.dmp
          Filesize

          632KB

          Download
        • memory/2904-1766-0x000000001E3C0000-0x000000001E544000-memory.dmp
          Filesize

          1.5MB

          Download
        • memory/2904-1765-0x0000000001EB0000-0x0000000001F30000-memory.dmp
          Filesize

          512KB

          Download
        • memory/2904-1764-0x0000000001EB0000-0x0000000001F30000-memory.dmp
          Filesize

          512KB

          Download
        • memory/2904-1763-0x000000001DDB0000-0x000000001E3B8000-memory.dmp
          Filesize

          6.0MB

          Download
        • memory/2904-1761-0x0000000001EB0000-0x0000000001F30000-memory.dmp
          Filesize

          512KB

          Download
        • memory/2904-1760-0x0000000001EB0000-0x0000000001F30000-memory.dmp
          Filesize

          512KB

          Download