0c071497334f0ece1f7217f0572b13c78ae1a37f466993ddea8f48e99826606d

Analysis

max time kernel
570s
max time network
554s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
06-04-2023 23:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

GTAG GUI.exe
Size

60KB
MD5

45e704327dc60ee44308d852f2559d2a
SHA1

9514b3ad4e4ac2ffaaf1a53bd365e183b12d42ed
SHA256

0c071497334f0ece1f7217f0572b13c78ae1a37f466993ddea8f48e99826606d
SHA512

71a74ec690e32543a1cfb002d5fc12802b38afe241b3e5a17ffe2b8943387fc0bb6f4a8b6a0714c475963faf91a8511d912f8c7622c7f03664c095d6428da5d5
SSDEEP

1536:fL9vF5BfilV2j1FQ9UlWlMV13cLSHX/Yow70DmVH9q:fVBfiuLX/YGN

Score

7^/10

agilenet

Malware Config

Signatures

Executes dropped EXE 4 IoCs

Processes:

GTAG GUI.exeGTAG GUI.exeGTAG GUI.exeGTAG GUI.exe

pid process

696 GTAG GUI.exe
1720 GTAG GUI.exe
3672 GTAG GUI.exe
4220 GTAG GUI.exe

Loads dropped DLL 40 IoCs

Processes:

GTAG GUI.exeGTAG GUI.exeGTAG GUI.exeGTAG GUI.exe

pid	process
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
4220	GTAG GUI.exe
4220	GTAG GUI.exe
4220	GTAG GUI.exe
4220	GTAG GUI.exe
4220	GTAG GUI.exe
4220	GTAG GUI.exe
4220	GTAG GUI.exe
4220	GTAG GUI.exe
4220	GTAG GUI.exe
4220	GTAG GUI.exe

Obfuscated with Agile.Net obfuscator 43 IoCs

Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

agilenet

Processes:

resource	yara_rule
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuTextbox.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuTextBox.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuTextbox.dll	agile_net
behavioral2/memory/696-387-0x0000000005600000-0x0000000005620000-memory.dmp	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuButton.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuButton.dll	agile_net
behavioral2/memory/696-392-0x00000000058E0000-0x0000000005900000-memory.dmp	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuButton.dll	agile_net
behavioral2/memory/696-396-0x0000000006080000-0x00000000060EE000-memory.dmp	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuLabel.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuLabel.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuLabel.dll	agile_net
behavioral2/memory/696-391-0x0000000005420000-0x0000000005430000-memory.dmp	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.1.5.3.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.1.5.3.dll	agile_net
behavioral2/memory/696-400-0x0000000006010000-0x000000000606A000-memory.dmp	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.1.5.3.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.Licensing.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.Licensing.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.Licensing.dll	agile_net
behavioral2/memory/696-404-0x0000000006290000-0x00000000063D2000-memory.dmp	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuTextbox.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuTextbox.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuButton.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuButton.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuLabel.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuLabel.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.1.5.3.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.1.5.3.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.Licensing.dll	agile_net
behavioral2/memory/696-417-0x0000000005420000-0x0000000005430000-memory.dmp	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.Licensing.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuTextbox.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuTextbox.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuButton.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuButton.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.1.5.3.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.1.5.3.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.Licensing.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.Licensing.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuLabel.dll	agile_net
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuLabel.dll	agile_net
behavioral2/memory/4220-467-0x0000000005AD0000-0x0000000005AE0000-memory.dmp	agile_net

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

2808 4140 WerFault.exe GTAG GUI.exe

pid	pid_target	process	target process
2808	4140	WerFault.exe	GTAG GUI.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133253037142748887"	chrome.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes:

chrome.exeGTAG GUI.exeGTAG GUI.exechrome.exeGTAG GUI.exe

pid	process
3664	chrome.exe
3664	chrome.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
696	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
1720	GTAG GUI.exe
2476	chrome.exe
2476	chrome.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe
3672	GTAG GUI.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

Processes:

chrome.exe

pid process

3664 chrome.exe
3664 chrome.exe
3664 chrome.exe
3664 chrome.exe
3664 chrome.exe
3664 chrome.exe
3664 chrome.exe
3664 chrome.exe
3664 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe
Token: SeShutdownPrivilege	3664	chrome.exe
Token: SeCreatePagefilePrivilege	3664	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

Processes:

chrome.exe7zG.exe

pid	process
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3964	7zG.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe
3664	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 3664 wrote to memory of 1500	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 1500	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 3268	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 1408	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 1408	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 4260	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 4260	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 4260	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 4260	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 4260	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 4260	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 4260	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 4260	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 4260	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 4260	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 4260	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 4260	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 4260	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 4260	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 4260	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 4260	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 4260	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 4260	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 4260	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 4260	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 4260	3664	chrome.exe	chrome.exe
PID 3664 wrote to memory of 4260	3664	chrome.exe	chrome.exe

C:\Users\Admin\AppData\Local\Temp\GTAG GUI.exe
"C:\Users\Admin\AppData\Local\Temp\GTAG GUI.exe"
1⤵
PID:4140

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4140 -s 1056
2⤵
- Program crash
PID:2808

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4140 -ip 4140
1⤵
PID:1268

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3664

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa2a6b9758,0x7ffa2a6b9768,0x7ffa2a6b9778
2⤵
PID:1500

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1436 --field-trial-handle=1812,i,470117171889165179,8767648625997678690,131072 /prefetch:2
2⤵
PID:3268

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1812,i,470117171889165179,8767648625997678690,131072 /prefetch:8
2⤵
PID:1408

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1796 --field-trial-handle=1812,i,470117171889165179,8767648625997678690,131072 /prefetch:8
2⤵
PID:4260

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3140 --field-trial-handle=1812,i,470117171889165179,8767648625997678690,131072 /prefetch:1
2⤵
PID:4120

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3264 --field-trial-handle=1812,i,470117171889165179,8767648625997678690,131072 /prefetch:1
2⤵
PID:5036

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4496 --field-trial-handle=1812,i,470117171889165179,8767648625997678690,131072 /prefetch:1
2⤵
PID:2168

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4636 --field-trial-handle=1812,i,470117171889165179,8767648625997678690,131072 /prefetch:8
2⤵
PID:4728

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4784 --field-trial-handle=1812,i,470117171889165179,8767648625997678690,131072 /prefetch:8
2⤵
PID:3920

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4800 --field-trial-handle=1812,i,470117171889165179,8767648625997678690,131072 /prefetch:8
2⤵
PID:2184

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5084 --field-trial-handle=1812,i,470117171889165179,8767648625997678690,131072 /prefetch:8
2⤵
PID:3564

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5100 --field-trial-handle=1812,i,470117171889165179,8767648625997678690,131072 /prefetch:8
2⤵
PID:2568

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3684 --field-trial-handle=1812,i,470117171889165179,8767648625997678690,131072 /prefetch:1
2⤵
PID:2768

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3216 --field-trial-handle=1812,i,470117171889165179,8767648625997678690,131072 /prefetch:8
2⤵
PID:4204

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5320 --field-trial-handle=1812,i,470117171889165179,8767648625997678690,131072 /prefetch:1
2⤵
PID:4236

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3428 --field-trial-handle=1812,i,470117171889165179,8767648625997678690,131072 /prefetch:1
2⤵
PID:4056

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3396 --field-trial-handle=1812,i,470117171889165179,8767648625997678690,131072 /prefetch:1
2⤵
PID:2500

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5240 --field-trial-handle=1812,i,470117171889165179,8767648625997678690,131072 /prefetch:1
2⤵
PID:2868

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5992 --field-trial-handle=1812,i,470117171889165179,8767648625997678690,131072 /prefetch:8
2⤵
PID:3756

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5948 --field-trial-handle=1812,i,470117171889165179,8767648625997678690,131072 /prefetch:1
2⤵
PID:848

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3212 --field-trial-handle=1812,i,470117171889165179,8767648625997678690,131072 /prefetch:8
2⤵
PID:3672

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5732 --field-trial-handle=1812,i,470117171889165179,8767648625997678690,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:2476

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4216

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4628

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Debug\" -ad -an -ai#7zMap26011:72:7zEvent15404
1⤵
- Suspicious use of FindShellTrayWindow
PID:3964

C:\Users\Admin\Downloads\Debug\Debug\GTAG GUI.exe
"C:\Users\Admin\Downloads\Debug\Debug\GTAG GUI.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
PID:696

C:\Users\Admin\Downloads\Debug\Debug\GTAG GUI.exe
"C:\Users\Admin\Downloads\Debug\Debug\GTAG GUI.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
PID:1720

C:\Users\Admin\Downloads\Debug\Debug\GTAG GUI.exe
"C:\Users\Admin\Downloads\Debug\Debug\GTAG GUI.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
PID:3672

C:\Windows\SysWOW64\werfault.exe
werfault.exe /h /shared Global\e7634f8e8caa4e52b55e1c106ae31751 /t 4904 /p 696
1⤵
PID:536

C:\Windows\SysWOW64\werfault.exe
werfault.exe /h /shared Global\f03ea78eb79e41c0923dd02c41e3debd /t 4904 /p 696
1⤵
PID:4948

C:\Users\Admin\Downloads\Debug\Debug\GTAG GUI.exe
"C:\Users\Admin\Downloads\Debug\Debug\GTAG GUI.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
PID:4220

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\26e6df2b-6a38-4cdf-893c-f93ce114deff.tmp
Filesize
6KB

MD5
76272bd21beaa823b9c1eb020a9f4446

SHA1
48b39fd385392c599b39bdb53a56abc0a13c97d8

SHA256
c089af0c3639bf6562432eb8c33fc831803350000f2f26b0588e49f288099bfc

SHA512
e53e9ef2c223dc2444a7a2925d8c9c9747e4ccd461d601cc0982a1d6a5c6c5ecf49d4c316c68447a6319379d8d9e5ef989a07f1b75cfef3643d61a46d1256778

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
Filesize
162KB

MD5
b81d6636c3ad72c63e532e5180eaf7f9

SHA1
ddcd059999fff6218e98af62dbe3fa9c885a0de8

SHA256
2fb4351c49b47b7cdaa9516237a8b1e690e4448339d09d70a84c658729e461ef

SHA512
4f0b87bbf60061a8efca4906554f958b7c28cf582452e01a8316d8c5ea8c98beda6c3230afff207f0b92d316c4c2e0ca1b4631e7d7364344b4a76394115af06b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
504B

MD5
6e41f01975fb00df4cca3c1bda874684

SHA1
37ce3819526aa32826b236999eb4915b7e8f1ebe

SHA256
af28ba6d430d058abb5579550c3cd02d2297b3da56502699831e06d2e530cc48

SHA512
9c2b7980aa8d273cb5afe52deb98afe343f7d60e387fcb5cdc717b94bf854e67648d2ce4e7945aad32fdf26f3ffb8ea66819fde631352cf5842cbb2fb78f5816

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
5KB

MD5
a5162946e73f616be73ab15366571e1e

SHA1
003b324a761d96b92439f3980d218df759063fc7

SHA256
66a168472c81d66be99c498ee4a1d4257fc06ecc0ccadb2c815256ff9e3b2e3b

SHA512
c62c36bd859cffa4384bf4c3a6fd46913d5e784c599041ecdd958542f54a7dcf42858a5c79abd908663ec64308d7780604b1d0cc77155ba9a83bb54b902e61d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
4KB

MD5
6b4cf92a75e39fb96381cc658812f1eb

SHA1
7ff0e71a5229c5b2b50bc2a3428e4cdc5b4935ad

SHA256
24e806930dd4c25390b5f4beac99f88c1147428fdcbff191cfa1b0687767102b

SHA512
c88ff6786427a84529d2c4b139084c806a35ac004b21c5fae482400b726257a02c4f751cea18c5c936c2c38da0b44d0b44b3311c7fb2cfb9057248ed5035351f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
cb5d22b0e6981044ce6b2a768434e131

SHA1
d6ea95376f5157c016a6e5f49443f599be2793cd

SHA256
ccf16a023a0729b14cdf5011049e0aa5db1dc77b555291c22ef061770080f213

SHA512
9866f65c0406b4be47535a167430e74c0255bfb72018294dafb51cbde8e81a70a58c065c71f3447f8d6a9747d659080cba6efcf6321f9bbdb8e054f11e7effd1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
371B

MD5
be3ee3d9dff2cfe797c41bccc3431cf9

SHA1
237fee7f68b47354af9e80ea7cc5fa3d1ba18fc2

SHA256
0d93b2856fec28adfd8889c356195358f22ecf9cf7befea26c9aca7413646ac5

SHA512
280c3bc5a8ebb7bb1efe00e71f97c87b8be5dcc679af3ba8a2326730608d287e47ad98133420c6ae751da93ea71566b49750a5f3139e1a95abc92944d2bee81d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
e924eea77fe172190e732345c938400e

SHA1
ebffb1977048c93883348b7bf6abd960e480ca54

SHA256
787226932a5be8feff7fbd03ea551d8ff12ecc30579a969278c08c516154ea31

SHA512
989fa6240e5d8093169aaa07d511774ff849c4eb18f5613da767446a65bcf619cbf69b209ae56465b2eb091e0e151016fc1c4024ce9e6042fd77c2dcbce0b188

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
ef86f54deb37aa3007ab0f039cde2a1b

SHA1
037b84d93377475a46de49f5d2a93ee9d11bfa5d

SHA256
f6c696abb7540429746738de10522cc02e564ec9132a1d28ad5caf8be0009af8

SHA512
b671296f69802d707870c53e4b53bd965d25207d299133b2ef7a7dceeb3bc1d2e481420e40ae3b280271990c62f9f7a65f9f5e224405565828beb0a0eed751d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
7140dae94935fa9b75413c9c545be6b3

SHA1
370afd4d33d89297bf6c1cf26189420a0a844acc

SHA256
2ed189dd19b3fe258cd1dc450375f9e4073ebaa7937c154deabbfe905674ff9d

SHA512
8eb4738dfe3e1b19e247106cf1bea6b5102243501827cf7b23a20154f5181de8fa0230708995490f317f0c3c98632febfb45563b947c6d9fa375740800787dc3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
93a128557d8e1e4ba1d5bb6ff391ef0f

SHA1
7da46da94bac45dedf7bce06dcd8c794ad8df210

SHA256
258dcdeb22e8d4e053306454dfbc933b0c11b78be6c0d6b7603d54388ff98bce

SHA512
9dbc394b363e973be33634ea2e2dd04f11df38683438cc051628c711d56a74f2bba65403db4888bd17cfd8613e2636b7c4c5ac5044be7c94c46fe1101748dfaf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
94eab578d3e0d2a95a9a53e4a3a36cb5

SHA1
434af836808fbecef4e3ae6b7821b9d55de96ce8

SHA256
fd8d3422fcb6a3e20c7edf9fddda17d7b89e7556ac8c29951786f17a2e2736b8

SHA512
a87d72027d2e3ab788a4eb89f6b183ab33016f415454e3b3a0159cdbe85d3e7a8db7adef0c3c7ed5e85f5dea55216eb695d3ce6379aba8e307f90f7b7d82bf8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Filesize
15KB

MD5
4e59938adac30fcf134446deec0b3edb

SHA1
95d485cf201007aeba29b3e327d8a6c595ef1478

SHA256
10ca2db7ecf53cc501adff7cda908b65e3dcb0ca7bca3d533da03636ecf1dd89

SHA512
45299006e674b07cb05dc226fb932ffd4be005e80cd08a3137d12e7e7bea79cd73a3607768edf1855402bc061f654dc555e75f3ba1bcc780ce84f6891fefeb57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
199KB

MD5
011baff9de6339da905bed5effaa8f1e

SHA1
75cfaea0d3a1adf9d731c6413a7883b080652c0f

SHA256
62aad21593e0f1d57ce9f65789d517a149f95ac5060d8e795e935f30c7c6b8bb

SHA512
e8e4cb90cd9c398e100727ebff14b21995c38d30c0c1a3b742a4b1d0ec9c77343feddddcfe9d667ee5816fd72278bcff9d31b782ba47251ea60978f967d2c8b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
199KB

MD5
1c98d343babcf9d859e6555b6c00d896

SHA1
ab10b2d4134ca95af8a6e2afd1de5ba1c7ee4eca

SHA256
8518045629f1c769f6049f098cb69c2d34ac03cfbb02f21c702672823afa18f3

SHA512
d54e0d1851cf1886c6a1c41b154bd3a3af222071e74402c536c34776825e41bf31feb88ccd4d2f5ff13e099513dacc9c0b3fa02279edbd266ac96595ef1e5409

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
113KB

MD5
9ab868d84978f6775281bc738f7ec2c3

SHA1
ad7cf24b821db9bedae4c8ad6e3dd268531a7130

SHA256
3314c039f98a56a14a62afb62e0859306faa7fd27d2fa14f034af4af3f01ead0

SHA512
db58322cf554d4ee8aba91c56e07ba682e847ee9adba86c3797fd43caf69f8ec8ff30015d0d96bda509cc8f6eec73021b68900d59d9cd51693a0ae7ccbaf788a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58589b.TMP
Filesize
96KB

MD5
d19c69c449fd3d29aba65c1ca6a4bbe0

SHA1
4ca04fe1265cff3617d107a20f1288b1420b744e

SHA256
99e473107b8bd95d46a4b4d031f1ca96a913b654afae064d5ae30edc3d6331db

SHA512
0abc346f6600314c1cf79a38f4afaa51e5a3b0d69b32c1d94c1e502979aa0b69b8b57d13a7e91b82661f755f41a10f02dad0c59ca1b257136537208574f6a2e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\GTAG GUI.exe.log
Filesize
1KB

MD5
8c2da65103d6b46d8cf610b118210cf0

SHA1
9db4638340bb74f2af3161cc2c9c0b8b32e6ab65

SHA256
0e48e2efd419951e0eb9a8d942493cfdf5540d1d19ff9dae6f145fb3ebcbeeac

SHA512
3cf5a125276e264cd8478f2b92d3848fb68b96d46eb4a39e650d09df02068c274881a1c314cdfbfdcb452672fb70dd8becf3ffe9562d39919d9c4d6b07fbb614

Download Submit
C:\Users\Admin\Downloads\Debug.zip
Filesize
1.7MB

MD5
e07a7dc013d8a8070eb070bfbf6935be

SHA1
9af9c4a1d9f76ece9a0c87a036c7a89df43ea383

SHA256
c8803057d2b9421f2b4d797b626180a16bfe73661f7545317ebada95a37e0ea3

SHA512
bda17097a39ef5c63228237380783c8c665dc8f2721b34cd7cbb20a71335d5268f1abd960ac26f8c891aa003c7ab0507e2c721d919a2ea5b8ec92007d7a4039e

Download Submit
C:\Users\Admin\Downloads\Debug.zip.crdownload
Filesize
1.7MB

MD5
e07a7dc013d8a8070eb070bfbf6935be

SHA1
9af9c4a1d9f76ece9a0c87a036c7a89df43ea383

SHA256
c8803057d2b9421f2b4d797b626180a16bfe73661f7545317ebada95a37e0ea3

SHA512
bda17097a39ef5c63228237380783c8c665dc8f2721b34cd7cbb20a71335d5268f1abd960ac26f8c891aa003c7ab0507e2c721d919a2ea5b8ec92007d7a4039e

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.Licensing.dll
Filesize
1.2MB

MD5
1a45c5f35d5a5b3bf94f01caae45a641

SHA1
678428c593a7b168803766264e4fe44fab253700

SHA256
3410caef0cb538e883b3e4a2ef8bc26c1aeb7d07206021cf31f3382d5cdecba1

SHA512
3f8b7179cc68fdcb33b474b0c9295ffa13454d4eafd4a769332be21fac4fcbf30e69f1b76bc2fa0a818d972c90001fa4bf9272ef7e333205cdfa5008e035a579

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.Licensing.dll
Filesize
1.2MB

MD5
1a45c5f35d5a5b3bf94f01caae45a641

SHA1
678428c593a7b168803766264e4fe44fab253700

SHA256
3410caef0cb538e883b3e4a2ef8bc26c1aeb7d07206021cf31f3382d5cdecba1

SHA512
3f8b7179cc68fdcb33b474b0c9295ffa13454d4eafd4a769332be21fac4fcbf30e69f1b76bc2fa0a818d972c90001fa4bf9272ef7e333205cdfa5008e035a579

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.Licensing.dll
Filesize
1.2MB

MD5
1a45c5f35d5a5b3bf94f01caae45a641

SHA1
678428c593a7b168803766264e4fe44fab253700

SHA256
3410caef0cb538e883b3e4a2ef8bc26c1aeb7d07206021cf31f3382d5cdecba1

SHA512
3f8b7179cc68fdcb33b474b0c9295ffa13454d4eafd4a769332be21fac4fcbf30e69f1b76bc2fa0a818d972c90001fa4bf9272ef7e333205cdfa5008e035a579

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.Licensing.dll
Filesize
1.2MB

MD5
1a45c5f35d5a5b3bf94f01caae45a641

SHA1
678428c593a7b168803766264e4fe44fab253700

SHA256
3410caef0cb538e883b3e4a2ef8bc26c1aeb7d07206021cf31f3382d5cdecba1

SHA512
3f8b7179cc68fdcb33b474b0c9295ffa13454d4eafd4a769332be21fac4fcbf30e69f1b76bc2fa0a818d972c90001fa4bf9272ef7e333205cdfa5008e035a579

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.Licensing.dll
Filesize
1.2MB

MD5
1a45c5f35d5a5b3bf94f01caae45a641

SHA1
678428c593a7b168803766264e4fe44fab253700

SHA256
3410caef0cb538e883b3e4a2ef8bc26c1aeb7d07206021cf31f3382d5cdecba1

SHA512
3f8b7179cc68fdcb33b474b0c9295ffa13454d4eafd4a769332be21fac4fcbf30e69f1b76bc2fa0a818d972c90001fa4bf9272ef7e333205cdfa5008e035a579

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.Licensing.dll
Filesize
1.2MB

MD5
1a45c5f35d5a5b3bf94f01caae45a641

SHA1
678428c593a7b168803766264e4fe44fab253700

SHA256
3410caef0cb538e883b3e4a2ef8bc26c1aeb7d07206021cf31f3382d5cdecba1

SHA512
3f8b7179cc68fdcb33b474b0c9295ffa13454d4eafd4a769332be21fac4fcbf30e69f1b76bc2fa0a818d972c90001fa4bf9272ef7e333205cdfa5008e035a579

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.Licensing.dll
Filesize
1.2MB

MD5
1a45c5f35d5a5b3bf94f01caae45a641

SHA1
678428c593a7b168803766264e4fe44fab253700

SHA256
3410caef0cb538e883b3e4a2ef8bc26c1aeb7d07206021cf31f3382d5cdecba1

SHA512
3f8b7179cc68fdcb33b474b0c9295ffa13454d4eafd4a769332be21fac4fcbf30e69f1b76bc2fa0a818d972c90001fa4bf9272ef7e333205cdfa5008e035a579

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.1.5.3.dll
Filesize
344KB

MD5
b4280d2898d92ab5c3911f0305d7672f

SHA1
0ef4d6fa24811cea3cb36fccbc45d71e1effb17d

SHA256
e2248459dcc95183d0f0c5f3abd3b0a2b93cd26cf8e130a1f43c8b32c58f4c8f

SHA512
2c719c32144ce2968123dc8e3a6f61f70460e463ba9b3681dc86e124af1343d08e574f7313339ecef4b88f95d2fd9ad56462f0f9e5f9f51ba5de6ba19559af2e

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.1.5.3.dll
Filesize
344KB

MD5
b4280d2898d92ab5c3911f0305d7672f

SHA1
0ef4d6fa24811cea3cb36fccbc45d71e1effb17d

SHA256
e2248459dcc95183d0f0c5f3abd3b0a2b93cd26cf8e130a1f43c8b32c58f4c8f

SHA512
2c719c32144ce2968123dc8e3a6f61f70460e463ba9b3681dc86e124af1343d08e574f7313339ecef4b88f95d2fd9ad56462f0f9e5f9f51ba5de6ba19559af2e

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.1.5.3.dll
Filesize
344KB

MD5
b4280d2898d92ab5c3911f0305d7672f

SHA1
0ef4d6fa24811cea3cb36fccbc45d71e1effb17d

SHA256
e2248459dcc95183d0f0c5f3abd3b0a2b93cd26cf8e130a1f43c8b32c58f4c8f

SHA512
2c719c32144ce2968123dc8e3a6f61f70460e463ba9b3681dc86e124af1343d08e574f7313339ecef4b88f95d2fd9ad56462f0f9e5f9f51ba5de6ba19559af2e

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.1.5.3.dll
Filesize
344KB

MD5
b4280d2898d92ab5c3911f0305d7672f

SHA1
0ef4d6fa24811cea3cb36fccbc45d71e1effb17d

SHA256
e2248459dcc95183d0f0c5f3abd3b0a2b93cd26cf8e130a1f43c8b32c58f4c8f

SHA512
2c719c32144ce2968123dc8e3a6f61f70460e463ba9b3681dc86e124af1343d08e574f7313339ecef4b88f95d2fd9ad56462f0f9e5f9f51ba5de6ba19559af2e

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.1.5.3.dll
Filesize
344KB

MD5
b4280d2898d92ab5c3911f0305d7672f

SHA1
0ef4d6fa24811cea3cb36fccbc45d71e1effb17d

SHA256
e2248459dcc95183d0f0c5f3abd3b0a2b93cd26cf8e130a1f43c8b32c58f4c8f

SHA512
2c719c32144ce2968123dc8e3a6f61f70460e463ba9b3681dc86e124af1343d08e574f7313339ecef4b88f95d2fd9ad56462f0f9e5f9f51ba5de6ba19559af2e

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.1.5.3.dll
Filesize
344KB

MD5
b4280d2898d92ab5c3911f0305d7672f

SHA1
0ef4d6fa24811cea3cb36fccbc45d71e1effb17d

SHA256
e2248459dcc95183d0f0c5f3abd3b0a2b93cd26cf8e130a1f43c8b32c58f4c8f

SHA512
2c719c32144ce2968123dc8e3a6f61f70460e463ba9b3681dc86e124af1343d08e574f7313339ecef4b88f95d2fd9ad56462f0f9e5f9f51ba5de6ba19559af2e

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.1.5.3.dll
Filesize
344KB

MD5
b4280d2898d92ab5c3911f0305d7672f

SHA1
0ef4d6fa24811cea3cb36fccbc45d71e1effb17d

SHA256
e2248459dcc95183d0f0c5f3abd3b0a2b93cd26cf8e130a1f43c8b32c58f4c8f

SHA512
2c719c32144ce2968123dc8e3a6f61f70460e463ba9b3681dc86e124af1343d08e574f7313339ecef4b88f95d2fd9ad56462f0f9e5f9f51ba5de6ba19559af2e

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuButton.dll
Filesize
108KB

MD5
3e60d71b66fb974045fb8dae1baef617

SHA1
7078e2779f8c8d0a594c985ff7ca2e65cabaed6b

SHA256
ca17918d71b6375a30990979e8f025aaef2764e06a908210be0b665dfbf7f8d0

SHA512
fc991a823c39ec6fffdea6193dc3f687af907e36768dc09a733d95d3bb575e8d7ead2b434e94be35fff7bb625a71f3de499c186897f15fa489ebd9d8b65f0327

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuButton.dll
Filesize
108KB

MD5
3e60d71b66fb974045fb8dae1baef617

SHA1
7078e2779f8c8d0a594c985ff7ca2e65cabaed6b

SHA256
ca17918d71b6375a30990979e8f025aaef2764e06a908210be0b665dfbf7f8d0

SHA512
fc991a823c39ec6fffdea6193dc3f687af907e36768dc09a733d95d3bb575e8d7ead2b434e94be35fff7bb625a71f3de499c186897f15fa489ebd9d8b65f0327

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuButton.dll
Filesize
108KB

MD5
3e60d71b66fb974045fb8dae1baef617

SHA1
7078e2779f8c8d0a594c985ff7ca2e65cabaed6b

SHA256
ca17918d71b6375a30990979e8f025aaef2764e06a908210be0b665dfbf7f8d0

SHA512
fc991a823c39ec6fffdea6193dc3f687af907e36768dc09a733d95d3bb575e8d7ead2b434e94be35fff7bb625a71f3de499c186897f15fa489ebd9d8b65f0327

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuButton.dll
Filesize
108KB

MD5
3e60d71b66fb974045fb8dae1baef617

SHA1
7078e2779f8c8d0a594c985ff7ca2e65cabaed6b

SHA256
ca17918d71b6375a30990979e8f025aaef2764e06a908210be0b665dfbf7f8d0

SHA512
fc991a823c39ec6fffdea6193dc3f687af907e36768dc09a733d95d3bb575e8d7ead2b434e94be35fff7bb625a71f3de499c186897f15fa489ebd9d8b65f0327

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuButton.dll
Filesize
108KB

MD5
3e60d71b66fb974045fb8dae1baef617

SHA1
7078e2779f8c8d0a594c985ff7ca2e65cabaed6b

SHA256
ca17918d71b6375a30990979e8f025aaef2764e06a908210be0b665dfbf7f8d0

SHA512
fc991a823c39ec6fffdea6193dc3f687af907e36768dc09a733d95d3bb575e8d7ead2b434e94be35fff7bb625a71f3de499c186897f15fa489ebd9d8b65f0327

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuButton.dll
Filesize
108KB

MD5
3e60d71b66fb974045fb8dae1baef617

SHA1
7078e2779f8c8d0a594c985ff7ca2e65cabaed6b

SHA256
ca17918d71b6375a30990979e8f025aaef2764e06a908210be0b665dfbf7f8d0

SHA512
fc991a823c39ec6fffdea6193dc3f687af907e36768dc09a733d95d3bb575e8d7ead2b434e94be35fff7bb625a71f3de499c186897f15fa489ebd9d8b65f0327

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuButton.dll
Filesize
108KB

MD5
3e60d71b66fb974045fb8dae1baef617

SHA1
7078e2779f8c8d0a594c985ff7ca2e65cabaed6b

SHA256
ca17918d71b6375a30990979e8f025aaef2764e06a908210be0b665dfbf7f8d0

SHA512
fc991a823c39ec6fffdea6193dc3f687af907e36768dc09a733d95d3bb575e8d7ead2b434e94be35fff7bb625a71f3de499c186897f15fa489ebd9d8b65f0327

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuLabel.dll
Filesize
421KB

MD5
e65106de1d954a8ba99dba7fdc3757ab

SHA1
459c0bab697f3ac7b444464d3dffaf87adf0b9a8

SHA256
2c8f73e8f50125bb05f3951bd84de284e99f723102de08aa612e2abd77d170ab

SHA512
f8b643b4a5af93c9d8fdf8011e44592fcddf7b1a09335426222ebe5299cffb30015b8c5aff7c33b4897b33005a6c4d6b6123cc5add4a7c21d81acd53e8069e93

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuLabel.dll
Filesize
421KB

MD5
e65106de1d954a8ba99dba7fdc3757ab

SHA1
459c0bab697f3ac7b444464d3dffaf87adf0b9a8

SHA256
2c8f73e8f50125bb05f3951bd84de284e99f723102de08aa612e2abd77d170ab

SHA512
f8b643b4a5af93c9d8fdf8011e44592fcddf7b1a09335426222ebe5299cffb30015b8c5aff7c33b4897b33005a6c4d6b6123cc5add4a7c21d81acd53e8069e93

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuLabel.dll
Filesize
421KB

MD5
e65106de1d954a8ba99dba7fdc3757ab

SHA1
459c0bab697f3ac7b444464d3dffaf87adf0b9a8

SHA256
2c8f73e8f50125bb05f3951bd84de284e99f723102de08aa612e2abd77d170ab

SHA512
f8b643b4a5af93c9d8fdf8011e44592fcddf7b1a09335426222ebe5299cffb30015b8c5aff7c33b4897b33005a6c4d6b6123cc5add4a7c21d81acd53e8069e93

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuLabel.dll
Filesize
421KB

MD5
e65106de1d954a8ba99dba7fdc3757ab

SHA1
459c0bab697f3ac7b444464d3dffaf87adf0b9a8

SHA256
2c8f73e8f50125bb05f3951bd84de284e99f723102de08aa612e2abd77d170ab

SHA512
f8b643b4a5af93c9d8fdf8011e44592fcddf7b1a09335426222ebe5299cffb30015b8c5aff7c33b4897b33005a6c4d6b6123cc5add4a7c21d81acd53e8069e93

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuLabel.dll
Filesize
421KB

MD5
e65106de1d954a8ba99dba7fdc3757ab

SHA1
459c0bab697f3ac7b444464d3dffaf87adf0b9a8

SHA256
2c8f73e8f50125bb05f3951bd84de284e99f723102de08aa612e2abd77d170ab

SHA512
f8b643b4a5af93c9d8fdf8011e44592fcddf7b1a09335426222ebe5299cffb30015b8c5aff7c33b4897b33005a6c4d6b6123cc5add4a7c21d81acd53e8069e93

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuLabel.dll
Filesize
421KB

MD5
e65106de1d954a8ba99dba7fdc3757ab

SHA1
459c0bab697f3ac7b444464d3dffaf87adf0b9a8

SHA256
2c8f73e8f50125bb05f3951bd84de284e99f723102de08aa612e2abd77d170ab

SHA512
f8b643b4a5af93c9d8fdf8011e44592fcddf7b1a09335426222ebe5299cffb30015b8c5aff7c33b4897b33005a6c4d6b6123cc5add4a7c21d81acd53e8069e93

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuLabel.dll
Filesize
421KB

MD5
e65106de1d954a8ba99dba7fdc3757ab

SHA1
459c0bab697f3ac7b444464d3dffaf87adf0b9a8

SHA256
2c8f73e8f50125bb05f3951bd84de284e99f723102de08aa612e2abd77d170ab

SHA512
f8b643b4a5af93c9d8fdf8011e44592fcddf7b1a09335426222ebe5299cffb30015b8c5aff7c33b4897b33005a6c4d6b6123cc5add4a7c21d81acd53e8069e93

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuTextBox.dll
Filesize
113KB

MD5
7571e9840eb07d2e31a88f650fc63350

SHA1
590898ae191816dc1249bbcabd839b493b1870b7

SHA256
8d7c6fe2b9b5793c7ab885885bace64f1ee8deaeba4d431a8b697266b63ba19a

SHA512
c0a9ccdc9401cbcb68126837666839209957c8009e9271f6f1f9e195b67e67a7b3b1b86cb977244081bbec85f1d3f06182ce36e72b9425d9849e95ee0b036b36

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuTextbox.dll
Filesize
113KB

MD5
7571e9840eb07d2e31a88f650fc63350

SHA1
590898ae191816dc1249bbcabd839b493b1870b7

SHA256
8d7c6fe2b9b5793c7ab885885bace64f1ee8deaeba4d431a8b697266b63ba19a

SHA512
c0a9ccdc9401cbcb68126837666839209957c8009e9271f6f1f9e195b67e67a7b3b1b86cb977244081bbec85f1d3f06182ce36e72b9425d9849e95ee0b036b36

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuTextbox.dll
Filesize
113KB

MD5
7571e9840eb07d2e31a88f650fc63350

SHA1
590898ae191816dc1249bbcabd839b493b1870b7

SHA256
8d7c6fe2b9b5793c7ab885885bace64f1ee8deaeba4d431a8b697266b63ba19a

SHA512
c0a9ccdc9401cbcb68126837666839209957c8009e9271f6f1f9e195b67e67a7b3b1b86cb977244081bbec85f1d3f06182ce36e72b9425d9849e95ee0b036b36

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuTextbox.dll
Filesize
113KB

MD5
7571e9840eb07d2e31a88f650fc63350

SHA1
590898ae191816dc1249bbcabd839b493b1870b7

SHA256
8d7c6fe2b9b5793c7ab885885bace64f1ee8deaeba4d431a8b697266b63ba19a

SHA512
c0a9ccdc9401cbcb68126837666839209957c8009e9271f6f1f9e195b67e67a7b3b1b86cb977244081bbec85f1d3f06182ce36e72b9425d9849e95ee0b036b36

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuTextbox.dll
Filesize
113KB

MD5
7571e9840eb07d2e31a88f650fc63350

SHA1
590898ae191816dc1249bbcabd839b493b1870b7

SHA256
8d7c6fe2b9b5793c7ab885885bace64f1ee8deaeba4d431a8b697266b63ba19a

SHA512
c0a9ccdc9401cbcb68126837666839209957c8009e9271f6f1f9e195b67e67a7b3b1b86cb977244081bbec85f1d3f06182ce36e72b9425d9849e95ee0b036b36

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuTextbox.dll
Filesize
113KB

MD5
7571e9840eb07d2e31a88f650fc63350

SHA1
590898ae191816dc1249bbcabd839b493b1870b7

SHA256
8d7c6fe2b9b5793c7ab885885bace64f1ee8deaeba4d431a8b697266b63ba19a

SHA512
c0a9ccdc9401cbcb68126837666839209957c8009e9271f6f1f9e195b67e67a7b3b1b86cb977244081bbec85f1d3f06182ce36e72b9425d9849e95ee0b036b36

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\Bunifu.UI.WinForms.BunifuTextbox.dll
Filesize
113KB

MD5
7571e9840eb07d2e31a88f650fc63350

SHA1
590898ae191816dc1249bbcabd839b493b1870b7

SHA256
8d7c6fe2b9b5793c7ab885885bace64f1ee8deaeba4d431a8b697266b63ba19a

SHA512
c0a9ccdc9401cbcb68126837666839209957c8009e9271f6f1f9e195b67e67a7b3b1b86cb977244081bbec85f1d3f06182ce36e72b9425d9849e95ee0b036b36

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\GTAG GUI.exe
Filesize
60KB

MD5
45e704327dc60ee44308d852f2559d2a

SHA1
9514b3ad4e4ac2ffaaf1a53bd365e183b12d42ed

SHA256
0c071497334f0ece1f7217f0572b13c78ae1a37f466993ddea8f48e99826606d

SHA512
71a74ec690e32543a1cfb002d5fc12802b38afe241b3e5a17ffe2b8943387fc0bb6f4a8b6a0714c475963faf91a8511d912f8c7622c7f03664c095d6428da5d5

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\GTAG GUI.exe
Filesize
60KB

MD5
45e704327dc60ee44308d852f2559d2a

SHA1
9514b3ad4e4ac2ffaaf1a53bd365e183b12d42ed

SHA256
0c071497334f0ece1f7217f0572b13c78ae1a37f466993ddea8f48e99826606d

SHA512
71a74ec690e32543a1cfb002d5fc12802b38afe241b3e5a17ffe2b8943387fc0bb6f4a8b6a0714c475963faf91a8511d912f8c7622c7f03664c095d6428da5d5

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\GTAG GUI.exe
Filesize
60KB

MD5
45e704327dc60ee44308d852f2559d2a

SHA1
9514b3ad4e4ac2ffaaf1a53bd365e183b12d42ed

SHA256
0c071497334f0ece1f7217f0572b13c78ae1a37f466993ddea8f48e99826606d

SHA512
71a74ec690e32543a1cfb002d5fc12802b38afe241b3e5a17ffe2b8943387fc0bb6f4a8b6a0714c475963faf91a8511d912f8c7622c7f03664c095d6428da5d5

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\GTAG GUI.exe
Filesize
60KB

MD5
45e704327dc60ee44308d852f2559d2a

SHA1
9514b3ad4e4ac2ffaaf1a53bd365e183b12d42ed

SHA256
0c071497334f0ece1f7217f0572b13c78ae1a37f466993ddea8f48e99826606d

SHA512
71a74ec690e32543a1cfb002d5fc12802b38afe241b3e5a17ffe2b8943387fc0bb6f4a8b6a0714c475963faf91a8511d912f8c7622c7f03664c095d6428da5d5

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\GTAG GUI.exe
Filesize
60KB

MD5
45e704327dc60ee44308d852f2559d2a

SHA1
9514b3ad4e4ac2ffaaf1a53bd365e183b12d42ed

SHA256
0c071497334f0ece1f7217f0572b13c78ae1a37f466993ddea8f48e99826606d

SHA512
71a74ec690e32543a1cfb002d5fc12802b38afe241b3e5a17ffe2b8943387fc0bb6f4a8b6a0714c475963faf91a8511d912f8c7622c7f03664c095d6428da5d5

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\GTAG GUI.exe.config
Filesize
189B

MD5
9dbad5517b46f41dbb0d8780b20ab87e

SHA1
ef6aef0b1ea5d01b6e088a8bf2f429773c04ba5e

SHA256
47e5a0f101af4151d7f13d2d6bfa9b847d5b5e4a98d1f4674b7c015772746cdf

SHA512
43825f5c26c54e1fc5bffcce30caad1449a28c0c9a9432e9ce17d255f8bf6057c1a1002d9471e5b654ab1de08fb6eabf96302cdb3e0fb4b63ba0ff186e903be8

Download Submit
C:\Users\Admin\Downloads\Debug\Debug\GTAG GUI.pdb
Filesize
67KB

MD5
d3b3ccdf0430d0ff5ff383eacabc2d26

SHA1
a9439366b7e8645f7f96410b0fb52a87a140501e

SHA256
4a266585a669a991e6aef339da4bb71ca3e312a027d9a235a5616ea49cbee6de

SHA512
c6f3657e993b060b46bc1ce9c1f80e7ca87695729e977e19244b508eb1b3e87b7a9dce8d63dce8255bbb5f4207809be288fbd3391e7ca07dd579f613cd30780c

Download Submit
\??\pipe\crashpad_3664_SOHDNXKRKRSVOPCC
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
memory/696-392-0x00000000058E0000-0x0000000005900000-memory.dmp

Filesize
128KB

Download
memory/696-391-0x0000000005420000-0x0000000005430000-memory.dmp

Filesize
64KB

Download
memory/696-420-0x0000000005420000-0x0000000005430000-memory.dmp

Filesize
64KB

Download
memory/696-387-0x0000000005600000-0x0000000005620000-memory.dmp

Filesize
128KB

Download
memory/696-417-0x0000000005420000-0x0000000005430000-memory.dmp

Filesize
64KB

Download
memory/696-405-0x0000000005420000-0x0000000005430000-memory.dmp

Filesize
64KB

Download
memory/696-404-0x0000000006290000-0x00000000063D2000-memory.dmp

Filesize
1.3MB

Download
memory/696-396-0x0000000006080000-0x00000000060EE000-memory.dmp

Filesize
440KB

Download
memory/696-400-0x0000000006010000-0x000000000606A000-memory.dmp

Filesize
360KB

Download
memory/1720-418-0x00000000056B0000-0x00000000056C0000-memory.dmp

Filesize
64KB

Download
memory/1720-419-0x00000000056B0000-0x00000000056C0000-memory.dmp

Filesize
64KB

Download
memory/1720-430-0x00000000056B0000-0x00000000056C0000-memory.dmp

Filesize
64KB

Download
memory/3672-448-0x0000000005300000-0x0000000005310000-memory.dmp

Filesize
64KB

Download
memory/3672-461-0x0000000005300000-0x0000000005310000-memory.dmp

Filesize
64KB

Download
memory/3672-449-0x0000000005300000-0x0000000005310000-memory.dmp

Filesize
64KB

Download
memory/3672-450-0x0000000005300000-0x0000000005310000-memory.dmp

Filesize
64KB

Download
memory/4140-134-0x0000000004E60000-0x0000000005404000-memory.dmp

Filesize
5.6MB

Download
memory/4140-133-0x00000000000B0000-0x00000000000C6000-memory.dmp

Filesize
88KB

Download
memory/4140-135-0x0000000004950000-0x00000000049E2000-memory.dmp

Filesize
584KB

Download
memory/4140-137-0x0000000004AF0000-0x0000000004AFA000-memory.dmp

Filesize
40KB

Download
memory/4140-136-0x0000000004BB0000-0x0000000004BC0000-memory.dmp

Filesize
64KB

Download
memory/4220-466-0x0000000005AD0000-0x0000000005AE0000-memory.dmp

Filesize
64KB

Download
memory/4220-465-0x0000000005AD0000-0x0000000005AE0000-memory.dmp

Filesize
64KB

Download
memory/4220-467-0x0000000005AD0000-0x0000000005AE0000-memory.dmp

Filesize
64KB

Download
memory/4220-468-0x0000000005AD0000-0x0000000005AE0000-memory.dmp

Filesize
64KB

Download
memory/4220-478-0x0000000005AD0000-0x0000000005AE0000-memory.dmp

Filesize
64KB

Download
memory/4220-479-0x0000000005AD0000-0x0000000005AE0000-memory.dmp

Filesize
64KB

Download