Overview

overview

8

Static

static

1

URLScan

urlscan

1

https://mx-app-blob-...

windows10-2004-x64

8

Analysis

  • max time kernel
    227s
  • max time network
    224s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/04/2023, 19:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://mx-app-blob-prod.maxon.net/mx-package-production/website/windows/maxon/maxonapp/releases/2023.2.1/Maxon_App_2023.2.1_Win.exe

Score
8/10
discoveryevasionpersistencetrojan

Malware Config

Signatures

  • Creates new service(s) 1 TTPs
    persistence
  • Downloads MZ/PE file
  • Sets file execution options in registry 2 TTPs 2 IoCs
    persistence
  • Stops running service(s) 3 TTPs
    evasion
  • Checks computer location settings 2 TTPs 6 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 29 IoCs
  • Loads dropped DLL 48 IoCs
  • Modifies file permissions 1 TTPs 4 IoCs
    discovery
  • Registers COM server for autorun 1 TTPs 35 IoCs
    persistence
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Checks system information in the registry 2 TTPs 8 IoCs

    System information is often read in order to detect sandboxing environments.

  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 1 IoCs
  • Launches sc.exe 12 IoCs

    Sc.exe is a Windows utlilty to control services on the system.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Delays execution with timeout.exe 11 IoCs
    evasion
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Kills process with taskkill 1 IoCs
    evasion
  • Modifies Internet Explorer Phishing Filter 1 TTPs 2 IoCs
  • Modifies Internet Explorer settings 1 TTPs 30 IoCs
    adwarespyware
  • Modifies data under HKEY_USERS 47 IoCs
  • Modifies registry class 64 IoCs
  • Suspicious behavior: EnumeratesProcesses 20 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 4 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • System policy modification 1 TTPs 1 IoCs
    evasion
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

    persistence
  • Uses Volume Shadow Copy WMI provider

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware
  • Uses Volume Shadow Copy service COM API

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://mx-app-blob-prod.maxon.net/mx-package-production/website/windows/maxon/maxonapp/releases/2023.2.1/Maxon_App_2023.2.1_Win.exe
    1⤵
    • Modifies Internet Explorer Phishing Filter
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2560
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2560 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4948
    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\Maxon_App_2023.2.1_Win.exe
      "C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\Maxon_App_2023.2.1_Win.exe"
      2⤵
      • Checks computer location settings
      • Executes dropped EXE
      • Suspicious use of WriteProcessMemory
      PID:404
      • C:\Users\Admin\AppData\Local\Temp\7zS491B4B96\Maxon App Installer.exe
        "C:\Users\Admin\AppData\Local\Temp\7zS491B4B96\Maxon App Installer.exe"
        3⤵
        • Executes dropped EXE
        • Drops file in Program Files directory
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:2332
        • C:\Windows\system32\cmd.exe
          C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\tmpfbe421a4-8e19-4df4-8194-bda17b58789d\postflight\fuse-windows-postflight.bat""
          4⤵
          • Suspicious use of WriteProcessMemory
          PID:2552
          • C:\Windows\system32\icacls.exe
            icacls "C:\ProgramData\Red Giant" /t /grant *S-1-1-0:(OI)(CI)F
            5⤵
            • Modifies file permissions
            PID:4584
          • C:\Windows\system32\icacls.exe
            icacls "C:\ProgramData\Maxon" /t /grant *S-1-1-0:(OI)(CI)F
            5⤵
            • Modifies file permissions
            PID:4468
          • C:\Windows\system32\sc.exe
            "C:\Windows\system32\sc.exe" stop "Red Giant Service"
            5⤵
            • Launches sc.exe
            PID:1816
          • C:\Windows\system32\timeout.exe
            timeout /T 5 /NOBREAK
            5⤵
            • Delays execution with timeout.exe
            PID:1352
          • C:\Windows\system32\sc.exe
            "C:\Windows\system32\sc.exe" delete "Red Giant Service"
            5⤵
            • Launches sc.exe
            PID:1636
          • C:\Windows\system32\timeout.exe
            timeout /T 5 /NOBREAK
            5⤵
            • Delays execution with timeout.exe
            PID:4124
          • C:\Windows\system32\sc.exe
            "C:\Windows\system32\sc.exe" create "Red Giant Service" binpath= "\"C:\Program Files\Red Giant\Services\Red Giant Service.exe\"" start= auto obj= "NT AUTHORITY\Localservice"
            5⤵
            • Launches sc.exe
            PID:5108
          • C:\Windows\system32\timeout.exe
            timeout /T 5 /NOBREAK
            5⤵
            • Delays execution with timeout.exe
            PID:3740
          • C:\Windows\system32\sc.exe
            "C:\Windows\system32\sc.exe" description "Red Giant Service" "Provides common services to Maxon products."
            5⤵
            • Launches sc.exe
            PID:3916
          • C:\Windows\system32\timeout.exe
            timeout /T 5 /NOBREAK
            5⤵
            • Delays execution with timeout.exe
            PID:2580
          • C:\Windows\system32\timeout.exe
            timeout /T 5 /NOBREAK
            5⤵
            • Delays execution with timeout.exe
            PID:3672
          • C:\Windows\system32\sc.exe
            "C:\Windows\system32\sc.exe" failure "Red Giant Service" reset= 0 actions= restart/60000
            5⤵
            • Launches sc.exe
            PID:2172
          • C:\Windows\system32\sc.exe
            "C:\Windows\system32\sc.exe" start "Red Giant Service"
            5⤵
            • Launches sc.exe
            PID:3148
          • C:\Windows\system32\timeout.exe
            timeout /T 10 /NOBREAK
            5⤵
            • Delays execution with timeout.exe
            PID:828
        • C:\Windows\system32\cmd.exe
          C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\tmpfbe421a4-8e19-4df4-8194-bda17b58789d\preflight\fuse-windows-setup-preflight.bat""
          4⤵
          • Suspicious use of WriteProcessMemory
          PID:3912
          • C:\Windows\system32\icacls.exe
            icacls "C:\ProgramData\Maxon" /t /grant *S-1-1-0:(OI)(CI)F
            5⤵
            • Modifies file permissions
            PID:4144
        • C:\Windows\system32\cmd.exe
          C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\tmpa2523161-b367-402a-ad6a-6418d06dfa77\postflight\vcredist-postflight.bat""
          4⤵
          • Suspicious use of WriteProcessMemory
          PID:4124
          • C:\Users\Admin\AppData\Local\Temp\tmpa2523161-b367-402a-ad6a-6418d06dfa77\files\VC_redist.x64.19.exe
            "C:\Users\Admin\AppData\Local\Temp\tmpa2523161-b367-402a-ad6a-6418d06dfa77\postflight\..\files\VC_redist.x64.19.exe" /quiet /norestart
            5⤵
            • Executes dropped EXE
            • Suspicious use of WriteProcessMemory
            PID:3288
            • C:\Windows\Temp\{10B83370-DC60-4D82-9168-21C977C4A2CF}\.cr\VC_redist.x64.19.exe
              "C:\Windows\Temp\{10B83370-DC60-4D82-9168-21C977C4A2CF}\.cr\VC_redist.x64.19.exe" -burn.clean.room="C:\Users\Admin\AppData\Local\Temp\tmpa2523161-b367-402a-ad6a-6418d06dfa77\files\VC_redist.x64.19.exe" -burn.filehandle.attached=544 -burn.filehandle.self=552 /quiet /norestart
              6⤵
              • Executes dropped EXE
              • Loads dropped DLL
              PID:3916
        • C:\Windows\system32\cmd.exe
          C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\tmp9339157e-d2a3-4a99-8c7d-d93c59b2b9ab\postflight\mxnotify-windows-postflight.bat""
          4⤵
          • Suspicious use of WriteProcessMemory
          PID:2128
          • C:\Windows\system32\taskkill.exe
            taskkill /F /IM MxNotify.exe
            5⤵
            • Kills process with taskkill
            • Suspicious use of AdjustPrivilegeToken
            PID:1240
          • C:\Windows\explorer.exe
            explorer.exe "C:\Program Files\Maxon\Tools\MxNotify.exe"
            5⤵
              PID:1952
          • C:\Windows\system32\cmd.exe
            C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\tmpcc7b5614-81d3-461e-953d-e144c1e090fb\postflight\mxredirect-windows-postflight.bat""
            4⤵
            • Suspicious use of WriteProcessMemory
            PID:2016
            • C:\Windows\system32\icacls.exe
              icacls "C:\ProgramData\Maxon" /t /grant *S-1-1-0:(OI)(CI)F
              5⤵
              • Modifies file permissions
              PID:1016
            • C:\Windows\system32\sc.exe
              "C:\Windows\system32\sc.exe" stop "mxredirect"
              5⤵
              • Launches sc.exe
              PID:1620
            • C:\Windows\system32\timeout.exe
              timeout /T 2 /NOBREAK
              5⤵
              • Delays execution with timeout.exe
              PID:3792
            • C:\Windows\system32\sc.exe
              "C:\Windows\system32\sc.exe" delete "mxredirect"
              5⤵
              • Launches sc.exe
              PID:556
            • C:\Windows\system32\timeout.exe
              timeout /T 2 /NOBREAK
              5⤵
              • Delays execution with timeout.exe
              PID:3752
            • C:\Windows\system32\sc.exe
              "C:\Windows\system32\sc.exe" create "mxredirect" binpath= "C:\Program Files\Maxon\Tools\mxredirect.exe" start= auto
              5⤵
              • Launches sc.exe
              PID:3084
            • C:\Windows\system32\timeout.exe
              timeout /T 2 /NOBREAK
              5⤵
              • Delays execution with timeout.exe
              PID:4716
            • C:\Windows\system32\sc.exe
              "C:\Windows\system32\sc.exe" description "mxredirect" "Manages scheme ownership for Maxon products."
              5⤵
              • Launches sc.exe
              PID:4244
            • C:\Windows\system32\timeout.exe
              timeout /T 2 /NOBREAK
              5⤵
              • Delays execution with timeout.exe
              PID:4728
            • C:\Windows\system32\sc.exe
              "C:\Windows\system32\sc.exe" failure "mxredirect" reset= 0 actions= restart/60000
              5⤵
              • Launches sc.exe
              PID:4240
            • C:\Windows\system32\timeout.exe
              timeout /T 2 /NOBREAK
              5⤵
              • Delays execution with timeout.exe
              PID:3892
            • C:\Windows\system32\sc.exe
              "C:\Windows\system32\sc.exe" start "mxredirect"
              5⤵
              • Launches sc.exe
              PID:3748
          • C:\Windows\system32\cmd.exe
            C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\tmp0c273d42-6433-4fd4-8511-5be979de922c\bin\install-mswebview.bat""
            4⤵
              PID:2392
              • C:\Program Files\Maxon\Tools\MicrosoftEdgeWebview2Setup.exe
                "C:\Program Files\Maxon\Tools\MicrosoftEdgeWebview2Setup.exe" /install
                5⤵
                • Executes dropped EXE
                • Drops file in Program Files directory
                PID:4668
                • C:\Program Files (x86)\Microsoft\Temp\EUF2E.tmp\MicrosoftEdgeUpdate.exe
                  "C:\Program Files (x86)\Microsoft\Temp\EUF2E.tmp\MicrosoftEdgeUpdate.exe" /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=true"
                  6⤵
                  • Sets file execution options in registry
                  • Checks computer location settings
                  • Executes dropped EXE
                  • Loads dropped DLL
                  • Checks system information in the registry
                  • Suspicious behavior: EnumeratesProcesses
                  • Suspicious use of AdjustPrivilegeToken
                  PID:4980
                  • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                    "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
                    7⤵
                    • Executes dropped EXE
                    • Loads dropped DLL
                    • Modifies registry class
                    PID:2872
                  • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                    "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
                    7⤵
                    • Executes dropped EXE
                    • Loads dropped DLL
                    • Modifies registry class
                    PID:2056
                    • C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.145.49\MicrosoftEdgeUpdateComRegisterShell64.exe
                      "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.145.49\MicrosoftEdgeUpdateComRegisterShell64.exe"
                      8⤵
                      • Executes dropped EXE
                      • Loads dropped DLL
                      • Registers COM server for autorun
                      • Modifies registry class
                      PID:1620
                    • C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.145.49\MicrosoftEdgeUpdateComRegisterShell64.exe
                      "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.145.49\MicrosoftEdgeUpdateComRegisterShell64.exe"
                      8⤵
                      • Executes dropped EXE
                      • Loads dropped DLL
                      • Registers COM server for autorun
                      • Modifies registry class
                      PID:388
                    • C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.145.49\MicrosoftEdgeUpdateComRegisterShell64.exe
                      "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.145.49\MicrosoftEdgeUpdateComRegisterShell64.exe"
                      8⤵
                      • Executes dropped EXE
                      • Loads dropped DLL
                      • Registers COM server for autorun
                      • Modifies registry class
                      PID:1540
                  • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                    "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNDUuNDkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNDUuNDkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7M0ExOTFBOUQtQjRDQy00Q0VELTk5MDUtQjdDMEM3MTlGNTgwfSIgdXNlcmlkPSJ7MkIwMjlDODYtM0Y4MC00QjJDLUI2MzEtRjI3MjUwNDI4NThCfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins5NjIxODcwQy0xNTAwLTQ3OTEtOEQyMC1ENTA2QzdDOUQ2OTF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iNCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IkRBRFkiIHByb2R1Y3RfbmFtZT0iU3RhbmRhcmQgUEMgKFEzNSArIElDSDksIDIwMDkpIi8-PGV4cCBldGFnPSImcXVvdDtxV0pTeld3UGZkY0xSK1hHSXY2eHJaZmlZT3hoUFUyczFOV21qV2NhRlBnPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTczLjQ1IiBuZXh0dmVyc2lvbj0iMS4zLjE0NS40OSIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgaW5zdGFsbF90aW1lX21zPSIxMDQ2Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
                    7⤵
                    • Executes dropped EXE
                    • Loads dropped DLL
                    • Checks system information in the registry
                    PID:3896
                  • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                    "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=true" /installsource otherinstallcmd /sessionid "{3A191A9D-B4CC-4CED-9905-B7C0C719F580}"
                    7⤵
                    • Executes dropped EXE
                    • Loads dropped DLL
                    PID:2408
            • C:\Windows\explorer.exe
              explorer.exe "C:\Program Files\Maxon\App Manager\Maxon.exe"
              4⤵
                PID:4184
        • C:\Program Files\Red Giant\Services\Red Giant Service.exe
          "C:\Program Files\Red Giant\Services\Red Giant Service.exe"
          1⤵
          • Executes dropped EXE
          • Drops file in Windows directory
          PID:2036
        • C:\Windows\explorer.exe
          C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
          1⤵
          • Suspicious use of WriteProcessMemory
          PID:2200
          • C:\Program Files\Maxon\Tools\MxNotify.exe
            "C:\Program Files\Maxon\Tools\MxNotify.exe"
            2⤵
            • Executes dropped EXE
            • Registers COM server for autorun
            PID:4012
        • C:\Program Files\Maxon\Tools\mxredirect.exe
          "C:\Program Files\Maxon\Tools\mxredirect.exe"
          1⤵
          • Executes dropped EXE
          • Suspicious behavior: EnumeratesProcesses
          PID:2040
        • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
          "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
          1⤵
          • Executes dropped EXE
          • Loads dropped DLL
          • Checks system information in the registry
          • Modifies data under HKEY_USERS
          PID:972
          • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{447267A9-4418-447B-84F8-8C222289E8D2}\MicrosoftEdge_X64_112.0.1722.39.exe
            "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{447267A9-4418-447B-84F8-8C222289E8D2}\MicrosoftEdge_X64_112.0.1722.39.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
            2⤵
            • Executes dropped EXE
            • Drops file in Program Files directory
            PID:3872
            • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{447267A9-4418-447B-84F8-8C222289E8D2}\EDGEMITMP_8E266.tmp\setup.exe
              "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{447267A9-4418-447B-84F8-8C222289E8D2}\EDGEMITMP_8E266.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{447267A9-4418-447B-84F8-8C222289E8D2}\MicrosoftEdge_X64_112.0.1722.39.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
              3⤵
              • Executes dropped EXE
              • Adds Run key to start application
              • Drops file in Program Files directory
              PID:4824
          • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
            "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNDUuNDkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNDUuNDkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7M0ExOTFBOUQtQjRDQy00Q0VELTk5MDUtQjdDMEM3MTlGNTgwfSIgdXNlcmlkPSJ7MkIwMjlDODYtM0Y4MC00QjJDLUI2MzEtRjI3MjUwNDI4NThCfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins2N0FBMzBFNC1CQTlELTQzNkMtOThGMy1FRkMzODkxQ0Q4RDh9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iNCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IkRBRFkiIHByb2R1Y3RfbmFtZT0iU3RhbmRhcmQgUEMgKFEzNSArIElDSDksIDIwMDkpIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxMTIuMC4xNzIyLjM5IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc291cmNlX3VybF9pbmRleD0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmYudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvYTliZWViZGEtY2U2MS00NzY1LTk3ZTMtM2UyOTllYTMxYTViP1AxPTE2ODIwMTg0NTEmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9QUFQWTBiOFRkZFVpdHlZWjAlMmZCTyUyZjRFRVJMc00wdHNuRGFFSFBwa0tEZGhkQ2NzRmR3VmJWcjBjZyUyYjMlMmJxSzQ4M2glMmJxYjA1aTJsdmxBdTFRMnEyNU1nJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBkb3dubG9hZGVkPSIxNDI3OTk3OTIiIHRvdGFsPSIxNDI3OTk3OTIiIGRvd25sb2FkX3RpbWVfbXM9IjE1MjAzIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc291cmNlX3VybF9pbmRleD0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSI5NjkiIGRvd25sb2FkX3RpbWVfbXM9IjIzMTg4IiBkb3dubG9hZGVkPSIxNDI3OTk3OTIiIHRvdGFsPSIxNDI3OTk3OTIiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjcyNDU0Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
            2⤵
            • Executes dropped EXE
            • Loads dropped DLL
            • Checks system information in the registry
            • Suspicious behavior: EnumeratesProcesses
            • Suspicious use of AdjustPrivilegeToken
            PID:1352
        • C:\Windows\explorer.exe
          C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
          1⤵
            PID:2556
            • C:\Program Files\Maxon\App Manager\Maxon.exe
              "C:\Program Files\Maxon\App Manager\Maxon.exe"
              2⤵
              • Executes dropped EXE
              • Loads dropped DLL
              • Checks whether UAC is enabled
              PID:2892
              • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.39\msedgewebview2.exe
                "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.39\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=Maxon.exe --webview-exe-version=2023.2.1.0 --user-data-dir="C:\Users\Admin\AppData\Local\MaxonApp\UserData\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --disable-features=MojoIpcz --mojo-named-platform-channel-pipe=2892.2940.562255054815052822
                3⤵
                • Checks computer location settings
                • Executes dropped EXE
                • Loads dropped DLL
                • Enumerates system info in registry
                • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                • Suspicious use of FindShellTrayWindow
                • System policy modification
                PID:4132
                • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.39\msedgewebview2.exe
                  "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.39\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\MaxonApp\UserData\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\MaxonApp\UserData\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=112.0.5615.49 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.39\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=112.0.1722.39 --initial-client-data=0x124,0x128,0x12c,0x100,0xd8,0x7fffe49135f0,0x7fffe4913600,0x7fffe4913610
                  4⤵
                  • Executes dropped EXE
                  • Loads dropped DLL
                  PID:856
                • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.39\msedgewebview2.exe
                  "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.39\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\MaxonApp\UserData\EBWebView" --webview-exe-name=Maxon.exe --webview-exe-version=2023.2.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAAAGAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1936 --field-trial-handle=1944,i,9740975920221660298,1365170242401081515,131072 --disable-features=MojoIpcz /prefetch:2
                  4⤵
                  • Executes dropped EXE
                  • Loads dropped DLL
                  PID:1408
                • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.39\msedgewebview2.exe
                  "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.39\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\MaxonApp\UserData\EBWebView" --webview-exe-name=Maxon.exe --webview-exe-version=2023.2.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2056 --field-trial-handle=1944,i,9740975920221660298,1365170242401081515,131072 --disable-features=MojoIpcz /prefetch:3
                  4⤵
                  • Executes dropped EXE
                  • Loads dropped DLL
                  PID:1000
                • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.39\msedgewebview2.exe
                  "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.39\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\MaxonApp\UserData\EBWebView" --webview-exe-name=Maxon.exe --webview-exe-version=2023.2.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2344 --field-trial-handle=1944,i,9740975920221660298,1365170242401081515,131072 --disable-features=MojoIpcz /prefetch:8
                  4⤵
                  • Executes dropped EXE
                  • Loads dropped DLL
                  PID:1740
                • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.39\msedgewebview2.exe
                  "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.39\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\MaxonApp\UserData\EBWebView" --webview-exe-name=Maxon.exe --webview-exe-version=2023.2.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --mojo-platform-channel-handle=3316 --field-trial-handle=1944,i,9740975920221660298,1365170242401081515,131072 --disable-features=MojoIpcz /prefetch:1
                  4⤵
                  • Checks computer location settings
                  • Executes dropped EXE
                  • Loads dropped DLL
                  PID:4020
                • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.39\msedgewebview2.exe
                  "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.39\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\MaxonApp\UserData\EBWebView" --webview-exe-name=Maxon.exe --webview-exe-version=2023.2.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --mojo-platform-channel-handle=4168 --field-trial-handle=1944,i,9740975920221660298,1365170242401081515,131072 --disable-features=MojoIpcz /prefetch:1
                  4⤵
                  • Checks computer location settings
                  • Executes dropped EXE
                  • Loads dropped DLL
                  PID:2392
                • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.39\msedgewebview2.exe
                  "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.39\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\MaxonApp\UserData\EBWebView" --webview-exe-name=Maxon.exe --webview-exe-version=2023.2.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --mojo-platform-channel-handle=4348 --field-trial-handle=1944,i,9740975920221660298,1365170242401081515,131072 --disable-features=MojoIpcz /prefetch:1
                  4⤵
                  • Checks computer location settings
                  • Executes dropped EXE
                  • Loads dropped DLL
                  PID:4280

          Network

          MITRE ATT&CK Enterprise v6

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Program Files (x86)\Microsoft\EdgeCore\112.0.1722.39\Installer\setup.exe
            Filesize

            3.8MB

            MD5

            53e53d314d5fe8918a05338bbec21c71

            SHA1

            9a5b3bf17e942b6e07d4e17c0eecaa3980754b6c

            SHA256

            634a867a08939af522936118211e58c2db0ba4a9e7c3f35df019107632835ea6

            SHA512

            4c88951f080772d97b8a3f3193ed1be4e8f08e0a9d964dc50f1be61f65095a224981ddf3b23576debf2f4e184a74047901fc01ac94ec1b5152e5122a7088ad1d

            Download Submit

          • C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}\112.0.1722.39\MicrosoftEdge_X64_112.0.1722.39.exe
            Filesize

            136.2MB

            MD5

            7ff64ed6d6d9f41c903fb77f47a3af31

            SHA1

            2bf440025fca3c51e74d0a73713d01aa5b6b6dd5

            SHA256

            81c166b377d862e29353fc72eb2a2683269b970e29ef3156b02f47af27d3c415

            SHA512

            846aee6c4090efc9a97e6ffcbc50a0a76d1c594c47d49dbe669f6cfb9ed7021641307e1e02372e4125f9cc3284260ab6db2dc10364097d5e2c311a376d869225

            Download Submit

          • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
            Filesize

            209KB

            MD5

            d7d541bd3dd228ad24dadfc4089b0704

            SHA1

            3fe7399267cf9bce649922d8ea0be9a5ffa77f67

            SHA256

            cedade653a1e8d68809199c87a65a7a69fb360f67177262e651253cf0316b842

            SHA512

            aca02d3bc55b7301257c56232b899145ad3266c210997d9eae664a0c6b6796e646a93db012e0a1b0d446cd64c55f916ab6f9a822b7b6b5faabfb75e3b5e3f011

            Download Submit

          • C:\Program Files (x86)\Microsoft\Temp\EUF2E.tmp\EdgeUpdate.dat
            Filesize

            12KB

            MD5

            369bbc37cff290adb8963dc5e518b9b8

            SHA1

            de0ef569f7ef55032e4b18d3a03542cc2bbac191

            SHA256

            3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3

            SHA512

            4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1

            Download Submit

          • C:\Program Files (x86)\Microsoft\Temp\EUF2E.tmp\MicrosoftEdgeComRegisterShellARM64.exe
            Filesize

            160KB

            MD5

            9caf47e9999af93d8f49c0f5b62ac693

            SHA1

            dd83435e30a88d2df849e4d4c8e3e671d545677a

            SHA256

            8ce4842eb307265d3a1a43bb558925030ec5c399bd8a67ac0e3b9a9b55e1a64d

            SHA512

            6aea29ec91f4e494917aa22331ae6cb62e4ebcf84b03abe562bad43993b5750388b35084cd179ef52c00799c88dad8cc658e31e3649cf866c228ccd5cb0118ea

            Download Submit

          • C:\Program Files (x86)\Microsoft\Temp\EUF2E.tmp\MicrosoftEdgeUpdate.exe
            Filesize

            209KB

            MD5

            d7d541bd3dd228ad24dadfc4089b0704

            SHA1

            3fe7399267cf9bce649922d8ea0be9a5ffa77f67

            SHA256

            cedade653a1e8d68809199c87a65a7a69fb360f67177262e651253cf0316b842

            SHA512

            aca02d3bc55b7301257c56232b899145ad3266c210997d9eae664a0c6b6796e646a93db012e0a1b0d446cd64c55f916ab6f9a822b7b6b5faabfb75e3b5e3f011

            Download Submit

          • C:\Program Files (x86)\Microsoft\Temp\EUF2E.tmp\MicrosoftEdgeUpdate.exe
            Filesize

            209KB

            MD5

            d7d541bd3dd228ad24dadfc4089b0704

            SHA1

            3fe7399267cf9bce649922d8ea0be9a5ffa77f67

            SHA256

            cedade653a1e8d68809199c87a65a7a69fb360f67177262e651253cf0316b842

            SHA512

            aca02d3bc55b7301257c56232b899145ad3266c210997d9eae664a0c6b6796e646a93db012e0a1b0d446cd64c55f916ab6f9a822b7b6b5faabfb75e3b5e3f011

            Download Submit

          • C:\Program Files (x86)\Microsoft\Temp\EUF2E.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe
            Filesize

            203KB

            MD5

            d51ad58ff2e702fcf54e5580c3d5195b

            SHA1

            cf65da922713ee8507fd7976ebf4786b83d194c4

            SHA256

            e14aa9b45f08b41fa555568396b38c3cef3827ce46c95ac1c34b34fb65cb20a9

            SHA512

            c9d40c6c22a9115162b34b24fe24f8da5c263b634067ace2822e6cc3206c01a546ed1df3dde09e31cdd86d0b175dddf696e9a5fea63987175c187428056f9e3d

            Download Submit

          • C:\Program Files (x86)\Microsoft\Temp\EUF2E.tmp\MicrosoftEdgeUpdateCore.exe
            Filesize

            237KB

            MD5

            b6e0a6427151dfaeca0fc7d84b6e9523

            SHA1

            a03f31f6a8e0fc7f386993a8e8082c383b41a438

            SHA256

            f70cddb720fb4e482704693af2fb2cd862c8ca324a13cb009d8ed30c95184f23

            SHA512

            6a4c673c12a7b8970a6920b4d832fb42680f2b277a832f28f2c41d57821cf7e8a46f562ec6783b81b7eff71365af0f713230a454793396518578c5536d124c29

            Download Submit

          • C:\Program Files (x86)\Microsoft\Temp\EUF2E.tmp\NOTICE.TXT
            Filesize

            4KB

            MD5

            6dd5bf0743f2366a0bdd37e302783bcd

            SHA1

            e5ff6e044c40c02b1fc78304804fe1f993fed2e6

            SHA256

            91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5

            SHA512

            f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

            Download Submit

          • C:\Program Files (x86)\Microsoft\Temp\EUF2E.tmp\msedgeupdate.dll
            Filesize

            2.5MB

            MD5

            0c9199555050145619d3adb0b9c86d90

            SHA1

            e290a258869bb45a52c3cec13cfe042c6cd411f7

            SHA256

            eaca58832f1c5d40db402d8165997893be10c42f86b372ab253c66cdacef1cf7

            SHA512

            ca71932635875224d1cf439294065db925d1c46609b529b589e1ee874f24f2a838a366fc083e42444f8e1ff0eba6ae0c8db6e43ced9eb6c15897d2308d8b2bd1

            Download Submit

          • C:\Program Files (x86)\Microsoft\Temp\EUF2E.tmp\msedgeupdate.dll
            Filesize

            2.5MB

            MD5

            0c9199555050145619d3adb0b9c86d90

            SHA1

            e290a258869bb45a52c3cec13cfe042c6cd411f7

            SHA256

            eaca58832f1c5d40db402d8165997893be10c42f86b372ab253c66cdacef1cf7

            SHA512

            ca71932635875224d1cf439294065db925d1c46609b529b589e1ee874f24f2a838a366fc083e42444f8e1ff0eba6ae0c8db6e43ced9eb6c15897d2308d8b2bd1

            Download Submit

          • C:\Program Files (x86)\Microsoft\Temp\EUF2E.tmp\msedgeupdateres_af.dll
            Filesize

            27KB

            MD5

            bbcba04b4368221736141f6da3dcc259

            SHA1

            54e0d0761995fadcb9d588a079fa1e4b472a968d

            SHA256

            988be2b023768090eae11fddff079e31512edb975920f97c1a3e9bc8c42c0064

            SHA512

            fa00c567de74a56223af838a89e6efc036de786c3e5513ad32d358693d3931873179007aa54b99f7be54ef5df8584f4fa7bc75dc13f2fdc92b4bedf36a7ef4dd

            Download Submit

          • C:\Program Files (x86)\Microsoft\Temp\EUF2E.tmp\msedgeupdateres_am.dll
            Filesize

            23KB

            MD5

            c2684f7568e44d9adb284f39e658af48

            SHA1

            f15d1381d2b6cbe8b28d7778236f2e1f7cd5b93e

            SHA256

            5cc5a2b40b4aa078dec600da52c2fd06b1c14ffb780fe7e928f815001aea1467

            SHA512

            79056a8995daca7de8664a67fb557c8f2cf5c460501d149b0dfcde3e9b81f3fcd903c832c4406ac63fe82436cfa8d83e34eb1681cdd1da04d70314791bfb6d50

            Download Submit

          • C:\Program Files (x86)\Microsoft\Temp\EUF2E.tmp\msedgeupdateres_ar.dll
            Filesize

            25KB

            MD5

            529a2715fb172ed53f691d7e9f162965

            SHA1

            287ac0ef438bbfa46b6968cb9b49405ecbc17b65

            SHA256

            db8e1c2616674f557cf12d12a72e69b270af942e507c6ec57b38b5945120a364

            SHA512

            d3a62e277b0872c1371f5459f2ca35293ce6db27997462c7c7b70337cf9a08cd528d9063e4daa7124a32c47f8f68c10fae8eef8a6311872757b3b84f4c04b0b2

            Download Submit

          • C:\Program Files (x86)\Microsoft\Temp\EUF2E.tmp\msedgeupdateres_as.dll
            Filesize

            27KB

            MD5

            149dde1066fc706cad0e940a43712b8a

            SHA1

            05ece216582c89c53ddac41e0a45c3aa021d9a3f

            SHA256

            536ac447c4716c40a44eb4d41b38da584d449e402ae2c009968bd276221d7bee

            SHA512

            950f1023ac42855ece0fbd9816e6b64fb2df6e532278c59ee96594692de97cd6af069a57006ad9aad3bb2cbeb83ca95c13ae018e7692356ed622c851f648e089

            Download Submit

          • C:\Program Files (x86)\Microsoft\Temp\EUF2E.tmp\msedgeupdateres_az.dll
            Filesize

            28KB

            MD5

            2d81bba9b5ac6c450186db93b761896e

            SHA1

            69669f5cb136ffc4bc783947027d5a620595eb45

            SHA256

            768ba9c4c0e7e044f659b44e2e95f60b14ccd9a4898e2b5a7e60cc16a8595c36

            SHA512

            774433c8c8bf2eff50218810180b4cf97fa67a9ac2cdf8215b16b0772039f14df541d9d9388db8176b98feec26ed7086be9eb2dc1eb6bcba350bd670e4767bba

            Download Submit

          • C:\Program Files (x86)\Microsoft\Temp\EUF2E.tmp\msedgeupdateres_en.dll
            Filesize

            26KB

            MD5

            cb78d1e912542bc2299cece8348c9f52

            SHA1

            70f35b8fc2ee00e8f47b67e8b3b8cc018cd4e29d

            SHA256

            9b432eb71b7b94dbe7e9890ad112f1570a74221eb766d5b40c105daa03697b8c

            SHA512

            fb58db15d3a258a85a3e93a8cc752ccc3d42655f9ab7d9730afa1ac2a301555f37f5a15daf10933d32b2c8e566acafa2a267ffc7103814e7fe924733c54ce9d6

            Download Submit

          • C:\Program Files\Maxon\Tools\MicrosoftEdgeWebview2Setup.exe
            Filesize

            1.7MB

            MD5

            6abf61dd5a6318d76a11ce43b4bee001

            SHA1

            546fac452bb8892bed42b79b17dc0c86ca5ae7dc

            SHA256

            389601cbd7e9256ce22348e3ceb2c33e39ddc7a8c75db897d269dc23b17ad11d

            SHA512

            e454b2bb8ee2bf1355613afdf8389076fae5ffb8305ca2748cb05b597b54f039647e9aced03946dd6c0057305de80ca69db09cb2e539c6645fb2da6abf12ea7b

            Download Submit

          • C:\Program Files\Maxon\Tools\MicrosoftEdgeWebview2Setup.exe
            Filesize

            1.7MB

            MD5

            6abf61dd5a6318d76a11ce43b4bee001

            SHA1

            546fac452bb8892bed42b79b17dc0c86ca5ae7dc

            SHA256

            389601cbd7e9256ce22348e3ceb2c33e39ddc7a8c75db897d269dc23b17ad11d

            SHA512

            e454b2bb8ee2bf1355613afdf8389076fae5ffb8305ca2748cb05b597b54f039647e9aced03946dd6c0057305de80ca69db09cb2e539c6645fb2da6abf12ea7b

            Download Submit

          • C:\Program Files\Maxon\Tools\MxNotify.exe
            Filesize

            1.1MB

            MD5

            de1389a03015f6e2285e65a4253000fe

            SHA1

            728f5d47219f88154ad96d88327103ae5aab4ee4

            SHA256

            6d9220aaf7c51597f76cb52a72fb77e7952006a1969b20606270322ddc31e8fb

            SHA512

            3ea1935e795e201576fea1e6552aabfbe321dc30cd61d043256b042ac95ff16f4b4ed1f4fc23e00a1f6317229cc9a7c894ae1de116b6887f8c222c47163eb72c

            Download Submit

          • C:\Program Files\Maxon\Tools\MxNotify.exe
            Filesize

            1.1MB

            MD5

            de1389a03015f6e2285e65a4253000fe

            SHA1

            728f5d47219f88154ad96d88327103ae5aab4ee4

            SHA256

            6d9220aaf7c51597f76cb52a72fb77e7952006a1969b20606270322ddc31e8fb

            SHA512

            3ea1935e795e201576fea1e6552aabfbe321dc30cd61d043256b042ac95ff16f4b4ed1f4fc23e00a1f6317229cc9a7c894ae1de116b6887f8c222c47163eb72c

            Download Submit

          • C:\Program Files\Maxon\Tools\mxredirect.exe
            Filesize

            699KB

            MD5

            49e57a207e5702814e1148f7ea0afdbb

            SHA1

            1a88f27c3e2dcade29ee12b90e300aeabdd8b38c

            SHA256

            352630f109f53076b2b5661bd401577f1bfd44f749acc94871e16955294b4d3b

            SHA512

            4480f965542f07fcac1709c4a728dcfdbf5b20741f744856cd89dfe03598e05c56ee5bf2e6aff18ee9a51f9849d57b054129786b5205dfb2cb3bf1d8bd66d4eb

            Download Submit

          • C:\Program Files\Maxon\Tools\mxredirect.exe
            Filesize

            699KB

            MD5

            49e57a207e5702814e1148f7ea0afdbb

            SHA1

            1a88f27c3e2dcade29ee12b90e300aeabdd8b38c

            SHA256

            352630f109f53076b2b5661bd401577f1bfd44f749acc94871e16955294b4d3b

            SHA512

            4480f965542f07fcac1709c4a728dcfdbf5b20741f744856cd89dfe03598e05c56ee5bf2e6aff18ee9a51f9849d57b054129786b5205dfb2cb3bf1d8bd66d4eb

            Download Submit

          • C:\Program Files\Red Giant\Services\Red Giant Service.exe
            Filesize

            8.6MB

            MD5

            67320bcddfa96f0b8f93027f86f393dc

            SHA1

            38b62aca92c6b0fce963251271d5c66656f3e9fb

            SHA256

            1da765d7e1ef0f5837c3b7facee64320211d44ab964d16ea5f7d161e7ae685ce

            SHA512

            a91cf6a1752148f3a0108a2c02c78af422e8aea875508ec70713badb82877749af07210deee670ccdea874dae95955e609b0799441b9c82330f53857d8c59653

            Download Submit

          • C:\Program Files\Red Giant\Services\Red Giant Service.exe
            Filesize

            8.6MB

            MD5

            67320bcddfa96f0b8f93027f86f393dc

            SHA1

            38b62aca92c6b0fce963251271d5c66656f3e9fb

            SHA256

            1da765d7e1ef0f5837c3b7facee64320211d44ab964d16ea5f7d161e7ae685ce

            SHA512

            a91cf6a1752148f3a0108a2c02c78af422e8aea875508ec70713badb82877749af07210deee670ccdea874dae95955e609b0799441b9c82330f53857d8c59653

            Download Submit

          • C:\Program Files\Red Giant\Services\msvcr110.dll
            Filesize

            829KB

            MD5

            7c3b449f661d99a9b1033a14033d2987

            SHA1

            6c8c572e736bc53d1b5a608d3d9f697b1bb261da

            SHA256

            ae996edb9b050677c4f82d56092efdc75f0addc97a14e2c46753e2db3f6bd732

            SHA512

            a58783f50176e97284861860628cc930a613168be70411fabafbe6970dcccb8698a6d033cfc94edf415093e51f3d6a4b1ee0f38cc81254bdccb7edfa2e4db4f8

            Download Submit

          • C:\ProgramData\Maxon\.service\analytics.db
            Filesize

            24KB

            MD5

            57526805e8d4d1a5512c61e4133a3264

            SHA1

            e8c24e4c0b6f45bb3b8c93441d068c1244fac761

            SHA256

            0bff9050e7cfcb87a376978817095972288f7363e69da9caf5569279b9523320

            SHA512

            c90e9e1116d117eb8cea47394c6353c4c62eb9a43291e127de40b86575a4a0b7280b44ffef625c5f256fa644e2844db67539fe1bc6b380c9ad4ad188995e2fc4

            Download Submit

          • C:\ProgramData\Maxon\App Manager\Documentation\Acknowledgements\Acknowledgements.txt
            Filesize

            25KB

            MD5

            5bb76b62151333328f4002471f9398fc

            SHA1

            bb34c4b834637c21d003ae5a7db2c0fd9350c499

            SHA256

            b17849ae3cdd873980d244f2d24cef476723447ccfb3c86af5cf05feb6b37c49

            SHA512

            0ceb06ca64af35882db4001ce82087efde313828af6d0849e7bb331ca35ab540b6531bfd923c1cd4c14768c228b7c6a09df6695126c245208e2ccaa4d7466a8d

            Download Submit

          • C:\ProgramData\Maxon\Logs\maxon-service.log
            Filesize

            2KB

            MD5

            dba2fb51fc2e877390d45443f68824c8

            SHA1

            67b65f470fadaaa312b352c93231649edf7e12ef

            SHA256

            7df771379aee6496ec8b090a6da69bbfe9950818c5f3cdfaa93e50da7e001974

            SHA512

            19d789b73d67ffd61aaf8b9d758c17818ffdb23dd8d8fe14ee20cdbd29ab0121e1cbb9945a2facc2b269f5fda553321d2c2bf11b5b8f36d7897885862bf9b63d

            Download Submit

          • C:\ProgramData\Maxon\Logs\maxon-service.log
            Filesize

            3KB

            MD5

            b55f1ab0f67abbc1ffc525e4b3e1ccb0

            SHA1

            303cdf5e1fa2924e7a4b597de9cdff61c300baee

            SHA256

            5934d30db8b36551ec008537e9ec273303732d66c4d6e634cf9664a12e7c3786

            SHA512

            27a6b30909864289260384919dc2bd15a793fbb4301b953d96dcb1505d864cd77982ee068676df764cd4a19552b5e335bf6eb63e178f3a898adbe07bafb81cac

            Download Submit

          • C:\ProgramData\Maxon\Service\Documentation\Acknowledgements\acknowledgements.txt
            Filesize

            56KB

            MD5

            9ab666120c65ad27426995b1af297a48

            SHA1

            5995af88672c1994efbe59f545d2aad6252df1bd

            SHA256

            eb1d0f2daa1f8e4a8f0f3c9c6fd281878e16ccf4f9d5c2bb00626281e40dc205

            SHA512

            085245871e99906630b5044044cf92b1e643eba6aba57fe3a5e64b0b156389701e95efe5e39c0e566064381a72b8b8f42d52b8c37ba9b17f7b733e4a76662b01

            Download Submit

          • C:\ProgramData\Maxon\Service\configs\all-products-manifest.json
            Filesize

            24KB

            MD5

            f1ec9c2f98d6cafb6f2aa713cc5eb3f3

            SHA1

            f984e7d1eb09a63158871ebbe4fc336fe4be375c

            SHA256

            e43a6dd7d4c71260970bd03d54be127b1315780a8a16639ca1c5b76db6d458f7

            SHA512

            26f88b8142c8104bbe5a0db93d6537653175243d656b9bb24e9e7a32b01b6fc8713210234c347b1772c6d0e2d5ce0a4e1eef887b4be902db271c27a4291c72ff

            Download Submit

          • C:\ProgramData\Maxon\Service\logging.config
            Filesize

            591B

            MD5

            c3a4abf0c560ee2cd2bb10c842d1d0a3

            SHA1

            0dddb52041664986885a70afd0a5be3eacebfead

            SHA256

            8295adc7f4ba17385a1dc77be707a8d70ed2a1e090cc6369199a48d318aa1123

            SHA512

            28c2622ba0d0a0bb269df5a1d016380eb201ba91060b06b9a0bd0326f31392e2e39f2f76f54dc544bed5a58290ae3cbdc31e901a8453d94b32c9b3fb133cbfd3

            Download Submit

          • C:\ProgramData\Maxon\Service\logging.config
            Filesize

            601B

            MD5

            e52f73d520c7751bbe46ef28ffbbf05c

            SHA1

            43f676a2e44178f0fcd618f09cbcef2071ed686e

            SHA256

            79fed1056f270b628c3ae02f569cfae28dc4e4fcef847b81435e8278a912cc71

            SHA512

            3baf34faca6814a4cc80673917660ea52ff34603d2bba0550d4bc62881e765ebbcc1969e599c1601b18f27eefdbbb37bef497e91548b6ecbfdd37ff34fc4ca0f

            Download Submit

          • C:\ProgramData\Maxon\Service\mxredirect.log.config
            Filesize

            616B

            MD5

            373cd25ef8b1b01a13121d92855680d8

            SHA1

            4d94d4ce9f09ac5ce5e15ef95d067b6508aa70e0

            SHA256

            61cd3d1b458f7d7012504bfb237a969b9cc08ec03bfcae801aa4ff9b8a806f78

            SHA512

            2d5dfb93feceef016d670b94e06a7510df727091fbbe8416cc2551a66a2ed8f5eab80a270465d64003e930376965eb8224102373c97bf5971761db35ebe607c4

            Download Submit

          • C:\ProgramData\Maxon\Service\net.maxon.service.floating.cfg
            Filesize

            118B

            MD5

            7a0870d057a19791429a1479a0a99a5b

            SHA1

            92415c0250f7ef6162b14054646187675842899d

            SHA256

            c7f106b02c69d504990c0252654eaaa0c8952f9bb2906672307fe7bad39e7b12

            SHA512

            dc15c5a8ff055d0fdfa7f6ebd4216e60abed293794f09c5173eec2664ff61b38a66761a62104129cdee4e771de4e1d73a292082977e1c247a3a2b9d13872245c

            Download Submit

          • C:\ProgramData\Maxon\Service\preferences\client.prefs
            Filesize

            384B

            MD5

            c949262e59029c6c1da9407e9d2ba473

            SHA1

            4e34b98b9d6b3730420eff38d2d7b2bf08f1838a

            SHA256

            4bc0955c25432ada9f350f3746934f81519e3c8bdfc5432ca297f30e44b0348f

            SHA512

            f9208ab3f7c18e11c433d7df8c92fc0d597e5af4d74a1bcc5c95ed47a3f8c3f56c8e1e76885231d705a10ead0a086c1d9d1d33c4b195c3e3becbab45eb0c15e7

            Download Submit

          • C:\ProgramData\Maxon\Service\preferences\client.prefs_save
            Filesize

            148B

            MD5

            d509b622851c509adaa88a5e6dfb0e24

            SHA1

            1e674f172d253f1e70651ab934f94a84533ba3be

            SHA256

            e83162cbbead45ff9fa871a76c8d10ddbafa230746ae23e0666d9693cec09b57

            SHA512

            430ae775ec9549302f822bb59e002d350c1da09ca8e0ca52fdd5719be76f3764f3296477651e08d03278abd2a5a8bf9746290983fe8c929b8814a800b2cb4d4d

            Download Submit

          • C:\ProgramData\Maxon\Service\preferences\dialog.prefs
            Filesize

            70B

            MD5

            df43f42739fa48dfee1072cbd43cce38

            SHA1

            4d4b57b61d13b23c5c7d0deba10144c398eda28b

            SHA256

            baddf5451e44d85bf81e190d55c8e400d27bf1d7f04fff73ef9b8e32b513987e

            SHA512

            586233d551f2d62cfd691e0c5baa7d7749a5c718a54d821f6fd97097399d892db2f0f81b185b838bfed0fc4792f6b65fccc8e2c4290bd808b22be48acbb322d5

            Download Submit

          • C:\ProgramData\Maxon\Service\preferences\dialog.prefs_save
            Filesize

            70B

            MD5

            df43f42739fa48dfee1072cbd43cce38

            SHA1

            4d4b57b61d13b23c5c7d0deba10144c398eda28b

            SHA256

            baddf5451e44d85bf81e190d55c8e400d27bf1d7f04fff73ef9b8e32b513987e

            SHA512

            586233d551f2d62cfd691e0c5baa7d7749a5c718a54d821f6fd97097399d892db2f0f81b185b838bfed0fc4792f6b65fccc8e2c4290bd808b22be48acbb322d5

            Download Submit

          • C:\ProgramData\Maxon\Service\preferences\last_paths.prefs
            Filesize

            67B

            MD5

            2377e68d0f1ca2a07c0664618c9768d5

            SHA1

            d27e9704b6960d70f9a7aa85c178345201e4e9ef

            SHA256

            655181fbaae52a419f0700e04e8e7c1e3ce0a3c63c6245c965b72b575aa2cfa5

            SHA512

            fb59a3dd99e5b85b0662e95a3dfdaf0a1d293cc65c3fa56b778e85bba5aeb21b8f7ae544069c271c218c1fcc57044c20eb77e76cefd52e285135809fe35f418e

            Download Submit

          • C:\ProgramData\Maxon\Service\preferences\last_paths.prefs_save
            Filesize

            67B

            MD5

            2377e68d0f1ca2a07c0664618c9768d5

            SHA1

            d27e9704b6960d70f9a7aa85c178345201e4e9ef

            SHA256

            655181fbaae52a419f0700e04e8e7c1e3ce0a3c63c6245c965b72b575aa2cfa5

            SHA512

            fb59a3dd99e5b85b0662e95a3dfdaf0a1d293cc65c3fa56b778e85bba5aeb21b8f7ae544069c271c218c1fcc57044c20eb77e76cefd52e285135809fe35f418e

            Download Submit

          • C:\ProgramData\Maxon\Service\preferences\session.prefs
            Filesize

            158B

            MD5

            de0caa208052c910098e7618f1378eb3

            SHA1

            154b7b6be2906637985a73ad2f6d8a9e626e4b25

            SHA256

            499b23e780391860c7e73bc993e4ba299c2f68d4ae9f1ac5a5a9f3214fb824f2

            SHA512

            51a313f00bad9b1dd87c8aff6e9d6e0aac6672ee4856e403c1af0109043a78b0de5efc6cdb2257ba7b9e34dddabed6bfad48bd8ad5d7b6c8ad85b869bc1cbad5

            Download Submit

          • C:\ProgramData\Maxon\Service\preferences\session.prefs_save
            Filesize

            158B

            MD5

            de0caa208052c910098e7618f1378eb3

            SHA1

            154b7b6be2906637985a73ad2f6d8a9e626e4b25

            SHA256

            499b23e780391860c7e73bc993e4ba299c2f68d4ae9f1ac5a5a9f3214fb824f2

            SHA512

            51a313f00bad9b1dd87c8aff6e9d6e0aac6672ee4856e403c1af0109043a78b0de5efc6cdb2257ba7b9e34dddabed6bfad48bd8ad5d7b6c8ad85b869bc1cbad5

            Download Submit

          • C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
            Filesize

            144KB

            MD5

            a592ea602dfb6f527a99d533b5892cc3

            SHA1

            571a1c925fb6909c2038a86a432e7d8b855b1ec5

            SHA256

            9a7420ebc335408202d09f3fb376d98d5b32bf0b7b49284d006c7dff905f8095

            SHA512

            3b3abd628962fe2ae00a328a987cf3f57c4593378c64aec17c327d79054d39ff4cd5323757978228a529bba25a48a79fc5279bfe198543c039127d8bbb0284ef

            Download Submit

          • C:\ProgramData\Red Giant\Logs\Maxon App Installer.log
            Filesize

            7KB

            MD5

            d2acdb3162b194db693b4a9ae046464b

            SHA1

            563671cc6037525db225968a978947b21a4cfbb7

            SHA256

            5caa85afb931bc952de9efe8cb5cc0143cd72b2494ac45a564c9feee3fd27b4b

            SHA512

            d1ffc7bf08f225ea11bfe11e41c09105b47020d338aec87ca63994cda57d176ee94b01358775c22d85cab83ff93d79f0697ba88b9cf535d7d092d002b179e954

            Download Submit

          • C:\ProgramData\Red Giant\uninstall\uninstall-net.maxon.app-manager_v2023.2.1.bat
            Filesize

            884B

            MD5

            e24497455e5b38b4fee358cb2758630b

            SHA1

            b0da6d5321ac363127446cb7d68f52e046001fa3

            SHA256

            189faaae0946514a9e1788e580e96f59c8503b861bc612fcadc01a2510e75244

            SHA512

            88e2a4194d7bbd90e6f30d2ae1a2082bbf0c7758abda78a7493942585ee0cd6614254419ef0d9882879b61138c2a93f5707b2e7dc8adfd774abad4a4c895884b

            Download Submit

          • C:\Users\Admin\AppData\Local\MaxonApp\UserData\EBWebView\Crashpad\settings.dat
            Filesize

            280B

            MD5

            311c3498e0fb15caa5a6bbc068950e0c

            SHA1

            68244345e8afa43818005467bf8b40c300276856

            SHA256

            6b54a4d8883ff0acd9dfc4d686f64f18411d45cabe4902888a0289e54a81c35e

            SHA512

            740471362f47cd0673714d383f777077f80ee0bef7ab79b23004bd113e26659efde24681d22b96ff4da1ec8974b6c7be1b5836612da90777ca5e091046dbd0bc

            Download Submit

          • C:\Users\Admin\AppData\Local\MaxonApp\UserData\EBWebView\Crashpad\settings.dat
            Filesize

            280B

            MD5

            075092031251c85b2880c33b14b9c402

            SHA1

            4f6cfdc3493b3bd1235240d1bf9aa376c5ccf020

            SHA256

            a452373ca0bf687400c8c9b057bb70275c1ccd0fc2375d371073bc0b3d9e87e9

            SHA512

            de9a51d012a29cf1ed6acd1976196deca032a4dd304c62fdc4173df1ea3ec037980423053f58e71672d4ead9df4cda5264701d9983ae486b5dd592c3011ed04b

            Download Submit

          • C:\Users\Admin\AppData\Local\MaxonApp\UserData\EBWebView\Default\Cache\Cache_Data\data_0
            Filesize

            8KB

            MD5

            cf89d16bb9107c631daabf0c0ee58efb

            SHA1

            3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

            SHA256

            d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

            SHA512

            8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

            Download Submit

          • C:\Users\Admin\AppData\Local\MaxonApp\UserData\EBWebView\Default\Cache\Cache_Data\data_2
            Filesize

            8KB

            MD5

            0962291d6d367570bee5454721c17e11

            SHA1

            59d10a893ef321a706a9255176761366115bedcb

            SHA256

            ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

            SHA512

            f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

            Download Submit

          • C:\Users\Admin\AppData\Local\MaxonApp\UserData\EBWebView\Default\Cache\Cache_Data\data_3
            Filesize

            8KB

            MD5

            41876349cb12d6db992f1309f22df3f0

            SHA1

            5cf26b3420fc0302cd0a71e8d029739b8765be27

            SHA256

            e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

            SHA512

            e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

            Download Submit

          • C:\Users\Admin\AppData\Local\MaxonApp\UserData\EBWebView\Default\Cache\Cache_Data\f_000007
            Filesize

            162KB

            MD5

            fdfdaf63d56b4a9cd6641d79f7159fdc

            SHA1

            18b413d8b6b9f3bec32026b7e9d9f4e5e366922f

            SHA256

            f4dba3e15f08cf0686e6d89370ed42e8a5dafc38973501f0aa6baa9b93c720f3

            SHA512

            06fd67f1a2d5f168c75b5b833d3222d6c0eccfadd4021173a7ec7f949971554d1c7df322b1dc512ef14941e76a9ff6445ba3bd16d940be5bc177be989ec39c2d

            Download Submit

          • C:\Users\Admin\AppData\Local\MaxonApp\UserData\EBWebView\Default\Extension Rules\CURRENT
            Filesize

            16B

            MD5

            46295cac801e5d4857d09837238a6394

            SHA1

            44e0fa1b517dbf802b18faf0785eeea6ac51594b

            SHA256

            0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

            SHA512

            8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

            Download Submit

          • C:\Users\Admin\AppData\Local\MaxonApp\UserData\EBWebView\Default\Extension Scripts\MANIFEST-000001
            Filesize

            41B

            MD5

            5af87dfd673ba2115e2fcf5cfdb727ab

            SHA1

            d5b5bbf396dc291274584ef71f444f420b6056f1

            SHA256

            f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

            SHA512

            de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

            Download Submit

          • C:\Users\Admin\AppData\Local\MaxonApp\UserData\EBWebView\Default\Network\SCT Auditing Pending Reports
            Filesize

            2B

            MD5

            d751713988987e9331980363e24189ce

            SHA1

            97d170e1550eee4afc0af065b78cda302a97674c

            SHA256

            4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

            SHA512

            b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

            Download Submit

          • C:\Users\Admin\AppData\Local\MaxonApp\UserData\EBWebView\Local State
            Filesize

            1KB

            MD5

            d9423f7896a2e10c284d97f1cb72bfb7

            SHA1

            fd4418c99c9ab2519d2753a428c11a388bfc7487

            SHA256

            50724097c1bd67942a5446ec80d8f544d74ea0cb1bdc64c7deae7e5eddbaaa8c

            SHA512

            169e95101edc25b27a08f4c72eb9051c8759d8acba26d50fcb80a852d5f6f3e71482a3184d97bdac04272737b8979d1514bb5e4ed7481f5a063e8c9e8db14527

            Download Submit

          • C:\Users\Admin\AppData\Local\MaxonApp\UserData\EBWebView\Local State
            Filesize

            14KB

            MD5

            821b30927730f3367fb7d5ade7d4ed5c

            SHA1

            a210d977a890ff1771d37edda37c9702572fe15f

            SHA256

            4c8095722c2d41cd5ac19b8c1d827a88b9e3cdf91f7dffeda9673226077616ea

            SHA512

            81a778c29289cbbfbd1c3120adad49b15f964d602bc039f17faf7a70e99f881308fe9c63996f25dcb7d53d5dcb37a28661023f29b87c80b1b875bcb429350cce

            Download Submit

          • C:\Users\Admin\AppData\Local\MaxonApp\UserData\EBWebView\Local State~RFe59d690.TMP
            Filesize

            901B

            MD5

            6f3139b32a11c3eec92c34730c8abf2c

            SHA1

            93cb056417bb0279790fe22a3f807d9c95350cb6

            SHA256

            84477f2ee23aec750b29d5451d7cccf893eda2d3e23128db47b968731d6df491

            SHA512

            e9535d7944171bd4ab33cfd1d3be314b87d21aa9e857646a2f420e6b56cf90d5be1b16fac6d7888337ca60e4e5ccf4468f87c1599b351fec92906c5b12b56fc4

            Download Submit

          • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\Maxon_App_2023.2.1_Win.exe
            Filesize

            35.6MB

            MD5

            6ec1333f4d3c361ed794b656ea431d56

            SHA1

            25766527e11df8336b7896a6cfcc234d94eed6c3

            SHA256

            5d99deb48704a15ceb4b9b38428cbb665ca0689e07740084443dd760c495c2d2

            SHA512

            e2cccac9bd610a5d9a7cd296969a5032586ec53da629c1fd1628fe0f1a551ee2c8d34bfa21b428bd66066f34c8b27618d60ad3d6c7342812aef812b7ef2f5d15

            Download Submit

          • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\Maxon_App_2023.2.1_Win.exe.a5zoog7.partial
            Filesize

            35.6MB

            MD5

            6ec1333f4d3c361ed794b656ea431d56

            SHA1

            25766527e11df8336b7896a6cfcc234d94eed6c3

            SHA256

            5d99deb48704a15ceb4b9b38428cbb665ca0689e07740084443dd760c495c2d2

            SHA512

            e2cccac9bd610a5d9a7cd296969a5032586ec53da629c1fd1628fe0f1a551ee2c8d34bfa21b428bd66066f34c8b27618d60ad3d6c7342812aef812b7ef2f5d15

            Download Submit

          • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\Maxon_App_2023.2.1_Win[1].exe
            Filesize

            35.6MB

            MD5

            6ec1333f4d3c361ed794b656ea431d56

            SHA1

            25766527e11df8336b7896a6cfcc234d94eed6c3

            SHA256

            5d99deb48704a15ceb4b9b38428cbb665ca0689e07740084443dd760c495c2d2

            SHA512

            e2cccac9bd610a5d9a7cd296969a5032586ec53da629c1fd1628fe0f1a551ee2c8d34bfa21b428bd66066f34c8b27618d60ad3d6c7342812aef812b7ef2f5d15

            Download Submit

          • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\suggestions[1].en-US
            Filesize

            17KB

            MD5

            5a34cb996293fde2cb7a4ac89587393a

            SHA1

            3c96c993500690d1a77873cd62bc639b3a10653f

            SHA256

            c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

            SHA512

            e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

            Download Submit

          • C:\Users\Admin\AppData\Local\Red Giant\Analytics\EventTransferAEGP\global.cfg
            Filesize

            536B

            MD5

            22adc3af2ee310e980557348b61b2b15

            SHA1

            816e30d99a54b0d1578fdfb2f2d40eb61d1bb6ae

            SHA256

            f49a3d57d07fb098caf54a95d045cec55c226fc0b7dc6e0ad179eb85e2b3d7ba

            SHA512

            0f31cb278d7a06b1b597837c645dcc2064644e1d13dce6e1c3d299ae2be98c68162a894156d3bc26e1d27f69dc103722293faa631b8e50aab1b64b2625b2dce6

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\7zS491B4B96\Maxon App Installer.exe
            Filesize

            2.7MB

            MD5

            19a687c7e63ed49b0f24f0958317c89b

            SHA1

            a4619b73c480d11ca850d09309e97944ea1621f0

            SHA256

            7f4486e0b16ad52b22875c58e226c5b322a033849f94ccd78e3adfe9d8bb177a

            SHA512

            dd6637de02f887849c70d5e07e6a29269a45803d4647b5dc31728133d65f299b4ac3c69a95b42541f1695cf68ab2abae5f9b49c08c39dd23d8c41ff2c245d0a1

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\7zS491B4B96\Maxon App Installer.exe
            Filesize

            2.7MB

            MD5

            19a687c7e63ed49b0f24f0958317c89b

            SHA1

            a4619b73c480d11ca850d09309e97944ea1621f0

            SHA256

            7f4486e0b16ad52b22875c58e226c5b322a033849f94ccd78e3adfe9d8bb177a

            SHA512

            dd6637de02f887849c70d5e07e6a29269a45803d4647b5dc31728133d65f299b4ac3c69a95b42541f1695cf68ab2abae5f9b49c08c39dd23d8c41ff2c245d0a1

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\7zS491B4B96\Maxon App Installer.exe
            Filesize

            2.7MB

            MD5

            19a687c7e63ed49b0f24f0958317c89b

            SHA1

            a4619b73c480d11ca850d09309e97944ea1621f0

            SHA256

            7f4486e0b16ad52b22875c58e226c5b322a033849f94ccd78e3adfe9d8bb177a

            SHA512

            dd6637de02f887849c70d5e07e6a29269a45803d4647b5dc31728133d65f299b4ac3c69a95b42541f1695cf68ab2abae5f9b49c08c39dd23d8c41ff2c245d0a1

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\7zS491B4B96\packages\com.redgiant.app.zip
            Filesize

            7.6MB

            MD5

            f1afbbe77c1f6e86801aad3350520e33

            SHA1

            261dff7af8c45e5bff7cddcfac8b54d05b3eb5fd

            SHA256

            e661b466e8b9865025838da41af4e298323d69f28715fb22ca09fc2baf10509d

            SHA512

            10e65f0fc6cc754b43552ea557b8cf8bb70ae0798b16429601bdf260f84861af4c63b6b2140d96447dad2950041c7eba0e823ae6b6f0e8563ce2835e2e1acda3

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\7zS491B4B96\packages\com.redgiant.rguninstaller.zip
            Filesize

            308KB

            MD5

            8fc74d09ce2e2364f0a8a266a235d690

            SHA1

            724a524b115ff572f936c24ae47115837680bbf2

            SHA256

            94661f746418ea598c6b9cc7d010dbb584d3335aaa39ded9da99346522952f27

            SHA512

            fc1da3da1692f9f0e0909fff46072f1808302764ce3b0fb1237582627c731b70e1d49793c96ff718d9133a5a52d99e332f5180b48d83da10da1f5ff5db693b32

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\7zS491B4B96\packages\com.redgiant.service.zip
            Filesize

            5.1MB

            MD5

            4dcc519282704813ce67cd5e87d82b57

            SHA1

            df43b7e5902ef426022e2358971dce72e9aacdff

            SHA256

            0382dfbe4991e36b66ad8dd053fb835b0292634f0eacd57ce09f5502a304fc4e

            SHA512

            2a0b16b2e2a6fa7155cd342689d0ab08da4ab0d5ed6e1e651e648f6349c5bcd9a51bbb830015809ad8d8a597e4252118ff7de0cdb516222978f4e3ec3822c796

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\7zS491B4B96\packages\com.redgiant.vcredist-x64-2012.zip
            Filesize

            6.7MB

            MD5

            7a8894bd999f99550b96df54346a5945

            SHA1

            e8c2f677a555e1b493f6f7cd0e7a7691019eb111

            SHA256

            ec024b53e96bc6954c9c281b9a194603348854826742fe59c11fdaf0a8906a41

            SHA512

            646fd875985d333fe0cf9c2bd810a6353adb3d5d98f74f5d4e9715ea4a3704b3b3fe77fc065d05a97cb17fe36c91538ee41742122e96eed69409e47688a578f6

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\7zS491B4B96\packages\com.redgiant.vcredist-x64-2019.zip
            Filesize

            14.0MB

            MD5

            38ee56a06a2eed15262e9d75eb296bab

            SHA1

            f8301114c160147492850e59be34226ef710c9b9

            SHA256

            3529f4807fc69c72722816ec8f3a18c87159409b98dc03dae99109b5d85dcedd

            SHA512

            24a19b0dbb8a23c5007a750f6a9ee15743d868e18f5b3af5b2a66e8f114d4e50c299b0d0085f4ceb820e7476f57169a4117c336f48237b8963d7047e6aa44bb1

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\7zS491B4B96\packages\net.maxon.app.json
            Filesize

            354B

            MD5

            aa970e2079f374162709a34354c29640

            SHA1

            3f80aeeba5cbecca78731586cdf326d86de150b7

            SHA256

            f9cc262d930b5188d8a8cbf3eda30c38c818dd5cf5955befa59dbb77283809d2

            SHA512

            8b96512c603ee46d083f6477e4cbf3202d226b1b4adcf90968cc278b0d4b15a516a19aa545fcd88a2e65bc0b184748a913a2b6ec58d457702f6d1fe2b979ee39

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\7zS491B4B96\packages\net.maxon.mxnotify.zip
            Filesize

            410KB

            MD5

            6fd1cd7a05468a8de5518ae03ddbaf24

            SHA1

            b23db33f51281c601a2948e3e1a6d4e3d8ab5f4d

            SHA256

            4aa778884fd7d83489fdb3f438efc73792e1c2103fee5f7d1d5f5891c9a518c3

            SHA512

            fbe02f097202b2f90b5d76604f60a2d6333283d9dca2bbb157868c279249d951c72e6bf08eea5480037df7e632ae583ad4fed26ea8210665283c16751866e728

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\7zS491B4B96\packages\net.maxon.mxredirect.zip
            Filesize

            316KB

            MD5

            041726b9a920f7e9bb4674c27f2c2379

            SHA1

            7205a9bebdfd4d5a264772059a96df473f3b23be

            SHA256

            89c280e974a794ac43122d6dbf6b07c02c870926c837b33fd8e88d2563701b28

            SHA512

            cf7fb9268d31ae4fa69eb75e3605c29b28421b3e733d4be40dc9e453b8ad87f5b9a68758d804074d17836475d26dfb45b61dbbf1479aaf741920994352034437

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\7zS491B4B96\packages\net.maxon.neutrino.mswebview.installer.zip
            Filesize

            1.6MB

            MD5

            1d9d6d7ecea6ff2bc4dba7adfde6bb83

            SHA1

            e40109e0673dbdb3623341778977459962844b65

            SHA256

            93137985b9aaf0a2c4f0f4836c7f7977ff1ca44238c0ecfdcffa5fc351cc090d

            SHA512

            b3749f8db671e1d7332bba508810ccfaa8c082a920ae0a86bce4c1e462436e68e33101a202e15f425ecc6227979268a3a784f57996daf961bdae83c619dc0813

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmp0c273d42-6433-4fd4-8511-5be979de922c\bin\MicrosoftEdgeWebview2Setup.exe
            Filesize

            1.7MB

            MD5

            6abf61dd5a6318d76a11ce43b4bee001

            SHA1

            546fac452bb8892bed42b79b17dc0c86ca5ae7dc

            SHA256

            389601cbd7e9256ce22348e3ceb2c33e39ddc7a8c75db897d269dc23b17ad11d

            SHA512

            e454b2bb8ee2bf1355613afdf8389076fae5ffb8305ca2748cb05b597b54f039647e9aced03946dd6c0057305de80ca69db09cb2e539c6645fb2da6abf12ea7b

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmp0c273d42-6433-4fd4-8511-5be979de922c\bin\install-mswebview.bat
            Filesize

            68B

            MD5

            9e307d7ca44484c85fecf3d1cf7b1a59

            SHA1

            590497a3a89c0cbfa9d9db7429a2c4712aaa078f

            SHA256

            d5b69e95318804f103ebcdd26a77e27224decf02962c0f5d8e83fe615b1dd228

            SHA512

            f3e8bb2adbeeb84e699f70dfddd72e86ca0f05827b9f788478c5143d616d1382725e404720213bd056afe5851907553c0e5f1eac10737301b6f73ef7a5f4973d

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmp8e88ec35-a96c-4e31-8b2f-f312160ae8c0\app\Maxon.exe
            Filesize

            11.1MB

            MD5

            48457f3365756c10be53525ca7e6485f

            SHA1

            6e20b299d2b2ef38aef09584b22b25e2346bb09f

            SHA256

            10a05d6101bd710ba083bf35f98b5de2672b599f5903e425a0eae7c0203a7e77

            SHA512

            0f376908f5f4c36ca68d822c3f5a10563b3636e8a357c5ee98704bbe27a32b5d90d2e91f99edbe5865c4b196fd7778fc00611be389409277617b40712b3c17d6

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmp8e88ec35-a96c-4e31-8b2f-f312160ae8c0\app\rga-uninstaller-helper.exe
            Filesize

            698KB

            MD5

            64948479a93f19fb333fea6b4a540b1b

            SHA1

            b802ad5dfc4154241420c658a1231da0d167f55b

            SHA256

            2b92f728b546e593daed89e34d3945fc717361adce48c82124de5abae0a7e9dc

            SHA512

            3c4214c1002ec3323d01762755889aa95791ca31614d0743c6efb69d2c4f92c4a76868563fc8af16682c4ca35b1343310d98a7d067737cb113e47fdfd4e3e4df

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmp8e88ec35-a96c-4e31-8b2f-f312160ae8c0\app\rgdeploy.exe
            Filesize

            1.7MB

            MD5

            0cc2c817912c5d4e312366c9ac206fbb

            SHA1

            abddb55ba7ff181f52c2309b760da306922074b3

            SHA256

            235d827de6cb5955c0aa533daaf2ff404280dfd9b70f817f5a3b26363cf00bee

            SHA512

            6bd7e2d8b3754a0ab3847c16d313f262891719b89faefab3d62d1affafda7044a0fdd435701c53d228a4508da41eecf7b7c79b7380a2a04aa92cffff2513b044

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmp8e88ec35-a96c-4e31-8b2f-f312160ae8c0\app\uninstall-appmanager.bat
            Filesize

            1KB

            MD5

            fbf11c65bd839cf80fc0d2fd9b2ae19c

            SHA1

            820c5cde78199b53c85758a1de1f42e92dbb853e

            SHA256

            27dc1a433c3457ea2920f340de7662b7ea0f1fa066b0d63377d7d5fa919ceb98

            SHA512

            2d631555d01b7104539a7dd4c50fdcc9d3955fb2f57ae848e639050f990406a7148922c5129160d2d0c18e885c6e392437b845b6398b816afea51ebc7fbdd01a

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmp9339157e-d2a3-4a99-8c7d-d93c59b2b9ab\app\MxNotify.exe
            Filesize

            1.1MB

            MD5

            de1389a03015f6e2285e65a4253000fe

            SHA1

            728f5d47219f88154ad96d88327103ae5aab4ee4

            SHA256

            6d9220aaf7c51597f76cb52a72fb77e7952006a1969b20606270322ddc31e8fb

            SHA512

            3ea1935e795e201576fea1e6552aabfbe321dc30cd61d043256b042ac95ff16f4b4ed1f4fc23e00a1f6317229cc9a7c894ae1de116b6887f8c222c47163eb72c

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmp9339157e-d2a3-4a99-8c7d-d93c59b2b9ab\postflight\mxnotify-windows-postflight.bat
            Filesize

            106B

            MD5

            d2926859650503d8e62b0db8e6a2c18b

            SHA1

            373fd2b988df44b574693e8781cdc1213360633c

            SHA256

            aa8c150f29af2200de9ce0336c55bc5c76a64f5434d7f8da26c0cecebc573798

            SHA512

            52040403587f9a0c7f2d5fb6f3de86f649276ad8f42a63eba45b87d58f69a2551191f2a8720d6364bf108638d5650400f782088ebeb2c0b665ebdf510761009e

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmpa2523161-b367-402a-ad6a-6418d06dfa77\files\VC_redist.x64.19.exe
            Filesize

            14.3MB

            MD5

            264c296cc0bf00db6ba8e7bf8cc4e706

            SHA1

            837a49f9eaacda7c077a8bbea149a52d766b81c0

            SHA256

            7d7105c52fcd6766beee1ae162aa81e278686122c1e44890712326634d0b055e

            SHA512

            9f197af069535896f866d2853689c8e0243fe5c89feeaf6a027315f31bb0086bb0a6234e77a4427481fb2dbe32c3c0d748f9de82ee439086745658a825bed5e9

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmpa2523161-b367-402a-ad6a-6418d06dfa77\files\VC_redist.x64.19.exe
            Filesize

            14.3MB

            MD5

            264c296cc0bf00db6ba8e7bf8cc4e706

            SHA1

            837a49f9eaacda7c077a8bbea149a52d766b81c0

            SHA256

            7d7105c52fcd6766beee1ae162aa81e278686122c1e44890712326634d0b055e

            SHA512

            9f197af069535896f866d2853689c8e0243fe5c89feeaf6a027315f31bb0086bb0a6234e77a4427481fb2dbe32c3c0d748f9de82ee439086745658a825bed5e9

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmpa2523161-b367-402a-ad6a-6418d06dfa77\files\VC_redist.x64.19.exe
            Filesize

            14.3MB

            MD5

            264c296cc0bf00db6ba8e7bf8cc4e706

            SHA1

            837a49f9eaacda7c077a8bbea149a52d766b81c0

            SHA256

            7d7105c52fcd6766beee1ae162aa81e278686122c1e44890712326634d0b055e

            SHA512

            9f197af069535896f866d2853689c8e0243fe5c89feeaf6a027315f31bb0086bb0a6234e77a4427481fb2dbe32c3c0d748f9de82ee439086745658a825bed5e9

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmpa2523161-b367-402a-ad6a-6418d06dfa77\postflight\vcredist-postflight.bat
            Filesize

            342B

            MD5

            2896b5c307eb33c9e30f25704f1e805f

            SHA1

            4678cf9958a7314206e54e5d055ad7a4f65400a0

            SHA256

            4e1329927ec28e08fcbe6af712705c571ef2ad72435d994b55be6c494f96fe45

            SHA512

            1f1600c5721b77ff675c9f95b7bdf6fa83984af31459ffb35d69b0529df4012584b84c4e02505151bef3f84e484b3fd04be23a712e7d1f8dfdf9e4508b016db1

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmpcc7b5614-81d3-461e-953d-e144c1e090fb\postflight\mxredirect-windows-postflight.bat
            Filesize

            630B

            MD5

            7f4b4e211a4df311c4c353dc9c34d038

            SHA1

            5c46b580f5b37be9effcd76e9f4fa29a56f6dc1d

            SHA256

            c276acfec8e0181a2ae35dff29c1b051091fba70e9aa1d076cc0a4429fc20a5a

            SHA512

            a78600025a16e6a69b6b2861061fd2721fb68019dc5dcb7d8850fe4c6f0cfe353fe5d968fbb205cf6fad8ab9a0ab795f4170585ba01cffefe0d4cff01a80cc42

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmpcc7b5614-81d3-461e-953d-e144c1e090fb\resources\mxredirect.log.config
            Filesize

            616B

            MD5

            373cd25ef8b1b01a13121d92855680d8

            SHA1

            4d94d4ce9f09ac5ce5e15ef95d067b6508aa70e0

            SHA256

            61cd3d1b458f7d7012504bfb237a969b9cc08ec03bfcae801aa4ff9b8a806f78

            SHA512

            2d5dfb93feceef016d670b94e06a7510df727091fbbe8416cc2551a66a2ed8f5eab80a270465d64003e930376965eb8224102373c97bf5971761db35ebe607c4

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmpcc7b5614-81d3-461e-953d-e144c1e090fb\tools\mxredirect.exe
            Filesize

            699KB

            MD5

            49e57a207e5702814e1148f7ea0afdbb

            SHA1

            1a88f27c3e2dcade29ee12b90e300aeabdd8b38c

            SHA256

            352630f109f53076b2b5661bd401577f1bfd44f749acc94871e16955294b4d3b

            SHA512

            4480f965542f07fcac1709c4a728dcfdbf5b20741f744856cd89dfe03598e05c56ee5bf2e6aff18ee9a51f9849d57b054129786b5205dfb2cb3bf1d8bd66d4eb

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmpd8fda7f6-13db-4a2a-8c1f-a0a93d16e02c\bin\rguninstaller.exe
            Filesize

            698KB

            MD5

            53ce1e29790e9d23effbd9201b31515d

            SHA1

            b4f1f490f33fcfd0ab4c5d92afe00937743742e1

            SHA256

            e4712926dcfca5be6ccfc8f65c62332ae3bbc75e96b64aee8b05fc1a211fa65e

            SHA512

            7c1f4b6a295d54c2af601da1c856db7032c3e79b0ef8a16624c9ee26d485c5dbae902294b733eb1dda572a9e72a8704baefde05282d40f874665893ebbd2aa34

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmpfbe421a4-8e19-4df4-8194-bda17b58789d\app\Red Giant Service.exe
            Filesize

            8.6MB

            MD5

            67320bcddfa96f0b8f93027f86f393dc

            SHA1

            38b62aca92c6b0fce963251271d5c66656f3e9fb

            SHA256

            1da765d7e1ef0f5837c3b7facee64320211d44ab964d16ea5f7d161e7ae685ce

            SHA512

            a91cf6a1752148f3a0108a2c02c78af422e8aea875508ec70713badb82877749af07210deee670ccdea874dae95955e609b0799441b9c82330f53857d8c59653

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmpfbe421a4-8e19-4df4-8194-bda17b58789d\app\uninstall-maxon-service.bat
            Filesize

            1KB

            MD5

            0458eaf2fc13c745121436de121e743b

            SHA1

            9787955d5f8a3f923ac621492bcac9ca178fc3d1

            SHA256

            3b0933f37b5d665b3d386bf661813b9efa6f018dfebdd9203c10c13f4c68535b

            SHA512

            441e57898fe9cb7ca9488f1f34e2c2bfd0033867cce3a666389e0ae4866cef24644cb2f7b03676b89405ee8ea6d502d5d2c51265bc153867fc222766d8ca2134

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmpfbe421a4-8e19-4df4-8194-bda17b58789d\documentation\acknowledgements.txt
            Filesize

            56KB

            MD5

            9ab666120c65ad27426995b1af297a48

            SHA1

            5995af88672c1994efbe59f545d2aad6252df1bd

            SHA256

            eb1d0f2daa1f8e4a8f0f3c9c6fd281878e16ccf4f9d5c2bb00626281e40dc205

            SHA512

            085245871e99906630b5044044cf92b1e643eba6aba57fe3a5e64b0b156389701e95efe5e39c0e566064381a72b8b8f42d52b8c37ba9b17f7b733e4a76662b01

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmpfbe421a4-8e19-4df4-8194-bda17b58789d\fusewindow\FuseWindow.dll
            Filesize

            259KB

            MD5

            a71e41ad46a251d27df41b0cdae0e0da

            SHA1

            04e16855c997e25acab07092487590fb44176750

            SHA256

            73fa89177adee0ad06ed89646f659914b702d4894b34ea198571f8e1ab55ec1d

            SHA512

            8cec5a0ef770c9bed13abec23bea5804ae21bc6c7fe5974719e6f1cc96c1a6fd62b9e1c46eeda2e8c49dea6743fffc5651587f25b32cca14d2e712feec43eb35

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmpfbe421a4-8e19-4df4-8194-bda17b58789d\postflight\fuse-windows-postflight.bat
            Filesize

            819B

            MD5

            7c3cf64ccf4db3ac83e16a23e4eb3b10

            SHA1

            0ce03bb05771c8866fa32261f4e48446a4bdb33f

            SHA256

            bbb6448d5cef00e6a6a5317a5abf3fd9cae9bb6751908900baf06445bc42bd5b

            SHA512

            fec5a6001c60f8711f9c41fd6cc5dac5aba5cfc9f34d682bb43651dc5598991c51462d5c48ac900a24e12721855659ba343c2a0f1078c39470a0ed31ba8c186d

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmpfbe421a4-8e19-4df4-8194-bda17b58789d\preflight\fuse-windows-setup-preflight.bat
            Filesize

            115B

            MD5

            5c78f14f9915a2ce2c0cd7ec5010d1ae

            SHA1

            e999de38e67515c9cd41cfdb54e216c4efc415ca

            SHA256

            c7bc0bd1d332f9018a35d95b361d3e13253aa53e3c167672c0039a4d8ce5216c

            SHA512

            04ee4d2d1e815b1fe6f8e245e77b8d7e76c9d96e18a584550b198ac50f7e361369f6b0f43d661b51dd9b8618e9e3454664a53ccef2a6c01591063332de07c5e6

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmpfbe421a4-8e19-4df4-8194-bda17b58789d\resources\all-products-manifest.json
            Filesize

            24KB

            MD5

            f1ec9c2f98d6cafb6f2aa713cc5eb3f3

            SHA1

            f984e7d1eb09a63158871ebbe4fc336fe4be375c

            SHA256

            e43a6dd7d4c71260970bd03d54be127b1315780a8a16639ca1c5b76db6d458f7

            SHA512

            26f88b8142c8104bbe5a0db93d6537653175243d656b9bb24e9e7a32b01b6fc8713210234c347b1772c6d0e2d5ce0a4e1eef887b4be902db271c27a4291c72ff

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmpfbe421a4-8e19-4df4-8194-bda17b58789d\resources\logging.config
            Filesize

            601B

            MD5

            e52f73d520c7751bbe46ef28ffbbf05c

            SHA1

            43f676a2e44178f0fcd618f09cbcef2071ed686e

            SHA256

            79fed1056f270b628c3ae02f569cfae28dc4e4fcef847b81435e8278a912cc71

            SHA512

            3baf34faca6814a4cc80673917660ea52ff34603d2bba0550d4bc62881e765ebbcc1969e599c1601b18f27eefdbbb37bef497e91548b6ecbfdd37ff34fc4ca0f

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmpfbe421a4-8e19-4df4-8194-bda17b58789d\tools\SerialFiller.exe
            Filesize

            597KB

            MD5

            b3f68dab57686c0f84229717a46c8b83

            SHA1

            b224a00b9437527cdba16e6e25de2f3b00088781

            SHA256

            e013189b9115045d5880f0e9fa7b84acb4c4346cd80c7f884e3912eb8856a6c8

            SHA512

            f56d22118b11661fc98f05c8bcac9d4721e35904189fa548091f39c8bf82189265d082553666bb7e4c6882173331432b7afd5d012ef3a1db482049b6a80dc024

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\tmpfbe421a4-8e19-4df4-8194-bda17b58789d\tools\mx1.exe
            Filesize

            1.3MB

            MD5

            b757c47e57f3b014fb9410ea517b5027

            SHA1

            3ef60d53d9fa9f189fc7880c2b5174dd339eb552

            SHA256

            19dd3b10c48b2a5e0f4cc25c37accbe5561e75c51ce9bf6cd5f622d0a0e9ee24

            SHA512

            048b9631c126ac3891bb6d0bd6f0f1ce8caa9c4c880b0a66a026dffb37b9dd772795e478f4798b883e554a533984d6383b9bb458b12322e0cd706bb12e7a47b8

            Download Submit

          • C:\Windows\Temp\{10B83370-DC60-4D82-9168-21C977C4A2CF}\.cr\VC_redist.x64.19.exe
            Filesize

            632KB

            MD5

            562711caf0d942d286fd28d34ebf9fdf

            SHA1

            001b037c732b497e390bd756901e64ce0d84d885

            SHA256

            3556010aa72b67d16dc6b406aecf493185c92f38ad410924959175fd39192b61

            SHA512

            447ea79c0fe30b5458d139d903bf738126c8159250a5b732ca9afdb7536be3ef5c81857852034fbdf385d9bbc43e1c77dc9618f7ad0b60ff3d9c526711c30060

            Download Submit

          • C:\Windows\Temp\{10B83370-DC60-4D82-9168-21C977C4A2CF}\.cr\VC_redist.x64.19.exe
            Filesize

            632KB

            MD5

            562711caf0d942d286fd28d34ebf9fdf

            SHA1

            001b037c732b497e390bd756901e64ce0d84d885

            SHA256

            3556010aa72b67d16dc6b406aecf493185c92f38ad410924959175fd39192b61

            SHA512

            447ea79c0fe30b5458d139d903bf738126c8159250a5b732ca9afdb7536be3ef5c81857852034fbdf385d9bbc43e1c77dc9618f7ad0b60ff3d9c526711c30060

            Download Submit

          • C:\Windows\Temp\{FFECDC64-4555-45CF-B652-F786931CD937}\.ba\logo.png
            Filesize

            1KB

            MD5

            d6bd210f227442b3362493d046cea233

            SHA1

            ff286ac8370fc655aea0ef35e9cf0bfcb6d698de

            SHA256

            335a256d4779ec5dcf283d007fb56fd8211bbcaf47dcd70fe60ded6a112744ef

            SHA512

            464aaab9e08de610ad34b97d4076e92dc04c2cdc6669f60bfc50f0f9ce5d71c31b8943bd84cee1a04fb9ab5bbed3442bd41d9cb21a0dd170ea97c463e1ce2b5b

            Download Submit

          • C:\Windows\Temp\{FFECDC64-4555-45CF-B652-F786931CD937}\.ba\wixstdba.dll
            Filesize

            191KB

            MD5

            eab9caf4277829abdf6223ec1efa0edd

            SHA1

            74862ecf349a9bedd32699f2a7a4e00b4727543d

            SHA256

            a4efbdb2ce55788ffe92a244cb775efd475526ef5b61ad78de2bcdfaddac7041

            SHA512

            45b15ade68e0a90ea7300aeb6dca9bc9e347a63dba5ce72a635957564d1bdf0b1584a5e34191916498850fc7b3b7ecfbcbfcb246b39dbf59d47f66bc825c6fd2

            Download Submit

          • memory/1740-1224-0x00007FF804120000-0x00007FF804121000-memory.dmp

            Filesize

            4KB

            Download

          • memory/1740-1222-0x00007FF804400000-0x00007FF804401000-memory.dmp

            Filesize

            4KB

            Download

          • memory/4020-1223-0x00007FF803350000-0x00007FF803351000-memory.dmp

            Filesize

            4KB

            Download