aab27bd5547d35dc159288f3b5b8760f21b0cfec86e8f0032b49dd0410f232bc

Analysis

max time kernel
148s
max time network
142s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
08-05-2023 23:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

mingw-get-setup.exe
Size

84KB
MD5

92d905bdfe13c798a2cda2bbacdad932
SHA1

66f1355f16ac1e328243e877880eb6e45e8b30e2
SHA256

aab27bd5547d35dc159288f3b5b8760f21b0cfec86e8f0032b49dd0410f232bc
SHA512

5c96c7be222d5c836402df302f5a1866df72bcad3d13643e8703e536cea9c6e42fde344ca79d564051fd3cd93326e834b3c4b7f59e5591d61cba3d59b7c9a180
SSDEEP

1536:+sE5jlwWrw6I3N8SFsngkZ4nJ9jHZN+4Ie6fFF6rS7cnouy8VAt:tE5Rw6GN8wsngi4nJ7N+P7Foc8outy

Score

7^/10

upx

Malware Config

Signatures

Loads dropped DLL 4 IoCs

pid	Process
920	mingw-get-setup.exe
920	mingw-get-setup.exe
1280	wscript.exe
1960	wscript.exe

UPX packed file 5 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/920-54-0x0000000000400000-0x0000000000438000-memory.dmp	upx
behavioral1/memory/920-56-0x0000000000400000-0x0000000000438000-memory.dmp	upx
behavioral1/memory/920-57-0x0000000000400000-0x0000000000438000-memory.dmp	upx
behavioral1/memory/920-71-0x0000000000400000-0x0000000000438000-memory.dmp	upx
behavioral1/memory/920-463-0x0000000000400000-0x0000000000438000-memory.dmp	upx

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1524	chrome.exe
1524	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe
Token: SeShutdownPrivilege	1524	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe
1524	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 920 wrote to memory of 1280	920	mingw-get-setup.exe	30
PID 920 wrote to memory of 1280	920	mingw-get-setup.exe	30
PID 920 wrote to memory of 1280	920	mingw-get-setup.exe	30
PID 920 wrote to memory of 1280	920	mingw-get-setup.exe	30
PID 920 wrote to memory of 1960	920	mingw-get-setup.exe	31
PID 920 wrote to memory of 1960	920	mingw-get-setup.exe	31
PID 920 wrote to memory of 1960	920	mingw-get-setup.exe	31
PID 920 wrote to memory of 1960	920	mingw-get-setup.exe	31
PID 1524 wrote to memory of 1732	1524	chrome.exe	34
PID 1524 wrote to memory of 1732	1524	chrome.exe	34
PID 1524 wrote to memory of 1732	1524	chrome.exe	34
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 612	1524	chrome.exe	36
PID 1524 wrote to memory of 524	1524	chrome.exe	37
PID 1524 wrote to memory of 524	1524	chrome.exe	37
PID 1524 wrote to memory of 524	1524	chrome.exe	37
PID 1524 wrote to memory of 472	1524	chrome.exe	38
PID 1524 wrote to memory of 472	1524	chrome.exe	38
PID 1524 wrote to memory of 472	1524	chrome.exe	38
PID 1524 wrote to memory of 472	1524	chrome.exe	38
PID 1524 wrote to memory of 472	1524	chrome.exe	38
PID 1524 wrote to memory of 472	1524	chrome.exe	38
PID 1524 wrote to memory of 472	1524	chrome.exe	38
PID 1524 wrote to memory of 472	1524	chrome.exe	38
PID 1524 wrote to memory of 472	1524	chrome.exe	38
PID 1524 wrote to memory of 472	1524	chrome.exe	38
PID 1524 wrote to memory of 472	1524	chrome.exe	38

C:\Users\Admin\AppData\Local\Temp\mingw-get-setup.exe
"C:\Users\Admin\AppData\Local\Temp\mingw-get-setup.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:920
- C:\Windows\SysWOW64\wscript.exe
  wscript -nologo C:\MinGW\libexec\mingw-get\shlink.js --all-users --start-menu --description "MinGW Installation Manager" C:\MinGW\libexec\mingw-get\guimain.exe "MinGW Installation Manager"
  2⤵
  - Loads dropped DLL
  PID:1280
- C:\Windows\SysWOW64\wscript.exe
  wscript -nologo C:\MinGW\libexec\mingw-get\shlink.js --all-users --desktop --description "MinGW Installation Manager" C:\MinGW\libexec\mingw-get\guimain.exe "MinGW Installer"
  2⤵
  - Loads dropped DLL
  PID:1960

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6a79758,0x7fef6a79768,0x7fef6a79778
  2⤵
  PID:1732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1184 --field-trial-handle=1232,i,3610905272492251050,5227500251286525361,131072 /prefetch:2
  2⤵
  PID:612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1392 --field-trial-handle=1232,i,3610905272492251050,5227500251286525361,131072 /prefetch:8
  2⤵
  PID:524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1608 --field-trial-handle=1232,i,3610905272492251050,5227500251286525361,131072 /prefetch:8
  2⤵
  PID:472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2292 --field-trial-handle=1232,i,3610905272492251050,5227500251286525361,131072 /prefetch:1
  2⤵
  PID:1796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2364 --field-trial-handle=1232,i,3610905272492251050,5227500251286525361,131072 /prefetch:1
  2⤵
  PID:1664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1448 --field-trial-handle=1232,i,3610905272492251050,5227500251286525361,131072 /prefetch:2
  2⤵
  PID:2088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2256 --field-trial-handle=1232,i,3610905272492251050,5227500251286525361,131072 /prefetch:8
  2⤵
  PID:2192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3776 --field-trial-handle=1232,i,3610905272492251050,5227500251286525361,131072 /prefetch:8
  2⤵
  PID:2232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3740 --field-trial-handle=1232,i,3610905272492251050,5227500251286525361,131072 /prefetch:1
  2⤵
  PID:2260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3860 --field-trial-handle=1232,i,3610905272492251050,5227500251286525361,131072 /prefetch:8
  2⤵
  PID:2320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3840 --field-trial-handle=1232,i,3610905272492251050,5227500251286525361,131072 /prefetch:8
  2⤵
  PID:2332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4056 --field-trial-handle=1232,i,3610905272492251050,5227500251286525361,131072 /prefetch:1
  2⤵
  PID:2484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4344 --field-trial-handle=1232,i,3610905272492251050,5227500251286525361,131072 /prefetch:8
  2⤵
  PID:2872

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:588

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\MinGW\libexec\mingw-get\guimain.exe

Filesize
141KB

MD5
63dd6168efccf34442141bc6a30ca4b5

SHA1
4215e4157baeb2709ddf46aa23bae3512c388c16

SHA256
f3d7c1f06a99cd9fd9e1b52b18b031171617e30a884eaacf210f4e02caca8d25

SHA512
6bac1514408c83607de3e381828cb74fa9e24b72860ca3f1245c25a111e1e61346a37fd2e1cbcf553097ce1f7f149beb188364e844ce959ac7f4d0a14bb01339

Download Submit
C:\MinGW\libexec\mingw-get\shlink.js

Filesize
10KB

MD5
7c05fb7cfcb8af75cc51f0e5b5b8a63f

SHA1
7344f388103e4aceaf9bb2088afc8bf39b6da184

SHA256
a4d51113d10de71cde294e76ddd63e35273a33c4321eb50d804264ca97c51331

SHA512
9bf2b1c262fe7bbd26ac2367526c14d3bb9aab56d35e2cc149885412fd6b6e82f60c66de8ef39190cc9782c65e99471420d8e53695d7d25220d29c9ee4fcf7b5

Download Submit
C:\MinGW\var\cache\mingw-get\data\package-list.xml

Filesize
493B

MD5
c9677246b18c55e98a5d4c93f2137100

SHA1
a21f9284e078fd314a710bf72494b5c67f2846f7

SHA256
29b76a0df200eb62ddba993134dad0e7979964d49e2680153cdf02ab8e17e9f4

SHA512
8bd62dd4268838fd922421b579a7564c6e8572b0dfbf27e5235b38d5711ad2ee7e7d05c50209ddd80cbe740e95366d041be904b3d0d4256d015d85397fecb155

Download Submit
C:\MinGW\var\cache\mingw-get\packages\mingw-get-0.6.2-mingw32-beta-20131004-1-bin.tar.xz

Filesize
260KB

MD5
6453e5e9a88511a599630013ca0f2871

SHA1
b912dbccd0f737d3006eefd1d451d2c39b2e5a92

SHA256
d199842bad7373bc52cec841d31abf42c77febddaa9e3d8a3cf3182523b23b01

SHA512
75faf0c754dc051e647d341eaeebeda1b3d1e6a0cd795afab0f7a270d2af74d54dd06840a607e89e6907b898ab1c923c79fb74a552ce13178ecfea6f6c088b65

Download Submit
C:\MinGW\var\cache\mingw-get\packages\mingw-get-0.6.2-mingw32-beta-20131004-1-gui.tar.xz

Filesize
56KB

MD5
5ec17e2f07d410f721e38bafe544f3d6

SHA1
4fd2f627a83858c25cfd11be3a6e21fd752052c6

SHA256
427887aaf995523083875599295d462f8f805fde16ca7a770ca93ccf2c198a2c

SHA512
9599e515251c764560938de4cd01fe1903201d40d2ad529df57cdfed0d91211a35446a9a1055fb34a272c2dd527adabed36af1ed229fad461a0bcf601bef5c3d

Download Submit
C:\MinGW\var\cache\mingw-get\packages\mingw-get-0.6.2-mingw32-beta-20131004-1-lic.tar.xz

Filesize
12KB

MD5
809d7d44cd3396481057dd6fb615c20a

SHA1
c9bff67e782d48002c7458152bbb96e4f4d2115d

SHA256
92adc1151b1463906e2bdb091482bafd54e363598a618c160ab1dad19111d510

SHA512
0758dc338ec9927525ba9325aea58414af989607bec8c93893ba1d5adee67c76b8312f1b5a5c314f154d928309edbcffdd37136149e1a45bcccf31aeed945563

Download Submit
C:\MinGW\var\lib\mingw-get\data\profile.xml

Filesize
5KB

MD5
d76a902ad2f5498bb1cc0f79f671597d

SHA1
ac70b375312ffa73527b1859efce37ec028c2bf1

SHA256
17366da811ca26651c139530cedc42ce215f237833f08417c2f3f4f10d475b7a

SHA512
b47217ae8d3067ce6ef459b48f9f080c120c9e4353a8e0d23c35e9a18bba7805d2d86a9761795e2f8c0c961228c139529f837f49b45d509b7e79e233f2174203

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\CURRENT~RF6e2128.TMP

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
007c1e5e3b0539ca75eda5534fb57d11

SHA1
bb48a8f9aa101a7c1305cd8a200f659723ce8aa6

SHA256
e512364d3564b22f52514782848e680a1d5d73ba0c00340a25b2acdd981324f7

SHA512
19355a828c33dd51c463256086d79d57ff8d1e043e664c2b281e976ce35b117a27c3846c4434b38a5e1a20735afc66e4cf3096a0ffc342dd29ab19f35c4d5f25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
cb996e161e7a5fb2cffb3efd79295d1d

SHA1
e9efcb9f8d2a25d5e639fe8231fdf74752f26b7c

SHA256
df6d8aca4d7c4faa733459ff44793838273288305378172c533dd7ba1028a12e

SHA512
814973f04c98e235a9b46cf78f33776dd74a84418d1a0fca384315174e19a36c424790dbf58fb283fbd80c0bb048a92e4abd131ae635ce2ef7f8a94a4f5befe0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000004.dbtmp

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
\MinGW\libexec\mingw-get\guimain.exe

Filesize
141KB

MD5
63dd6168efccf34442141bc6a30ca4b5

SHA1
4215e4157baeb2709ddf46aa23bae3512c388c16

SHA256
f3d7c1f06a99cd9fd9e1b52b18b031171617e30a884eaacf210f4e02caca8d25

SHA512
6bac1514408c83607de3e381828cb74fa9e24b72860ca3f1245c25a111e1e61346a37fd2e1cbcf553097ce1f7f149beb188364e844ce959ac7f4d0a14bb01339

Download Submit
\MinGW\libexec\mingw-get\guimain.exe

Filesize
141KB

MD5
63dd6168efccf34442141bc6a30ca4b5

SHA1
4215e4157baeb2709ddf46aa23bae3512c388c16

SHA256
f3d7c1f06a99cd9fd9e1b52b18b031171617e30a884eaacf210f4e02caca8d25

SHA512
6bac1514408c83607de3e381828cb74fa9e24b72860ca3f1245c25a111e1e61346a37fd2e1cbcf553097ce1f7f149beb188364e844ce959ac7f4d0a14bb01339

Download Submit
\MinGW\libexec\mingw-get\mingw-get-0.dll

Filesize
550KB

MD5
2188006826da68eeb29cb3f16f385263

SHA1
5be8b4740e38f9e7461471bcc4da089a041740e1

SHA256
a481512fce53e3180e68701a5cdc2b82c8d89757cf7b7e1330e10d9f5f4ccaa2

SHA512
4c72601c65e81ca878d96432377827fa36cef9b3a058cf33a12da80dd0bbb607df92f6799ef1b1cab974896fddf1c66202b57b050b4fd05510f19ca29ab43aa3

Download Submit
\MinGW\libexec\mingw-get\mingw-get-setup-0.dll

Filesize
133KB

MD5
10f72745741618404c3aea7422b9e110

SHA1
e40ee03d1488a80e608e67b2eee1bab491240fe6

SHA256
5c45a7439d127c09b74fa16a0b300fb290ba15d316397579985464be484b8e17

SHA512
9ed7132fcacc812cbf50d7997bf1e7239e05498d1749fe765c05fa5b8cde0bcfdbed45aec2cf4c61c31ccc9dfe2fd25288c7bee8bc9e33dda24508724ed9d3d2

Download Submit
memory/920-363-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-373-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-340-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-341-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-342-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-345-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-346-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-344-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-343-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-349-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-350-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-348-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-347-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-353-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-354-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-352-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-351-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-357-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-358-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-356-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-355-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-359-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-360-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-338-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-364-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-362-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-361-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-367-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-368-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-366-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-365-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-369-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-370-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-339-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-374-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-372-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-371-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-378-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-379-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-377-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-376-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-375-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-380-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-381-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-383-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-382-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-386-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-387-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-385-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-384-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-337-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-336-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-335-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-334-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-333-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-332-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-390-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-389-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-388-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-463-0x0000000000400000-0x0000000000438000-memory.dmp

Filesize
224KB

Download
memory/920-331-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-330-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/920-71-0x0000000000400000-0x0000000000438000-memory.dmp

Filesize
224KB

Download
memory/920-57-0x0000000000400000-0x0000000000438000-memory.dmp

Filesize
224KB

Download
memory/920-56-0x0000000000400000-0x0000000000438000-memory.dmp

Filesize
224KB

Download
memory/920-54-0x0000000000400000-0x0000000000438000-memory.dmp

Filesize
224KB

Download