d5c1974cd299e95b4918cbd4d8291c987193503e7077f1603f172266526279e6

Analysis

max time kernel
49s
max time network
141s
platform
windows7_x64
resource
win7-20230621-en
resource tags

arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
submitted
30-06-2023 14:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

SONY VEGAS PRO 14/Instalar.exe
Size

4.5MB
MD5

f64bc02aafe47068b13ad1d4fcbfe12e
SHA1

0cc4856e32393e61329d8d222d2eeac1951d672b
SHA256

57a80c3d513b413f41da94256bb463ce429ee092f115540d6ffad6c83223214a
SHA512

71d6629b859154bf2187406cb9dd1efc1684bb417535c8c5f583957cbd63a870ed00f47239f7220024d11592f6cbeb50c27888eaec7d20bacb5401dc0e95eb4e
SSDEEP

98304:Zz8a9RETzrwxmZvYj/7pmtkuIW0Hl0Y3cErhJ1xI+RqkMZy+2YZA7pt:JRETzVZgD7Q+hWme6cE/zvROQXYZgpt

Score

4^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
592	MxDownloadManager.exe

Loads dropped DLL 7 IoCs

pid	Process
680	Instalar.exe
592	MxDownloadManager.exe
592	MxDownloadManager.exe
592	MxDownloadManager.exe
592	MxDownloadManager.exe
592	MxDownloadManager.exe
592	MxDownloadManager.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies system certificate store 2 TTPs 6 IoCs

Install Root Certificate

T1130

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436	MxDownloadManager.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436\Blob = 04000000010000001000000079e4a9840d7d3a96d7c04fe2434c892e0f0000000100000014000000b34ddd372ed92e8f2abfbb9e20a9d31f204f194b090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000003de503556d14cbb66f0a3e21b1bc397b23dd1550b00000001000000120000004400690067006900430065007200740000001d000000010000001000000059779e39e21a2e3dfced6857ed5c5fd9030000000100000014000000a8985d3a65e5e5c4b2d7d66d40c6dd2fb19c54361900000001000000100000000f3a0527d242de2dc98e5cfcb1e991ee2000000001000000b3030000308203af30820297a0030201020210083be056904246b1a1756ac95991c74a300d06092a864886f70d01010505003061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100e23be11172dea8a4d3a357aa50a28f0b7790c9a2a5ee12ce965b010920cc0193a74e30b753f743c46900579de28d22dd870640008109cece1b83bfdfcd3b7146e2d666c705b37627168f7b9e1e957deeb748a308dad6af7a0c3906657f4a5d1fbc17f8abbeee28d7747f7a78995985686e5c23324bbf4ec0e85a6de370bf7710bffc01f685d9a844105832a97518d5d1a2be47e2276af49a33f84908608bd45fb43a84bfa1aa4a4c7d3ecf4f5f6c765ea04b37919edc22e66dce141a8e6acbfecdb3146417c75b299e32bff2eefad30b42d4abb74132da0cd4eff881d5bb8d583fb51be84928a270da3104ddf7b216f24c0a4e07a8ed4a3d5eb57fa390c3af270203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041403de503556d14cbb66f0a3e21b1bc397b23dd155301f0603551d2304183016801403de503556d14cbb66f0a3e21b1bc397b23dd155300d06092a864886f70d01010505000382010100cb9c37aa4813120afadd449c4f52b0f4dfae04f5797908a32418fc4b2b84c02db9d5c7fef4c11f58cbb86d9c7a74e79829ab11b5e370a0a1cd4c8899938c9170e2ab0f1cbe93a9ff63d5e40760d3a3bf9d5b09f1d58ee353f48e63fa3fa7dbb466df6266d6d16e418df22db5ea774a9f9d58e22b59c04023ed2d2882453e7954922698e08048a837eff0d6796016deace80ecd6eac4417382f49dae1453e2ab93653cf3a5006f72ee8c457496c612118d504ad783c2c3a806ba7ebaf1514e9d889c1b9386ce2916c8aff64b977255730c01b24a3e1dce9df477cb5b424080530ec2dbd0bbf45bf50b9a9f3eb980112adc888c698345f8d0a3cc6e9d595956dde	MxDownloadManager.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25	MxDownloadManager.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 0f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b060105050703085300000001000000230000003021301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc30b00000001000000120000004400690067006900430065007200740000001d00000001000000100000008f76b981d528ad4770088245e2031b630300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc252000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a	MxDownloadManager.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 190000000100000010000000ba4f3972e7aed9dccdc210db59da13c90300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc251d00000001000000100000008f76b981d528ad4770088245e2031b630b0000000100000012000000440069006700690043006500720074000000140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc35300000001000000230000003021301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b060105050703080f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a82000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a	MxDownloadManager.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 040000000100000010000000d474de575c39b2d39c8583c5c065498a0f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b060105050703085300000001000000230000003021301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc30b00000001000000120000004400690067006900430065007200740000001d00000001000000100000008f76b981d528ad4770088245e2031b630300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25190000000100000010000000ba4f3972e7aed9dccdc210db59da13c92000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a	MxDownloadManager.exe

Suspicious use of FindShellTrayWindow 3 IoCs

pid	Process
680	Instalar.exe
592	MxDownloadManager.exe
592	MxDownloadManager.exe

Suspicious use of SendNotifyMessage 2 IoCs

pid	Process
592	MxDownloadManager.exe
592	MxDownloadManager.exe

Suspicious use of SetWindowsHookEx 13 IoCs

pid	Process
680	Instalar.exe
680	Instalar.exe
680	Instalar.exe
680	Instalar.exe
592	MxDownloadManager.exe
592	MxDownloadManager.exe
592	MxDownloadManager.exe
592	MxDownloadManager.exe
592	MxDownloadManager.exe
592	MxDownloadManager.exe
592	MxDownloadManager.exe
592	MxDownloadManager.exe
592	MxDownloadManager.exe

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 680 wrote to memory of 592	680	Instalar.exe	26
PID 680 wrote to memory of 592	680	Instalar.exe	26
PID 680 wrote to memory of 592	680	Instalar.exe	26
PID 680 wrote to memory of 592	680	Instalar.exe	26
PID 680 wrote to memory of 592	680	Instalar.exe	26
PID 680 wrote to memory of 592	680	Instalar.exe	26
PID 680 wrote to memory of 592	680	Instalar.exe	26

C:\Users\Admin\AppData\Local\Temp\SONY VEGAS PRO 14\Instalar.exe
"C:\Users\Admin\AppData\Local\Temp\SONY VEGAS PRO 14\Instalar.exe"
1⤵
- Loads dropped DLL
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:680
- C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\MxDownloadManager.exe
  "C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\MxDownloadManager.exe" -s VEGAS_Pro_14_trial -r -ic -it TRIALVERSION_INSTALLER
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Modifies system certificate store
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  PID:592

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

T1130

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\CabBF0E.tmp

Filesize
62KB

MD5
3ac860860707baaf32469fa7cc7c0192

SHA1
c33c2acdaba0e6fa41fd2f00f186804722477639

SHA256
d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

SHA512
d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarBFCC.tmp

Filesize
164KB

MD5
4ff65ad929cd9a367680e0e5b1c08166

SHA1
c0af0d4396bd1f15c45f39d3b849ba444233b3a2

SHA256
c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

SHA512
f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

Download Submit
C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\Bitmaps\mxgui.4.0\CPleaseWait.ini

Filesize
2KB

MD5
66facb28ae5e5c0b14c92fc2e8c449d6

SHA1
d78291fdafc4225326544ec3dff00d5dd7903be5

SHA256
2a4c025203881c60934ff7de148d342ad5213335c321749cfe603c0ee91cf5c2

SHA512
ab7a532a74b57df9e1069cf85ba02e4303daac47b73b237b06a5267e0514aeff3176f99496c8b1b5c719e696c6acfee3b9c26849e04b29a38b7b4fc66e4bdf0f

Download Submit
C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\Bitmaps\mxgui.4.0\ProgressDialogTemplates.ini

Filesize
1KB

MD5
2f93b18242003d0b58ca3c938d56a36f

SHA1
ebbfcd0061506e96b87fc6f6228664b70aef88ff

SHA256
c60d3542f97ee43f99e006b34d444b25444c257318e37b1ff55764309d2a317a

SHA512
ec9d5f92cd7baed6572d0b0c9a59733fa7d5c299507624622cd6a07922b0b1beec409fb138957e2cb96d90c3f7bdcd7d36e94914d1c8f908eb4cb8a7334649c2

Download Submit
C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\Bitmaps\mxgui.4.0\ProgressDialogTemplates.png

Filesize
38KB

MD5
cbe0a7c1ee665c7272873c031a0c5d52

SHA1
318173f246374dc2486aecbcf52c32d66ef12888

SHA256
9cf7ce3d45c97311e6a400413c61befccf9bf6e9820d5886414829d1d2f2ca86

SHA512
ed98e44a663f650e07231cd54f5d7b989ec4e5d5c11a1b4709a585a5f1cb4bcab9df5f78344754fb3d844cab0b72d6479e97b1568a5db8b2bb42ede038ba571e

Download Submit
C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\Install.cfg

Filesize
173B

MD5
15c8b4f52ce7145cfa96c0fce73cb062

SHA1
776e980cfce43983c2cca08ab4facbda6f918025

SHA256
235fff60338e335e3afc2558376a97a4d0a82cdc9ac3ef17535564aa7c81a12f

SHA512
5ec04afdd3791caa544628a529e2e4170bca5de56ba6a80f54c9322bd841bc9370f4183ad3609902c75e7ec2e7c27110bd0dcac83a0f70cce21e2da807cfded3

Download Submit
C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\MFL_rel_u_vc12.dll

Filesize
2.1MB

MD5
e6ba909494d7758de10faf8482efa251

SHA1
94cde537ec4f65e851eb91f9efb99c5063656798

SHA256
5f42e14558e91824ef0a350316bda35762f65ab67cf9e6763598b96aca230702

SHA512
277ddfa83b9ba5a2add23f7ccb820f33fc701631a11e4889924f70998ed64e072d6f18bfdbd6a0b78ea89301613af920e86a7624a7f0bc22f41918ff1e9cae45

Download Submit
C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\MxDownloadManager-en_us.dll

Filesize
140KB

MD5
7723e548696e16ddb9b90d8df99a83a4

SHA1
40fdd091d5fffff6b43da8e493a3f3f0ae8228f9

SHA256
63e1d72319b342620b9397140cd3a98d02b7fa88a6daefa1e9f23077c6909ea4

SHA512
5bb05c03a03c0694409675a47c545f48d77f412b4b219a69e0fe576fe46d52bb28b9e8de1f8ac6891a508b293ae9965febc1e4faa3e39faf10970443b5ddcb1b

Download Submit
C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\MxDownloadManager.exe

Filesize
4.2MB

MD5
38e45d7178b7d9704d2dac93de0c15df

SHA1
8053d4a82f2262da4f4b1d626c41bf60b2d582f8

SHA256
6965622700e6ddc04ca4664f3bba90778cc540f5c1f1608036ed92bc3b583209

SHA512
beab477ed0e234ef9d79001330445901a8d9b3d32ca679a16c8b1e6e402a08d0de5651e9d64eb6fea706e5f732b5f85464469f3905a090fba1ef539701160ae6

Download Submit
C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\MxDownloadManager.exe

Filesize
4.2MB

MD5
38e45d7178b7d9704d2dac93de0c15df

SHA1
8053d4a82f2262da4f4b1d626c41bf60b2d582f8

SHA256
6965622700e6ddc04ca4664f3bba90778cc540f5c1f1608036ed92bc3b583209

SHA512
beab477ed0e234ef9d79001330445901a8d9b3d32ca679a16c8b1e6e402a08d0de5651e9d64eb6fea706e5f732b5f85464469f3905a090fba1ef539701160ae6

Download Submit
C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\PlayRIpl.dll

Filesize
20KB

MD5
dab2803a640e34e20aa2a63a18a62a2d

SHA1
8b85d9eed646bb2231f1dea54b61542746f01639

SHA256
3db5f0d218be84cd4adfe2699f21d3114a9e430f69d065fb9081c08f5c11ddbe

SHA512
8fefa27904305dd8688a0e6ec13822c2d6e80df8bd35ff76bca25743f7b414e7a2500b5c7b092651deea8c19cbd98cd0c49caa808470e31a740f5e8131b9e535

Download Submit
C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\PlayRIplPX.DLL

Filesize
624KB

MD5
4aac61c6f6a14123719461dace63d1c5

SHA1
4aef6421a4f2d391e62399814a1edc203c1db2b3

SHA256
caf460990add3bdf6e8e836535ff33016787f6020232e77505b37092460213d1

SHA512
72b17c5282ef200e9becfd00f508aaa6a0d183d13e5268a14f6f11648c3cfe1fc21b480bcfd3ca5ae9d04e08e7c402e229a27fe98355bdec8368e120b933f019

Download Submit
C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\SetupInfo.ini

Filesize
3KB

MD5
42bd1c815a464a94ac96477837382120

SHA1
73f68646efd6e9185b2f4611f0c4423f8d0cf6c7

SHA256
fff3bd88f089d3728ae588adbff36e9775ed015a94224724389ef77d0392051d

SHA512
b273581292790f61e282e1f30ce72e1f5e1c50ce1399b5956ebe1e5884c1f40681e06f513ce9d0739e3a8a5764e0c063f6f1f51abc11192f262d3554b4f2e877

Download Submit
C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\VistaCooperation_rel_u_vc12.dll

Filesize
1.7MB

MD5
173564096df68106b906973447bf25bf

SHA1
a23eabb6eccd26b64e1c0eadb18c4057fdd67005

SHA256
6591c97626be51ea3a2644c4a32cf519a3c2aed110c0742d9bcbefb051d461ef

SHA512
bfa167fee7dcb3996883537ade4df8f5778536e1fffb3a6c5510359f47baa8d769e8f3eb4b0b21cd73dc27d3cdf0bc0a2ea3e22423b880f02a4bf630175b8b47

Download Submit
C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\bitmaps\mxgui.4.0\CMxDownloadManagerDlg.ini

Filesize
7KB

MD5
ece038087ff14d25b25e98df73360fe6

SHA1
fcb31ddf73857d506f8a21162f2cfbf80d0e64ea

SHA256
d4a45bd57343c2b66a62d13de38d7e302dd8119dafebe3ebb3ceae255aacd978

SHA512
d1676dc83292eba644d4971cd9deccba82e8f5638154ff6cfa51b9285efe29dc88bd78ef8110b6407afc2508153991fb56ea946aa76e4a7665d4444d132e09de

Download Submit
C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\bitmaps\mxgui.4.0\CMxDownloadManagerDlg_1.ini

Filesize
7KB

MD5
cc73541853cf99988aea4e078edd4415

SHA1
aaec140274688d3924df7cae1fc72f32d56d2ad8

SHA256
7e32961abed918cad096fd74779f9f151b25a7bfa9e151495602e39a10116cf8

SHA512
eee7a6f09fdeeb81ee44aab505710bc2b37888060213502f337874b007eca09954d345cfa09e6d3ab40adcdf7dc4dd3a114b99cb21b7ccb41efbbed23725174e

Download Submit
C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\bitmaps\mxgui.4.0\Logo.png

Filesize
4KB

MD5
0e4712a4e4eba8b6b6829ca21fd6def8

SHA1
9ea22307eae3e98c4164aab685e5f651700f3f4f

SHA256
63a0002efbbb5698778ca16e61cd47654450614423bbd75d20f3f6e2bc3ac8ad

SHA512
79fba4b40495ba9fe59a577cb447f10be97d51c482a937471d10e3042a50f60428a8ef464064ee518f9f23aaed29d3e1bc6dc6a0ee744f441817d09b62fa4ccd

Download Submit
C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\bitmaps\mxgui.4.0\Promo.png

Filesize
156KB

MD5
c96160aebf4b94170c7bd9b5749f76ef

SHA1
6c150a93cf9158c5780dd45c68823680f460c7e5

SHA256
cc3d50016f0fce659b457ed3c57b91f801e04f18fe16c11fea5c969dcdb023b7

SHA512
1b2539be1152ff0c3115fff7a042e83cded30f33f9728bf8332b64a30517fa8e806cfc1847feb030ad1f219eace7b2c2bcbb87788f3602d5499b93250a54eb27

Download Submit
C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\bitmaps\mxgui.4.0\controlTemplates.ini

Filesize
3KB

MD5
d18cb8459ceaa93632e05fcf8bcb6bb3

SHA1
7c4b92de24add3172e5965425c6eebe5f63d39af

SHA256
ba50c265de5e05f6671bbd300689671ba8d18e04f047bc6b53ca21749a05b8ac

SHA512
1392486b7782c03c0de3d18a4286084c523f00273861dffed9df78ce67090cb442024c191ea36ef89a01774f236f72009b8b048b74191e305128971cc3670593

Download Submit
C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\bitmaps\mxgui.4.0\generalTemplates.ini

Filesize
321B

MD5
2f3c70a69905cc6d8e413c885fa4d657

SHA1
cc2d7f3cb76ad1ed7e7bcd2293d4cb9fe3bb0eed

SHA256
1ba202395050ff1d2415eb23b5615611e22f0fa6c0be0828c8220ced49a06aab

SHA512
a0e38b62c29255a0ada4b5b6b661a9978208a4ce72643c711e03b54d86d6ba9a271bf5525d47acdbb3102ac09ef82e0572991a2bf1cd04a757bfc4a6809170fb

Download Submit
C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\dm.xml

Filesize
1KB

MD5
2e95fc5a7cf2cb844f65aedc6bfce073

SHA1
19afaae86bc728933d54b77719a6c22d92766ce2

SHA256
b9211d7e370e247a50495fa376cb3b9ad9d9bfd12f7722f105bdf221d66df880

SHA512
14d82c3f2a0d417919dd4197ed112f714fc24d4e71d4d6b24e3af40c359723e8cc898f091fdd6f37f827e11af1f74d9cb34db06a436a8947d7c64fd6e3012aed

Download Submit
C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\ijl20.dll

Filesize
2.3MB

MD5
74472d4f18646f39d758bd6cc16558cf

SHA1
4bb0cd4e2677bcd1a7c1e6ae5fcd434b8471dc28

SHA256
ef8c2c043cdcc960a0082076eaa21542807ad47c895fabf5ade33f843ac0de13

SHA512
5a6eedddaadac0edfa6315a5034c9906a1d6c1073a12b6c69a932618069a7ed34c40a0d0eaf6835c26b0369efc8e72a87a9919b41e013b48ecb8f738ecf8b211

Download Submit
C:\Users\Admin\AppData\Local\Temp\mgx98y75mla\installed.xml

Filesize
35B

MD5
aea624768256ae1708e75309bf8299ee

SHA1
c746983d25965ebfd98c6541731669f0d562c6b2

SHA256
8f49354f824579622074cc96a4e85f0e0e003f17367b6426cf3c0226a7c46fd6

SHA512
6d863b9f30e231b0c535b74ea4a4627b94f8ec20065bc1ab3e852f5c3dc72ab86ca20c83981e2c6f4f303a387d34b511453527f6817b2b48d1c8382cfdfbaea2

Download Submit
\Users\Admin\AppData\Local\Temp\mgx98y75mla\MFL_rel_u_vc12.dll

Filesize
2.1MB

MD5
e6ba909494d7758de10faf8482efa251

SHA1
94cde537ec4f65e851eb91f9efb99c5063656798

SHA256
5f42e14558e91824ef0a350316bda35762f65ab67cf9e6763598b96aca230702

SHA512
277ddfa83b9ba5a2add23f7ccb820f33fc701631a11e4889924f70998ed64e072d6f18bfdbd6a0b78ea89301613af920e86a7624a7f0bc22f41918ff1e9cae45

Download Submit
\Users\Admin\AppData\Local\Temp\mgx98y75mla\MxDownloadManager-en_us.dll

Filesize
140KB

MD5
7723e548696e16ddb9b90d8df99a83a4

SHA1
40fdd091d5fffff6b43da8e493a3f3f0ae8228f9

SHA256
63e1d72319b342620b9397140cd3a98d02b7fa88a6daefa1e9f23077c6909ea4

SHA512
5bb05c03a03c0694409675a47c545f48d77f412b4b219a69e0fe576fe46d52bb28b9e8de1f8ac6891a508b293ae9965febc1e4faa3e39faf10970443b5ddcb1b

Download Submit
\Users\Admin\AppData\Local\Temp\mgx98y75mla\MxDownloadManager.exe

Filesize
4.2MB

MD5
38e45d7178b7d9704d2dac93de0c15df

SHA1
8053d4a82f2262da4f4b1d626c41bf60b2d582f8

SHA256
6965622700e6ddc04ca4664f3bba90778cc540f5c1f1608036ed92bc3b583209

SHA512
beab477ed0e234ef9d79001330445901a8d9b3d32ca679a16c8b1e6e402a08d0de5651e9d64eb6fea706e5f732b5f85464469f3905a090fba1ef539701160ae6

Download Submit
\Users\Admin\AppData\Local\Temp\mgx98y75mla\PlayRIpl.dll

Filesize
20KB

MD5
dab2803a640e34e20aa2a63a18a62a2d

SHA1
8b85d9eed646bb2231f1dea54b61542746f01639

SHA256
3db5f0d218be84cd4adfe2699f21d3114a9e430f69d065fb9081c08f5c11ddbe

SHA512
8fefa27904305dd8688a0e6ec13822c2d6e80df8bd35ff76bca25743f7b414e7a2500b5c7b092651deea8c19cbd98cd0c49caa808470e31a740f5e8131b9e535

Download Submit
\Users\Admin\AppData\Local\Temp\mgx98y75mla\PlayRIplPX.dll

Filesize
624KB

MD5
4aac61c6f6a14123719461dace63d1c5

SHA1
4aef6421a4f2d391e62399814a1edc203c1db2b3

SHA256
caf460990add3bdf6e8e836535ff33016787f6020232e77505b37092460213d1

SHA512
72b17c5282ef200e9becfd00f508aaa6a0d183d13e5268a14f6f11648c3cfe1fc21b480bcfd3ca5ae9d04e08e7c402e229a27fe98355bdec8368e120b933f019

Download Submit
\Users\Admin\AppData\Local\Temp\mgx98y75mla\VistaCooperation_rel_u_vc12.dll

Filesize
1.7MB

MD5
173564096df68106b906973447bf25bf

SHA1
a23eabb6eccd26b64e1c0eadb18c4057fdd67005

SHA256
6591c97626be51ea3a2644c4a32cf519a3c2aed110c0742d9bcbefb051d461ef

SHA512
bfa167fee7dcb3996883537ade4df8f5778536e1fffb3a6c5510359f47baa8d769e8f3eb4b0b21cd73dc27d3cdf0bc0a2ea3e22423b880f02a4bf630175b8b47

Download Submit
\Users\Admin\AppData\Local\Temp\mgx98y75mla\ijl20.dll

Filesize
2.3MB

MD5
74472d4f18646f39d758bd6cc16558cf

SHA1
4bb0cd4e2677bcd1a7c1e6ae5fcd434b8471dc28

SHA256
ef8c2c043cdcc960a0082076eaa21542807ad47c895fabf5ade33f843ac0de13

SHA512
5a6eedddaadac0edfa6315a5034c9906a1d6c1073a12b6c69a932618069a7ed34c40a0d0eaf6835c26b0369efc8e72a87a9919b41e013b48ecb8f738ecf8b211

Download Submit
memory/592-165-0x0000000000AD0000-0x0000000000C8A000-memory.dmp

Filesize
1.7MB

Download
memory/592-171-0x0000000000C90000-0x0000000000ED6000-memory.dmp

Filesize
2.3MB

Download
memory/592-174-0x00000000026B0000-0x000000000274C000-memory.dmp

Filesize
624KB

Download