hxxps://www[.]blender[.]org/download/

Analysis

max time kernel
1800s
max time network
1693s
platform
windows10-1703_x64
resource
win10-20230703-es
resource tags

arch:x64arch:x86image:win10-20230703-eslocale:es-esos:windows10-1703-x64systemwindows
submitted
17-07-2023 02:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.blender.org/download/

Score

8^/10

persistence

Malware Config

Signatures

Blocklisted process makes network request 4 IoCs

flow	pid	Process
69	1276	msiexec.exe
71	1276	msiexec.exe
74	1276	msiexec.exe
76	1276	msiexec.exe

Executes dropped EXE 5 IoCs

pid	Process
5020	blender.exe
4164	blender-launcher.exe
4464	blender.exe
1208	blender-launcher.exe
3400	blender.exe

Loads dropped DLL 64 IoCs

pid	Process
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
5020	blender.exe
1376	regsvr32.exe
4164	blender-launcher.exe
4464	blender.exe
4464	blender.exe
4464	blender.exe
4464	blender.exe
4464	blender.exe
4464	blender.exe
4464	blender.exe
4464	blender.exe
4464	blender.exe
4464	blender.exe
4464	blender.exe
4464	blender.exe
4464	blender.exe
4464	blender.exe
4464	blender.exe
4464	blender.exe
4464	blender.exe
4464	blender.exe
4464	blender.exe
4464	blender.exe

Registers COM server for autorun 1 TTPs 3 IoCs

persistence

Registry Run Keys / Startup Folder

T1060

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-488886677-2269338296-1239465872-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InProcServer32	regsvr32.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-488886677-2269338296-1239465872-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InProcServer32\ = "C:\\Program Files\\Blender Foundation\\Blender 3.6\\BlendThumb.dll"	regsvr32.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-488886677-2269338296-1239465872-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InProcServer32\ThreadingModel = "Apartment"	regsvr32.exe

Enumerates connected drives 3 TTPs 46 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\A:	msiexec.exe
File opened (read-only)	\??\L:	msiexec.exe
File opened (read-only)	\??\M:	msiexec.exe
File opened (read-only)	\??\T:	msiexec.exe
File opened (read-only)	\??\A:	msiexec.exe
File opened (read-only)	\??\E:	msiexec.exe
File opened (read-only)	\??\I:	msiexec.exe
File opened (read-only)	\??\U:	msiexec.exe
File opened (read-only)	\??\V:	msiexec.exe
File opened (read-only)	\??\X:	msiexec.exe
File opened (read-only)	\??\B:	msiexec.exe
File opened (read-only)	\??\P:	msiexec.exe
File opened (read-only)	\??\H:	msiexec.exe
File opened (read-only)	\??\N:	msiexec.exe
File opened (read-only)	\??\V:	msiexec.exe
File opened (read-only)	\??\O:	msiexec.exe
File opened (read-only)	\??\K:	msiexec.exe
File opened (read-only)	\??\J:	msiexec.exe
File opened (read-only)	\??\H:	msiexec.exe
File opened (read-only)	\??\W:	msiexec.exe
File opened (read-only)	\??\G:	msiexec.exe
File opened (read-only)	\??\K:	msiexec.exe
File opened (read-only)	\??\P:	msiexec.exe
File opened (read-only)	\??\Q:	msiexec.exe
File opened (read-only)	\??\S:	msiexec.exe
File opened (read-only)	\??\S:	msiexec.exe
File opened (read-only)	\??\Y:	msiexec.exe
File opened (read-only)	\??\E:	msiexec.exe
File opened (read-only)	\??\O:	msiexec.exe
File opened (read-only)	\??\Y:	msiexec.exe
File opened (read-only)	\??\J:	msiexec.exe
File opened (read-only)	\??\M:	msiexec.exe
File opened (read-only)	\??\R:	msiexec.exe
File opened (read-only)	\??\T:	msiexec.exe
File opened (read-only)	\??\Z:	msiexec.exe
File opened (read-only)	\??\R:	msiexec.exe
File opened (read-only)	\??\U:	msiexec.exe
File opened (read-only)	\??\W:	msiexec.exe
File opened (read-only)	\??\L:	msiexec.exe
File opened (read-only)	\??\X:	msiexec.exe
File opened (read-only)	\??\N:	msiexec.exe
File opened (read-only)	\??\Q:	msiexec.exe
File opened (read-only)	\??\B:	msiexec.exe
File opened (read-only)	\??\I:	msiexec.exe
File opened (read-only)	\??\Z:	msiexec.exe
File opened (read-only)	\??\G:	msiexec.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\addons\rigify\rigs\limbs\super_palm.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\addons\cycles\license\Zlib-license.txt	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\addons\io_scene_gltf2\blender\exp\animation\gltf2_blender_gather_tracks.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\blender.shared\usd\hdx\resources\shaders\renderPassShadowShader.glslfx	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\addons\add_mesh_extra_objects\Blocks.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\Cython\Includes\libcpp\list.pxd	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\mesonbuild\backend\vs2022backend.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\startup\bl_ui\properties_physics_field.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\Cython\Includes\cpython\longintrepr.pxd	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\Cython\Includes\Deprecated\python_set.pxd	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\addons\render_povray\nodes_fn.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\pkg_resources\_vendor\pyparsing\common.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\Cython\Compiler\MemoryView.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\bz2.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\xml\dom\xmlbuilder.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\templates_py\operator_modal.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\Cython\Debugger\libcython.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\addons\cycles\source\kernel\util\color.h	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\addons\cycles\source\kernel\film\write.h	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\numpy\distutils\command\install_clib.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\startup\bl_operators\uvcalc_transform.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\addons\io_scene_gltf2\io\exp\gltf2_io_user_extensions.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\email\mime\image.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\numpy\core\tests\data\umath-validation-set-log1p.csv	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\datafiles\colormanagement\luts\xyz_D65_to_E.spimtx	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\autopep8-1.6.0-py3.10.egg-info\PKG-INFO	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\datafiles\icons\ops.gpencil.primitive_polyline.dat	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\pip\_vendor\pygments\style.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\datafiles\icons\ops.transform.edge_slide.dat	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\numpy\polynomial\chebyshev.pyi	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\presets\tracking_camera\Arri_Alexa_65.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\numpy\typing\tests\data\pass\bitwise_ops.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\datafiles\icons\ops.mesh.bevel.dat	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\presets\cloth\Silk.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\license\bmonofont-i18n.ttf.txt	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\addons\space_view3d_spacebar_menu\armature_menus.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\setuptools\_distutils\msvc9compiler.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\addons\object_carver\carver_operator.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\pip\_vendor\rich\_wrap.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\setuptools\_distutils\command\check.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\numpy\polynomial\hermite.pyi	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\addons\io_anim_bvh\export_bvh.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\addons\io_scene_x3d\import_x3d.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\numpy\random\_pcg64.cp310-win_amd64.pyd	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\mesonbuild\templates\__init__.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\numpy\core\tests\test_protocols.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\datafiles\icons\ops.armature.extrude_move.dat	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\addons\animation_animall\translations.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\numpy\typing\tests\data\reveal\arithmetic.pyi	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\autopep8-1.6.0-py3.10.egg-info\not-zip-safe	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\pip\_vendor\idna\uts46data.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\presets\operator\wm.collada_export\sl_plus_open_sim_rigged.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\datafiles\icons\brush.uv_sculpt.grab.dat	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\numpy\lib\setup.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\modules\bl_keymap_utils\versioning.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\addons\io_anim_nuke_chan\__init__.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\presets\cycles\viewport_sampling\Preview.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\addons\magic_uv\ui\VIEW3D_MT_uv_map.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\numpy\lib\format.pyi	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\addons\cycles\source\util\math_int2.h	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\addons\io_export_dxf\draw_blenders\__init__.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\scripts\addons\cycles\source\util\transform_inverse.h	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\pip\_vendor\chardet\big5prober.py	msiexec.exe
File created	C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\mesonbuild\compilers\mixins\clike.py	msiexec.exe

Drops file in Windows directory 8 IoCs

description	ioc	Process
File opened for modification	C:\Windows\Installer\MSI2F20.tmp	msiexec.exe
File created	C:\Windows\Installer\e5a13ba.msi	msiexec.exe
File created	C:\Windows\Installer\e5a13b8.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\e5a13b8.msi	msiexec.exe
File opened for modification	C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log	msiexec.exe
File opened for modification	C:\Windows\Installer\	msiexec.exe
File created	C:\Windows\Installer\inprogressinstallinfo.ipi	msiexec.exe
File created	C:\Windows\Installer\SourceHash{92BF74A7-0E5F-4774-B711-4914E92EC51B}	msiexec.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133340331564623604"	chrome.exe

Modifies registry class 21 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-488886677-2269338296-1239465872-1000_Classes\.blend\ShellEx\{e357fccd-a995-4576-b01f-234630154e96}	regsvr32.exe
Key created	\REGISTRY\USER\S-1-5-21-488886677-2269338296-1239465872-1000_Classes\.blend\ShellEx	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\blendfile\ = "Blender File"	blender.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-488886677-2269338296-1239465872-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InProcServer32\ThreadingModel = "Apartment"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\blendfile\shell\open\command\ = "\"C:\\Program Files\\Blender Foundation\\Blender 3.6\\blender-launcher.exe\" \"%1\""	blender.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\blendfile\DefaultIcon	blender.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\blendfile\DefaultIcon\ = "\"C:\\Program Files\\Blender Foundation\\Blender 3.6\\blender-launcher.exe\", 1"	blender.exe
Key created	\REGISTRY\USER\S-1-5-21-488886677-2269338296-1239465872-1000_Classes\.blend	regsvr32.exe
Key created	\REGISTRY\USER\S-1-5-21-488886677-2269338296-1239465872-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\blendfile	blender.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.blend	blender.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-488886677-2269338296-1239465872-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\ = "Blender Thumbnail Handler"	regsvr32.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-488886677-2269338296-1239465872-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InProcServer32\ = "C:\\Program Files\\Blender Foundation\\Blender 3.6\\BlendThumb.dll"	regsvr32.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-488886677-2269338296-1239465872-1000_Classes\.blend\Treatment = "0"	regsvr32.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-488886677-2269338296-1239465872-1000_Classes\.blend\ShellEx\{e357fccd-a995-4576-b01f-234630154e96}\ = "{D45F043D-F17F-4e8a-8435-70971D9FA46D}"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\blendfile\shell	blender.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\blendfile\shell\open	blender.exe
Key created	\REGISTRY\USER\S-1-5-21-488886677-2269338296-1239465872-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}	regsvr32.exe
Key created	\REGISTRY\USER\S-1-5-21-488886677-2269338296-1239465872-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InProcServer32	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\blendfile\shell\open\command	blender.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.blend\ = "blendfile"	blender.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2116	chrome.exe
2116	chrome.exe
972	chrome.exe
972	chrome.exe
1212	msiexec.exe
1212	msiexec.exe
4164	blender-launcher.exe
4164	blender-launcher.exe
1208	blender-launcher.exe
1208	blender-launcher.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2116 wrote to memory of 4772	2116	chrome.exe	69
PID 2116 wrote to memory of 4772	2116	chrome.exe	69
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 204	2116	chrome.exe	72
PID 2116 wrote to memory of 2328	2116	chrome.exe	71
PID 2116 wrote to memory of 2328	2116	chrome.exe	71
PID 2116 wrote to memory of 2584	2116	chrome.exe	73
PID 2116 wrote to memory of 2584	2116	chrome.exe	73
PID 2116 wrote to memory of 2584	2116	chrome.exe	73
PID 2116 wrote to memory of 2584	2116	chrome.exe	73
PID 2116 wrote to memory of 2584	2116	chrome.exe	73
PID 2116 wrote to memory of 2584	2116	chrome.exe	73
PID 2116 wrote to memory of 2584	2116	chrome.exe	73
PID 2116 wrote to memory of 2584	2116	chrome.exe	73
PID 2116 wrote to memory of 2584	2116	chrome.exe	73
PID 2116 wrote to memory of 2584	2116	chrome.exe	73
PID 2116 wrote to memory of 2584	2116	chrome.exe	73
PID 2116 wrote to memory of 2584	2116	chrome.exe	73
PID 2116 wrote to memory of 2584	2116	chrome.exe	73
PID 2116 wrote to memory of 2584	2116	chrome.exe	73
PID 2116 wrote to memory of 2584	2116	chrome.exe	73
PID 2116 wrote to memory of 2584	2116	chrome.exe	73
PID 2116 wrote to memory of 2584	2116	chrome.exe	73
PID 2116 wrote to memory of 2584	2116	chrome.exe	73
PID 2116 wrote to memory of 2584	2116	chrome.exe	73
PID 2116 wrote to memory of 2584	2116	chrome.exe	73
PID 2116 wrote to memory of 2584	2116	chrome.exe	73
PID 2116 wrote to memory of 2584	2116	chrome.exe	73

Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.blender.org/download/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff890349758,0x7ff890349768,0x7ff890349778
  2⤵
  PID:4772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1784 --field-trial-handle=1844,i,4324055101679550712,12488392057058518441,131072 /prefetch:8
  2⤵
  PID:2328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1520 --field-trial-handle=1844,i,4324055101679550712,12488392057058518441,131072 /prefetch:2
  2⤵
  PID:204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2072 --field-trial-handle=1844,i,4324055101679550712,12488392057058518441,131072 /prefetch:8
  2⤵
  PID:2584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2896 --field-trial-handle=1844,i,4324055101679550712,12488392057058518441,131072 /prefetch:1
  2⤵
  PID:524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2888 --field-trial-handle=1844,i,4324055101679550712,12488392057058518441,131072 /prefetch:1
  2⤵
  PID:1204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3744 --field-trial-handle=1844,i,4324055101679550712,12488392057058518441,131072 /prefetch:8
  2⤵
  PID:3092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4632 --field-trial-handle=1844,i,4324055101679550712,12488392057058518441,131072 /prefetch:8
  2⤵
  PID:3000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5064 --field-trial-handle=1844,i,4324055101679550712,12488392057058518441,131072 /prefetch:1
  2⤵
  PID:1200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5248 --field-trial-handle=1844,i,4324055101679550712,12488392057058518441,131072 /prefetch:1
  2⤵
  PID:2056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4412 --field-trial-handle=1844,i,4324055101679550712,12488392057058518441,131072 /prefetch:1
  2⤵
  PID:3948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4424 --field-trial-handle=1844,i,4324055101679550712,12488392057058518441,131072 /prefetch:8
  2⤵
  PID:3996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6112 --field-trial-handle=1844,i,4324055101679550712,12488392057058518441,131072 /prefetch:8
  2⤵
  PID:4952
- C:\Windows\System32\msiexec.exe
  "C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\Downloads\blender-3.6.0-windows-x64.msi"
  2⤵
  - Blocklisted process makes network request
  - Enumerates connected drives
  PID:1276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1496 --field-trial-handle=1844,i,4324055101679550712,12488392057058518441,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:972

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4460

C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
1⤵
- Enumerates connected drives
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
PID:1212
- C:\Program Files\Blender Foundation\Blender 3.6\blender.exe
  "C:\Program Files\Blender Foundation\Blender 3.6\blender.exe" -r
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Modifies registry class
  PID:5020
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c C:\Windows\system32\regsvr32 /s "C:\Program Files\Blender Foundation\Blender 3.6\BlendThumb.dll"
    3⤵
    PID:2816
  - - C:\Windows\system32\regsvr32.exe
      C:\Windows\system32\regsvr32 /s "C:\Program Files\Blender Foundation\Blender 3.6\BlendThumb.dll"
      4⤵
      Loads dropped DLL
      Registers COM server for autorun
      Modifies registry class
      PID:1376

C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
1⤵
PID:4792

C:\Program Files\Blender Foundation\Blender 3.6\blender-launcher.exe
"C:\Program Files\Blender Foundation\Blender 3.6\blender-launcher.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
PID:4164
- C:\Program Files\Blender Foundation\Blender 3.6\blender.exe
  "C:\Program Files\Blender Foundation\Blender 3.6\blender.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:4464

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3b4
1⤵
PID:4540

C:\Program Files\Blender Foundation\Blender 3.6\blender-launcher.exe
"C:\Program Files\Blender Foundation\Blender 3.6\blender-launcher.exe"
1⤵
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
PID:1208
- C:\Program Files\Blender Foundation\Blender 3.6\blender.exe
  "C:\Program Files\Blender Foundation\Blender 3.6\blender.exe"
  2⤵
  - Executes dropped EXE
  PID:3400

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Config.Msi\e5a13b9.rbs

Filesize
1.5MB

MD5
9a7de8d77d5020f347480c2300f36595

SHA1
c44bad6692c0d76366edcccfa3b86dde1a46ec4b

SHA256
4bcecd55e05fb8f74db829c55bc89941e642d029afb08b6eb739fa64602becea

SHA512
1d5ca8849f928c4501d3c031def4e1ee5a6be1d99b77682a100adcdca3450674e75fe2334dbe47679bcb61fedef5f4e80bf31ab98bc7afb35483c1eda966e38a

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\Cython\Debugger\Tests\__init__.py

Filesize
13B

MD5
a0fc9815dcb722928cff67ac202d6d37

SHA1
d607e803661e56dd23c2531de5182d809a725159

SHA256
8ceaad98f2c2bcc0aad3154cc067a4b8ba4199582ad31b4f16651e3f249d3a3b

SHA512
be672a5b7da4f52f6bf6211eed11cf5af38c2a4b0d5b2884994330c813e7410a1b0fc47bb6887d8ee76a8b6271e0e5215c4bdc99f4cbdad134583e560505eb5a

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\charset_normalizer-2.0.10-py3.10.egg-info\dependency_links.txt

Filesize
1B

MD5
68b329da9893e34099c7d8ad5cb9c940

SHA1
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc

SHA256
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

SHA512
be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\pip-23.0.1.dist-info\top_level.txt

Filesize
4B

MD5
365c9bfeb7d89244f2ce01c1de44cb85

SHA1
d7a03141d5d6b1e88b6b59ef08b6681df212c599

SHA256
ceebae7b8927a3227e5303cf5e0f1f7b34bb542ad7250ac03fbcde36ec2f1508

SHA512
d220d322a4053d84130567d626a9f7bb2fb8f0b854da1621f001826dc61b0ed6d3f91793627e6f0ac2ac27aea2b986b6a7a63427f05fe004d8a2adfbdadc13c1

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\3.6\python\lib\site-packages\pxr\UsdShade\__init__.py

Filesize
1KB

MD5
4f5185d273ba13319d3478620f79e08f

SHA1
e7728877d6a26dfd780e7e6ae637d52de0c16202

SHA256
2c1973a6a98d74572b1a6a38d4485c81908c5defd5782a66862346f067c6f0d5

SHA512
cea9948d9ec57d980e5f40a919660b0e13663b88c3990ff77e00e7b62d486fc88a31089e8bca2d058cc43e5cb9b851b2ddda87d7f30aecbcd9254a6fc09df0de

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender-launcher.exe

Filesize
1.0MB

MD5
8854646318818fba38753ed35ddaa108

SHA1
bd0a69649efb70e4dd4a22c77989624b24aae9e5

SHA256
bc4e1676f6fd45dddb23c8c6f24c770d9fa4b45113cdf3408cfb82532274e45e

SHA512
768521b0fce1d9efc04cb5802116b2e315d86ec0158dc314ceb1488fbe835de1c78d2c744274a7d3209c0826dba644cb77844131795ceb57a91a152435002a01

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender.exe

Filesize
155.2MB

MD5
47e4d01e0239b74bafeed2be1f4a5c9b

SHA1
30dcc718a5af51fd8dda605e9caf942463094637

SHA256
776261fb0180a86f61fc6f1cd8ec9a475846a995c5cb990e55a1f99e887e57f7

SHA512
2e52e6f00b35bfdb8de99c1b1e475173ec2fa5f577d1146539344f68e08b32badc5b67aea422f4a13b22e38818292cea55c348d5253a0affee1da9ad1aac3fcc

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender.shared\Iex.dll

Filesize
283KB

MD5
b150dedc0b9caeb1c5fc2d42f49f232d

SHA1
5cdcaa57e1ccd7a8b9ff022901346206291e31ab

SHA256
7b09e1783ccef721c4ffa840432f28b4c976b64ffff64a069d23037820216f56

SHA512
45a5b071d0507993d634cea79476344ed7154dc336add1075553a9ccb17e74f29b5c12faf3a654de727102c3fe178cdacd5c1a8b00412f9b72ee99793235d634

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender.shared\Imath.dll

Filesize
338KB

MD5
5d0bb7fd45edcdffd5aafbed205d9819

SHA1
fc4f6351bfee74fc4d6758a802967d84df52c731

SHA256
c5fef86cf97e3f93a67a09838b3ad988c76062eae2b17afaaaba935a53f1dc1b

SHA512
e11b3cca8412fe35f83351682fd27d5567035c9cf59acf3f70adf9547492c4852a39457e088d37e378ea59c2b3ab35cf487053aa2544f84c426162e50b61fc76

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender.shared\OpenAL32.dll

Filesize
779KB

MD5
b4864cf493461f3b9d38621b77667faf

SHA1
98315c74bf15ba91a4972b78bf52f27c540e64ba

SHA256
013b3f848109f18041aa584f548b070fc47bd9a30825bd47597ca03f48b805c2

SHA512
513c1cbb84694dde40d5f560fc8c558e5b08ec1d73a6e1794b1a3643fd23d9e17b221f59afc7ccb4e406cbde19e98c76e0c23be9a1392349e308635c267187f4

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender.shared\OpenColorIO_2_2.dll

Filesize
3.9MB

MD5
fdff5d6de2d41519017f48485f8aa7fe

SHA1
4e160f7d81c245a39e74d38ac514aa4fa311eba5

SHA256
61114f08c596c2409f19186a4dc1fbd2fba7ee0be69ac68912d3ec08cb2604f6

SHA512
ab8c8b975be97c47180f97689bb5c5b6507a9ab06ee98d6bbf9a3df28fd4e2972eb99aa92823bfd08803aec3215e217db6f78ded3dd11aa1c61d3a35faaef966

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender.shared\OpenEXR.dll

Filesize
2.8MB

MD5
8556c9c95ab7cc70f108ba1f32b89659

SHA1
7d970628d0e631a17a65677fc2d254b5fec07275

SHA256
66da6d9fae3a01ac9edbd97ac9b6c9bec01f1b2ad06d35893b8943ecccdb98d6

SHA512
513c0ffc34fa436313059c1b68aa6d785bb4c1b272c21d6dd9ffdcbffdd527e93bd1804e3b00d06873dc4e8419be774c20c8a358e6924760e7f59a6f41dcb006

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender.shared\OpenImageIO.dll

Filesize
8.9MB

MD5
b1cf1b2939cccb497fa17af0792ed854

SHA1
ad439acc49e30fe6c26c614d6bfc2c7d24f83b2e

SHA256
7700e46e4eafd86a3364abd37baa235d0d0f44ae354dfd3e5bad73ee8f6fbede

SHA512
5a94f8b87f3993958ce0af8768b020c16b8c5c9677d745e6e6635291a1b74f901ea97ecf7fb53e204dc8e3e69cba35a92c16cff4306dc96ccffe371ea131ef2e

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender.shared\OpenImageIO_Util.dll

Filesize
755KB

MD5
c742ce0303ae15aa5fae6e27c200dba9

SHA1
5ccfdaac0dbebcfa6281e67e4a180500918ad8de

SHA256
5494e6faaa16c6cc3a17c8e28a89a33a7e66306c728982527080d2162643a1c5

SHA512
a0d8e744bc5563f329b3b3579f9bd6609672070a8b72c6ad8f576e7043c6544c5d166a951d3822534108ca767d8baaf556d550b4563be352f15b43653f421e23

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender.shared\avcodec-60.dll

Filesize
29.2MB

MD5
1164194a795c74fe7fe96f14528733ff

SHA1
ab9b1dad462fe42b6794ecd6ceb88e0e22257cfe

SHA256
7835da505c6b87688405a6d5f075f68432a46e8ca0b3c917582950168c404f37

SHA512
775fdd775242155aba7e2387e44675798cc1b17ca14140f11c8aabcf3341ef5b463eef5e6a9367ecbc6f8a3c5f3e2bb276d7438721182a6dcb107d1f76805008

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender.shared\avdevice-60.dll

Filesize
108KB

MD5
70e1937de9a8ff2aab2e5693992a4e9b

SHA1
a6869b5433742e07873c14b8effc819e24c9c25f

SHA256
7f15e66902a50d0dfc723b5bed398c4a1400cc2b105649b42f0dd6877fde73d1

SHA512
86afc2aac1ff5b666b2401ae7a5c497c4c98fc9a8306db030d529112d4dbaf705c266d3e8258a23a8948d241241d24dce8a8e91911acf4556b39da8d98f67332

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender.shared\avformat-60.dll

Filesize
3.4MB

MD5
e65b7cd51e4ede565d8696e20fc9bffa

SHA1
2f6ba226e18a915dbf4c0b267a82b28fac5a7c8b

SHA256
8cf5d0b4bfa014fa6274f27d577717bd8ce45e7e743444969c1d265534711fba

SHA512
e2d27a534d7ce6fff0b68f4dec951b69e2583f49aea92a6faf0066d889b93b83b50927b2a5c4a3619fc82360132e344f3ca1b12f22e1157f536564bc18b4849f

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender.shared\avutil-58.dll

Filesize
956KB

MD5
76c900761e5e10614d90fa03cfa4de40

SHA1
42dbb494f2156dcb2602416b478203893645c21f

SHA256
ff25e00d81604af58c3aa33c5efa17cdbd643a86b30c671ea79f8497aad86697

SHA512
69baf17fd270a91b298d0204ecf45d4edda8eac726997a8f313966d27b80a7a487223121f54389ac2c2793bf8b453625c7ab992b1ce0d74976d9d388cb78824f

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender.shared\boost_python310-vc142-mt-x64-1_80.dll

Filesize
198KB

MD5
f1fd0d2190d834a778b0e9d43c5de48a

SHA1
8b26de004518be5a8122a8fad6dfb8ea8a3bd2a2

SHA256
210e3ddf0cead7f9134e7f589b34ab234083992a94345dbb26f2c6941295e0b0

SHA512
38b64f66e2e83f8a7849f11e7ee5ed179dff7cba7b50d81e62c9e6f05630b4a87cea7a9bac5d9ea62d8d07c5d18bae4f0f27baba1c042d31531ad75d7a2b7693

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender.shared\embree4.dll

Filesize
23.9MB

MD5
7cde0946ee6521b55f6278fa8bb8706d

SHA1
7de168c040c9f5de712bd886c1993e1d807db061

SHA256
924fe0804eeb7b54d7f37e88ac3816803743e253a5c8f5474b4b23e1c24e78a8

SHA512
2da40db69729d778127c7132acd6c4f938cb5b64cfdb22a8b9e96344ab8e6bb594badcfe5b57e524e117598ef47a778936fc4a302302442dfad9217655e973f6

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender.shared\epoxy-0.dll

Filesize
692KB

MD5
5822534c8e45c212ac1f795f363bc1bb

SHA1
4176e265eeaff9260684cd91a0c9526de96076d8

SHA256
cf14539991222be802c431105a43526157c60b5af6596428e1fb21d423d5553a

SHA512
774d7380ba84805fce2e69840755144858bc2c84cbe18b82e5edb35e913859aa2972e328b6fa72363cc0d789b683ab4af2ee71afd6c1f11853459dce186d520b

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender.shared\libsndfile-1.dll

Filesize
1.9MB

MD5
4013a140cc4f71a406535a6788f62a95

SHA1
3a2dad5cd12bc8cb8cbf31bfb4c9eab54cd5bff2

SHA256
438ef916c65a20244042f321ea34fdff7a82db7c19ed6312c9a3f88569df5520

SHA512
95c19d1cca527c7a129e1b9583663c8e73db2b729f445f2ba54eb9478249b1f31af1573a43fcea3c559609101f3f1098858d1360f3fec05aa287a0925148a80a

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender.shared\openvdb.dll

Filesize
23.7MB

MD5
1b8391ca28f8e5f48c90258f1a896b06

SHA1
6b42a91968902be0fbeadd29c27ea7aeedea5702

SHA256
0480ebd574c976441296b9047bf08ecffb8005db45568b515e28422984a92f9d

SHA512
9b156a5d56bd50807070341ab7cf7c1f5d4d503e3aac18a1de53d7f7941a39ae9247365702b972431fdb784ca013eba196ec88ad0cf4e94043ad24f681841cb0

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender.shared\swscale-7.dll

Filesize
602KB

MD5
0816313a6daa9db299357319dca0dd5e

SHA1
0e03b8a058b3beb428fbffce8ba2dca6a7112bf9

SHA256
88d6ed7ccb31da15dd4d58d62f6c126d72cee908c2d9933e6ebfed13d2d8c110

SHA512
343da88d8ee67447e0b50275dabce8b224d0512f486bd2b0fb25e7a43694bd7eb47e5e852617118b6318f404ad865d2b98753b3e0a0885312c8b96da9d3e8a7a

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender.shared\sycl6.dll

Filesize
3.8MB

MD5
04dc5481b320425148a5025a3ed1ab8d

SHA1
eb0bfdfa58a11b777a0af84b4f70941213a40dea

SHA256
1bc81895c38324e2eb1f07232eabb9d9f8fc5f33b3e43541299c1b5c23894378

SHA512
e19022a9038376dfe8f2446835353e3682f7898ff5b4d0dc19632244ee4c66d35d1fe8d4a7f322439295a87f08f61cdc6db5d33dc37ed2e1bbc1cda301f53b9e

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender.shared\tbb.dll

Filesize
166KB

MD5
f29dd5b74dde563173243f85f3729f77

SHA1
bfee268e122a8b720dfc51c6840f0d6e567f5a76

SHA256
b427e1ffc8d761586b84e3715956c7330c5abd448b9e4e812088dc10b37684ee

SHA512
51e6a3abd60799138b8236e3fe70815dafae490e46a1dc6d5c05d482f54cc9c090f05caf576ea398c399d60c7236a7d5ffc20ec843fe585c4220494cd930400d

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender.shared\tbbmalloc.dll

Filesize
65KB

MD5
c646178b16fe39c378b64d6e3a3bb6b2

SHA1
5c8f29215b3f2adddd348be2633de8458df1c6a8

SHA256
7cd02902bed32f6b7ca30e68586898150de964c9c1a03d6b794e8f56ab7107fe

SHA512
fe628d255c5feed31fd7918d3ecf635f882ef8909669d0085cc0e143f53cfcd2a2365b47dc275b46ebea4170421de481fa11f532840d6b4dc8ca20f9abc1ef4d

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\blender.shared\usd_ms.dll

Filesize
24.4MB

MD5
b5ff8192d06f9ab274e048bec208a103

SHA1
ad476817069694c397c4bf606928b245cafc13e3

SHA256
25d4c993398e165551bcc893d5f6891facd7e9f72d0b7f2b41e478869a0815e5

SHA512
ff33dbf3c21710c40f90e5b4d8cdd064c669b5531151355e2c68d708703b59d035f9a6a1ba6f85ee7ec710e0291a24acaa60dfc53bce8970ca1c391588f5f8aa

Download Submit
C:\Program Files\Blender Foundation\Blender 3.6\cycles_kernel_oneapi_aot.dll

Filesize
95.6MB

MD5
6560d7ecfc99242ddb62d3f4fc42a48a

SHA1
74b395ab54ecd28038fb3dfe13b07fc81401eb33

SHA256
db5d7c4a40447aebaa3b698567e76199de03b41702af0bda3e1657dce70483c2

SHA512
e24c8ebed9ececb54598ab532e8c21a2f2e18203617ad740d51b6005db2412c1e525b1634f7f1544f0deacffc9b68ccace77f912530e86e0ff9ec6ea809663a6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\54C62B182F5BF07FA8427C07B0A3AAF8_4DBBCB40FA282C06F1543D887F4F4DCC

Filesize
719B

MD5
3e416252217cd69423f03a6d21e41489

SHA1
30f9c0a411a204300d4d22b9a2fda82975e08d9e

SHA256
07b64118dd32571d45e9d0750a44427a8db40165e51c85a6b38be150749dc63a

SHA512
0c2fa2a4f87d849a95144eca5aa0590bf6e5a2c58f1deef54af0a27c6e433f2a66456499da6dbb9f6df1fa63938c658bdb4846ed2ff7989c2a14ffda5badef79

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
62KB

MD5
3ac860860707baaf32469fa7cc7c0192

SHA1
c33c2acdaba0e6fa41fd2f00f186804722477639

SHA256
d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

SHA512
d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\851E20C495A8E7C59DC2ECD40DA928B8_4314E5AB7E12F565B0338BF6CAD30FC0

Filesize
727B

MD5
c7b77f97ca55b2f7f6e60a0d05c2073c

SHA1
51eb3593e506ac3dde0ab34733f619ca54909285

SHA256
1679e0db1bbea36c7312458d37d546c4a46223132f8434753d2df0fd65d01475

SHA512
20a4465d3d47a30d4f10429b7bcf0386a267f3985ed29ec24b61604540455ec1cd265091f4e59b98aa91059f4d80b83790c4345b1c4d1e1c70bb29cee383de1d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94D451DDCFFF94F1A6B8406468FA3558_E4A7C6A10F816F002B00DE3B58B7E44E

Filesize
1KB

MD5
e5e05433af02a4e5591e0caf9d558007

SHA1
6cc9affdfa20f55a634a67b53757d0cbdfbfbbb6

SHA256
173ea01986eccc5fd630bf8f1ccc0392cecd158d119574f9304f2b7c1ebbb33c

SHA512
138b4f3b8f466e7eea13aa966f7f621ba56474806371c0a172128a22ece7e2e519cd10082634ed8dec6eace88c3253c82447b57b671deff68ca9a8db6d101876

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\54C62B182F5BF07FA8427C07B0A3AAF8_4DBBCB40FA282C06F1543D887F4F4DCC

Filesize
446B

MD5
d797e9c6a0d8f088b519e0703e68b306

SHA1
d7b1624fdf04814ec00d72bf52706f8d3571f4f5

SHA256
eac5ed0ccfc40db7c4b37e53bbd4940162ca9f4deec077c6ccf4ea691721e855

SHA512
cb7de81f5cbc3e8ecca595c4efe93cb012f9acd30e50b122a27a7e2f8835e8f43890415b17f94e8783faa89d455a71edf5bbb43085e9c849979ebbebdf1e5023

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
290B

MD5
e242f31a6265190b7e9fd41f1377bb81

SHA1
ad226c67a9efb56a3ba24afce2c8480fa3226721

SHA256
1b19d4c4bfbea8933ff0f8de355d61074c12aa4f28f3bb577c6a79bcfc9b1310

SHA512
96dab1a8fcc533a6fc071a16af1f0525d0e7aff1f9ea78f2263d5a562e899dd4f473185762772eab378288f73d3df42cccfb6dc32cff589f4acff17ed7f0476c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\851E20C495A8E7C59DC2ECD40DA928B8_4314E5AB7E12F565B0338BF6CAD30FC0

Filesize
486B

MD5
ec290ea6e1e34a776d30c7e95daee491

SHA1
5bdbc7bfc44d4e6b27ac2308ea4dbbda6a3c93e3

SHA256
66f7d626a129709dba87d755132c7456827331c269d11ffa1a0062e667f43732

SHA512
3c8b69af1d37dc0017d9a762801a2b02216c6fdf8090ad7c5365007739d4b208182083e185afa62b51cab0e5d18aa92e8792098cc3adfd61083bdf406b99813a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94D451DDCFFF94F1A6B8406468FA3558_E4A7C6A10F816F002B00DE3B58B7E44E

Filesize
406B

MD5
4335b8b8532dce698aded6370222cd18

SHA1
a8ea176d710cb75c69c23745ac694e918945ae67

SHA256
8639aa0a3fabcdec8d1f354a1bc015cfa8e739541e27c224b758c6680a4208ce

SHA512
12f6fa78fc015acc195de1c2b04cc1a82bf63bfe3f18768dac79a60a79ad346fa18d8d9ac1a6077390df42794b814a9758c586579d3663f1e485301e993c5a70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
456B

MD5
80f43a7970cf50f07028d254f751a696

SHA1
eedf01e22b9303ff4113ee14f1d7a13c7886b6cc

SHA256
2d2d7bb8b58501fc99ef0fc2b6fb2743145637ff738de8600b45ef6afb13f47a

SHA512
8f8405277ba8854caf66bfd985e0c6d5199b67090d44024ef3fb09789101e1150d8addcc3e76482207507d3162865425eff8ebc39f38a15a7171695dfb895a9b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
ff0441b0a21626790819567b7e17efed

SHA1
4d3c0878a704c64ab6ab50de5803942a5cc771d9

SHA256
0100fb8eb89b76a69ff10475a512f4ed6f41f570c17f932e10451af2b34e0811

SHA512
96eb2673604fa18e3f14ffc8c1c8701fb112e59346907f953f86932abb46657655d1c6b2bfc5c178b8eb5cf82fdce9764febf527957a2791ccd9b186d28a7d28

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ec6442f631a666a1bc06928c77d0b384

SHA1
7f97748aeac5b3ab2cedf54beef93f4236bb6366

SHA256
6971a6cfc529db0d8f759a3154b502b96980accf7311f271f95c510f1d77d193

SHA512
7a109a569a69057a40db0ccaa39ff4f72ea004545f34683043ec8e63ab393c3b9ffa7db90540572badbc13d791f4a85f4a58f273b872282f0420f57978a653c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7901a300a9f8df2093810093e3b1c439

SHA1
2e26b8e5d9bb1b5ae6f91a52013a9325ab50e75d

SHA256
4395c75a2548a097d637e09abf840943bcd40e9abb4e19043513b1c2f6a2568d

SHA512
d3ee0fb3105f03b95d681b6d10d101ac007d5848d77b6bf8ea3d264b6b51c971afe70b01da45cefcd8b90a0482a55fba1613166c36f2cbd2f6fab2bdbcfb0bb8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
695f08d4f025e4fe5ddeea18bc53c4b0

SHA1
45c5e04e39f817dac8e75f236889a77e5f5c7f74

SHA256
344a821224184b0acd4a739ba80b86d49b99f634885d0c9a99b1586230fc11b7

SHA512
7890bff79fdef8e17b97e36c70d50c267eaaff13e05ae8487c4c480adae6972fc90ad2bb7aeffb10591e589ca1b979ef424f402785df645eeffc132a8ac0cc04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
d541fd2c57d87e091dfbc0d767f2808d

SHA1
934b346447808ec7d6cda7f35a5ac14a54e9664c

SHA256
5a2539ef5d8dde85d38e55999e1eeedff2b0def90e0fd1b95f25e9071217621c

SHA512
e996c4e6be213a786cceacdd3b3f7b5466b548899ee30143497a115411f0d1df9605cadee8dae834273cd9e5baa3c75aa8161cfe110b6ec15095fa5b89aaf81e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
973ffa2d100a5e2eedaaf4f6e77b46fd

SHA1
bd4d14ab662013e6c005357448661c1cbebc9252

SHA256
89b6bc208ea658c40438e7bda9c4d0f1b2f152389486eae9f7f674031a8b58ed

SHA512
8024adae9065490790d2b976e4e6e03784d1b4991ddd5603e684ea1c359dddb553edaebd9d865e34aa8dc6d375b8f29aca0c3bf26dfdce886ea34382a9449b63

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
afbd3bc9f7a895cfb873e649e8712d0c

SHA1
136d5630c76d0f55f21e40af3adb2c7880f89303

SHA256
cc44f1470d7df744ffb15fa1225576b514d5ad897d4705966706f6ca85b12731

SHA512
8ff68695f6b6d6a97ca6f19eb2699a3b802ac824a85ecc0d312a4a5c759a9434da0026e8c2d8c54d86973d2e87c00ade5ad71c4c16974b6a2c49348150c88837

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
dd46fd783106e9c77b277b1cb1e4144b

SHA1
6ee1331228e030d88e81db5a28e371b4653bdb8e

SHA256
99cb15f17eb42e7aa61108a3f42b55c21841d937b13556b352a5dfd3cb98f56c

SHA512
fe3a87ffa3307d573975378f84457c72ab96f79ab2536d503711f9ef515d552eb0e18c0de3cb81fd380cd427bae53088874cdb75bf1569c1a383720b9babb938

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
113KB

MD5
1bf269553f9bccecc809126330449a29

SHA1
3b2f7aa631f8a9e0fee60d118079bbb6cfee86de

SHA256
67e90113a920cbb370f361d58ee09d1c78ed456a5caa6e470050a9b290c4778a

SHA512
81363c751edc68c797c0758eca33156712b1067d49743c94efc95736754e0cff425611d785afd11c1ee9a9b0a62b0dd9a1532b9a7adb7efec2d6a5fd6826e7f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe59526c.TMP

Filesize
107KB

MD5
cd318aacb794c02687bb57faa706844b

SHA1
ec9945bd33f1b77b8d2fd56f271277f4f7e726f3

SHA256
cfea1c30cda6b1a2f7fa4bd89386d55276538e72cd580151957e016159171db1

SHA512
ab72f9e8ce9226522f894573eb2d932fb80b834298508589e9a32ca3a3890dc87fe2950f11912d06d7c5068fb7bfbd7c00843cbd4ea20d64f5d725880d9fcff4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\Downloads\blender-3.6.0-windows-x64.msi

Filesize
305.8MB

MD5
3fa6ba89b70327aec110494f57e9b55b

SHA1
caea5ac10614433655aa37f42b3a888174265748

SHA256
ac93288c9fbd4dce776e254e54d4e054a9168d17b8aa1b852549aa22b7d68c25

SHA512
ceb4d123c68c6d976141b702df91bc0d89a52035ffcea3e6688923ee3905389b787dc23683b5c8040baec1b63c06ad10ba5b5d9c4c623d18e2f806b5b5bae70d

Download Submit
C:\Users\Admin\Downloads\blender-3.6.0-windows-x64.msi

Filesize
305.8MB

MD5
3fa6ba89b70327aec110494f57e9b55b

SHA1
caea5ac10614433655aa37f42b3a888174265748

SHA256
ac93288c9fbd4dce776e254e54d4e054a9168d17b8aa1b852549aa22b7d68c25

SHA512
ceb4d123c68c6d976141b702df91bc0d89a52035ffcea3e6688923ee3905389b787dc23683b5c8040baec1b63c06ad10ba5b5d9c4c623d18e2f806b5b5bae70d

Download Submit
\Program Files\Blender Foundation\Blender 3.6\blender.shared\Iex.dll

Filesize
283KB

MD5
b150dedc0b9caeb1c5fc2d42f49f232d

SHA1
5cdcaa57e1ccd7a8b9ff022901346206291e31ab

SHA256
7b09e1783ccef721c4ffa840432f28b4c976b64ffff64a069d23037820216f56

SHA512
45a5b071d0507993d634cea79476344ed7154dc336add1075553a9ccb17e74f29b5c12faf3a654de727102c3fe178cdacd5c1a8b00412f9b72ee99793235d634

Download Submit
\Program Files\Blender Foundation\Blender 3.6\blender.shared\OpenAL32.dll

Filesize
779KB

MD5
b4864cf493461f3b9d38621b77667faf

SHA1
98315c74bf15ba91a4972b78bf52f27c540e64ba

SHA256
013b3f848109f18041aa584f548b070fc47bd9a30825bd47597ca03f48b805c2

SHA512
513c1cbb84694dde40d5f560fc8c558e5b08ec1d73a6e1794b1a3643fd23d9e17b221f59afc7ccb4e406cbde19e98c76e0c23be9a1392349e308635c267187f4

Download Submit
\Program Files\Blender Foundation\Blender 3.6\blender.shared\OpenEXR.dll

Filesize
2.8MB

MD5
8556c9c95ab7cc70f108ba1f32b89659

SHA1
7d970628d0e631a17a65677fc2d254b5fec07275

SHA256
66da6d9fae3a01ac9edbd97ac9b6c9bec01f1b2ad06d35893b8943ecccdb98d6

SHA512
513c0ffc34fa436313059c1b68aa6d785bb4c1b272c21d6dd9ffdcbffdd527e93bd1804e3b00d06873dc4e8419be774c20c8a358e6924760e7f59a6f41dcb006

Download Submit
\Program Files\Blender Foundation\Blender 3.6\blender.shared\avcodec-60.dll

Filesize
29.2MB

MD5
1164194a795c74fe7fe96f14528733ff

SHA1
ab9b1dad462fe42b6794ecd6ceb88e0e22257cfe

SHA256
7835da505c6b87688405a6d5f075f68432a46e8ca0b3c917582950168c404f37

SHA512
775fdd775242155aba7e2387e44675798cc1b17ca14140f11c8aabcf3341ef5b463eef5e6a9367ecbc6f8a3c5f3e2bb276d7438721182a6dcb107d1f76805008

Download Submit
\Program Files\Blender Foundation\Blender 3.6\blender.shared\avdevice-60.dll

Filesize
108KB

MD5
70e1937de9a8ff2aab2e5693992a4e9b

SHA1
a6869b5433742e07873c14b8effc819e24c9c25f

SHA256
7f15e66902a50d0dfc723b5bed398c4a1400cc2b105649b42f0dd6877fde73d1

SHA512
86afc2aac1ff5b666b2401ae7a5c497c4c98fc9a8306db030d529112d4dbaf705c266d3e8258a23a8948d241241d24dce8a8e91911acf4556b39da8d98f67332

Download Submit
\Program Files\Blender Foundation\Blender 3.6\blender.shared\avformat-60.dll

Filesize
3.4MB

MD5
e65b7cd51e4ede565d8696e20fc9bffa

SHA1
2f6ba226e18a915dbf4c0b267a82b28fac5a7c8b

SHA256
8cf5d0b4bfa014fa6274f27d577717bd8ce45e7e743444969c1d265534711fba

SHA512
e2d27a534d7ce6fff0b68f4dec951b69e2583f49aea92a6faf0066d889b93b83b50927b2a5c4a3619fc82360132e344f3ca1b12f22e1157f536564bc18b4849f

Download Submit
\Program Files\Blender Foundation\Blender 3.6\blender.shared\avutil-58.dll

Filesize
956KB

MD5
76c900761e5e10614d90fa03cfa4de40

SHA1
42dbb494f2156dcb2602416b478203893645c21f

SHA256
ff25e00d81604af58c3aa33c5efa17cdbd643a86b30c671ea79f8497aad86697

SHA512
69baf17fd270a91b298d0204ecf45d4edda8eac726997a8f313966d27b80a7a487223121f54389ac2c2793bf8b453625c7ab992b1ce0d74976d9d388cb78824f

Download Submit
\Program Files\Blender Foundation\Blender 3.6\blender.shared\boost_python310-vc142-mt-x64-1_80.dll

Filesize
198KB

MD5
f1fd0d2190d834a778b0e9d43c5de48a

SHA1
8b26de004518be5a8122a8fad6dfb8ea8a3bd2a2

SHA256
210e3ddf0cead7f9134e7f589b34ab234083992a94345dbb26f2c6941295e0b0

SHA512
38b64f66e2e83f8a7849f11e7ee5ed179dff7cba7b50d81e62c9e6f05630b4a87cea7a9bac5d9ea62d8d07c5d18bae4f0f27baba1c042d31531ad75d7a2b7693

Download Submit
\Program Files\Blender Foundation\Blender 3.6\blender.shared\embree4.dll

Filesize
23.9MB

MD5
7cde0946ee6521b55f6278fa8bb8706d

SHA1
7de168c040c9f5de712bd886c1993e1d807db061

SHA256
924fe0804eeb7b54d7f37e88ac3816803743e253a5c8f5474b4b23e1c24e78a8

SHA512
2da40db69729d778127c7132acd6c4f938cb5b64cfdb22a8b9e96344ab8e6bb594badcfe5b57e524e117598ef47a778936fc4a302302442dfad9217655e973f6

Download Submit
\Program Files\Blender Foundation\Blender 3.6\blender.shared\epoxy-0.dll

Filesize
692KB

MD5
5822534c8e45c212ac1f795f363bc1bb

SHA1
4176e265eeaff9260684cd91a0c9526de96076d8

SHA256
cf14539991222be802c431105a43526157c60b5af6596428e1fb21d423d5553a

SHA512
774d7380ba84805fce2e69840755144858bc2c84cbe18b82e5edb35e913859aa2972e328b6fa72363cc0d789b683ab4af2ee71afd6c1f11853459dce186d520b

Download Submit
\Program Files\Blender Foundation\Blender 3.6\blender.shared\imath.dll

Filesize
338KB

MD5
5d0bb7fd45edcdffd5aafbed205d9819

SHA1
fc4f6351bfee74fc4d6758a802967d84df52c731

SHA256
c5fef86cf97e3f93a67a09838b3ad988c76062eae2b17afaaaba935a53f1dc1b

SHA512
e11b3cca8412fe35f83351682fd27d5567035c9cf59acf3f70adf9547492c4852a39457e088d37e378ea59c2b3ab35cf487053aa2544f84c426162e50b61fc76

Download Submit
\Program Files\Blender Foundation\Blender 3.6\blender.shared\opencolorio_2_2.dll

Filesize
3.9MB

MD5
fdff5d6de2d41519017f48485f8aa7fe

SHA1
4e160f7d81c245a39e74d38ac514aa4fa311eba5

SHA256
61114f08c596c2409f19186a4dc1fbd2fba7ee0be69ac68912d3ec08cb2604f6

SHA512
ab8c8b975be97c47180f97689bb5c5b6507a9ab06ee98d6bbf9a3df28fd4e2972eb99aa92823bfd08803aec3215e217db6f78ded3dd11aa1c61d3a35faaef966

Download Submit
\Program Files\Blender Foundation\Blender 3.6\blender.shared\openimageio.dll

Filesize
8.9MB

MD5
b1cf1b2939cccb497fa17af0792ed854

SHA1
ad439acc49e30fe6c26c614d6bfc2c7d24f83b2e

SHA256
7700e46e4eafd86a3364abd37baa235d0d0f44ae354dfd3e5bad73ee8f6fbede

SHA512
5a94f8b87f3993958ce0af8768b020c16b8c5c9677d745e6e6635291a1b74f901ea97ecf7fb53e204dc8e3e69cba35a92c16cff4306dc96ccffe371ea131ef2e

Download Submit
\Program Files\Blender Foundation\Blender 3.6\blender.shared\openimageio_util.dll

Filesize
755KB

MD5
c742ce0303ae15aa5fae6e27c200dba9

SHA1
5ccfdaac0dbebcfa6281e67e4a180500918ad8de

SHA256
5494e6faaa16c6cc3a17c8e28a89a33a7e66306c728982527080d2162643a1c5

SHA512
a0d8e744bc5563f329b3b3579f9bd6609672070a8b72c6ad8f576e7043c6544c5d166a951d3822534108ca767d8baaf556d550b4563be352f15b43653f421e23

Download Submit
\Program Files\Blender Foundation\Blender 3.6\blender.shared\openvdb.dll

Filesize
23.7MB

MD5
1b8391ca28f8e5f48c90258f1a896b06

SHA1
6b42a91968902be0fbeadd29c27ea7aeedea5702

SHA256
0480ebd574c976441296b9047bf08ecffb8005db45568b515e28422984a92f9d

SHA512
9b156a5d56bd50807070341ab7cf7c1f5d4d503e3aac18a1de53d7f7941a39ae9247365702b972431fdb784ca013eba196ec88ad0cf4e94043ad24f681841cb0

Download Submit
\Program Files\Blender Foundation\Blender 3.6\blender.shared\swscale-7.dll

Filesize
602KB

MD5
0816313a6daa9db299357319dca0dd5e

SHA1
0e03b8a058b3beb428fbffce8ba2dca6a7112bf9

SHA256
88d6ed7ccb31da15dd4d58d62f6c126d72cee908c2d9933e6ebfed13d2d8c110

SHA512
343da88d8ee67447e0b50275dabce8b224d0512f486bd2b0fb25e7a43694bd7eb47e5e852617118b6318f404ad865d2b98753b3e0a0885312c8b96da9d3e8a7a

Download Submit
\Program Files\Blender Foundation\Blender 3.6\blender.shared\sycl6.dll

Filesize
3.8MB

MD5
04dc5481b320425148a5025a3ed1ab8d

SHA1
eb0bfdfa58a11b777a0af84b4f70941213a40dea

SHA256
1bc81895c38324e2eb1f07232eabb9d9f8fc5f33b3e43541299c1b5c23894378

SHA512
e19022a9038376dfe8f2446835353e3682f7898ff5b4d0dc19632244ee4c66d35d1fe8d4a7f322439295a87f08f61cdc6db5d33dc37ed2e1bbc1cda301f53b9e

Download Submit
\Program Files\Blender Foundation\Blender 3.6\blender.shared\tbb.dll

Filesize
166KB

MD5
f29dd5b74dde563173243f85f3729f77

SHA1
bfee268e122a8b720dfc51c6840f0d6e567f5a76

SHA256
b427e1ffc8d761586b84e3715956c7330c5abd448b9e4e812088dc10b37684ee

SHA512
51e6a3abd60799138b8236e3fe70815dafae490e46a1dc6d5c05d482f54cc9c090f05caf576ea398c399d60c7236a7d5ffc20ec843fe585c4220494cd930400d

Download Submit
\Program Files\Blender Foundation\Blender 3.6\blender.shared\tbbmalloc.dll

Filesize
65KB

MD5
c646178b16fe39c378b64d6e3a3bb6b2

SHA1
5c8f29215b3f2adddd348be2633de8458df1c6a8

SHA256
7cd02902bed32f6b7ca30e68586898150de964c9c1a03d6b794e8f56ab7107fe

SHA512
fe628d255c5feed31fd7918d3ecf635f882ef8909669d0085cc0e143f53cfcd2a2365b47dc275b46ebea4170421de481fa11f532840d6b4dc8ca20f9abc1ef4d

Download Submit
\Program Files\Blender Foundation\Blender 3.6\blender.shared\usd_ms.dll

Filesize
24.4MB

MD5
b5ff8192d06f9ab274e048bec208a103

SHA1
ad476817069694c397c4bf606928b245cafc13e3

SHA256
25d4c993398e165551bcc893d5f6891facd7e9f72d0b7f2b41e478869a0815e5

SHA512
ff33dbf3c21710c40f90e5b4d8cdd064c669b5531151355e2c68d708703b59d035f9a6a1ba6f85ee7ec710e0291a24acaa60dfc53bce8970ca1c391588f5f8aa

Download Submit
memory/3400-5979-0x00007FF861560000-0x00007FF863A4B000-memory.dmp

Filesize
36.9MB

Download
memory/3400-5978-0x000000006ACC0000-0x000000006AF28000-memory.dmp

Filesize
2.4MB

Download
memory/3400-5975-0x00007FF8792C0000-0x00007FF8794C5000-memory.dmp

Filesize
2.0MB

Download
memory/3400-5976-0x00007FF87AA30000-0x00007FF87AAD4000-memory.dmp

Filesize
656KB

Download
memory/3400-5977-0x0000000067380000-0x0000000067543000-memory.dmp

Filesize
1.8MB

Download
memory/3400-5974-0x00007FF88FA80000-0x00007FF88FAA1000-memory.dmp

Filesize
132KB

Download
memory/3400-5973-0x00007FF8794D0000-0x00007FF879831000-memory.dmp

Filesize
3.4MB

Download
memory/3400-5981-0x00007FF87AA00000-0x00007FF87AA29000-memory.dmp

Filesize
164KB

Download
memory/3400-5980-0x0000000070680000-0x00000000708B0000-memory.dmp

Filesize
2.2MB

Download
memory/4464-5953-0x0000000067380000-0x0000000067543000-memory.dmp

Filesize
1.8MB

Download
memory/4464-5955-0x00007FF85FDB0000-0x00007FF86229B000-memory.dmp

Filesize
36.9MB

Download
memory/4464-5957-0x00007FF87A9F0000-0x00007FF87AA19000-memory.dmp

Filesize
164KB

Download
memory/4464-5956-0x0000000070680000-0x00000000708B0000-memory.dmp

Filesize
2.2MB

Download
memory/4464-5954-0x000000006ACC0000-0x000000006AF28000-memory.dmp

Filesize
2.4MB

Download
memory/4464-5952-0x00007FF87B100000-0x00007FF87B1A4000-memory.dmp

Filesize
656KB

Download
memory/4464-5951-0x00007FF87B1B0000-0x00007FF87B3B5000-memory.dmp

Filesize
2.0MB

Download
memory/4464-5949-0x00007FF87B3C0000-0x00007FF87B721000-memory.dmp

Filesize
3.4MB

Download
memory/4464-5950-0x00007FF88F100000-0x00007FF88F121000-memory.dmp

Filesize
132KB

Download
memory/5020-5902-0x00007FF8794D0000-0x00007FF879831000-memory.dmp

Filesize
3.4MB

Download
memory/5020-5907-0x0000000070680000-0x00000000708B0000-memory.dmp

Filesize
2.2MB

Download
memory/5020-5904-0x00007FF87AD10000-0x00007FF87AF15000-memory.dmp

Filesize
2.0MB

Download
memory/5020-5913-0x00007FF8995F0000-0x00007FF899600000-memory.dmp

Filesize
64KB

Download
memory/5020-5906-0x000000006ACC0000-0x000000006AF28000-memory.dmp

Filesize
2.4MB

Download
memory/5020-5911-0x00007FF87ACE0000-0x00007FF87AD09000-memory.dmp

Filesize
164KB

Download
memory/5020-5905-0x00007FF87AA30000-0x00007FF87AAD4000-memory.dmp

Filesize
656KB

Download
memory/5020-5903-0x00007FF88F0D0000-0x00007FF88F0F1000-memory.dmp

Filesize
132KB

Download
memory/5020-5909-0x0000000067380000-0x0000000067543000-memory.dmp

Filesize
1.8MB

Download
memory/5020-5895-0x00007FF868FA0000-0x00007FF86B48B000-memory.dmp

Filesize
36.9MB

Download
memory/5020-5900-0x00007FF8995F0000-0x00007FF899600000-memory.dmp

Filesize
64KB

Download
memory/5020-5899-0x00007FF8995F0000-0x00007FF899600000-memory.dmp

Filesize
64KB

Download
memory/5020-5898-0x00007FF8995F0000-0x00007FF899600000-memory.dmp

Filesize
64KB

Download
memory/5020-5897-0x00007FF8995F0000-0x00007FF899600000-memory.dmp

Filesize
64KB

Download
memory/5020-5896-0x00007FF8995F0000-0x00007FF899600000-memory.dmp

Filesize
64KB

Download
memory/5020-5894-0x00007FF7ED240000-0x00007FF7EE240000-memory.dmp

Filesize
16.0MB

Download