aab27bd5547d35dc159288f3b5b8760f21b0cfec86e8f0032b49dd0410f232bc

Analysis

max time kernel
524s
max time network
401s
platform
windows10-1703_x64
resource
win10-20230703-en
resource tags

arch:x64arch:x86image:win10-20230703-enlocale:en-usos:windows10-1703-x64system
submitted
27-07-2023 13:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

mingw-get-setup.exe
Size

84KB
MD5

92d905bdfe13c798a2cda2bbacdad932
SHA1

66f1355f16ac1e328243e877880eb6e45e8b30e2
SHA256

aab27bd5547d35dc159288f3b5b8760f21b0cfec86e8f0032b49dd0410f232bc
SHA512

5c96c7be222d5c836402df302f5a1866df72bcad3d13643e8703e536cea9c6e42fde344ca79d564051fd3cd93326e834b3c4b7f59e5591d61cba3d59b7c9a180
SSDEEP

1536:+sE5jlwWrw6I3N8SFsngkZ4nJ9jHZN+4Ie6fFF6rS7cnouy8VAt:tE5Rw6GN8wsngi4nJ7N+P7Foc8outy

Score

7^/10

upx

Malware Config

Signatures

Loads dropped DLL 2 IoCs

pid	Process
4256	mingw-get-setup.exe
4256	mingw-get-setup.exe

UPX packed file 4 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/4256-117-0x0000000000400000-0x0000000000438000-memory.dmp	upx
behavioral1/memory/4256-118-0x0000000000400000-0x0000000000438000-memory.dmp	upx
behavioral1/memory/4256-119-0x0000000000400000-0x0000000000438000-memory.dmp	upx
behavioral1/memory/4256-123-0x0000000000400000-0x0000000000438000-memory.dmp	upx

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1766410430-2870137818-4067673745-1000_Classes\Local Settings	control.exe
Key created	\REGISTRY\USER\S-1-5-21-1766410430-2870137818-4067673745-1000_Classes\Local Settings	control.exe

Suspicious behavior: GetForegroundWindowSpam 2 IoCs

pid	Process
4256	mingw-get-setup.exe
4192	systempropertiesremote.exe

Suspicious use of AdjustPrivilegeToken 7 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3584	control.exe
Token: SeCreatePagefilePrivilege	3584	control.exe
Token: SeBackupPrivilege	4984	vssvc.exe
Token: SeRestorePrivilege	4984	vssvc.exe
Token: SeAuditPrivilege	4984	vssvc.exe
Token: SeShutdownPrivilege	3828	control.exe
Token: SeCreatePagefilePrivilege	3828	control.exe

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 4256 wrote to memory of 4084	4256	mingw-get-setup.exe	69
PID 4256 wrote to memory of 4084	4256	mingw-get-setup.exe	69
PID 4256 wrote to memory of 4084	4256	mingw-get-setup.exe	69
PID 4256 wrote to memory of 1444	4256	mingw-get-setup.exe	70
PID 4256 wrote to memory of 1444	4256	mingw-get-setup.exe	70
PID 4256 wrote to memory of 1444	4256	mingw-get-setup.exe	70

Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware

C:\Users\Admin\AppData\Local\Temp\mingw-get-setup.exe
"C:\Users\Admin\AppData\Local\Temp\mingw-get-setup.exe"
1⤵
- Loads dropped DLL
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of WriteProcessMemory
PID:4256
- C:\Windows\SysWOW64\wscript.exe
  wscript -nologo C:\MinGW\libexec\mingw-get\shlink.js --all-users --start-menu --description "MinGW Installation Manager" C:\MinGW\libexec\mingw-get\guimain.exe "MinGW Installation Manager"
  2⤵
  PID:4084
- C:\Windows\SysWOW64\wscript.exe
  wscript -nologo C:\MinGW\libexec\mingw-get\shlink.js --all-users --desktop --description "MinGW Installation Manager" C:\MinGW\libexec\mingw-get\guimain.exe "MinGW Installer"
  2⤵
  PID:1444

C:\Windows\system32\control.exe
"C:\Windows\system32\control.exe" SYSTEM
1⤵
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
PID:3584

C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
1⤵
PID:832

C:\Windows\system32\systempropertiesprotection.exe
"C:\Windows\system32\systempropertiesprotection.exe"
1⤵
PID:2644

C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4984

C:\Windows\system32\control.exe
"C:\Windows\system32\control.exe" SYSTEM
1⤵
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
PID:3828

C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
1⤵
PID:4264

C:\Windows\System32\SystemPropertiesComputerName.exe
"C:\Windows\System32\SystemPropertiesComputerName.exe"
1⤵
PID:3420

C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
1⤵
PID:2036

C:\Windows\system32\systempropertiesremote.exe
"C:\Windows\system32\systempropertiesremote.exe"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
PID:4192

C:\Windows\system32\cmd.exe
"C:\Windows\system32\cmd.exe"
1⤵
PID:4460

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:1672

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\MinGW\bin\mingw32-cc.exe

Filesize
1.7MB

MD5
3b866f376b285803bc1b795a2734c70e

SHA1
c73032f68953b8a4f6ac4d812258086fd4a1a6c8

SHA256
bf1b1beede358a34dcaa4da4b5f6809c26abf7691ba23314c81ba61604b23430

SHA512
515ee0799fd417218f7c870f55bf556ef197e6fc0e173491fd0016a511ccab040036d4cbd168ea4e960021b5f0b341ab18b38c6cda59c5901748fcd92cc79f4a

Download Submit
C:\MinGW\bin\mingw32-ld.bfd.exe

Filesize
8.8MB

MD5
1e378e25af033c4eccf6232936a70c33

SHA1
89a10c4a75ae99fae6500a51dbef4f5c685fccbf

SHA256
71e5d273f7ebeb1312a2c27854bc51a5f01fcdd687efdfe326875bc029abbe67

SHA512
44044579819157ac9a57307b4813e446dd095ee007637b08b60aa63a888ff0a6ff29d641b358749ab32ae34b2707353197bc7ecb6ddeacd9155cbc98674da755

Download Submit
C:\MinGW\libexec\mingw-get\guimain.exe

Filesize
141KB

MD5
63dd6168efccf34442141bc6a30ca4b5

SHA1
4215e4157baeb2709ddf46aa23bae3512c388c16

SHA256
f3d7c1f06a99cd9fd9e1b52b18b031171617e30a884eaacf210f4e02caca8d25

SHA512
6bac1514408c83607de3e381828cb74fa9e24b72860ca3f1245c25a111e1e61346a37fd2e1cbcf553097ce1f7f149beb188364e844ce959ac7f4d0a14bb01339

Download Submit
C:\MinGW\libexec\mingw-get\shlink.js

Filesize
10KB

MD5
7c05fb7cfcb8af75cc51f0e5b5b8a63f

SHA1
7344f388103e4aceaf9bb2088afc8bf39b6da184

SHA256
a4d51113d10de71cde294e76ddd63e35273a33c4321eb50d804264ca97c51331

SHA512
9bf2b1c262fe7bbd26ac2367526c14d3bb9aab56d35e2cc149885412fd6b6e82f60c66de8ef39190cc9782c65e99471420d8e53695d7d25220d29c9ee4fcf7b5

Download Submit
C:\MinGW\mingw32\bin\ar.exe

Filesize
7.3MB

MD5
9e84fb7258024b17d88340eb38ba6330

SHA1
370de288a098b1f02208c8ec91291e667502e337

SHA256
5226b0ec7da994c3fe4beae5d7296639242943cf5f067444dfbfc430e3b66ad8

SHA512
01339289f1357d093f57b33065aafbb17251a3262c292eb3c15d4c20c3c27cfe752146a4fed8c7a517999f7e6849cd3843a5835c14c12e3f216d7a9b999fa1fa

Download Submit
C:\MinGW\mingw32\bin\as.exe

Filesize
9.2MB

MD5
bc1228a3aa09c6a06ebdb142f7a8f541

SHA1
46c088be500732300f089ce10511c4ae227800e9

SHA256
416b0e0b902d23a3122857d132165a1a6b8dea65bf7831f2fd06baaf0057b763

SHA512
8ccb6470e70f66fd118759836debcb7af7a1586f42e20ffd23b73a94e4034384a4f99f7e1868efb07b6889ab3ae73560e2cee915343aefa55c62d85e019505c2

Download Submit
C:\MinGW\mingw32\bin\dlltool.exe

Filesize
7.2MB

MD5
ecd7f37e04f885ddfe5bcf3536783854

SHA1
e23350f4cc97337eef6f0bfa1cde9d5f63d49855

SHA256
ef3fe064def3ae54fa14b1d3f24c9865794a5ae9032c920ee0589e241900e529

SHA512
b49eef02a92ae14ad0ff21dd609133e6c3820e551f1c07e65a1a22aa3b85af96d588a35126da6f2609d7726da19b1ca2dd8173a15139f14667c513717bb4b70e

Download Submit
C:\MinGW\mingw32\bin\nm.exe

Filesize
7.1MB

MD5
adeac6fe18f49b3ca1f97817c78758fd

SHA1
47e0861248ede9aa434cbe0884288a6bd0026e77

SHA256
06d5266b74b791d60af7202898348d52919369c12edff801f4a09d915db2e487

SHA512
3136e493632c1e5e1383a4e603f896e1e8aa151601854d6e1f3e6b2ac35bcbfbfa3a98dfd77cc7c8687c6520a8ceb38b4be752bdde9ea21527879487e8ee502b

Download Submit
C:\MinGW\mingw32\bin\objcopy.exe

Filesize
8.0MB

MD5
45e3ca17a30567f289bb7e57f17a52b4

SHA1
627b3c83a34b62c049eae7538873b2a5cf641494

SHA256
37d6ab7fe9b19d0a53f4de514fd5f9ac28a4204f29695beeea649e83e6f1b305

SHA512
053f8844a3c171db53db2a0de8b375f6f554d2559d2c0d58a2f822365b65c3d420463cd29e7b1dd90eca5932f2344aa1c3642fc22a4a14ecff215e756b00de89

Download Submit
C:\MinGW\mingw32\bin\objdump.exe

Filesize
8.8MB

MD5
98b8f179ee41fdc5c95eb6b48a1136b7

SHA1
5d928732872423b678f58b82adb82c543ae98b77

SHA256
3328534219fd5cd9bd4f55ce4dc4000fbfa810d3a9f2fc60844a2fc193082ee6

SHA512
a8d596b34fc461000db1b35b60752c6b716f5de767d6cfc4ed16fb094283a3c54ed699525fcc0094b94d412b148efd264315d77218799c49d6f05e9baa290d58

Download Submit
C:\MinGW\mingw32\bin\ranlib.exe

Filesize
7.3MB

MD5
04c4751d14a581077233f2c167358974

SHA1
28b509186121ee3e8b4d3556b423df6066acdea4

SHA256
235dd2768ae5cf8932016e092e437c0eaca59705c7a34bcb0026aa481393054f

SHA512
79e8888cea93eef06019b5ccac2da4dc971d1e38344be870a7a4aea2907da5c558c192d6bdd0665a9f9753fbca13c4c1e4572f104f71e2e714e40c379db986ae

Download Submit
C:\MinGW\mingw32\bin\strip.exe

Filesize
8.0MB

MD5
f29b755f36abc7ba4bf307660440d70c

SHA1
b6b5509a8c418f1c4be446ff92529b71ddbc1757

SHA256
3695b631b2a6c42a686688d4b6dc9a15993886c825fae979d3f0f59f03c206c6

SHA512
e7ff72598f25099809935295d911c29a2858bb7464e37882c970c23b131c33b632a167c9c42282e36f0b6c03bd72b2ac0804aa54056eaa481358c63c638cb3f3

Download Submit
C:\MinGW\mingw32\lib\gcc\mingw32\4.8.1\include-fixed\README

Filesize
750B

MD5
455903ad4ff71fa5c5340ef7ae41a0e6

SHA1
d83e1768f15f380f6a4e7c50313a7a1b4a5ca7e1

SHA256
32baa94efdf4fb418c20321f14a1b66982a6cd3c2b5bc8fbfbe438f687c528d6

SHA512
c12069598bc4ea7e4a7e9d17c53591377e58c128dd434df73a9396ab4b01175c150335b8310f277eea36a54511e93c5f8f81cb7e39084f26de424d2242090de2

Download Submit
C:\MinGW\mingw32\lib\gcc\mingw32\4.8.1\include-fixed\limits.h

Filesize
5KB

MD5
4ec89262345475f488b3f49b36b3be2e

SHA1
2be2291ba9303a5de8d8c08ca46d093eecffd64b

SHA256
c8d3b2b19f8c62cfc3634012b6fbb34a6dc66ec2a18828044e94f62fc8d1efea

SHA512
0f700b2f9920fed53cd06b7889fe0be8cad3a7cd822b419ad3964ac46db0b26fd738cb4371d714249f14703aa5a7963e1a2673e53e603d856ee98d3d1964a4a4

Download Submit
C:\MinGW\mingw32\lib\gcc\mingw32\4.8.1\include-fixed\syslimits.h

Filesize
330B

MD5
c32a1d882e7039afe158bb9e59b65223

SHA1
238c8a1b9ec309de5bac212baf0a655a56da3a28

SHA256
22dd0ab81baadd5a8d455b445855f341d419c7b0267beca235de00b7ec78e529

SHA512
4a652800d87636ffa732f8ea4a1cadc0c7072ed98905629086628bc6f9c4697a9daf793fddc58111831608458373c7ae916377e26231ff365a0d17abbd40fc39

Download Submit
C:\MinGW\mingw32\lib\gcc\mingw32\4.8.1\include\c++\backward\hash_map

Filesize
17KB

MD5
1f0ac441d4c7543b29df27ba40c75a81

SHA1
a0ba538260b0965a8209ae308f55d1a9d0a9241e

SHA256
f9e0128092f559d8609a53cf87d844796f895ef22ecd3d9726c8b80d2150fc4c

SHA512
bbf42ecee43c801962dd90a28950d7a184fd90a7cd84069a15c4a689780be41328c351c887274ae7716f82ba5541d8c1ece47ebede579c7f003384268ab48c5e

Download Submit
C:\MinGW\mingw32\lib\gcc\mingw32\4.8.1\include\c++\backward\hash_set

Filesize
16KB

MD5
b0d2765922f5c112b7449170303cd40f

SHA1
ed9526ee9c2a12733f9ac2637a288a0768123934

SHA256
a6f7f9eabd5f6898aed3752bd8723f213d694412d49a5bc7bbd9e7eb00589928

SHA512
199475ce5fe1af607c611fa581497328d225091b63ac3ef68f2712b124d3c83c5751ab96ee413e55f6593ced7bf36b1a78afa68fea0977dc1383c28e676fc173

Download Submit
C:\MinGW\share\doc\gcc\4.8.1\gcc\COPYING3

Filesize
34KB

MD5
d32239bcb673463ab874e80d47fae504

SHA1
8624bcdae55baeef00cd11d5dfcfa60f68710a02

SHA256
8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903

SHA512
7633623b66b5e686bb94dd96a7cdb5a7e5ee00e87004fab416a5610d59c62badaf512a2e26e34e2455b7ed6b76690d2cd47464836d7d85d78b51d50f7e933d5c

Download Submit
C:\MinGW\share\doc\gcc\4.8.1\include\COPYING

Filesize
17KB

MD5
59530bdf33659b29e73d4adb9f9f6552

SHA1
68c94ffc34f8ad2d7bfae3f5a6b996409211c1b1

SHA256
231f7edcc7352d7734a96eef0b8030f77982678c516876fcb81e25b32d68564c

SHA512
cb0a4f39c66d8d6bf668b2e989fc7741b5da50a48cf69921556e87c8d2ab648d23189628e5a26d7b86b9db47c8593e0e4bc6e9881ec03ca8d2ed62d8bd761e84

Download Submit
C:\MinGW\share\doc\gcc\4.8.1\libquadmath\COPYING.LIB

Filesize
25KB

MD5
a916467b91076e631dd8edb7424769c7

SHA1
597bf5f9c0904bd6c48ac3a3527685818d11246d

SHA256
32434afcc8666ba060e111d715bfdb6c2d5dd8a35fa4d3ab8ad67d8f850d2f2b

SHA512
d9842b27dd5ed4e255c3d7eead771d999257d7d0e8114e15e3508b7fa52a797b8d628036461590e7ab50e36e54abbd5cb7a42d05cf1d1ba9f5c4a77b97424f55

Download Submit
C:\MinGW\var\cache\mingw-get\data\package-list.xml

Filesize
493B

MD5
c9677246b18c55e98a5d4c93f2137100

SHA1
a21f9284e078fd314a710bf72494b5c67f2846f7

SHA256
29b76a0df200eb62ddba993134dad0e7979964d49e2680153cdf02ab8e17e9f4

SHA512
8bd62dd4268838fd922421b579a7564c6e8572b0dfbf27e5235b38d5711ad2ee7e7d05c50209ddd80cbe740e95366d041be904b3d0d4256d015d85397fecb155

Download Submit
C:\MinGW\var\cache\mingw-get\packages\mingw-get-0.6.2-mingw32-beta-20131004-1-bin.tar.xz

Filesize
260KB

MD5
6453e5e9a88511a599630013ca0f2871

SHA1
b912dbccd0f737d3006eefd1d451d2c39b2e5a92

SHA256
d199842bad7373bc52cec841d31abf42c77febddaa9e3d8a3cf3182523b23b01

SHA512
75faf0c754dc051e647d341eaeebeda1b3d1e6a0cd795afab0f7a270d2af74d54dd06840a607e89e6907b898ab1c923c79fb74a552ce13178ecfea6f6c088b65

Download Submit
C:\MinGW\var\cache\mingw-get\packages\mingw-get-0.6.2-mingw32-beta-20131004-1-gui.tar.xz

Filesize
56KB

MD5
5ec17e2f07d410f721e38bafe544f3d6

SHA1
4fd2f627a83858c25cfd11be3a6e21fd752052c6

SHA256
427887aaf995523083875599295d462f8f805fde16ca7a770ca93ccf2c198a2c

SHA512
9599e515251c764560938de4cd01fe1903201d40d2ad529df57cdfed0d91211a35446a9a1055fb34a272c2dd527adabed36af1ed229fad461a0bcf601bef5c3d

Download Submit
C:\MinGW\var\cache\mingw-get\packages\mingw-get-0.6.2-mingw32-beta-20131004-1-lic.tar.xz

Filesize
12KB

MD5
809d7d44cd3396481057dd6fb615c20a

SHA1
c9bff67e782d48002c7458152bbb96e4f4d2115d

SHA256
92adc1151b1463906e2bdb091482bafd54e363598a618c160ab1dad19111d510

SHA512
0758dc338ec9927525ba9325aea58414af989607bec8c93893ba1d5adee67c76b8312f1b5a5c314f154d928309edbcffdd37136149e1a45bcccf31aeed945563

Download Submit
C:\MinGW\var\lib\mingw-get\data\mingw32-contrib-package-list.xml

Filesize
1018B

MD5
6b6d83f2f6cc1d60096526470cfbbdb0

SHA1
035d5728944d061019b82a32e993e9147acf7c3e

SHA256
d243a0920d612cf1ff2bf938cc0a2bebe8feaecad9f28cf0b3df50ff66b6fefe

SHA512
2b85d20066db05cde200300eab37a1b5de34b5cf5a3170bc123e3a7921a37d6dbf0b7f1e6bac49d2febfc45903ced3cb9ea7d1aee53209366ec62ab98a4b64e2

Download Submit
C:\MinGW\var\lib\mingw-get\data\mingw32-libunistring.xml

Filesize
2KB

MD5
127ec577bdf672b1df29c4c8eec101c0

SHA1
fcb8351f86ddb0584d4ea1b2c861143bdd81cf01

SHA256
5782b67c8d523210fcf41c9e5e89ebbd7638d0ab8c4ac31020cb59f2c3322264

SHA512
355dacc4b521aa77bfd0d8a7658b2d69dfcde1220f39f16fd3396da486d5b7d5e902b14b2b1b9151ae02968a97af0b6fac5583f0124624d31644638c5692e023

Download Submit
C:\MinGW\var\lib\mingw-get\data\mingw32-mingw-get.xml

Filesize
5KB

MD5
5347b8944a1a422805de4837cca9d2d0

SHA1
883b07940c225d8ec058f0582f8f5a6a8d71157c

SHA256
38a4c26035c51c837379eca66f9a140b9fadcd77b89cafdcc5b2734cb5b33d36

SHA512
72e583ed2cc9fc1d8e9e97d0df4f78d8152b03dd95eb92c3533295ea0a53a6eeb5486f10e074f16d7636f508b014e79cf709deb748412c9186f94f5bd2549edb

Download Submit
C:\MinGW\var\lib\mingw-get\data\mingw32-ncurses.xml

Filesize
4KB

MD5
3b293229b49a8b0d2f7222725149c7d9

SHA1
bc224b54583e9657bc522d432aa152a5f7cfec83

SHA256
4d228dc621d4280620fb89f8d3c5a57a4635d398bec14cf4b56e98cb129ace0e

SHA512
729782be28a5767eecef24f2657aa8e31084bf48683bbc4c9f6e70dd209baf4d670b15d95583d8b89e05837cb07ce6aa2c18572136d6fbed5dcee2c8dac60ee7

Download Submit
C:\MinGW\var\lib\mingw-get\data\mingw32-pdcurses.xml

Filesize
2KB

MD5
6cacbf9cf80af1018adcb73197c05f45

SHA1
8f9c529e373558d2c3b7614613b6052fea7513ca

SHA256
1e47e342859286c3c9e9887e24cd3c442bff9916474bc73d68673694a07913d7

SHA512
aedca40d1cfd1aab8f477745bb41fd55d22f7c9aef602f2b9658c7b9ac1fe964b6f67d6ba900653ba6bf4606597f4f028482302e1edebfa3676374abd2dec881

Download Submit
C:\MinGW\var\lib\mingw-get\data\mingw32-tcltk.xml

Filesize
3KB

MD5
1821cb7b4145d7ffcc3f5f6ea92455a5

SHA1
c496e5120609450bfb947820e39168ad28a95686

SHA256
8891d0836af5673de126a335c00ebe99494e3882e8de9d7a14fe094aca384bfb

SHA512
fa0b11ed92d5046fe308dc1f413875c9bf963d9dded175728a1c3d0832fe725880253db036f80eb27f223e855002b5969bdb09ba753a1775e22d51e4b3682dff

Download Submit
C:\MinGW\var\lib\mingw-get\data\mingw32-xerces-c.xml

Filesize
3KB

MD5
465e2e8e70d878b74b42ea9edc98eb32

SHA1
4bcac5a28ee8c8010d8596781958f5142ac4d60f

SHA256
93fe1f976ea949a04a0b091bb497d75f59f4755f9d7aa44f6b13ac806f5e7d2b

SHA512
b97ef9774fdab5d40add7dbf9f198d3faf1a9ea1eeb46867827062d20f0972168c65d830bb3fc164cef3749a04772cd25af71b6e67c10f01102c9e0376ca443f

Download Submit
C:\MinGW\var\lib\mingw-get\data\msys-mksh.xml

Filesize
1KB

MD5
8dc922e07a01a233fc8bb3f71c183555

SHA1
672c6390f7b0eee900cc751a42b70549e6b28568

SHA256
20e907e57257f20b229a7414719f4c45c12c4a00747b7dcec81a3c524c1ed81b

SHA512
f9aa538713895bf55e1535f964c7c2aa88435bbdd9e8054c3bc009d9fcab214f6636529a0dac03f1c994a13589581e07225b68d2f07c26a46a4e4d075f81430f

Download Submit
C:\MinGW\var\lib\mingw-get\data\profile.xml

Filesize
5KB

MD5
d76a902ad2f5498bb1cc0f79f671597d

SHA1
ac70b375312ffa73527b1859efce37ec028c2bf1

SHA256
17366da811ca26651c139530cedc42ce215f237833f08417c2f3f4f10d475b7a

SHA512
b47217ae8d3067ce6ef459b48f9f080c120c9e4353a8e0d23c35e9a18bba7805d2d86a9761795e2f8c0c961228c139529f837f49b45d509b7e79e233f2174203

Download Submit
\MinGW\libexec\mingw-get\mingw-get-0.dll

Filesize
550KB

MD5
2188006826da68eeb29cb3f16f385263

SHA1
5be8b4740e38f9e7461471bcc4da089a041740e1

SHA256
a481512fce53e3180e68701a5cdc2b82c8d89757cf7b7e1330e10d9f5f4ccaa2

SHA512
4c72601c65e81ca878d96432377827fa36cef9b3a058cf33a12da80dd0bbb607df92f6799ef1b1cab974896fddf1c66202b57b050b4fd05510f19ca29ab43aa3

Download Submit
\MinGW\libexec\mingw-get\mingw-get-setup-0.dll

Filesize
133KB

MD5
10f72745741618404c3aea7422b9e110

SHA1
e40ee03d1488a80e608e67b2eee1bab491240fe6

SHA256
5c45a7439d127c09b74fa16a0b300fb290ba15d316397579985464be484b8e17

SHA512
9ed7132fcacc812cbf50d7997bf1e7239e05498d1749fe765c05fa5b8cde0bcfdbed45aec2cf4c61c31ccc9dfe2fd25288c7bee8bc9e33dda24508724ed9d3d2

Download Submit
memory/4256-435-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-529-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-462-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-464-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-466-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-470-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-471-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-468-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-473-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-475-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-477-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-479-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-481-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-483-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-487-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-485-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-489-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-491-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-495-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-493-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-497-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-499-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-501-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-505-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-503-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-509-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-507-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-511-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-513-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-514-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-516-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-518-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-520-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-523-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-525-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-460-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-527-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-458-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-454-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-456-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-452-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-450-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-448-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-446-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-444-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-440-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-442-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-117-0x0000000000400000-0x0000000000438000-memory.dmp

Filesize
224KB

Download
memory/4256-438-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-436-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-431-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-433-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-429-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-427-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-425-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-423-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-421-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-418-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-419-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-416-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-414-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-412-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-408-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-410-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-406-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-403-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-404-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-401-0x0000000067A40000-0x0000000067A6B000-memory.dmp

Filesize
172KB

Download
memory/4256-123-0x0000000000400000-0x0000000000438000-memory.dmp

Filesize
224KB

Download
memory/4256-119-0x0000000000400000-0x0000000000438000-memory.dmp

Filesize
224KB

Download
memory/4256-118-0x0000000000400000-0x0000000000438000-memory.dmp

Filesize
224KB

Download