dabbf48bedb08ceea84df4262b3aa7202d32bdb77a4921ede053c6d18b077dd0

Resubmissions

23/08/2023, 13:30

230823-qr7vwadh9y 7

23/08/2023, 13:25

23/08/2023, 13:17

23/08/2023, 12:46

23/08/2023, 12:04

23/08/2023, 11:40

Analysis

max time kernel
107s
max time network
136s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
23/08/2023, 11:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

mendeley-reference-manager-2.98.0.exe
Size

145.3MB
MD5

d0d7bae37de697a34f6e55a840789766
SHA1

8bc389cdbb178da0a33737c66ae0625800530a55
SHA256

dabbf48bedb08ceea84df4262b3aa7202d32bdb77a4921ede053c6d18b077dd0
SHA512

df24bff4f7a69bd0063c45370eb35091a42a1a6188bdcb6f7aa31594766293f68fc7608347137bd3bdc841232f391a1e9c4dff832369095ac91a8f7e3225d5d0
SSDEEP

3145728:bgznDOW+eEAK/MVpiFEP3vn950eJufjdiffRSR5Ua/LSpQ5q4:ODAe3K/Qd34LdiffA/Uaj7t

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 5 IoCs

pid	Process
1812	Mendeley Reference Manager.exe
3004	Mendeley Reference Manager.exe
2460	Mendeley Reference Manager.exe
2348	Mendeley Reference Manager.exe
2340	Mendeley Reference Manager.exe

Loads dropped DLL 24 IoCs

pid	Process
2448	mendeley-reference-manager-2.98.0.exe
2448	mendeley-reference-manager-2.98.0.exe
2448	mendeley-reference-manager-2.98.0.exe
2448	mendeley-reference-manager-2.98.0.exe
2448	mendeley-reference-manager-2.98.0.exe
2448	mendeley-reference-manager-2.98.0.exe
2448	mendeley-reference-manager-2.98.0.exe
2448	mendeley-reference-manager-2.98.0.exe
2448	mendeley-reference-manager-2.98.0.exe
2448	mendeley-reference-manager-2.98.0.exe
2448	mendeley-reference-manager-2.98.0.exe
2448	mendeley-reference-manager-2.98.0.exe
1236	Process not Found
1236	Process not Found
1236	Process not Found
1236	Process not Found
1812	Mendeley Reference Manager.exe
3004	Mendeley Reference Manager.exe
2460	Mendeley Reference Manager.exe
2460	Mendeley Reference Manager.exe
2460	Mendeley Reference Manager.exe
2460	Mendeley Reference Manager.exe
2348	Mendeley Reference Manager.exe
2340	Mendeley Reference Manager.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\Mendeley Reference Manager\resources\app.asar.unpacked	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\locales\el.pak	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\locales\es.pak	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\locales\fr.pak	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\locales\id.pak	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\locales\pl.pak	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\locales\sl.pak	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\locales\bg.pak	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\locales\cs.pak	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\locales\sk.pak	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\locales\zh-CN.pak	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\resources\app.asar.unpacked\node_modules\7zip\7zip-lite\readme.txt	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\locales\lv.pak	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\locales\pl.pak	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\v8_context_snapshot.bin	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\LICENSE.electron.txt	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\locales\fil.pak	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\resources\app.asar	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\vk_swiftshader_icd.json	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\vulkan-1.dll	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\resources\app.asar.unpacked\node_modules\7zip\7zip-lite	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\locales\lt.pak	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\locales\nl.pak	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\ffmpeg.dll	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\locales\es-419.pak	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\locales\et.pak	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\locales\et.pak	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\locales\hu.pak	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\locales\ro.pak	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\locales\zh-TW.pak	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\resources\app.asar.unpacked\node_modules\7zip\package.json	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\LICENSE.electron.txt	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\locales\ml.pak	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\locales\pt-BR.pak	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\resources\app.asar.unpacked\node_modules\7zip\7zip-lite\7-zip32.dll	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\resources\app.asar.unpacked\node_modules\7zip\7zip-lite\7z.sfx	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\vk_swiftshader.dll	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\resources\app.asar.unpacked\node_modules\7zip	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\LICENSES.chromium.html	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\chrome_200_percent.pak	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\locales\am.pak	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\locales\da.pak	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\locales\de.pak	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\locales\fa.pak	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\locales\lv.pak	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\locales\pt-PT.pak	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\resources\app-update.yml	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\locales	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\LICENSES.chromium.html	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\locales\he.pak	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\locales\nb.pak	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\locales\th.pak	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\resources\app.asar.unpacked\node_modules\7zip\7zip-lite\readme.txt	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\libGLESv2.dll	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\locales\cs.pak	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\locales\fil.pak	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\locales\hr.pak	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\resources\app.asar.unpacked\node_modules\7zip\package.json	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\libEGL.dll	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\locales\bn.pak	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\locales\en-US.pak	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\locales\fi.pak	mendeley-reference-manager-2.98.0.exe
File opened for modification	C:\Program Files\Mendeley Reference Manager\locales\ru.pak	mendeley-reference-manager-2.98.0.exe
File created	C:\Program Files\Mendeley Reference Manager\locales\sl.pak	mendeley-reference-manager-2.98.0.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 5 IoCs

pid	Process
2448	mendeley-reference-manager-2.98.0.exe
2448	mendeley-reference-manager-2.98.0.exe
2448	mendeley-reference-manager-2.98.0.exe
3004	Mendeley Reference Manager.exe
2348	Mendeley Reference Manager.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeSecurityPrivilege	2448	mendeley-reference-manager-2.98.0.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 2460	1812	Mendeley Reference Manager.exe	32
PID 1812 wrote to memory of 3004	1812	Mendeley Reference Manager.exe	35
PID 1812 wrote to memory of 3004	1812	Mendeley Reference Manager.exe	35
PID 1812 wrote to memory of 3004	1812	Mendeley Reference Manager.exe	35
PID 1812 wrote to memory of 2348	1812	Mendeley Reference Manager.exe	34
PID 1812 wrote to memory of 2348	1812	Mendeley Reference Manager.exe	34
PID 1812 wrote to memory of 2348	1812	Mendeley Reference Manager.exe	34
PID 1812 wrote to memory of 2340	1812	Mendeley Reference Manager.exe	33
PID 1812 wrote to memory of 2340	1812	Mendeley Reference Manager.exe	33
PID 1812 wrote to memory of 2340	1812	Mendeley Reference Manager.exe	33
PID 1812 wrote to memory of 2340	1812	Mendeley Reference Manager.exe	33
PID 1812 wrote to memory of 2340	1812	Mendeley Reference Manager.exe	33
PID 1812 wrote to memory of 2340	1812	Mendeley Reference Manager.exe	33
PID 1812 wrote to memory of 2340	1812	Mendeley Reference Manager.exe	33
PID 1812 wrote to memory of 2340	1812	Mendeley Reference Manager.exe	33
PID 1812 wrote to memory of 2340	1812	Mendeley Reference Manager.exe	33
PID 1812 wrote to memory of 2340	1812	Mendeley Reference Manager.exe	33
PID 1812 wrote to memory of 2340	1812	Mendeley Reference Manager.exe	33
PID 1812 wrote to memory of 2340	1812	Mendeley Reference Manager.exe	33
PID 1812 wrote to memory of 2340	1812	Mendeley Reference Manager.exe	33
PID 1812 wrote to memory of 2340	1812	Mendeley Reference Manager.exe	33
PID 1812 wrote to memory of 2340	1812	Mendeley Reference Manager.exe	33
PID 1812 wrote to memory of 2340	1812	Mendeley Reference Manager.exe	33
PID 1812 wrote to memory of 2340	1812	Mendeley Reference Manager.exe	33

C:\Users\Admin\AppData\Local\Temp\mendeley-reference-manager-2.98.0.exe
"C:\Users\Admin\AppData\Local\Temp\mendeley-reference-manager-2.98.0.exe"
1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:2448

C:\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe
"C:\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1812
- C:\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe
  "C:\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe" --type=gpu-process --field-trial-handle=984,13543994528516321080,10512722880345933301,131072 --enable-features=WebComponentsV0Enabled --disable-features=CookiesWithoutSameSiteMustBeSecure,OutOfBlinkCors,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=988 /prefetch:2
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:2460
- C:\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe
  "C:\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe" --type=renderer --field-trial-handle=984,13543994528516321080,10512722880345933301,131072 --enable-features=WebComponentsV0Enabled --disable-features=CookiesWithoutSameSiteMustBeSecure,OutOfBlinkCors,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=en-US --standard-schemes=mrmfile,mrmdata --secure-schemes=mrmfile,mrmdata --bypasscsp-schemes=mrmfile,mrmdata --cors-schemes=mrmfile,mrmdata --fetch-schemes=mrmfile,mrmdata --service-worker-schemes --streaming-schemes --app-path="C:\Program Files\Mendeley Reference Manager\resources\app.asar" --enable-sandbox --native-window-open --context-isolation --background-color=#fff --enable-spellcheck --enable-websql --disable-electron-site-instance-overrides --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1692 /prefetch:1
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:2340
- C:\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe
  "C:\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe" --type=renderer --field-trial-handle=984,13543994528516321080,10512722880345933301,131072 --enable-features=WebComponentsV0Enabled --disable-features=CookiesWithoutSameSiteMustBeSecure,OutOfBlinkCors,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=en-US --standard-schemes=mrmfile,mrmdata --secure-schemes=mrmfile,mrmdata --bypasscsp-schemes=mrmfile,mrmdata --cors-schemes=mrmfile,mrmdata --fetch-schemes=mrmfile,mrmdata --service-worker-schemes --streaming-schemes --app-path="C:\Program Files\Mendeley Reference Manager\resources\app.asar" --no-sandbox --no-zygote --preload="C:\Program Files\Mendeley Reference Manager\resources\app.asar\dist\preload.js" --context-isolation --background-color=#fff --enable-spellcheck --enable-websql --disable-electron-site-instance-overrides --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1648 /prefetch:1
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious behavior: EnumeratesProcesses
  PID:2348
- C:\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe
  "C:\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=984,13543994528516321080,10512722880345933301,131072 --enable-features=WebComponentsV0Enabled --disable-features=CookiesWithoutSameSiteMustBeSecure,OutOfBlinkCors,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=en-US --service-sandbox-type=network --standard-schemes=mrmfile,mrmdata --secure-schemes=mrmfile,mrmdata --bypasscsp-schemes=mrmfile,mrmdata --cors-schemes=mrmfile,mrmdata --fetch-schemes=mrmfile,mrmdata --service-worker-schemes --streaming-schemes --mojo-platform-channel-handle=1264 /prefetch:8
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious behavior: EnumeratesProcesses
  PID:3004
- C:\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe
  "C:\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe" --type=gpu-process --field-trial-handle=984,13543994528516321080,10512722880345933301,131072 --enable-features=WebComponentsV0Enabled --disable-features=CookiesWithoutSameSiteMustBeSecure,OutOfBlinkCors,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --use-gl=swiftshader-webgl --mojo-platform-channel-handle=988 /prefetch:2
  2⤵
  PID:2752

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Mendeley Reference Manager\D3DCompiler_47.dll

Filesize
4.3MB

MD5
7641e39b7da4077084d2afe7c31032e0

SHA1
2256644f69435ff2fee76deb04d918083960d1eb

SHA256
44422e6936dc72b7ac5ed16bb8bcae164b7554513e52efb66a3e942cec328a47

SHA512
8010e1cb17fa18bbf72d8344e1d63ded7cef7be6e7c13434fa6d8e22ce1d58a4d426959bdcb031502d4b145e29cb111af929fcbc66001111fbc6d7a19e8800a5

Download Submit
C:\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe

Filesize
120.4MB

MD5
09424a255d7fa99bc6e774b4ff3b3996

SHA1
8550188931852f87c1e5d455be769eac0d87fdd2

SHA256
1936708836cdd78c142a00623608aeda23001ec3c0d2c31ad44eb2723aa69f84

SHA512
36fe5294998c06d7a9adbc81b23c1d17043dbb1fdad0486a0dc3be6011ef409e32c4a8156bdbd38897c97409295bfd39bd9569ab5c155334200aea0aca5eb0fd

Download Submit
C:\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe

Filesize
67.1MB

MD5
7704e00edff7eed6f0e2459837dd51b6

SHA1
cd4bd0df7ac1b21e3b88ae57e8ffaed7b8a19f12

SHA256
c16e4a799b832aebdf9a9cfbc10369c2052fac34647c3c58f8688456bb7824b6

SHA512
db40237aad3458a2ce48ca90acc5797f3be34fdb419a8aeb1ddad18bafad2285c86d2cb649709798d7e32f303265f44302b98f474a3166b4d99ae00f8cdbe074

Download Submit
C:\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe

Filesize
36.0MB

MD5
2369b0d1662f5dfe451ccae1185412e5

SHA1
52c58dae9b3afa6d3972a6dd4fdef644311f9319

SHA256
376546698405da0ad3e9f0f38c3724bc54abee899e83a5ed851f72aaeb626314

SHA512
33046965abed3b811fe6322f51ee2c475653277b9667bae06dab33a5d767849ac2cbe7a261fa62d9ccfc7d930b036aa41a8405b85a9006ccb2dbdb123a05e675

Download Submit
C:\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe

Filesize
35.8MB

MD5
36093f47f75b2efdb0b1be883d0f394b

SHA1
f9796a643e199a4e6df1c4199b5a3262f54d9c4f

SHA256
5cd9934720d3ffd73ba4da0381fce86b2a4cd416acc7de5c9b23e9a2b12f2e65

SHA512
c0b9f3a665de56d3533a0feb9ec9a38a3b3e06ae12ce68f248100dbd99042a61a76521ed8e36033b027b9c3bc0046a88450f7f144c37842b76487b9d2664639f

Download Submit
C:\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe

Filesize
35.6MB

MD5
ee9ddd8b4a254270ae1d7169bc4df587

SHA1
ac71fefa720bd8601bf5faace695866ae1b39ea9

SHA256
5d025ed448281642265b44e46e5381393a5c21f75f3101e3e7b8185c858f92c0

SHA512
b46b134bfa2683da51c72664464042b82c332ce177b0a8cbf81b3db335128f2bfc4d5f29dfa4c7922d43dc8d9482de8f796f18cc305ab567e2d2b01be79153d9

Download Submit
C:\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe

Filesize
34.9MB

MD5
8ace4c3e2319d783770a06e2abd6477e

SHA1
7a528f027ec2459515baf8897fdd0964d6f769f4

SHA256
95f034f43babd3319b8fd2bfa1ee09e86a39f9b07c2b703160003398e01d4edb

SHA512
3c0c581f0135c21243ea0a16a377d7c168f97b239a0c596ea9147560f14c34beb906120d1932689bac3a27b1c13df96479134527ad10ad90f0070d0345d99d45

Download Submit
C:\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe

Filesize
33.2MB

MD5
47abcb9f0c9d59f1ac56de5d34be79e9

SHA1
e1b7dd0aa4f9230f788fb5aee4afd132708e4ca9

SHA256
38937942aceae99b9e3ccd2abf46d2353b6736f0a9b8144456df9502ed19dbc3

SHA512
7cf70672244894a887e54ad919230483bf16322f38b4934f6437726f9bd6b82927d53c5711d9ffafc98a292820bb2d3e44cd5b98624a12cf7896bb4565d55b40

Download Submit
C:\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe

Filesize
28.3MB

MD5
4f96108ed01981b163dde05e7ab861b4

SHA1
58314a7c1fde34715a97fe1c81dd285d2593d9c9

SHA256
094dbfabc818d7fcacf03a8ef59ec870b10abf25f5b5c3fdb8e089123606a102

SHA512
cc8c462c12e2eb7c565337cbef53bd5a30459167a315ccf396a6cebecc09efccf839b30837091bc6209d0aef9af7a4e637e20e903ec627aae944b9cd5a90a67d

Download Submit
C:\Program Files\Mendeley Reference Manager\chrome_100_percent.pak

Filesize
121KB

MD5
06baf0ad34e0231bd76651203dba8326

SHA1
a5f99ecdcc06dec9d7f9ce0a8c66e46969117391

SHA256
5ae14147992a92548bcad76867dd88cdfcdb69d951c8720920cce6fb135e3189

SHA512
aff6616e56781ebb925a0ca146245ad3b2827250b32261c0c7c0d5b10b20a343a17fc3761c95d93104163e77b2eae3f1f9cbd3cb2b377f49b42bea39bdd09b91

Download Submit
C:\Program Files\Mendeley Reference Manager\chrome_200_percent.pak

Filesize
181KB

MD5
57c27201e7cd33471da7ec205fe9973c

SHA1
a8e7bce09c4cbdae2797611b2be8aeb5491036f9

SHA256
dd8146b2ee289e4d54a4a0f1fd3b2f61b979c6a2baaba96a406d96c3f4fdb33b

SHA512
57258aa169bec66abf0f45a3e026bb68751fb970b74bd0cb465607fa3b2a89967e832d92d8f675f0449bb6662fcb7786d05f0597124cc8e18bb99a47245779b4

Download Submit
C:\Program Files\Mendeley Reference Manager\ffmpeg.dll

Filesize
2.7MB

MD5
eabfc10d56cb44a86493cb2f8ca7aab2

SHA1
09d7e87f43527333cd021329d6c2f4e8bd8ddab5

SHA256
42a2a996ac433ac33a22776b8418a82753557093d90147b7951138b5c83924b6

SHA512
ee31e3539fba9e5969a9f38c428f586de2dd7630cb5d8c5e3c2c934b5881f8176b8ab6ef6397c1ce4fa6ccf3ee9615225c7afa0e0b28c6fc23974e8b96625dec

Download Submit
C:\Program Files\Mendeley Reference Manager\icudtl.dat

Filesize
10.0MB

MD5
ad2988770b8cb3281a28783ad833a201

SHA1
94b7586ee187d9b58405485f4c551b55615f11b5

SHA256
df876c7af43ed93eec6aea4d2d55c805009c219653cdeb368f1d048f4922b108

SHA512
f27e542a9c6c60fa28c5b7cc2818079341ef93aef3bbcadecad2dc11aff5b1592b19c7ebfa543ea42a3cbfec26a668641b255545fb0912056e25e852c2dedd01

Download Submit
C:\Program Files\Mendeley Reference Manager\libegl.dll

Filesize
438KB

MD5
660a9ae1282e6205fc0a51e64470eb5b

SHA1
f91a9c9559f51a8f33a552f0145ed9e706909de8

SHA256
f2a841b6ef320f226965c7cb01fbc4709fc31425e490a3edfa20147ce3656c85

SHA512
20bed2bed042033e3d8b077f9d66bce67922aaec180cc3777f20560219226b7efc73932bb87445afda4e3877472ddcd307215d23954cd082051437e5f2224263

Download Submit
C:\Program Files\Mendeley Reference Manager\libglesv2.dll

Filesize
7.3MB

MD5
bc45db0195aa369cc3c572e4e9eefc7e

SHA1
b880ca4933656be52f027028af5ef8a3b7e07e97

SHA256
a81729fd6ee2d64dfc47501a1d53794cdeee5c1daa3751f7554aea2503686d10

SHA512
dd8c39947e7d767fbdccf90c5b3eaedf3937b43c55200d2199107333b63ac09e5356c286618874fac841e1357dd927e0c70b5066c1feeedd8cc6c0fba605ee5f

Download Submit
C:\Program Files\Mendeley Reference Manager\locales\en-US.pak

Filesize
83KB

MD5
bd8f7b719110342b7cefb16ddd05ec55

SHA1
82a79aeaa1dd4b1464b67053ba1766a4498c13e7

SHA256
d1d3f892be16329c79f9a8ee8c5fa1c9fb46d17edfeb56a3d9407f9d7587a0de

SHA512
7cd1493e59e87c70927e66769eb200f79a57e1eb1223af4eb4064088571893d3e32cbc4b5ece568fd308992aad65684aa280dc9834f2b5d327bdee514b046e5e

Download Submit
C:\Program Files\Mendeley Reference Manager\resources.pak

Filesize
4.8MB

MD5
d13873f6fb051266deb3599b14535806

SHA1
143782c0ce5a5773ae0aae7a22377c8a6d18a5b2

SHA256
7b953443e3cd54a0a4775528b52fbfe5ebecbc2c71731600ed0999d227969506

SHA512
1ab38fcb70d1958c74da2493459532b52a04b884009509a1ac8dd39f6e9e670658a52f4d19ef57f1bc71dccfdd6ceedbc18034bbcad0b500d75a97c74aac6939

Download Submit
C:\Program Files\Mendeley Reference Manager\resources\app.asar

Filesize
39.7MB

MD5
947c2b0cacb746ab5006d8bfaa98d17f

SHA1
1be77bb93fb269c773eb1201d9d894efb5cb5590

SHA256
a31d15b713e84eb054d21526f8d55f056fd88d8327170334c9f7a8d7e1765d10

SHA512
f375774af7e55de28e34729eb099a4f7fd73f4716f517697aa661a55e53707968f24171e8593be2564d78d6e0d85e0d2d6e69fbc5a755af621e0cc380f9fba07

Download Submit
C:\Program Files\Mendeley Reference Manager\swiftshader\libegl.dll

Filesize
460KB

MD5
acd46d81bb4f34912c255a8d01953635

SHA1
25969cc9e588e174b854566778f283f067c3c0c6

SHA256
bd1bc00a5c29726fb39645041fc6c8295256d90c7f739ebeaa8b6c382a4db189

SHA512
83692654ada422391b428953b2cec67048a171bbef4c59158f34607a762feac8a233b52ceaa528306cf103d9830ee38897afa996389e086d3778f290555a059b

Download Submit
C:\Program Files\Mendeley Reference Manager\swiftshader\libglesv2.dll

Filesize
3.1MB

MD5
8090f82a02c6850cc7bd2b481a7533e0

SHA1
54a0b66d76c1b60e45e83ba4627299d0b2aae84a

SHA256
e9473ba82f6d8742ab74e67484886291aa69037db72e0ae256b19581de0b772e

SHA512
b2e3c57926860a7954ca6e426f5f2fa080cf6ccb5c4edd77f59744f240f597aa9613f46294e8b344db76b46fe78777b5016828b8ab2fc274ca107f3af7abd878

Download Submit
C:\Program Files\Mendeley Reference Manager\v8_context_snapshot.bin

Filesize
168KB

MD5
c2208c06c8ff81bca3c092cc42b8df1b

SHA1
f7b9faa9ba0e72d062f68642a02cc8f3fed49910

SHA256
4a67de195878d290f49b503b83e415917b8bbcbd9936b07a5d33b48e9bc6e0a3

SHA512
6c3c370dd086a976c44d4059a315bd3bcbb50961aa34734e65a40d861cffca9090d47cec74575afe23952e394e4845bda2d8798eebe01fb54a7a6288bce238f5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
61KB

MD5
e56ec378251cd65923ad88c1e14d0b6e

SHA1
7f5d986e0a34dd81487f6439fb0446ffa52a712e

SHA256
32ccf567c07b62b6078cf03d097e21cbf7ef67a4ce312c9c34a47f865b3ad0a0

SHA512
2737a622ca45b532aebc202184b3e35cde8684e5296cb1f008e7831921be2895a43f952c1df88d33011a7b9586aafbd88483f6c134cb5e8e98c236f5abb5f3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar4A50.tmp

Filesize
163KB

MD5
19399ab248018076e27957e772bcfbab

SHA1
faef897e02d9501146beb49f75da1caf12967b88

SHA256
326842dd8731e37c8c27a08373c7ac341e6c72226cc850084e3a17d26675f3c9

SHA512
6d5b12ec637ef4223fdd0e271cdc9f860b060ff08d380bba546ac6962b1d672003f9ae9556d65282d8083e830d4277bad8d16443720716077e542ab0262b0103

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9223.tmp\StdUtils.dll

Filesize
100KB

MD5
c6a6e03f77c313b267498515488c5740

SHA1
3d49fc2784b9450962ed6b82b46e9c3c957d7c15

SHA256
b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

SHA512
9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9223.tmp\System.dll

Filesize
12KB

MD5
0d7ad4f45dc6f5aa87f606d0331c6901

SHA1
48df0911f0484cbe2a8cdd5362140b63c41ee457

SHA256
3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

SHA512
c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9223.tmp\UAC.dll

Filesize
14KB

MD5
adb29e6b186daa765dc750128649b63d

SHA1
160cbdc4cb0ac2c142d361df138c537aa7e708c9

SHA256
2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08

SHA512
b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9223.tmp\WinShell.dll

Filesize
3KB

MD5
1cc7c37b7e0c8cd8bf04b6cc283e1e56

SHA1
0b9519763be6625bd5abce175dcc59c96d100d4c

SHA256
9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

SHA512
7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9223.tmp\nsDialogs.dll

Filesize
9KB

MD5
466179e1c8ee8a1ff5e4427dbb6c4a01

SHA1
eb607467009074278e4bd50c7eab400e95ae48f7

SHA256
1e40211af65923c2f4fd02ce021458a7745d28e2f383835e3015e96575632172

SHA512
7508a29c722d45297bfb090c8eb49bd1560ef7d4b35413f16a8aed62d3b1030a93d001a09de98c2b9fea9acf062dc99a7278786f4ece222e7436b261d14ca817

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9223.tmp\nsProcess.dll

Filesize
4KB

MD5
f0438a894f3a7e01a4aae8d1b5dd0289

SHA1
b058e3fcfb7b550041da16bf10d8837024c38bf6

SHA256
30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11

SHA512
f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9223.tmp\nsis7z.dll

Filesize
424KB

MD5
80e44ce4895304c6a3a831310fbf8cd0

SHA1
36bd49ae21c460be5753a904b4501f1abca53508

SHA256
b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592

SHA512
c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

Download Submit
C:\Users\Admin\AppData\Roaming\Mendeley Reference Manager\Session Storage\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe

Filesize
120.4MB

MD5
09424a255d7fa99bc6e774b4ff3b3996

SHA1
8550188931852f87c1e5d455be769eac0d87fdd2

SHA256
1936708836cdd78c142a00623608aeda23001ec3c0d2c31ad44eb2723aa69f84

SHA512
36fe5294998c06d7a9adbc81b23c1d17043dbb1fdad0486a0dc3be6011ef409e32c4a8156bdbd38897c97409295bfd39bd9569ab5c155334200aea0aca5eb0fd

Download Submit
\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe

Filesize
120.4MB

MD5
09424a255d7fa99bc6e774b4ff3b3996

SHA1
8550188931852f87c1e5d455be769eac0d87fdd2

SHA256
1936708836cdd78c142a00623608aeda23001ec3c0d2c31ad44eb2723aa69f84

SHA512
36fe5294998c06d7a9adbc81b23c1d17043dbb1fdad0486a0dc3be6011ef409e32c4a8156bdbd38897c97409295bfd39bd9569ab5c155334200aea0aca5eb0fd

Download Submit
\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe

Filesize
120.4MB

MD5
09424a255d7fa99bc6e774b4ff3b3996

SHA1
8550188931852f87c1e5d455be769eac0d87fdd2

SHA256
1936708836cdd78c142a00623608aeda23001ec3c0d2c31ad44eb2723aa69f84

SHA512
36fe5294998c06d7a9adbc81b23c1d17043dbb1fdad0486a0dc3be6011ef409e32c4a8156bdbd38897c97409295bfd39bd9569ab5c155334200aea0aca5eb0fd

Download Submit
\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe

Filesize
120.4MB

MD5
09424a255d7fa99bc6e774b4ff3b3996

SHA1
8550188931852f87c1e5d455be769eac0d87fdd2

SHA256
1936708836cdd78c142a00623608aeda23001ec3c0d2c31ad44eb2723aa69f84

SHA512
36fe5294998c06d7a9adbc81b23c1d17043dbb1fdad0486a0dc3be6011ef409e32c4a8156bdbd38897c97409295bfd39bd9569ab5c155334200aea0aca5eb0fd

Download Submit
\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe

Filesize
120.4MB

MD5
09424a255d7fa99bc6e774b4ff3b3996

SHA1
8550188931852f87c1e5d455be769eac0d87fdd2

SHA256
1936708836cdd78c142a00623608aeda23001ec3c0d2c31ad44eb2723aa69f84

SHA512
36fe5294998c06d7a9adbc81b23c1d17043dbb1fdad0486a0dc3be6011ef409e32c4a8156bdbd38897c97409295bfd39bd9569ab5c155334200aea0aca5eb0fd

Download Submit
\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe

Filesize
120.4MB

MD5
09424a255d7fa99bc6e774b4ff3b3996

SHA1
8550188931852f87c1e5d455be769eac0d87fdd2

SHA256
1936708836cdd78c142a00623608aeda23001ec3c0d2c31ad44eb2723aa69f84

SHA512
36fe5294998c06d7a9adbc81b23c1d17043dbb1fdad0486a0dc3be6011ef409e32c4a8156bdbd38897c97409295bfd39bd9569ab5c155334200aea0aca5eb0fd

Download Submit
\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe

Filesize
120.4MB

MD5
09424a255d7fa99bc6e774b4ff3b3996

SHA1
8550188931852f87c1e5d455be769eac0d87fdd2

SHA256
1936708836cdd78c142a00623608aeda23001ec3c0d2c31ad44eb2723aa69f84

SHA512
36fe5294998c06d7a9adbc81b23c1d17043dbb1fdad0486a0dc3be6011ef409e32c4a8156bdbd38897c97409295bfd39bd9569ab5c155334200aea0aca5eb0fd

Download Submit
\Program Files\Mendeley Reference Manager\Mendeley Reference Manager.exe

Filesize
120.4MB

MD5
09424a255d7fa99bc6e774b4ff3b3996

SHA1
8550188931852f87c1e5d455be769eac0d87fdd2

SHA256
1936708836cdd78c142a00623608aeda23001ec3c0d2c31ad44eb2723aa69f84

SHA512
36fe5294998c06d7a9adbc81b23c1d17043dbb1fdad0486a0dc3be6011ef409e32c4a8156bdbd38897c97409295bfd39bd9569ab5c155334200aea0aca5eb0fd

Download Submit
\Program Files\Mendeley Reference Manager\d3dcompiler_47.dll

Filesize
4.3MB

MD5
7641e39b7da4077084d2afe7c31032e0

SHA1
2256644f69435ff2fee76deb04d918083960d1eb

SHA256
44422e6936dc72b7ac5ed16bb8bcae164b7554513e52efb66a3e942cec328a47

SHA512
8010e1cb17fa18bbf72d8344e1d63ded7cef7be6e7c13434fa6d8e22ce1d58a4d426959bdcb031502d4b145e29cb111af929fcbc66001111fbc6d7a19e8800a5

Download Submit
\Program Files\Mendeley Reference Manager\d3dcompiler_47.dll

Filesize
4.3MB

MD5
7641e39b7da4077084d2afe7c31032e0

SHA1
2256644f69435ff2fee76deb04d918083960d1eb

SHA256
44422e6936dc72b7ac5ed16bb8bcae164b7554513e52efb66a3e942cec328a47

SHA512
8010e1cb17fa18bbf72d8344e1d63ded7cef7be6e7c13434fa6d8e22ce1d58a4d426959bdcb031502d4b145e29cb111af929fcbc66001111fbc6d7a19e8800a5

Download Submit
\Program Files\Mendeley Reference Manager\ffmpeg.dll

Filesize
2.7MB

MD5
eabfc10d56cb44a86493cb2f8ca7aab2

SHA1
09d7e87f43527333cd021329d6c2f4e8bd8ddab5

SHA256
42a2a996ac433ac33a22776b8418a82753557093d90147b7951138b5c83924b6

SHA512
ee31e3539fba9e5969a9f38c428f586de2dd7630cb5d8c5e3c2c934b5881f8176b8ab6ef6397c1ce4fa6ccf3ee9615225c7afa0e0b28c6fc23974e8b96625dec

Download Submit
\Program Files\Mendeley Reference Manager\ffmpeg.dll

Filesize
2.7MB

MD5
eabfc10d56cb44a86493cb2f8ca7aab2

SHA1
09d7e87f43527333cd021329d6c2f4e8bd8ddab5

SHA256
42a2a996ac433ac33a22776b8418a82753557093d90147b7951138b5c83924b6

SHA512
ee31e3539fba9e5969a9f38c428f586de2dd7630cb5d8c5e3c2c934b5881f8176b8ab6ef6397c1ce4fa6ccf3ee9615225c7afa0e0b28c6fc23974e8b96625dec

Download Submit
\Program Files\Mendeley Reference Manager\ffmpeg.dll

Filesize
2.7MB

MD5
eabfc10d56cb44a86493cb2f8ca7aab2

SHA1
09d7e87f43527333cd021329d6c2f4e8bd8ddab5

SHA256
42a2a996ac433ac33a22776b8418a82753557093d90147b7951138b5c83924b6

SHA512
ee31e3539fba9e5969a9f38c428f586de2dd7630cb5d8c5e3c2c934b5881f8176b8ab6ef6397c1ce4fa6ccf3ee9615225c7afa0e0b28c6fc23974e8b96625dec

Download Submit
\Program Files\Mendeley Reference Manager\ffmpeg.dll

Filesize
2.7MB

MD5
eabfc10d56cb44a86493cb2f8ca7aab2

SHA1
09d7e87f43527333cd021329d6c2f4e8bd8ddab5

SHA256
42a2a996ac433ac33a22776b8418a82753557093d90147b7951138b5c83924b6

SHA512
ee31e3539fba9e5969a9f38c428f586de2dd7630cb5d8c5e3c2c934b5881f8176b8ab6ef6397c1ce4fa6ccf3ee9615225c7afa0e0b28c6fc23974e8b96625dec

Download Submit
\Program Files\Mendeley Reference Manager\ffmpeg.dll

Filesize
2.7MB

MD5
eabfc10d56cb44a86493cb2f8ca7aab2

SHA1
09d7e87f43527333cd021329d6c2f4e8bd8ddab5

SHA256
42a2a996ac433ac33a22776b8418a82753557093d90147b7951138b5c83924b6

SHA512
ee31e3539fba9e5969a9f38c428f586de2dd7630cb5d8c5e3c2c934b5881f8176b8ab6ef6397c1ce4fa6ccf3ee9615225c7afa0e0b28c6fc23974e8b96625dec

Download Submit
\Program Files\Mendeley Reference Manager\ffmpeg.dll

Filesize
2.7MB

MD5
eabfc10d56cb44a86493cb2f8ca7aab2

SHA1
09d7e87f43527333cd021329d6c2f4e8bd8ddab5

SHA256
42a2a996ac433ac33a22776b8418a82753557093d90147b7951138b5c83924b6

SHA512
ee31e3539fba9e5969a9f38c428f586de2dd7630cb5d8c5e3c2c934b5881f8176b8ab6ef6397c1ce4fa6ccf3ee9615225c7afa0e0b28c6fc23974e8b96625dec

Download Submit
\Program Files\Mendeley Reference Manager\libEGL.dll

Filesize
438KB

MD5
660a9ae1282e6205fc0a51e64470eb5b

SHA1
f91a9c9559f51a8f33a552f0145ed9e706909de8

SHA256
f2a841b6ef320f226965c7cb01fbc4709fc31425e490a3edfa20147ce3656c85

SHA512
20bed2bed042033e3d8b077f9d66bce67922aaec180cc3777f20560219226b7efc73932bb87445afda4e3877472ddcd307215d23954cd082051437e5f2224263

Download Submit
\Program Files\Mendeley Reference Manager\libGLESv2.dll

Filesize
7.3MB

MD5
bc45db0195aa369cc3c572e4e9eefc7e

SHA1
b880ca4933656be52f027028af5ef8a3b7e07e97

SHA256
a81729fd6ee2d64dfc47501a1d53794cdeee5c1daa3751f7554aea2503686d10

SHA512
dd8c39947e7d767fbdccf90c5b3eaedf3937b43c55200d2199107333b63ac09e5356c286618874fac841e1357dd927e0c70b5066c1feeedd8cc6c0fba605ee5f

Download Submit
\Program Files\Mendeley Reference Manager\swiftshader\libEGL.dll

Filesize
460KB

MD5
acd46d81bb4f34912c255a8d01953635

SHA1
25969cc9e588e174b854566778f283f067c3c0c6

SHA256
bd1bc00a5c29726fb39645041fc6c8295256d90c7f739ebeaa8b6c382a4db189

SHA512
83692654ada422391b428953b2cec67048a171bbef4c59158f34607a762feac8a233b52ceaa528306cf103d9830ee38897afa996389e086d3778f290555a059b

Download Submit
\Program Files\Mendeley Reference Manager\swiftshader\libGLESv2.dll

Filesize
3.1MB

MD5
8090f82a02c6850cc7bd2b481a7533e0

SHA1
54a0b66d76c1b60e45e83ba4627299d0b2aae84a

SHA256
e9473ba82f6d8742ab74e67484886291aa69037db72e0ae256b19581de0b772e

SHA512
b2e3c57926860a7954ca6e426f5f2fa080cf6ccb5c4edd77f59744f240f597aa9613f46294e8b344db76b46fe78777b5016828b8ab2fc274ca107f3af7abd878

Download Submit
\Users\Admin\AppData\Local\Temp\nso9223.tmp\StdUtils.dll

Filesize
100KB

MD5
c6a6e03f77c313b267498515488c5740

SHA1
3d49fc2784b9450962ed6b82b46e9c3c957d7c15

SHA256
b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

SHA512
9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

Download Submit
\Users\Admin\AppData\Local\Temp\nso9223.tmp\System.dll

Filesize
12KB

MD5
0d7ad4f45dc6f5aa87f606d0331c6901

SHA1
48df0911f0484cbe2a8cdd5362140b63c41ee457

SHA256
3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

SHA512
c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

Download Submit
\Users\Admin\AppData\Local\Temp\nso9223.tmp\UAC.dll

Filesize
14KB

MD5
adb29e6b186daa765dc750128649b63d

SHA1
160cbdc4cb0ac2c142d361df138c537aa7e708c9

SHA256
2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08

SHA512
b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada

Download Submit
\Users\Admin\AppData\Local\Temp\nso9223.tmp\WinShell.dll

Filesize
3KB

MD5
1cc7c37b7e0c8cd8bf04b6cc283e1e56

SHA1
0b9519763be6625bd5abce175dcc59c96d100d4c

SHA256
9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

SHA512
7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

Download Submit
\Users\Admin\AppData\Local\Temp\nso9223.tmp\WinShell.dll

Filesize
3KB

MD5
1cc7c37b7e0c8cd8bf04b6cc283e1e56

SHA1
0b9519763be6625bd5abce175dcc59c96d100d4c

SHA256
9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

SHA512
7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

Download Submit
\Users\Admin\AppData\Local\Temp\nso9223.tmp\nsDialogs.dll

Filesize
9KB

MD5
466179e1c8ee8a1ff5e4427dbb6c4a01

SHA1
eb607467009074278e4bd50c7eab400e95ae48f7

SHA256
1e40211af65923c2f4fd02ce021458a7745d28e2f383835e3015e96575632172

SHA512
7508a29c722d45297bfb090c8eb49bd1560ef7d4b35413f16a8aed62d3b1030a93d001a09de98c2b9fea9acf062dc99a7278786f4ece222e7436b261d14ca817

Download Submit
\Users\Admin\AppData\Local\Temp\nso9223.tmp\nsProcess.dll

Filesize
4KB

MD5
f0438a894f3a7e01a4aae8d1b5dd0289

SHA1
b058e3fcfb7b550041da16bf10d8837024c38bf6

SHA256
30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11

SHA512
f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7

Download Submit
\Users\Admin\AppData\Local\Temp\nso9223.tmp\nsis7z.dll

Filesize
424KB

MD5
80e44ce4895304c6a3a831310fbf8cd0

SHA1
36bd49ae21c460be5753a904b4501f1abca53508

SHA256
b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592

SHA512
c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

Download Submit
memory/1812-352-0x0000000002B30000-0x0000000002B31000-memory.dmp

Filesize
4KB

Download
memory/2460-324-0x0000000077850000-0x0000000077851000-memory.dmp

Filesize
4KB

Download
memory/2460-274-0x0000000000860000-0x0000000000861000-memory.dmp

Filesize
4KB

Download