50bb46b0c0f11fd4e16ad93b7a29b0e424be5a78f9bcee6c71445cfa32e04881

Analysis

max time kernel
148s
max time network
157s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
08-10-2023 16:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

MeiqiaWinLatest3.1.8.6.exe
Size

80.4MB
MD5

d0cb9b0cd6bceb772f57aa24aa90e75c
SHA1

58b4a1f461341fdb91cdaca868fcf620722fd0e9
SHA256

50bb46b0c0f11fd4e16ad93b7a29b0e424be5a78f9bcee6c71445cfa32e04881
SHA512

fa98061c573a50de7ba7a8a0fdde87b3d49fef4616b3e94f380df2ef14946db82aaf0f09c49120fddbc40f4da4a1b912caec73df7c6fb1c7e5af1aed608f3dd6
SSDEEP

1572864:lh4ex4EsqQaFAGMhx2PZnYCOfr7PlPho+nS0YzI3zgq0y+xwTLY3FEUFkOQ:HtpQaF5M7MxSkT0MI3zgq07eTM3SUFk1

Score

7^/10

discovery

Malware Config

Signatures

Executes dropped EXE 1 IoCs

Processes:

meiqia.exe

pid process

2272 meiqia.exe
Loads dropped DLL 1 IoCs

Processes:

MeiqiaWinLatest3.1.8.6.exe

pid process

2932 MeiqiaWinLatest3.1.8.6.exe
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

pid	process
2272	meiqia.exe

pid	process
2932	MeiqiaWinLatest3.1.8.6.exe

Drops file in Program Files directory 64 IoCs

Processes:

MeiqiaWinLatest3.1.8.6.exe

description	ioc	process
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\lv.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\ms.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\libcobra.dll	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\libGLESv2.dll	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\he.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\v8_context_snapshot.bin	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\vulkan-1.dll	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\ffmpeg.dll	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\hi.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\msvcr120.dll	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\en-US.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\msvcp120.dll	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\sqlite.dll	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\ko.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\resources\app-update.yml	MeiqiaWinLatest3.1.8.6.exe
File created	C:\Program Files (x86)\Meiqia\Meiqia\Uninstall.ini	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\ca.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\et.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\id.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\fil.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\it.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\resources\app.asar	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\snapshot_blob.bin	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\behavior.dll	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\chrome_100_percent.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\d3dcompiler_47.dll	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\ar.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\bn.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\fr.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\kn.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\lt.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\HipsDB.dll	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\hrcomm.dll	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\LICENSES.chromium.html	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\nb.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\ro.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\hr.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\ml.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\pt-BR.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\pt-PT.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\vk_swiftshader_icd.json	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\chrome_200_percent.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\es.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\fa.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\Meiq.exe	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\CrashHandler.dll	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\icudtl.dat	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\libcodecs.dll	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\log.db-shm	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\Meiqi.exe	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\ta.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\vi.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\zh-CN.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\zh-TW.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\log.db-wal	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\Uninstall.exe	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\103.ico	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\bg.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\el.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\pl.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\sv.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\locales\te.pak	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\scenter.dll	MeiqiaWinLatest3.1.8.6.exe
File opened for modification	C:\Program Files (x86)\Meiqia\Meiqia\libEGL.dll	MeiqiaWinLatest3.1.8.6.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

MeiqiaWinLatest3.1.8.6.exe

description	pid	process	target process
PID 2932 wrote to memory of 2272	2932	MeiqiaWinLatest3.1.8.6.exe	meiqia.exe
PID 2932 wrote to memory of 2272	2932	MeiqiaWinLatest3.1.8.6.exe	meiqia.exe
PID 2932 wrote to memory of 2272	2932	MeiqiaWinLatest3.1.8.6.exe	meiqia.exe
PID 2932 wrote to memory of 2272	2932	MeiqiaWinLatest3.1.8.6.exe	meiqia.exe

C:\Users\Admin\AppData\Local\Temp\MeiqiaWinLatest3.1.8.6.exe
"C:\Users\Admin\AppData\Local\Temp\MeiqiaWinLatest3.1.8.6.exe"
1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of WriteProcessMemory
PID:2932

C:\Program Files (x86)\Meiqia\Meiqia\meiqia.exe
"C:\Program Files (x86)\Meiqia\Meiqia\meiqia.exe"
2⤵
- Executes dropped EXE
PID:2272

C:\Program Files (x86)\Meiqia\Meiqia\Meiqi.exe
"C:\Program Files (x86)\Meiqia\Meiqia\Meiqi.exe"
3⤵
PID:2596

C:\Program Files (x86)\Meiqia\Meiqia\Meiq.exe
"C:\Program Files (x86)\Meiqia\Meiqia\Meiq.exe"
3⤵
PID:2632

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Meiqia\Meiqia\CrashHandler.dll

Filesize
106KB

MD5
27e8d8c108d48b106edc7cf40f624877

SHA1
1cbdfd5d75ed2e187fdc259733527963c8752f2e

SHA256
e150138f8f126a6058ed0cb7a1306d06683eb87fc8072e10c78251e97555d592

SHA512
9ec0220138ed102c9ccaba230d30a22e6921ee89dc85414c0faec28a09e6eb052ee8bb205898a156a750f1babbe8fc736e1e7d279b34d31a2ec272aca5767a1d

Download Submit
C:\Program Files (x86)\Meiqia\Meiqia\HipsDB.dll

Filesize
305KB

MD5
e15e4bd0e7732b3e9440582b5704a09c

SHA1
6163c0169c394ff356a50ce4826587bc0522c884

SHA256
1091980e9093c99be5b7140e080f113aabbfdf55080534831ae0b7739f7fcbbb

SHA512
2111eec41de36d37b7bab73c5d112cc4c168133003cf36177f2ca71a2bfe5e8dde0143c6af9106a91996ded600b0b7c66a24afe23d2ae45ce2d4058b0ef6fff5

Download Submit
C:\Program Files (x86)\Meiqia\Meiqia\Meiq.exe

Filesize
811KB

MD5
9714e9832bb0fa60423674c7af1e175c

SHA1
bfab7ed6ff6469941ab363ffea1a975c66dd69c5

SHA256
15917ba7169f638674466184209fb24f5788957abce57e7d5400d26d077b44dd

SHA512
fa0d63df62305f5d01bd49e2e151ab6f9940079f1b30861542b356c2bc8e14b6b55a0c5923cb530b889f9e33364b58c5bd7f80a22cd3a7003fe124e586eb3f7c

Download Submit
C:\Program Files (x86)\Meiqia\Meiqia\Meiq.exe

Filesize
811KB

MD5
9714e9832bb0fa60423674c7af1e175c

SHA1
bfab7ed6ff6469941ab363ffea1a975c66dd69c5

SHA256
15917ba7169f638674466184209fb24f5788957abce57e7d5400d26d077b44dd

SHA512
fa0d63df62305f5d01bd49e2e151ab6f9940079f1b30861542b356c2bc8e14b6b55a0c5923cb530b889f9e33364b58c5bd7f80a22cd3a7003fe124e586eb3f7c

Download Submit
C:\Program Files (x86)\Meiqia\Meiqia\Meiqi.exe

Filesize
15.1MB

MD5
99ac16550e0e297f7090de1f3de37d2a

SHA1
4df5a30bf5262e101a69a795da661754d77af5f4

SHA256
ebe15b8a66cf5911715ecfad23b5710091f6e07787f3a53939e9683d16f5e3b0

SHA512
493065aaddd457c8cde1ede210ec4e4134935b139230fa03c5e89d3cfd8a5df7fa9c9195816ba0313866bab6a2fd137e0caaecc260843096dc42a49e17298b3c

Download Submit
C:\Program Files (x86)\Meiqia\Meiqia\Meiqi.exe

Filesize
8.6MB

MD5
15f515120febfc48ff815e470f88aafe

SHA1
2aa3ff8326f5027f72e5ccbc51c61572adaf3fd4

SHA256
9c04e60627b8810f376611ffa6cf6f157982bda45cf8ec1dd35596ed41482d70

SHA512
3e766b35c414779c2f459e9a3f5a83c372f304a0c120c07a30d38df40a193597cd2174ffff3f283d8d6d658e677548683218db856859444cc693c84074a9497b

Download Submit
C:\Program Files (x86)\Meiqia\Meiqia\behavior.dll

Filesize
331KB

MD5
1b9d24c87bc25a9b4a5f049eff61831d

SHA1
bb36ead6328e0f5e64bafaff6a60a74da10275e5

SHA256
bbd952dade3cae9fd1f894ef7fa1d1da03816d8ad11721a5405198af83d6e497

SHA512
33b7b4db38a1775ab53916316d3913acc99db3f1737d672f82e3a1bd199a5dcfd11307b5c0b25abea83b6a2a3e43200c12e2f76085e35caba904fcdd345934f8

Download Submit
C:\Program Files (x86)\Meiqia\Meiqia\ffmpeg.dll

Filesize
2.7MB

MD5
fe6b711452966d13db36cdee15bb32b9

SHA1
9e89a6d8f56dcd0bea0d11131b3e84946764f4c8

SHA256
82d427385334978cf701cd7cfb07e1ea9f7078fe716324004320c690ccdeec0f

SHA512
8ef68e7a547f92cbb6a8e5b0128d74e2cd0d334e806ea5aab2d2c4c4e78f7c20a2df623d7940cd27720e54be5cca4a16249ad29005c8c015084b9a3a41e2589e

Download Submit
C:\Program Files (x86)\Meiqia\Meiqia\hrcomm.dll

Filesize
139KB

MD5
c7370004ab1d530e589e4d94d7cbe043

SHA1
d77fdea2be8c4527287501eac8ac96c4e9b97e27

SHA256
dfd1976a012f9a02bb343138a48fbf8640c65731726967c8c2de600438621eea

SHA512
f60bb15a0efd32593000cfdfd92fb734029790f99761d12ef5653a2aeeba5890532d8928ddd86927136ae0e5e0bf791ca49c72f19db52e514e5176a9e3d71364

Download Submit
C:\Program Files (x86)\Meiqia\Meiqia\jansson.dll

Filesize
359KB

MD5
94140e827a0960e4d5b00e04378526d3

SHA1
0ddb9943b4480fc769ebd2357c16dfecad319104

SHA256
3808f179810ccf44d4ad770850f132ddd8978017801a8cb6536c3221d74d6e1c

SHA512
2acef1e4e435c246f13b9001bfdc83c352fa5ec8ad7e12b93d2b81ee13d3a49229d58f74b97b062cb85d0a6c44da05862da4c71ec4be98b63630a9d8be03a088

Download Submit
C:\Program Files (x86)\Meiqia\Meiqia\libcobra.dll

Filesize
426KB

MD5
c45a0141c517dd1d481f08bb76333a05

SHA1
a18255bccee6c98ef6c6d41e93567e4f20c135ef

SHA256
f2a1ff120e261e2bc66e5d1f0b74bad865cfc158aae24f35c94bee598e226890

SHA512
de7f233ca66cb24c0a9c5690331acfc0f7c1b13a9b411d57fa3ce2f9b4eeeb7733f1eef6890ff9895e95e7d9a560c060be54652e4fddcaf282f016ae6a40f805

Download Submit
C:\Program Files (x86)\Meiqia\Meiqia\libcodecs.dll

Filesize
1.8MB

MD5
22379aca080abf93f58ef661711690a9

SHA1
5bb7979e671f8843aeb58f70474f15a545a7bc43

SHA256
fdc28be3baf7dcd4760795ba9a3724bd4e4940e1cb123b85e8567efe3be2b0d6

SHA512
a188242ed1d2c660167d09dc3bc1532efcb67dfaeb423b179b0f869b8dee79b1daccdadd2a2d502e8d47cf854c561e1c57944e4533c1f5b57223474db3d8893b

Download Submit
C:\Program Files (x86)\Meiqia\Meiqia\libxsse.dll

Filesize
1.0MB

MD5
b1fd79daec18373aaa488b59dd2c178e

SHA1
ddb20cec5b29e3345c1c2729741093050c34602d

SHA256
49a2c690ce1cd5fc0fa3d09ac36e6afc543a9642da7bce9656f7a63e91b8bf2f

SHA512
80989ba49e75a4608d374029b4202d347b31dee7849c31acb7a85908348b1132d343fa955609cb997046d68cb13b12ded53b5f9372ff86332e60ecf43c175264

Download Submit
C:\Program Files (x86)\Meiqia\Meiqia\meiqia.exe

Filesize
92KB

MD5
ca5c9c54686070fb3a8424a449b2fb73

SHA1
2066e4d3039116273b909aed8c2d0ed8364b5490

SHA256
2c4581e8919c771a7b40ddcaca1103c3ff7bbeeadff5e3f9a475bc103ac68699

SHA512
91e16e749fc345829ec0b4b5af136fd6da6d03256babe36d3d80f92d7ba37be4dfc106c479053047bfd7a41f37491e96bf2c1805e27e0e64e93fe977aff80cef

Download Submit
C:\Program Files (x86)\Meiqia\Meiqia\meiqia.exe

Filesize
92KB

MD5
ca5c9c54686070fb3a8424a449b2fb73

SHA1
2066e4d3039116273b909aed8c2d0ed8364b5490

SHA256
2c4581e8919c771a7b40ddcaca1103c3ff7bbeeadff5e3f9a475bc103ac68699

SHA512
91e16e749fc345829ec0b4b5af136fd6da6d03256babe36d3d80f92d7ba37be4dfc106c479053047bfd7a41f37491e96bf2c1805e27e0e64e93fe977aff80cef

Download Submit
C:\Program Files (x86)\Meiqia\Meiqia\scenter.dll

Filesize
453KB

MD5
3e87729818d4f4c2b2e8a7401fc474f9

SHA1
21f3be5a2f782a0e6809ead54f295def6fa10d13

SHA256
9be053bb07a54a7df2d160654c6483a9d18728938fa572152c580292c0d66960

SHA512
7908a3596432f1707ae471b421199c9fc71bae67016a98235c906907c20558e015ab3955eaca3893255ea30f84a7b432295166e1548d8cb7e8beef8e7bd337cd

Download Submit
C:\Program Files (x86)\Meiqia\Meiqia\sqlite.dll

Filesize
1.1MB

MD5
26c9ce3bdf52015052dc88d9a374fef4

SHA1
c1076a7a43ad65a63e8525cfd36c23e6db0fc2c1

SHA256
9ed3eb742dd49c6ea048c1e3f9d1364510738a3a9d0f611bb705a0f670a1ef1e

SHA512
173217e5ab51bfe6c9ec2d0718cfb8e4555c2f4a9cb9e6318fd4cd93236312d3072dc7eaca118f6cfbd7019dda4d7662de879129d913280e0ae165a8d7a6f30a

Download Submit
C:\Program Files (x86)\Meiqia\Meiqia\uactmon.dll

Filesize
382KB

MD5
dc1a8fff5fd34f40df78a29f5d9a45d4

SHA1
ba74b4a01e5f7918c75d604c1a4cad0fbeacdc38

SHA256
27b90aa8b9266f305e54d012a83212ad77a7ac5f74b747a78b18db4d30d00a80

SHA512
5fc69ddf76d48e605a16465e1bc0aaab035561baa01f539de0c1f863b0e45bea73a6e9fa787443378ab31a841a39aee2ae57440d385959667f9323d6ef0f2870

Download Submit
C:\Program Files (x86)\Meiqia\Meiqia\usysdiag.dll

Filesize
541KB

MD5
1c0dee8882cba2d4afccf2e7adddec27

SHA1
8d5c6aaea80b16ca290ace5d910eadae33f2287c

SHA256
14ad4b9bf96cd056d796c724522013a0bc8edbbcee71d1171bdeb2a50c0d316a

SHA512
3a4bf427239ea9a4af614b81e263f0d1f2541ad11c7e7f26790f0bc2f25e7724920c4711fb74b577eb06908d1cad28f738d53ee87aa491053e7f716fb878d640

Download Submit
C:\Users\Admin\AppData\Local\Temp\$inst\0001.tmp

Filesize
8.0MB

MD5
ad800eadffcf3c7a2b244cc09abb6ce7

SHA1
7be87d3d42dd21ae3e460844a783e91f62a3fe9c

SHA256
a441671bd18a2de563780ee52391c9df41828a7a8b24b26187007457366e410d

SHA512
b847afd9508bd1921aec59a8815a29ba061dbe1e41128bf19d2fb04c63ec7875e182c8ad5b8583beb5eea993e97fa46cbf0110920ba09c38a8a1b07410da0d3e

Download Submit
C:\Users\Admin\AppData\Local\Temp\$inst\0002.tmp

Filesize
8.0MB

MD5
47fb00d9a25c019719119c913d2788ad

SHA1
f5c2091e32a92207b9cb3a1994901c612d3bb898

SHA256
6c34463044fa650f42c3f82a3f02baf6838fe377c4c972f503ecd20ee3a0c38e

SHA512
b218bc4f3b730bcf82868558f152732b27ddf34523f2bd337b3d75b1d5dccdd6711e47a2309fb5d863f58f6969f2a2bbee82cbc01ffb65edadf3a0223a31f1c9

Download Submit
C:\Users\Admin\AppData\Local\Temp\$inst\0008.tmp

Filesize
8.0MB

MD5
9375515bdcd8a8380e386623e7746fb3

SHA1
5c2dc4da94ec99d88884f2e6661ed1ef13de7720

SHA256
31a7142295180d35b5bf0ae2ca6b5cceffce4a1e14f7b1b67efb8ae23ffa854a

SHA512
428d36d5fe32820b49260d25a881b4fca8b30cec883d2940c462a4724b16c1a125dcdb9952ed5d72c788b57e1cbe6d24e81d6865bd378da0441a0a78cc56cb10

Download Submit
C:\Users\Admin\AppData\Local\Temp\$inst\0009.tmp

Filesize
8.0MB

MD5
10c5bc39aaa8df4e345a659b8331ad6c

SHA1
74b9a87564630632037fbadd8c855466e194013d

SHA256
17f230b3f357b194ccfc18f7e51c037552c919f15de0f1b972812325b3e7b661

SHA512
6fa13796b0aabeb5e28078fcd1d7f59e8b4fa6cf532df69085c76941f15b93c6ab603e96f14d6cec632ca6889716744c523f22c76999cb7117105f14e3a9f82c

Download Submit
C:\Users\Admin\AppData\Local\Temp\$inst\0010.tmp

Filesize
192KB

MD5
0cc446c3806bf36ce37857616e806183

SHA1
167937c25acdd99bc225d03e0a620a75c32c3bf4

SHA256
83922c662affa538b3aa770d0bd3e0518b1d5fd99abb03c76c8554de242cd34e

SHA512
58c7605aa9c122394b0b6e663af08f92dd0c4bf7bb251499113c45f324c08ffa11cc59e8d4bdc071fbb67715aff4941d004062154b8fd622f19f1a5ce0cd44fc

Download Submit
\Program Files (x86)\Meiqia\Meiqia\CrashHandler.dll

Filesize
106KB

MD5
27e8d8c108d48b106edc7cf40f624877

SHA1
1cbdfd5d75ed2e187fdc259733527963c8752f2e

SHA256
e150138f8f126a6058ed0cb7a1306d06683eb87fc8072e10c78251e97555d592

SHA512
9ec0220138ed102c9ccaba230d30a22e6921ee89dc85414c0faec28a09e6eb052ee8bb205898a156a750f1babbe8fc736e1e7d279b34d31a2ec272aca5767a1d

Download Submit
\Program Files (x86)\Meiqia\Meiqia\HipsDB.dll

Filesize
305KB

MD5
e15e4bd0e7732b3e9440582b5704a09c

SHA1
6163c0169c394ff356a50ce4826587bc0522c884

SHA256
1091980e9093c99be5b7140e080f113aabbfdf55080534831ae0b7739f7fcbbb

SHA512
2111eec41de36d37b7bab73c5d112cc4c168133003cf36177f2ca71a2bfe5e8dde0143c6af9106a91996ded600b0b7c66a24afe23d2ae45ce2d4058b0ef6fff5

Download Submit
\Program Files (x86)\Meiqia\Meiqia\Meiq.exe

Filesize
811KB

MD5
9714e9832bb0fa60423674c7af1e175c

SHA1
bfab7ed6ff6469941ab363ffea1a975c66dd69c5

SHA256
15917ba7169f638674466184209fb24f5788957abce57e7d5400d26d077b44dd

SHA512
fa0d63df62305f5d01bd49e2e151ab6f9940079f1b30861542b356c2bc8e14b6b55a0c5923cb530b889f9e33364b58c5bd7f80a22cd3a7003fe124e586eb3f7c

Download Submit
\Program Files (x86)\Meiqia\Meiqia\Meiqi.exe

Filesize
9.1MB

MD5
567ae554ec0e04db0b200ed871f1543f

SHA1
6cd65281fd22bd91ff754d76c8eb6efbb5af1f8a

SHA256
0eae89a55d35af9350dfb5aa736f132022306febfb8e7fbba4f93715a3929fe4

SHA512
6677de91a755a206e1c1da1a12bfbefd4f88c0b0d4901d1a62bb34442bec04fd107ada948c01fd0f27a2703bc6b038e0f1c6112736d891d53d1842eee27e351d

Download Submit
\Program Files (x86)\Meiqia\Meiqia\behavior.dll

Filesize
331KB

MD5
1b9d24c87bc25a9b4a5f049eff61831d

SHA1
bb36ead6328e0f5e64bafaff6a60a74da10275e5

SHA256
bbd952dade3cae9fd1f894ef7fa1d1da03816d8ad11721a5405198af83d6e497

SHA512
33b7b4db38a1775ab53916316d3913acc99db3f1737d672f82e3a1bd199a5dcfd11307b5c0b25abea83b6a2a3e43200c12e2f76085e35caba904fcdd345934f8

Download Submit
\Program Files (x86)\Meiqia\Meiqia\ffmpeg.dll

Filesize
2.7MB

MD5
fe6b711452966d13db36cdee15bb32b9

SHA1
9e89a6d8f56dcd0bea0d11131b3e84946764f4c8

SHA256
82d427385334978cf701cd7cfb07e1ea9f7078fe716324004320c690ccdeec0f

SHA512
8ef68e7a547f92cbb6a8e5b0128d74e2cd0d334e806ea5aab2d2c4c4e78f7c20a2df623d7940cd27720e54be5cca4a16249ad29005c8c015084b9a3a41e2589e

Download Submit
\Program Files (x86)\Meiqia\Meiqia\hrcomm.dll

Filesize
139KB

MD5
c7370004ab1d530e589e4d94d7cbe043

SHA1
d77fdea2be8c4527287501eac8ac96c4e9b97e27

SHA256
dfd1976a012f9a02bb343138a48fbf8640c65731726967c8c2de600438621eea

SHA512
f60bb15a0efd32593000cfdfd92fb734029790f99761d12ef5653a2aeeba5890532d8928ddd86927136ae0e5e0bf791ca49c72f19db52e514e5176a9e3d71364

Download Submit
\Program Files (x86)\Meiqia\Meiqia\jansson.dll

Filesize
359KB

MD5
94140e827a0960e4d5b00e04378526d3

SHA1
0ddb9943b4480fc769ebd2357c16dfecad319104

SHA256
3808f179810ccf44d4ad770850f132ddd8978017801a8cb6536c3221d74d6e1c

SHA512
2acef1e4e435c246f13b9001bfdc83c352fa5ec8ad7e12b93d2b81ee13d3a49229d58f74b97b062cb85d0a6c44da05862da4c71ec4be98b63630a9d8be03a088

Download Submit
\Program Files (x86)\Meiqia\Meiqia\libcobra.dll

Filesize
426KB

MD5
c45a0141c517dd1d481f08bb76333a05

SHA1
a18255bccee6c98ef6c6d41e93567e4f20c135ef

SHA256
f2a1ff120e261e2bc66e5d1f0b74bad865cfc158aae24f35c94bee598e226890

SHA512
de7f233ca66cb24c0a9c5690331acfc0f7c1b13a9b411d57fa3ce2f9b4eeeb7733f1eef6890ff9895e95e7d9a560c060be54652e4fddcaf282f016ae6a40f805

Download Submit
\Program Files (x86)\Meiqia\Meiqia\libcodecs.dll

Filesize
1.8MB

MD5
22379aca080abf93f58ef661711690a9

SHA1
5bb7979e671f8843aeb58f70474f15a545a7bc43

SHA256
fdc28be3baf7dcd4760795ba9a3724bd4e4940e1cb123b85e8567efe3be2b0d6

SHA512
a188242ed1d2c660167d09dc3bc1532efcb67dfaeb423b179b0f869b8dee79b1daccdadd2a2d502e8d47cf854c561e1c57944e4533c1f5b57223474db3d8893b

Download Submit
\Program Files (x86)\Meiqia\Meiqia\libxsse.dll

Filesize
1.0MB

MD5
b1fd79daec18373aaa488b59dd2c178e

SHA1
ddb20cec5b29e3345c1c2729741093050c34602d

SHA256
49a2c690ce1cd5fc0fa3d09ac36e6afc543a9642da7bce9656f7a63e91b8bf2f

SHA512
80989ba49e75a4608d374029b4202d347b31dee7849c31acb7a85908348b1132d343fa955609cb997046d68cb13b12ded53b5f9372ff86332e60ecf43c175264

Download Submit
\Program Files (x86)\Meiqia\Meiqia\meiqia.exe

Filesize
92KB

MD5
ca5c9c54686070fb3a8424a449b2fb73

SHA1
2066e4d3039116273b909aed8c2d0ed8364b5490

SHA256
2c4581e8919c771a7b40ddcaca1103c3ff7bbeeadff5e3f9a475bc103ac68699

SHA512
91e16e749fc345829ec0b4b5af136fd6da6d03256babe36d3d80f92d7ba37be4dfc106c479053047bfd7a41f37491e96bf2c1805e27e0e64e93fe977aff80cef

Download Submit
\Program Files (x86)\Meiqia\Meiqia\scenter.dll

Filesize
453KB

MD5
3e87729818d4f4c2b2e8a7401fc474f9

SHA1
21f3be5a2f782a0e6809ead54f295def6fa10d13

SHA256
9be053bb07a54a7df2d160654c6483a9d18728938fa572152c580292c0d66960

SHA512
7908a3596432f1707ae471b421199c9fc71bae67016a98235c906907c20558e015ab3955eaca3893255ea30f84a7b432295166e1548d8cb7e8beef8e7bd337cd

Download Submit
\Program Files (x86)\Meiqia\Meiqia\sqlite.dll

Filesize
1.1MB

MD5
26c9ce3bdf52015052dc88d9a374fef4

SHA1
c1076a7a43ad65a63e8525cfd36c23e6db0fc2c1

SHA256
9ed3eb742dd49c6ea048c1e3f9d1364510738a3a9d0f611bb705a0f670a1ef1e

SHA512
173217e5ab51bfe6c9ec2d0718cfb8e4555c2f4a9cb9e6318fd4cd93236312d3072dc7eaca118f6cfbd7019dda4d7662de879129d913280e0ae165a8d7a6f30a

Download Submit
\Program Files (x86)\Meiqia\Meiqia\uactmon.dll

Filesize
382KB

MD5
dc1a8fff5fd34f40df78a29f5d9a45d4

SHA1
ba74b4a01e5f7918c75d604c1a4cad0fbeacdc38

SHA256
27b90aa8b9266f305e54d012a83212ad77a7ac5f74b747a78b18db4d30d00a80

SHA512
5fc69ddf76d48e605a16465e1bc0aaab035561baa01f539de0c1f863b0e45bea73a6e9fa787443378ab31a841a39aee2ae57440d385959667f9323d6ef0f2870

Download Submit
\Program Files (x86)\Meiqia\Meiqia\usysdiag.dll

Filesize
541KB

MD5
1c0dee8882cba2d4afccf2e7adddec27

SHA1
8d5c6aaea80b16ca290ace5d910eadae33f2287c

SHA256
14ad4b9bf96cd056d796c724522013a0bc8edbbcee71d1171bdeb2a50c0d316a

SHA512
3a4bf427239ea9a4af614b81e263f0d1f2541ad11c7e7f26790f0bc2f25e7724920c4711fb74b577eb06908d1cad28f738d53ee87aa491053e7f716fb878d640

Download Submit
memory/2932-311-0x0000000000400000-0x0000000000438000-memory.dmp

Filesize
224KB

Download
memory/2932-268-0x0000000000400000-0x0000000000438000-memory.dmp

Filesize
224KB

Download
memory/2932-11-0x0000000000400000-0x0000000000438000-memory.dmp

Filesize
224KB

Download
memory/2932-384-0x0000000000400000-0x0000000000438000-memory.dmp

Filesize
224KB

Download
memory/2932-363-0x0000000000400000-0x0000000000438000-memory.dmp

Filesize
224KB

Download