hxxps://www[.]dialux[.]com/en-GB/download/dialux-evo

Analysis

max time kernel
161s
max time network
231s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
09/10/2023, 18:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.dialux.com/en-GB/download/dialux-evo

Score

8^/10

upx

Malware Config

Signatures

Downloads MZ/PE file

UPX packed file 19 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/files/0x0006000000023224-175.dat	upx
behavioral1/files/0x0006000000023224-180.dat	upx
behavioral1/memory/2924-184-0x00000000007C0000-0x0000000000BA8000-memory.dmp	upx
behavioral1/files/0x0006000000023224-181.dat	upx
behavioral1/files/0x0006000000023235-210.dat	upx
behavioral1/files/0x0006000000023241-238.dat	upx
behavioral1/memory/5012-241-0x0000000000B00000-0x0000000000EE8000-memory.dmp	upx
behavioral1/files/0x0006000000023241-237.dat	upx
behavioral1/memory/2924-266-0x00000000007C0000-0x0000000000BA8000-memory.dmp	upx
behavioral1/memory/5012-271-0x0000000000B00000-0x0000000000EE8000-memory.dmp	upx
behavioral1/files/0x000600000002325d-298.dat	upx
behavioral1/memory/4828-304-0x0000000000E70000-0x0000000001258000-memory.dmp	upx
behavioral1/files/0x000600000002325d-297.dat	upx
behavioral1/memory/5012-326-0x0000000000B00000-0x0000000000EE8000-memory.dmp	upx
behavioral1/memory/2924-346-0x00000000007C0000-0x0000000000BA8000-memory.dmp	upx
behavioral1/memory/5012-351-0x0000000000B00000-0x0000000000EE8000-memory.dmp	upx
behavioral1/memory/4828-355-0x0000000000E70000-0x0000000001258000-memory.dmp	upx
behavioral1/memory/4828-370-0x0000000000E70000-0x0000000001258000-memory.dmp	upx
behavioral1/memory/4828-395-0x0000000000E70000-0x0000000001258000-memory.dmp	upx

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133413493369674411"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1492	chrome.exe
1492	chrome.exe
4480	chrome.exe
4480	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
1492	chrome.exe
1492	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe
Token: SeShutdownPrivilege	1492	chrome.exe
Token: SeCreatePagefilePrivilege	1492	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe
1492	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1492 wrote to memory of 628	1492	chrome.exe	39
PID 1492 wrote to memory of 628	1492	chrome.exe	39
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 1420	1492	chrome.exe	88
PID 1492 wrote to memory of 668	1492	chrome.exe	89
PID 1492 wrote to memory of 668	1492	chrome.exe	89
PID 1492 wrote to memory of 4792	1492	chrome.exe	90
PID 1492 wrote to memory of 4792	1492	chrome.exe	90
PID 1492 wrote to memory of 4792	1492	chrome.exe	90
PID 1492 wrote to memory of 4792	1492	chrome.exe	90
PID 1492 wrote to memory of 4792	1492	chrome.exe	90
PID 1492 wrote to memory of 4792	1492	chrome.exe	90
PID 1492 wrote to memory of 4792	1492	chrome.exe	90
PID 1492 wrote to memory of 4792	1492	chrome.exe	90
PID 1492 wrote to memory of 4792	1492	chrome.exe	90
PID 1492 wrote to memory of 4792	1492	chrome.exe	90
PID 1492 wrote to memory of 4792	1492	chrome.exe	90
PID 1492 wrote to memory of 4792	1492	chrome.exe	90
PID 1492 wrote to memory of 4792	1492	chrome.exe	90
PID 1492 wrote to memory of 4792	1492	chrome.exe	90
PID 1492 wrote to memory of 4792	1492	chrome.exe	90
PID 1492 wrote to memory of 4792	1492	chrome.exe	90
PID 1492 wrote to memory of 4792	1492	chrome.exe	90
PID 1492 wrote to memory of 4792	1492	chrome.exe	90
PID 1492 wrote to memory of 4792	1492	chrome.exe	90
PID 1492 wrote to memory of 4792	1492	chrome.exe	90
PID 1492 wrote to memory of 4792	1492	chrome.exe	90
PID 1492 wrote to memory of 4792	1492	chrome.exe	90

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.dialux.com/en-GB/download/dialux-evo
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9ca899758,0x7ff9ca899768,0x7ff9ca899778
  2⤵
  PID:628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1656 --field-trial-handle=1872,i,12858307993100296323,288842439698120356,131072 /prefetch:2
  2⤵
  PID:1420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1872,i,12858307993100296323,288842439698120356,131072 /prefetch:8
  2⤵
  PID:668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2212 --field-trial-handle=1872,i,12858307993100296323,288842439698120356,131072 /prefetch:8
  2⤵
  PID:4792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3148 --field-trial-handle=1872,i,12858307993100296323,288842439698120356,131072 /prefetch:1
  2⤵
  PID:4868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3188 --field-trial-handle=1872,i,12858307993100296323,288842439698120356,131072 /prefetch:1
  2⤵
  PID:2504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5112 --field-trial-handle=1872,i,12858307993100296323,288842439698120356,131072 /prefetch:8
  2⤵
  PID:4892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5184 --field-trial-handle=1872,i,12858307993100296323,288842439698120356,131072 /prefetch:8
  2⤵
  PID:4544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5524 --field-trial-handle=1872,i,12858307993100296323,288842439698120356,131072 /prefetch:8
  2⤵
  PID:4952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5552 --field-trial-handle=1872,i,12858307993100296323,288842439698120356,131072 /prefetch:8
  2⤵
  PID:5024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2304 --field-trial-handle=1872,i,12858307993100296323,288842439698120356,131072 /prefetch:8
  2⤵
  PID:1356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2640 --field-trial-handle=1872,i,12858307993100296323,288842439698120356,131072 /prefetch:8
  2⤵
  PID:1160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1608 --field-trial-handle=1872,i,12858307993100296323,288842439698120356,131072 /prefetch:8
  2⤵
  PID:4812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5328 --field-trial-handle=1872,i,12858307993100296323,288842439698120356,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4480
- C:\Users\Admin\Downloads\DIALux_evo_12_0.exe
  "C:\Users\Admin\Downloads\DIALux_evo_12_0.exe"
  2⤵
  PID:4976
- - C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
    "C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe" __IRAOFF:1797666 "__IRAFN:C:\Users\Admin\Downloads\DIALux_evo_12_0.exe" "__IRCT:2" "__IRTSS:0" "__IRSID:S-1-5-21-919254492-3979293997-764407192-1000"
    3⤵
    PID:2924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5552 --field-trial-handle=1872,i,12858307993100296323,288842439698120356,131072 /prefetch:8
  2⤵
  PID:412
- C:\Users\Admin\Downloads\DIALux_evo_12_0.exe
  "C:\Users\Admin\Downloads\DIALux_evo_12_0.exe"
  2⤵
  PID:4988
- - C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_2\irsetup.exe
    "C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_2\irsetup.exe" __IRAOFF:1797666 "__IRAFN:C:\Users\Admin\Downloads\DIALux_evo_12_0.exe" "__IRCT:2" "__IRTSS:0" "__IRSID:S-1-5-21-919254492-3979293997-764407192-1000"
    3⤵
    PID:5012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6012 --field-trial-handle=1872,i,12858307993100296323,288842439698120356,131072 /prefetch:8
  2⤵
  PID:3332
- C:\Users\Admin\Downloads\DIALux_evo_12_0.exe
  "C:\Users\Admin\Downloads\DIALux_evo_12_0.exe"
  2⤵
  PID:4056
- C:\Users\Admin\Downloads\DIALux_evo_12_0.exe
  "C:\Users\Admin\Downloads\DIALux_evo_12_0.exe"
  2⤵
  PID:4132
- - C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_3\irsetup.exe
    "C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_3\irsetup.exe" __IRAOFF:1797666 "__IRAFN:C:\Users\Admin\Downloads\DIALux_evo_12_0.exe" "__IRCT:2" "__IRTSS:0" "__IRSID:S-1-5-21-919254492-3979293997-764407192-1000"
    3⤵
    PID:4828

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2588

C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask
1⤵
PID:1268

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
726900da3e58ef53709bcb74303182aa

SHA1
276816080a98134816df559d80cc2118fa3a0b63

SHA256
62db1b0f49d2c9fdec04f3a43f37953e40d55991e8cb6879c647a202ffb5c000

SHA512
1eb90112acb8d5f1f30858488e915037d8fa3842e997cb169460a560d846432eda4871a38e2a8034b6952cad52900dc9b03b0dbf9ab46dd3b9794e3632f96b48

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
2d68ddf608e2001c667e2e01474ac774

SHA1
f69d57838299507b19791fa7121d192617471a02

SHA256
f46ce66639f88c8c9266ac510031ac3bb5c63c4dcc5618cf96fc2f5f1a8de055

SHA512
63031da903452eb129db076b49f7226938f35717405aa823f3f1da0eaeec0115f364eeb0c77f24aa4e5dc892f61b972ad950bc7832085056202acde8a5c62e1a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
c9e84a1d44c30407041bfa4fbe4528e5

SHA1
aaea3b00830af33f83406dfaaeeac8241ee5f49a

SHA256
7b3c7cce481476e538643ee0ea421463c92d19449354d1691a2aa22bab21625e

SHA512
adfde58841e8a8c3fa0f777a2a1679e2f8d48d9a7c4a107cfc8b0b0daeaacc27f014cb91ed02ad6a27ce65d67c988383ac9f4a85ad4ac5a9ef7f17761bf5ab4a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
73f6d20c1a6757b684c5e0c09d002eaf

SHA1
f80622fb85ffb2b75fd64c421e59ab60be64634d

SHA256
8e6bea387f6c46f85d807168d1bcd0f4d9a4d15c33dcf731ebc92e6d76b067c1

SHA512
2d776c83c476451b300261bd2d11cf770ae3272e88771bad61064d94b9ca2c5e52a63927aa21c1e41f388449a1d1304d5b28f944aa6c61e1b5b2f749519ba905

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
ea3edc1d2f9f2a256bb366c19d777bbf

SHA1
4c6d0c81951a2f4398962c291580b7583605775e

SHA256
929e6ed83d18eec7b096cd596f2e5800369013c44a8ae1a4c3cf07abf080791e

SHA512
da3e203bacde9e42e62d2b1bbfe7460ed464d3a1ef5773da0ff393d1f34ac327f67f319a3a35db80b115b586b40205d407e5df033ddb1b70ceb886e7aa7997ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
3c589e39c11497b00acbdfa1440d9e89

SHA1
cd64db986b6802a96b930ec5f420c36f6079b938

SHA256
494eb9f3f081ce14e1aafa1be7577bbfd52d1117c3f26e9b7a319e96f13d5d37

SHA512
c4f71ff399e043e04cc758b0d908e75300423d83b248c95e310cf9640cd5f8109c74b073d177ab2666b3215e11aebd50fb2a788a20eae1759b495b3cec9e0e6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
28f8dbc9cd8f7f0486d3c7f13775873e

SHA1
8a27abceb28c1eeeb07c8e046ffd980e45c2e926

SHA256
c1fca320a0885689b0646594294b5a883fbc0703d33924bced7507681bada435

SHA512
d1c6e07c4bc3b5d1f64d2f65d191dbd8335ad0dd0b8e1d0806be2d925f7b3472c9cc96f546f25b0a4b86c110871f6a5f03c140eca9bebfc4643c6380d2ff12b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
74ca755e2e4c4c8b0a6496dbe512b357

SHA1
eccff9869c970d616f6872bd13f42c5b77ffc906

SHA256
c8df26ead7254eb7d5484fb8cc3d36b1a627e1867e81f4c00493e3ca1c8a61e0

SHA512
4921c8b3109a9553cfc702421d260653ff284a94e6437398a232d1cddc9930a6d0c4485e09e427cb0fd311437c79bd7bff0f16f72954569d71fc30d8cd54e8f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
2a6e7864491f0f0841b9ef76aa1a25ee

SHA1
0afb97b1cdbd89d7c3626a86ba6ec0978ea508ad

SHA256
b5a0383498e08b26162e4e46177594ebd66eb488ed7753bbe4ff544ef6849c45

SHA512
a16b99468381201af6bb643ef63e70eb627c7755c86d1a10502ff02effbc6cb70dfbd302371f0b238a1cb0ba350de2e1ec3db2ab52dda90ababd6803b2dcecff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
400d996c3e6f37913d8d5334182a6408

SHA1
9cd82d6deeabc7e79126c9b3b40e6d1b0611a3d2

SHA256
be7b5bf5e46d81d7f26678c57babab288c02fd6fab0fafa8cab8dfce542120be

SHA512
fbb25d4d257747b8c00eda59a5184055c8a18772916e5881c95fe7c7d286c2aa6738616e423810827615ecb80fe512423e5fbab3658531ccfa4236d7c42b2592

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
802ca1cb6a0225e8be946892e32b7a16

SHA1
e1d7245b5bd72a4df3dee71ae9f3b1ea9b2d7273

SHA256
fc1cd8e73ca629bcdfb17e7ca12cf261ef3a0b2ebe3ea061b4d21ba3c7cb28d1

SHA512
45aaa626314c02f212d7616adf7a6ccf0e9b38af124f2e343ae811d1e81b83dc0b7f3c68a0ee57c1482f85be2c594af0320951b38ecd1cbea74f91943ddf5ba1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
114KB

MD5
0e47c82100c80643595fd5048087292b

SHA1
c5827acb66bd8bd9fa12f5621144c72df075d9a2

SHA256
ec7a9890cffe37ccf1611c34a01abf8786f4da060d61a588107709169627f882

SHA512
02b30d6e104f4530c9de7fba2deb569fa4a9c8d3f40d3d2d3058d1ce094633c164dc8fcb73a38732155734b7045f07b6a2c43371c868120870b53766f9c1e21f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5a3b35.TMP

Filesize
107KB

MD5
b0221c12ea18d16011deb033f76136ab

SHA1
0bd1c28e25feef4f6323a88d16b20cb18b44a506

SHA256
12f9831b06361f538919bfbe0b70946a02a0081ce88e133eea6836dd37c83d6b

SHA512
610408950cef61776361ba10049930d7011c4eba898ae3cd550d273e2af73ca6cf4ce12bbc6aa715a4ddb08567f5702aa66fa905cbb9d2e2408bbc6ee48fef35

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRZip.lmd

Filesize
1.7MB

MD5
1bbf5dd0b6ca80e4c7c77495c3f33083

SHA1
e0520037e60eb641ec04d1e814394c9da0a6a862

SHA256
bc6bd19ab0977ac794e18e2c82ace3116bf0537711a352638efd2d8d847c140b

SHA512
97bc810871868217f944bc5e60ab642f161c1f082bc9e4122094f10b4e309a6d96e3dd695553a20907cb8fea5aef4802f5a2f0a852328c1a1cd85944022abaab

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRZip.lmd

Filesize
1.7MB

MD5
1bbf5dd0b6ca80e4c7c77495c3f33083

SHA1
e0520037e60eb641ec04d1e814394c9da0a6a862

SHA256
bc6bd19ab0977ac794e18e2c82ace3116bf0537711a352638efd2d8d847c140b

SHA512
97bc810871868217f944bc5e60ab642f161c1f082bc9e4122094f10b4e309a6d96e3dd695553a20907cb8fea5aef4802f5a2f0a852328c1a1cd85944022abaab

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\Wow64.lmd

Filesize
97KB

MD5
da1d0cd400e0b6ad6415fd4d90f69666

SHA1
de9083d2902906cacf57259cf581b1466400b799

SHA256
7a79b049bdc3b6e4d101691888360f4f993098f3e3a8beefff4ac367430b1575

SHA512
f12f64670f158c2e846e78b7b5d191158268b45ecf3c288f02bbee15ae10c4a62e67fb3481da304ba99da2c68ac44d713a44a458ef359db329b6fef3d323382a

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\Wow64.lmd

Filesize
97KB

MD5
da1d0cd400e0b6ad6415fd4d90f69666

SHA1
de9083d2902906cacf57259cf581b1466400b799

SHA256
7a79b049bdc3b6e4d101691888360f4f993098f3e3a8beefff4ac367430b1575

SHA512
f12f64670f158c2e846e78b7b5d191158268b45ecf3c288f02bbee15ae10c4a62e67fb3481da304ba99da2c68ac44d713a44a458ef359db329b6fef3d323382a

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe

Filesize
1.3MB

MD5
68ac216f38a5f7c823712c216ca4b060

SHA1
f6ad96e91103c40eb33fd3f1324d99093e5d014e

SHA256
748d48d246526e2a79edcde87255ffa5387e3bcc94f6ca5e59589e07e683cd80

SHA512
9b7dce4ed6e2caee1cdb33e490e7062344d95d27ba48e96f66094a3413da27fb32680dd2e9a5b2091489780929c27fe36914210793fbef81dfb5b4fb1a9b469b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe

Filesize
1.3MB

MD5
68ac216f38a5f7c823712c216ca4b060

SHA1
f6ad96e91103c40eb33fd3f1324d99093e5d014e

SHA256
748d48d246526e2a79edcde87255ffa5387e3bcc94f6ca5e59589e07e683cd80

SHA512
9b7dce4ed6e2caee1cdb33e490e7062344d95d27ba48e96f66094a3413da27fb32680dd2e9a5b2091489780929c27fe36914210793fbef81dfb5b4fb1a9b469b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe

Filesize
1.3MB

MD5
68ac216f38a5f7c823712c216ca4b060

SHA1
f6ad96e91103c40eb33fd3f1324d99093e5d014e

SHA256
748d48d246526e2a79edcde87255ffa5387e3bcc94f6ca5e59589e07e683cd80

SHA512
9b7dce4ed6e2caee1cdb33e490e7062344d95d27ba48e96f66094a3413da27fb32680dd2e9a5b2091489780929c27fe36914210793fbef81dfb5b4fb1a9b469b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\lua5.1.dll

Filesize
326KB

MD5
80d93d38badecdd2b134fe4699721223

SHA1
e829e58091bae93bc64e0c6f9f0bac999cfda23d

SHA256
c572a6103af1526f97e708a229a532fd02100a52b949f721052107f1f55e0c59

SHA512
9f28073cc186b55ef64661c2e4f6fe1c112785a262b9d8e9a431703fdb1000f1d8cc0b2a3c153c822cfd48782ae945742ccb07beae4d6388d5d0b4df03103bd4

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\lua5.1.dll

Filesize
326KB

MD5
80d93d38badecdd2b134fe4699721223

SHA1
e829e58091bae93bc64e0c6f9f0bac999cfda23d

SHA256
c572a6103af1526f97e708a229a532fd02100a52b949f721052107f1f55e0c59

SHA512
9f28073cc186b55ef64661c2e4f6fe1c112785a262b9d8e9a431703fdb1000f1d8cc0b2a3c153c822cfd48782ae945742ccb07beae4d6388d5d0b4df03103bd4

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe

Filesize
1.3MB

MD5
68ac216f38a5f7c823712c216ca4b060

SHA1
f6ad96e91103c40eb33fd3f1324d99093e5d014e

SHA256
748d48d246526e2a79edcde87255ffa5387e3bcc94f6ca5e59589e07e683cd80

SHA512
9b7dce4ed6e2caee1cdb33e490e7062344d95d27ba48e96f66094a3413da27fb32680dd2e9a5b2091489780929c27fe36914210793fbef81dfb5b4fb1a9b469b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_2\IRZip.lmd

Filesize
1.7MB

MD5
1bbf5dd0b6ca80e4c7c77495c3f33083

SHA1
e0520037e60eb641ec04d1e814394c9da0a6a862

SHA256
bc6bd19ab0977ac794e18e2c82ace3116bf0537711a352638efd2d8d847c140b

SHA512
97bc810871868217f944bc5e60ab642f161c1f082bc9e4122094f10b4e309a6d96e3dd695553a20907cb8fea5aef4802f5a2f0a852328c1a1cd85944022abaab

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_2\Wow64.lmd

Filesize
97KB

MD5
da1d0cd400e0b6ad6415fd4d90f69666

SHA1
de9083d2902906cacf57259cf581b1466400b799

SHA256
7a79b049bdc3b6e4d101691888360f4f993098f3e3a8beefff4ac367430b1575

SHA512
f12f64670f158c2e846e78b7b5d191158268b45ecf3c288f02bbee15ae10c4a62e67fb3481da304ba99da2c68ac44d713a44a458ef359db329b6fef3d323382a

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_2\irsetup.dat

Filesize
1.3MB

MD5
32e389a0398ce503644b4db42e063800

SHA1
825add88f30bbf628e33bf69aa666bcb7b5197e3

SHA256
7bd2551646844061d694a8b33fa690b7f2b71a7d3d273a9bae0433557233c526

SHA512
2ae20cbddea8159e629af8721cdadcf04f24bb8200da33c9858042d9b405029f9d7e1024166bdf16fcd2b14873c3db6d5a1ec926bc864dfef7f343c54e540823

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_2\irsetup.exe

Filesize
1.3MB

MD5
68ac216f38a5f7c823712c216ca4b060

SHA1
f6ad96e91103c40eb33fd3f1324d99093e5d014e

SHA256
748d48d246526e2a79edcde87255ffa5387e3bcc94f6ca5e59589e07e683cd80

SHA512
9b7dce4ed6e2caee1cdb33e490e7062344d95d27ba48e96f66094a3413da27fb32680dd2e9a5b2091489780929c27fe36914210793fbef81dfb5b4fb1a9b469b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_2\irsetup.exe

Filesize
1.3MB

MD5
68ac216f38a5f7c823712c216ca4b060

SHA1
f6ad96e91103c40eb33fd3f1324d99093e5d014e

SHA256
748d48d246526e2a79edcde87255ffa5387e3bcc94f6ca5e59589e07e683cd80

SHA512
9b7dce4ed6e2caee1cdb33e490e7062344d95d27ba48e96f66094a3413da27fb32680dd2e9a5b2091489780929c27fe36914210793fbef81dfb5b4fb1a9b469b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_2\lua5.1.dll

Filesize
326KB

MD5
80d93d38badecdd2b134fe4699721223

SHA1
e829e58091bae93bc64e0c6f9f0bac999cfda23d

SHA256
c572a6103af1526f97e708a229a532fd02100a52b949f721052107f1f55e0c59

SHA512
9f28073cc186b55ef64661c2e4f6fe1c112785a262b9d8e9a431703fdb1000f1d8cc0b2a3c153c822cfd48782ae945742ccb07beae4d6388d5d0b4df03103bd4

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_2\lua5.1.dll

Filesize
326KB

MD5
80d93d38badecdd2b134fe4699721223

SHA1
e829e58091bae93bc64e0c6f9f0bac999cfda23d

SHA256
c572a6103af1526f97e708a229a532fd02100a52b949f721052107f1f55e0c59

SHA512
9f28073cc186b55ef64661c2e4f6fe1c112785a262b9d8e9a431703fdb1000f1d8cc0b2a3c153c822cfd48782ae945742ccb07beae4d6388d5d0b4df03103bd4

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_3\IRZip.lmd

Filesize
1.7MB

MD5
1bbf5dd0b6ca80e4c7c77495c3f33083

SHA1
e0520037e60eb641ec04d1e814394c9da0a6a862

SHA256
bc6bd19ab0977ac794e18e2c82ace3116bf0537711a352638efd2d8d847c140b

SHA512
97bc810871868217f944bc5e60ab642f161c1f082bc9e4122094f10b4e309a6d96e3dd695553a20907cb8fea5aef4802f5a2f0a852328c1a1cd85944022abaab

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_3\Wow64.lmd

Filesize
97KB

MD5
da1d0cd400e0b6ad6415fd4d90f69666

SHA1
de9083d2902906cacf57259cf581b1466400b799

SHA256
7a79b049bdc3b6e4d101691888360f4f993098f3e3a8beefff4ac367430b1575

SHA512
f12f64670f158c2e846e78b7b5d191158268b45ecf3c288f02bbee15ae10c4a62e67fb3481da304ba99da2c68ac44d713a44a458ef359db329b6fef3d323382a

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_3\irsetup.exe

Filesize
1.3MB

MD5
68ac216f38a5f7c823712c216ca4b060

SHA1
f6ad96e91103c40eb33fd3f1324d99093e5d014e

SHA256
748d48d246526e2a79edcde87255ffa5387e3bcc94f6ca5e59589e07e683cd80

SHA512
9b7dce4ed6e2caee1cdb33e490e7062344d95d27ba48e96f66094a3413da27fb32680dd2e9a5b2091489780929c27fe36914210793fbef81dfb5b4fb1a9b469b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_3\irsetup.exe

Filesize
1.3MB

MD5
68ac216f38a5f7c823712c216ca4b060

SHA1
f6ad96e91103c40eb33fd3f1324d99093e5d014e

SHA256
748d48d246526e2a79edcde87255ffa5387e3bcc94f6ca5e59589e07e683cd80

SHA512
9b7dce4ed6e2caee1cdb33e490e7062344d95d27ba48e96f66094a3413da27fb32680dd2e9a5b2091489780929c27fe36914210793fbef81dfb5b4fb1a9b469b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_3\lua5.1.dll

Filesize
326KB

MD5
80d93d38badecdd2b134fe4699721223

SHA1
e829e58091bae93bc64e0c6f9f0bac999cfda23d

SHA256
c572a6103af1526f97e708a229a532fd02100a52b949f721052107f1f55e0c59

SHA512
9f28073cc186b55ef64661c2e4f6fe1c112785a262b9d8e9a431703fdb1000f1d8cc0b2a3c153c822cfd48782ae945742ccb07beae4d6388d5d0b4df03103bd4

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_3\lua5.1.dll

Filesize
326KB

MD5
80d93d38badecdd2b134fe4699721223

SHA1
e829e58091bae93bc64e0c6f9f0bac999cfda23d

SHA256
c572a6103af1526f97e708a229a532fd02100a52b949f721052107f1f55e0c59

SHA512
9f28073cc186b55ef64661c2e4f6fe1c112785a262b9d8e9a431703fdb1000f1d8cc0b2a3c153c822cfd48782ae945742ccb07beae4d6388d5d0b4df03103bd4

Download Submit
C:\Users\Admin\Downloads\DIALux_evo_12_0.exe

Filesize
178.1MB

MD5
ff533876855a6d34182bed98c16b9eb6

SHA1
d6776da9010d3b3227dea39b179b334fd768dff9

SHA256
f10d2552cb3b7a54f88edc33a1fc4b5b189bcfc24ac111709bf92a6f8893c1a7

SHA512
1acff1781e6e025eb0cb50df642c1821a0d8c7465029a9409101ed484fe4bb762444aedf890c3c845a324cf76451bba6db3d0f8f4fef0526fbfe228cf45c4cee

Download Submit
C:\Users\Admin\Downloads\DIALux_evo_12_0.exe

Filesize
130.8MB

MD5
cf42adda50b4e0ee791f7e451eb3a964

SHA1
4c567bcbbc95f3a0d04df4a1f71e10bbbf343aea

SHA256
9f2f9884106c8bac1f03004beb8d76eeb2500b1206efd94d65a6e643fe549198

SHA512
f12e844be8c3cd06d3c86a728bbec79dfc40d70d6613b5c3683282aafa7ec9cf979a88ec5a9b2473dbf9ba9d29cc06b694a949dfa89d6dfbd5edf9ae073e33eb

Download Submit
C:\Users\Admin\Downloads\DIALux_evo_12_0.exe

Filesize
141.9MB

MD5
1e517ae15c7f11e589362c1a4f60e96d

SHA1
a2d33e989356f71ce42cfc44414e1b0500b94648

SHA256
f2ba99b6d7f7b70bbcffb52d89c4f9cff01e45f38c677e078077bde7712aa41f

SHA512
ae80c0bf6d362b0c256bce3f722f476898a014d2f5a5975df11d2a9b5d451f0fc8da76b05f0fe37b829b9af8f9812ce07ac28c282c23afaf50edeae94de83ff8

Download Submit
C:\Users\Admin\Downloads\DIALux_evo_12_0.exe

Filesize
135.7MB

MD5
4e3b2c61a1598ac69b3dceb5e5ca2c79

SHA1
7bf8fdb56970a860525f163a0af84df907205605

SHA256
7e2253f782144a61b5508059b83a88692331956d580c7269953d4f4d86c95b72

SHA512
bae159e8db5c79500d55854699505443780d433eb21a8e6107a35022d864df2ee15d03763bb8e1fbda14ce31bd2c257223de7c9a1d3c453b4826b660490905c4

Download Submit
C:\Users\Admin\Downloads\DIALux_evo_12_0.exe

Filesize
135.1MB

MD5
315a704f2ecde4898dec2d2b92055a96

SHA1
0a3951c131a7319f2cffc283a5e4234830709f9c

SHA256
0c1af78187d83fd7f0df77554d799609af008ee480f497c2fe84bc84065e2e7c

SHA512
f3e8ebfdec22002e1f6d36681ac9d228bd43660fef96eeea14ae17d94e7243bac8dac38bad3eb379756c7b2c9f5e4535503f876f231950a4f396645c0d148f80

Download Submit
C:\Users\Admin\Downloads\DIALux_evo_12_0.exe

Filesize
97.4MB

MD5
0a680ff3b258112ee2d168bcef5d9be2

SHA1
e4626133ff2bb703993f1bb2f58c74d6f7fe3606

SHA256
e97a81e1a291bd6f0396eaca13e1b0ab9151bea2537491e844cda7bfa0f23650

SHA512
bc67c506763fa3385917950aaae77a497d9d5ed0ea6b32fb759e62a1bfc9d7bd8cb8af995f9f6cc525c2dd10af4dc3fe9fb8b63231d09d2fbceec9c3342397f3

Download Submit
memory/2924-266-0x00000000007C0000-0x0000000000BA8000-memory.dmp

Filesize
3.9MB

Download
memory/2924-346-0x00000000007C0000-0x0000000000BA8000-memory.dmp

Filesize
3.9MB

Download
memory/2924-184-0x00000000007C0000-0x0000000000BA8000-memory.dmp

Filesize
3.9MB

Download
memory/2924-226-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/2924-227-0x0000000005C90000-0x0000000005C93000-memory.dmp

Filesize
12KB

Download
memory/4828-355-0x0000000000E70000-0x0000000001258000-memory.dmp

Filesize
3.9MB

Download
memory/4828-304-0x0000000000E70000-0x0000000001258000-memory.dmp

Filesize
3.9MB

Download
memory/4828-370-0x0000000000E70000-0x0000000001258000-memory.dmp

Filesize
3.9MB

Download
memory/4828-395-0x0000000000E70000-0x0000000001258000-memory.dmp

Filesize
3.9MB

Download
memory/4828-397-0x0000000006370000-0x0000000006373000-memory.dmp

Filesize
12KB

Download
memory/4828-396-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/5012-271-0x0000000000B00000-0x0000000000EE8000-memory.dmp

Filesize
3.9MB

Download
memory/5012-333-0x00000000032B0000-0x00000000032B3000-memory.dmp

Filesize
12KB

Download
memory/5012-351-0x0000000000B00000-0x0000000000EE8000-memory.dmp

Filesize
3.9MB

Download
memory/5012-331-0x0000000010000000-0x0000000010051000-memory.dmp

Filesize
324KB

Download
memory/5012-241-0x0000000000B00000-0x0000000000EE8000-memory.dmp

Filesize
3.9MB

Download
memory/5012-326-0x0000000000B00000-0x0000000000EE8000-memory.dmp

Filesize
3.9MB

Download