5eb6c6b2df2b5e3dc32f58a160af424a8d7e7b85ab89e2bec1ffa4a4e34912fa

Analysis

max time kernel
118s
max time network
126s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
13/10/2023, 01:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

SourceTreeSetup-3.4.2.exe
Size

24.2MB
MD5

6db9120dc04d8234f3a5888531eed006
SHA1

a3c37a954637ed52f77fd0c1c8bcbe39d09bb794
SHA256

5eb6c6b2df2b5e3dc32f58a160af424a8d7e7b85ab89e2bec1ffa4a4e34912fa
SHA512

baff8e9cae8d6d416e2f122da40cb99928a02289f25bc1670d58831f7ca8b83d8762baf8076d6ecdab85c4b41e1b65fc2b5766398807180d9f39db40680518e7
SSDEEP

786432:Y1hEl2GroJd+JZRrYZLtWESAIS/SuTPxb+iZOYv+:Y1SlXyd+JZteL0vS/S+Pxgr

Score

7^/10

discovery

Malware Config

Signatures

Executes dropped EXE 4 IoCs

pid	Process
2856	Update.exe
2012	SourceTree.exe
2428	SourceTree.exe
2476	7z.exe

Loads dropped DLL 3 IoCs

pid	Process
2224	SourceTreeSetup-3.4.2.exe
2856	Update.exe
2476	7z.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies Internet Explorer settings 1 TTPs 4 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-86725733-3001458681-3405935542-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\SourceTree.exe = "99999"	SourceTree.exe
Key created	\REGISTRY\USER\S-1-5-21-86725733-3001458681-3405935542-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION	SourceTree.exe
Key created	\REGISTRY\USER\S-1-5-21-86725733-3001458681-3405935542-1000\Software\Microsoft\Internet Explorer\Main	SourceTree.exe
Key created	\REGISTRY\USER\S-1-5-21-86725733-3001458681-3405935542-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl	SourceTree.exe

Modifies system certificate store 2 TTPs 13 IoCs

evasion spyware trojan

Install Root Certificate

T1553.004

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 190000000100000010000000749966cecc95c1874194ca7203f9b6200300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d431d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0b000000010000001200000044006900670069004300650072007400000014000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b060105050703080f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa62000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2	SourceTree.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 04000000010000001000000087ce0b7b2a0e4900e158719b37a893720f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d43190000000100000010000000749966cecc95c1874194ca7203f9b6202000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2	SourceTree.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6\Blob = 19000000010000001000000044ba5fd9039fc9b56fd8aadccd597ca6030000000100000014000000317a2ad07f2b335ef5a1c34e4b57e8b7d8f1fca61d00000001000000100000005959ddbc9c7632ba0a05f06316846fe6140000000100000014000000a848b4242fc6ea24a0d78e3cb93c5c78d79833e4090000000100000016000000301406082b0601050507030406082b060105050703010b000000010000002e00000053007400610072006600690065006c006400200054006500630068006e006f006c006f006700690065007300000053000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00f000000010000001400000007eeabaf80a9ef4ae1b2cb9b4b5fc70d0428e6a92000000001000000eb020000308202e730820250020101300d06092a864886f70d01010505003081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d301e170d3939303632363030313935345a170d3139303632363030313935345a3081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100ce3a71cae5abc8599255d7abd8740ef9eed9f655475965470e0555dceb98363c5c535dd330cf38ecbd4189ed254209246b0a5eb37cdd522d4ce6d4d67d5a59a965d449132d244d1c506fb5c185543bfe71e4d35c42f980e0911a0a5b393667f33f557c1b3fb45f647334e3b412bf8764f8da12ff3727c1b343bbef7b6e2e69f70203010001300d06092a864886f70d0101050500038181003b7f506f6f509499496238381f4bf8a5c83ea78281f62bc7e8c5cee83a1082cb18008e4dbda8587fa17900b5bbe98daf41d90f34ee218119a0324928f4c48e56d55233fd50d57e996c03e4c94cfccb6cab66b34a218ce5b50c323e10b2cc6ca1dc9a984c025bf3ceb99ea5720e4ab73f3ce61668f8beed744cbc5bd5621f43dd	Update.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43	SourceTree.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 0f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d432000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2	SourceTree.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A	SourceTree.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6\Blob = 0f000000010000001400000007eeabaf80a9ef4ae1b2cb9b4b5fc70d0428e6a953000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00b000000010000002e00000053007400610072006600690065006c006400200054006500630068006e006f006c006f0067006900650073000000090000000100000016000000301406082b0601050507030406082b06010505070301140000000100000014000000a848b4242fc6ea24a0d78e3cb93c5c78d79833e41d00000001000000100000005959ddbc9c7632ba0a05f06316846fe6030000000100000014000000317a2ad07f2b335ef5a1c34e4b57e8b7d8f1fca62000000001000000eb020000308202e730820250020101300d06092a864886f70d01010505003081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d301e170d3939303632363030313935345a170d3139303632363030313935345a3081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100ce3a71cae5abc8599255d7abd8740ef9eed9f655475965470e0555dceb98363c5c535dd330cf38ecbd4189ed254209246b0a5eb37cdd522d4ce6d4d67d5a59a965d449132d244d1c506fb5c185543bfe71e4d35c42f980e0911a0a5b393667f33f557c1b3fb45f647334e3b412bf8764f8da12ff3727c1b343bbef7b6e2e69f70203010001300d06092a864886f70d0101050500038181003b7f506f6f509499496238381f4bf8a5c83ea78281f62bc7e8c5cee83a1082cb18008e4dbda8587fa17900b5bbe98daf41d90f34ee218119a0324928f4c48e56d55233fd50d57e996c03e4c94cfccb6cab66b34a218ce5b50c323e10b2cc6ca1dc9a984c025bf3ceb99ea5720e4ab73f3ce61668f8beed744cbc5bd5621f43dd	Update.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6\Blob = 040000000100000010000000a923759bba49366e31c2dbf2e766ba870f000000010000001400000007eeabaf80a9ef4ae1b2cb9b4b5fc70d0428e6a953000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00b000000010000002e00000053007400610072006600690065006c006400200054006500630068006e006f006c006f0067006900650073000000090000000100000016000000301406082b0601050507030406082b06010505070301140000000100000014000000a848b4242fc6ea24a0d78e3cb93c5c78d79833e41d00000001000000100000005959ddbc9c7632ba0a05f06316846fe6030000000100000014000000317a2ad07f2b335ef5a1c34e4b57e8b7d8f1fca619000000010000001000000044ba5fd9039fc9b56fd8aadccd597ca62000000001000000eb020000308202e730820250020101300d06092a864886f70d01010505003081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d301e170d3939303632363030313935345a170d3139303632363030313935345a3081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100ce3a71cae5abc8599255d7abd8740ef9eed9f655475965470e0555dceb98363c5c535dd330cf38ecbd4189ed254209246b0a5eb37cdd522d4ce6d4d67d5a59a965d449132d244d1c506fb5c185543bfe71e4d35c42f980e0911a0a5b393667f33f557c1b3fb45f647334e3b412bf8764f8da12ff3727c1b343bbef7b6e2e69f70203010001300d06092a864886f70d0101050500038181003b7f506f6f509499496238381f4bf8a5c83ea78281f62bc7e8c5cee83a1082cb18008e4dbda8587fa17900b5bbe98daf41d90f34ee218119a0324928f4c48e56d55233fd50d57e996c03e4c94cfccb6cab66b34a218ce5b50c323e10b2cc6ca1dc9a984c025bf3ceb99ea5720e4ab73f3ce61668f8beed744cbc5bd5621f43dd	Update.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 190000000100000010000000fd960962ac6938e0d4b0769aa1a64e260f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e6500b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f007200690074007900000053000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c009000000010000002a000000302806082b0601050507030106082b0601050507030206082b0601050507030406082b06010505070303140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e71d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a040000000100000010000000324a4bbbc863699bbe749ac6dd1d46242000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794	SourceTree.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43	SourceTree.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 040000000100000010000000324a4bbbc863699bbe749ac6dd1d4624030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a1d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e709000000010000002a000000302806082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030353000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f00720069007400790000000f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e6502000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794	SourceTree.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6	Update.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 0f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e6500b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f007200690074007900000053000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c009000000010000002a000000302806082b0601050507030106082b0601050507030206082b0601050507030406082b06010505070303140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e71d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a2000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794	SourceTree.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2856	Update.exe
2856	Update.exe

Suspicious use of AdjustPrivilegeToken 7 IoCs

description	pid	Process
Token: SeDebugPrivilege	2012	SourceTree.exe
Token: SeDebugPrivilege	2856	Update.exe
Token: SeDebugPrivilege	2428	SourceTree.exe
Token: SeRestorePrivilege	2476	7z.exe
Token: 35	2476	7z.exe
Token: SeSecurityPrivilege	2476	7z.exe
Token: SeSecurityPrivilege	2476	7z.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2856	Update.exe

Suspicious use of WriteProcessMemory 19 IoCs

description	pid	Process	procid_target
PID 2224 wrote to memory of 2856	2224	SourceTreeSetup-3.4.2.exe	28
PID 2224 wrote to memory of 2856	2224	SourceTreeSetup-3.4.2.exe	28
PID 2224 wrote to memory of 2856	2224	SourceTreeSetup-3.4.2.exe	28
PID 2224 wrote to memory of 2856	2224	SourceTreeSetup-3.4.2.exe	28
PID 2224 wrote to memory of 2856	2224	SourceTreeSetup-3.4.2.exe	28
PID 2224 wrote to memory of 2856	2224	SourceTreeSetup-3.4.2.exe	28
PID 2224 wrote to memory of 2856	2224	SourceTreeSetup-3.4.2.exe	28
PID 2856 wrote to memory of 2012	2856	Update.exe	29
PID 2856 wrote to memory of 2012	2856	Update.exe	29
PID 2856 wrote to memory of 2012	2856	Update.exe	29
PID 2856 wrote to memory of 2012	2856	Update.exe	29
PID 2856 wrote to memory of 2428	2856	Update.exe	33
PID 2856 wrote to memory of 2428	2856	Update.exe	33
PID 2856 wrote to memory of 2428	2856	Update.exe	33
PID 2856 wrote to memory of 2428	2856	Update.exe	33
PID 2428 wrote to memory of 2476	2428	SourceTree.exe	34
PID 2428 wrote to memory of 2476	2428	SourceTree.exe	34
PID 2428 wrote to memory of 2476	2428	SourceTree.exe	34
PID 2428 wrote to memory of 2476	2428	SourceTree.exe	34

C:\Users\Admin\AppData\Local\Temp\SourceTreeSetup-3.4.2.exe
"C:\Users\Admin\AppData\Local\Temp\SourceTreeSetup-3.4.2.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:2224
- C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
  "C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe" --install .
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Modifies system certificate store
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:2856
- - C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.exe
    "C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.exe" --squirrel-install 3.4.2
    3⤵
    - Executes dropped EXE
    - Modifies system certificate store
    - Suspicious use of AdjustPrivilegeToken
    PID:2012
- - C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.exe
    "C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.exe" --squirrel-firstrun
    3⤵
    - Executes dropped EXE
    - Modifies Internet Explorer settings
    - Modifies system certificate store
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of WriteProcessMemory
    PID:2428
  - - C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\tools\7z.exe
      "C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\tools\7z.exe" x -oC:\Users\Admin\AppData\Local\Atlassian\SourceTree\hg_extras -y C:\Users\Admin\AppData\Local\Atlassian\SourceTree\mcmw.zip
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Suspicious use of AdjustPrivilegeToken
      PID:2476

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
304B

MD5
16022715b167a67ec884a377be63929f

SHA1
67d42d576fc50e0f727f6014e2b321491ba5565e

SHA256
2503b891554f8bc19eb2286b61194f80bfdc9b260e366f669c9b37597303ed1d

SHA512
0a6e04facbc22eae4956a2dc70296f6216895f15967837b651b972b784fa84980036f35a69ea2e99e107453803e06bb73617ebbcb7f6a6fa84f308944bfc610f

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\Atlassian.FastTree.dll

Filesize
38KB

MD5
f16f845f8830dc35a9d2147346118829

SHA1
c1cb2e6edb6de82ff462cd9f11de1205c2f5078a

SHA256
1f1e0dc59e88aa4c25741bc08156fcad09d5dfe11aa647cab3a68fce165bdfdf

SHA512
153dfa8cb880d693bcf95b26f6e4d4eaa080537f457832dac4a0f639ea8eb018b6857b0c21cc226c53024ef7087f3e3d17f53468afa1022a19d41963c40480ad

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\Atlassian.GutenbergTextView.dll

Filesize
45KB

MD5
60227ff80ddaa9f88790139df1bdcae6

SHA1
a9399a7717907d872805944a7d1928d910a1bc57

SHA256
9da50704a2588641b2788b1102524d7a134bcc3a5eec81482953bddaa67764d4

SHA512
4ffcf19a67900c715bb2d4b29afbbb81c48432c0671f21e46701bc9a0fc9de21e369bc933fde1ec2d47bae5cb9d1c9b42b0521e3c504d3d216d8469cd36f38d4

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\Atlassian.PathTrimmingTextBlock.dll

Filesize
11KB

MD5
a1dca53e00c63d0671dfd52b09f2fd78

SHA1
5c2d31dc6924a433f630bc2b4e9986d5899c8f35

SHA256
0b1ce45c22341eeb17100ab5ad01d5ddbd6bf084c9f849768ab258b33c1bd80f

SHA512
65f5629395c7ac1b8be185f39d05eb95f54fe2b9de30fea8db5e6643ca9597bf7a666ba6538311c3f3340ce12cf3db455cdeebad92d36193eca9d1f210668526

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\Atlassian.Utilities.dll

Filesize
8KB

MD5
b51397d7edad13d5711572f51dc1eea7

SHA1
d191d4a067dc4647a099596f05f27406f543cae9

SHA256
476f8fc0293dd72b150db36e0d3afa6df2248dd6cbb193679070037474cb802b

SHA512
320d9d0154578662dfcfc4eafbfbe872d6bd11aa9bdaf9b5ab9a322eaeb9164cca6b622455a134de02e557fcbcdb68a10ab5e28d8766b13cf5e64dd96c45cedd

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\DesktopBridge.Helpers.dll

Filesize
7KB

MD5
3a8e88c42e900c57fd82fac2304aacb6

SHA1
a0c6dbd0763d9ecfb1239ead713686b6013a5c92

SHA256
05b28069e8108b58f6952f01b7c042871995d020410dc03f4d679f8ea943f791

SHA512
247c19854eb75f92116e3758e83894e0d4cc29add258882c1eaf36ac77e17b8d92465916b4e64c92031f28257c0a5ff084374c9efa875575b04b4932894e7733

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\Dragablz.dll

Filesize
224KB

MD5
f86493171227c86e011ee2529b75c355

SHA1
ea7b4b360bdfa31de3fdf1da97a5cbb19fad9915

SHA256
3b32a885cc69e7868bdf32675a8bab6df48be406d0b911dfbd12dfc424708b88

SHA512
88a3617780a0c42df96ba604796216d2062f11d4266f72ecbe31cd500b949b8cfd08796421e8cce8b70c8d8552da7c62e440b87a4a11f9c032ec440780abb97e

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\Microsoft.Extensions.Configuration.Abstractions.dll

Filesize
20KB

MD5
d8e064ad8f2419f204723cf7caa7ab0b

SHA1
f19f20d758dae8563fc4914c737e06f1292f58e2

SHA256
32ccdb2ab4348f195d247f920d1432c0cbb1cc5fd548fec8ee562c438aa48849

SHA512
b2ed620bc914433435e655f7a1c956735f959c3e8c60a182d96ab0a59a54c81ffa0c52214d88c6e48ca82e198ad7e9fcb603d6dc017ec64399fcf40d3178c341

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\Microsoft.Extensions.Configuration.dll

Filesize
25KB

MD5
ba5145200fcea6b50a2223f98b468bd3

SHA1
7af4f0b8a4a7b75763bbc72c5c3edf3d85fd8a50

SHA256
5971ca80cf7ec34845334c9734542cd4de2548fb15192a19e6df3272019e6317

SHA512
3e442028cb9208b1925d53bc3f0146fa832e1a912b8c09dacc6b5ee419c78931e4b5e256d58299a3adb9f54b2a66f24e454be74017fd0f0e2fbe5b7e98ada464

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\Microsoft.Extensions.Logging.Abstractions.dll

Filesize
47KB

MD5
fa43b31fac519d4537325b2d77595c3f

SHA1
dc3c0912d2275684a95816401f63e155fe2b5ed1

SHA256
ce4721eb7591c77ec23650c079c25730bc9e4f2af440ed0ce913258151434cda

SHA512
e9e050ec7bd310ce3c5c13ac7f3849dd96ee34ca68a91956b956eef6c228a23d790736d05f07562b039a888471f823107d11384e72e172f505192964680335f4

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\Microsoft.Extensions.Logging.Console.dll

Filesize
33KB

MD5
2bc8c0b10b63b68395a98e82a171e442

SHA1
8b5123b0be66be6daab4eab65a46e43c89c5f590

SHA256
c10ec1d9fdbd7f1e9134cbd401954ce7b0b32e2407c0f99da6aa9620716b6165

SHA512
059ac62a273c969040271b3f44c358e68d2adbbacdd23e70dfe5df809a314c1bbc4a880ed84507a07d2fa87e6a0596b59ce215a9ec3d95d5c4b90e83ee7ed050

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\Microsoft.Extensions.Logging.dll

Filesize
31KB

MD5
b7f13cb30356dbe3e3bf7c01e2d8c7b1

SHA1
712900d638167a85017ab7f99119964d84e0a39f

SHA256
9cb78661a77fbbae56de368f018ac9b06e6a171dab37e49091ac4abc4a3d1126

SHA512
6df9337d590adb72df002cd64005a59f60ba064b2ae2d207559f0b43c9c8978ae75b22115556f0f4e7567b7b7862b99fe069ec92b3c98752623636bea92d1bb5

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\Microsoft.Extensions.Options.dll

Filesize
42KB

MD5
d195309528f364dfacd3bae393ea08b8

SHA1
763721aa95eb354fe7cb88ac5eadbf6d854bc5cb

SHA256
123766d210b9793ce76c2779fa87b3c8fe122a526faa6d46841cf7cf6e5495ff

SHA512
332578fc59e8c518a0e45957d20a9a491b7d6d7567c1655c2f2fa5535450d2d9238b7937ba26b1eb271335e0dd605cb64768ac875eb0901692d021acb1e344d1

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\Microsoft.Extensions.Primitives.dll

Filesize
35KB

MD5
30f911d2ff61105f7b5680006a9e4def

SHA1
12285ffda48a642f3b06b06ce73f79341475c006

SHA256
42bbc209a1a39f3bab6652478de1bc7dd240146e3b668d34253425eb663bcc4f

SHA512
bcc6e1b979a370d1e11083327776364620e7055cf21d05f56f5867839de77c5c3823bd1adf123865533263fe7766a6fde6e66a55535c705a9097662e1181d463

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\Microsoft.VisualStudio.Composition.dll

Filesize
346KB

MD5
46739f1c6ea2b024884e13009abfb971

SHA1
513f8bcb441afd463e8e8f77959996becbefd719

SHA256
48d39ef323195d962dfe5101e23e803365d993ea6874895dc60d78fc03acdea4

SHA512
066941d654b0f957866ab1dc1775597dec7b5e10f643acd2e8e0a1a55154217d8036b3890331bfcae18188bedc9c79fa340f32fe147ce7257a206b6511bb868c

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\Microsoft.VisualStudio.Validation.dll

Filesize
29KB

MD5
2049efd8771fa543823d4692ad45b462

SHA1
2608cb8db9ba91f169d0106c844ff51ce38cee60

SHA256
4670907e3e5fdca3cab8bbc4f825582e391a7d6ca33b920f65fc6e06fbb42270

SHA512
7302730f15ab6ac8ed09d817acc8d8173e369db2665739c8ef1e7bd119bd7d9495de0821aa336c0a03516983dd00b4061e1583d043f8bc0020915d1f5652cd1e

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Accounts.Windows.dll

Filesize
15KB

MD5
9614070d85d853b7e0ef2b0165ddf053

SHA1
463c5c5e6c04a93fffbb4bff2b44141529c90ba2

SHA256
1d05daed92ce72bb913803cac512723753e77780e44ee923ecd5cced87901a95

SHA512
b3d79e45eec901826c3f29b26f6e2d2929ad6d314d8daca0a8d729ed894c322125df0993098c7784c950fce9ba7e2bbacad01af07a5e2d85388136cd8db4e949

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Api.Account.Basic.dll

Filesize
17KB

MD5
321c246f7c6676c393db9c8dc10b07c6

SHA1
38daedd6eab0ac3e4bedade47343ae69a6ec720f

SHA256
bf24ed455cab5177040a558b33ab662442f551a069c38617a0856b80ba64e191

SHA512
52b053f885ab00a105596ccdbfadbf2e02597525a1c74d16b16cf9c6c4c664fa20bafbc5e300d361425b41e21d3c6b043dec8eef766130f10fa7041f2c477df5

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Api.Account.OAuth.TwoZero.dll

Filesize
33KB

MD5
348f22a1a8d36dff6c8fdeaeb2df586c

SHA1
895883a0565181cce39101c3d971f4cf0b8e20f0

SHA256
4fdb5e7292c279d9900a2ff1c3bab02f057c5fa96d47d26982a4a9ea334e1108

SHA512
835c8222f466ca8a8c15ff8df19c0de659e2ebdacce9f941cd5b0e658266a07115b66292f88c712e647de189fe533fdd46f8e68fe775d4c7dbf92cfa26558c6d

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Api.Account.dll

Filesize
21KB

MD5
9495bf869f4f4d0f65046a53d9dbbc65

SHA1
114ceb05aaa7bcbf4330c0b8558ee05a0046aab5

SHA256
a7d7f676f64f752b44fc38564831c932cd2e4b60376e1c1562dc5f8ce2053ded

SHA512
ef7e8d2a3dc00b57d08c7b41fbceb160f45c1334e12f82a0a1c967ccadb6dd2f6f80a6bf34add4ce164d4bc75d46ddde5a56b1239fde04094d43e0df8324eef7

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Api.Benchmark.dll

Filesize
23KB

MD5
20c5f5ea52e383ab21af1cd0de67ffab

SHA1
b44eec1be75e4a68bb5486ac42dc8cd57a2711ae

SHA256
996048f932cf70ab379aa08fe9477047b7907a0075d7aed955a99786b3d36292

SHA512
71301ce4c5e30a9e194f17d0974ed10d4b1251a636daddc17de749e58ff2bf9a487317d02b61fceb192c4afae7eeb8a7b63b14d5f51611697eb5794bac60dc89

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Api.CustomActions.dll

Filesize
9KB

MD5
1755262b5189a95de49ce041a53026b7

SHA1
f16e80c6edf6a213b91b5fb0387f11952f7733cc

SHA256
eef4162105d5293516e468d9dde9d905100b602d13c7fd48cccb11f2e1362bc0

SHA512
b7a60fd7cc8bbc0d56d7e2a748468ab4e9ddf957b3050d6e94a75c2258ba09c3f36b9eac97fdd66e8af0e2c9d9bfd2fda95707b5b427e51f0690751fa3a3afdb

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Api.Dvcs.dll

Filesize
112KB

MD5
5479fe78c668307759490531b350682e

SHA1
0b3607c0893e5b2b94a03467d25939941303b0ea

SHA256
43dcaa26688e80b2f5533c73952c1d884499ffb8c7c09c373e8669d4d9aaa2ea

SHA512
6134d135642d2e7336fc1675f69ed9ce5194ba4f474395853159cae96b04aecdeed7a651cac2c5e04f7ae60f92b68de4b5c7bbef479fcee493cf801175590490

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Api.Framework.dll

Filesize
25KB

MD5
b04a8b912d46a0e1e8cf89badf473cb4

SHA1
f01547d8d22708fec7ea70fa77413758b6aa3dac

SHA256
0b904a87ddfe00771a3c4bb189612e2a0071d4feb854b63a9247a398087cda39

SHA512
009421c1886be6c67d94ee1c08e857a63185f95aecef8a9989197d855be0c9278f84d2bb4d2fbbd31f78224eab3f861a641cf98945512323b39093139bcec3e0

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Api.Host.Identity.dll

Filesize
11KB

MD5
d33edd5bdd53ea4a3afa6f4d76ad24f0

SHA1
e9b6fe991e1e9b1354d488cc217ef523cb830e89

SHA256
8fa57bb328dd5f9d68a12f0a30b599779e76fea23b48ee73451dbc7b62b2d541

SHA512
044a13fc73c5fc6831981173a9819e6bb74938890156758651bfc1c715755fc597ab84e075f615cdc613fbbb51553ea70e2d070a16a812298333961fd4180dd0

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Api.Host.Scm.dll

Filesize
29KB

MD5
2e8483dc06d12b52eb64ea37b110dd86

SHA1
5d9a874e4316128c1e62cb0f59fcbe954a9b224e

SHA256
de4b20e50ecf586b2c1ac8ddde7dcf15b71554564d01f40aa6656b28b2615019

SHA512
d09888df97c848fe85f637c8ef5c92d4a956b3a3a3f6e60b1e3155b5da0fead46cdb0737881862264d943294ee20d0a50497de9cf9a43e69eb2c9ddf585cab1a

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Api.Host.dll

Filesize
16KB

MD5
a5f6e2891971423cc74271666fc35360

SHA1
4bfe424fc23dc204a0cd901c2158b921c07a4b79

SHA256
593a5708f9a887b21c7eb4342d34a65b917a7ff0e2eb70b165376a8ff161416a

SHA512
e70c1260fd13938e2259cfad490bcdda62a02157e7f22f79ce14c20384bf519b25233dc00e1eeaaec02ea0ed83e8c0960d7b9143603c4da0990af139aac1694a

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Api.UI.Wpf.dll

Filesize
2.0MB

MD5
eafed536eda3951e6d87b0ece470216b

SHA1
8b67a49a59b8ac26b2cbeea75092b5eaf4f114d2

SHA256
2ba9607127db8ef119866e13b5fb2cec899865951ec7f9c7a400fa1cdb9ef063

SHA512
cbcf762572c8020aa24023b9ff45aae7c9afdd3941b9953df3e85c4f5505f870dbe1ac6a38ff6af4e3fd94c0f83fb2ffb1ef03aaf8ec637fc4beacd5dc829523

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Api.dll

Filesize
129KB

MD5
dc37190f4ba32ecbdf3a0af84c9c677f

SHA1
f0bd6b27ff3d0f0d8c6b9f2e7e44bc5e9837f552

SHA256
e4a96d73d187b51a209e0c52689a03a6d9be26af0f832abca257e5f1b66b5887

SHA512
7dd512bdc214c65a82b53cc197295a834c264fbe7fa99f231d3f2f0c3a21d0eb254cadc9cfc0339c00f5bc74e37b2d248ce7c8936db9b64cef00bdf752b4af34

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Dvcs.Git.UI.Wpf.dll

Filesize
19KB

MD5
21b42bc36d6b097c5300ccf491c1e34f

SHA1
a4c16b9abd6f6e32e40a8e0ac084976fb09ecc30

SHA256
494c5ea1087351ccb3156e601f47a31d6323ab90faca73cbecb86d0f1ef6d3e1

SHA512
9321fcd64f41cfd910883db74853812238658e942d4f565c45877cdfcc374e4e1cac9a12eb81c9057c6dda1cd56ea8b52aaa0963b899e311c790e145bb19e3ac

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Dvcs.Git.dll

Filesize
186KB

MD5
2d73899043faa17ce5a6272306497b3e

SHA1
4a1e4be7dd3c7556ef310f911cfb3bdfa20b0511

SHA256
9648fcfe82913314386086d3dbec19b474bebd15a7c5c4658ab4a3b0df470789

SHA512
a5ef7bf19de292631a0ba4ae78a48a3c850414610897b583cc4e58213d5a7d773c8d56aea1a5a3cd09f63e96b7a2e879fd0cd57d77c2f91f85d551a95d69c831

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Dvcs.Hg.Ui.Wpf.dll

Filesize
19KB

MD5
79dc7a19b734af8d4c047c0ad145cd54

SHA1
6d014a5533b62f3df5dcc33b5bc374d8c24be3ed

SHA256
0903a6fa02e075b63a82d4025f2f9f3bcfc07f173f8fab030114fb5d2e508532

SHA512
59c579b8abdef47ef313f7b29a9a294fed5b6082bc0f8c16de78238f768faec67c8f89449d7844d59871f0600e7d767bc666294c3e15cf6a122f5af98f9f15d6

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Dvcs.Hg.dll

Filesize
130KB

MD5
7841fd693fab058333b4875d3d0848f1

SHA1
f1597918f719aa247192ac9d97857f3aa8e68bd2

SHA256
8b9180ad13f9a3b0ccef91875c117dc6891989dd90ea1f758b0ae2087cee3628

SHA512
ef29af96e29af5b3c1ad83e97a466828631af50f73cbe4b6f42da777112c8b2db0a6ab64420c8123fbc2f7dc375e8494af68129458ca2dec51e06ba3b1d878b6

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Dvcs.None.dll

Filesize
38KB

MD5
03cd8cac25eaa97d14fe4198f8aeac5c

SHA1
9e229743d37d01056984ce0b1f6dad594b5eb1c0

SHA256
e713afec4adfa25c088f36ce2a56b088672afb5e984aa5cb43ed1f295a68342c

SHA512
4754d3f255a8967ec6a861946e840ffa9a92c27c0642a5f3482d5a00f961365f18e6e450d24299e9b3111a72ffc38b0a75ac360146d6018890af951f5461c0cf

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Host.AtlassianAccount.dll

Filesize
15KB

MD5
b564dffe672e1d6d9ee2d2ed07600490

SHA1
ae9aa27e4eae8a1576e774abdcb22f4d8eaa48d8

SHA256
df983221ea76b412e3b9dce5c92bc8d652844be6729e9052581b5fb03542bff1

SHA512
bc62c0c661ed73809a5e7cc121b2d32ecd39e973460438c6f980f9f4779d056d4fc509dc73fa91fb111b3fe4b8617a27263a3ab029a83564c66c28d586767dab

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Host.Bitbucket.Server.dll

Filesize
48KB

MD5
996e2389834a8ce99dabbeafafcac0f6

SHA1
951981a11eb9606576f03ae6411874dff7c46662

SHA256
c0452fabe52ee5c4eff00c8ae35a3fc3c4ef05558c61559a7078daaeeeb2c690

SHA512
e0c1384beb0c45de8421afb93539ea4f312465f17086e6a93b27d2e0e6488ed65591ab1dfbae28e0364d3998ed94f4f291f72fe14fec804cf59b2197cdbf89e3

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Host.Bitbucket.dll

Filesize
61KB

MD5
71475392fc1ea732dc9e11a5283efd26

SHA1
606960a856845d670053674a44850398bf02d6c0

SHA256
8659b82f4ceba0ef1922c7ae9b0837f01835da0d4ea5797b8cdc701aed709bbe

SHA512
63132302f957d51b47c703614d81dbf4ef05d34c86c91e130576542696b6e2bb448dcbfc1ad754b7066793f7f43dcd90cdf843bcac170030929ee7908c6f0eda

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Host.GitHub.dll

Filesize
52KB

MD5
d27e6042af2312cdabfdafa2533ecbce

SHA1
b5598af2ff02a8a75aee21d0b423949bed3eb1d1

SHA256
726e28033df8d75b052967780182e5b717f9cf8b9ffe470228fafafaf33b39eb

SHA512
854397e27abf3a085333f6d9e3092b7a54b223d17a682001c399a0fa9e0375727e1892cd523981725ed51e5f83b3d70c5671c1a2017ebc92a24f262267660e2b

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Localisation.dll

Filesize
360KB

MD5
632064206ac28caf973e09e2c4db9cd6

SHA1
9060f384f79b0b426e9ccd182a249dff690b6671

SHA256
3c019a57cbc9dbc5e5b303444e053395a3ccf1f1798c56a79270191b723ac4c0

SHA512
089fa79ebc7c0daa44137cfe1d2c6a6f363ca5111f7f4b8fd1db5a907ed4ce344d488fc4c9a27a79542beb1b360685fee87b2605cbdabfe18048ae076de6faec

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.UI.CommitContainer.Wpf.dll

Filesize
19KB

MD5
3597e238c50cd0756a0fb4c047b704a4

SHA1
8f52ed6a74a589496a3efabbc7e7602afe4c47f0

SHA256
dc4a3d74cba2093b1eda727422f2732074d8c59c8683b6869e084501a62b27d8

SHA512
62d51acbd5ed32d67d3f6e4781fd9830d4da22d183fe4680867c347b65fdf27971759f04c139f7deb5907edd69c945bbb10575180bcf2c7654edb7e2b5e0d5f2

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.UI.Diff.dll

Filesize
60KB

MD5
3814b81b1c2f44c2f543b20b30ce025c

SHA1
cb67d8d3d437d599aaaa440fd56d9ba29df24837

SHA256
ab8352938ba09838d7d5324f7ad8250753ad613afa16b06a39761002df3fa97c

SHA512
9ffa7cf53e33b4a1b1f62adc3dcfe4cd2ea6acce0cc5efcd95c2f8a62f614ede491ee39eca8c8efe46a9531cac3ea1e4d991375b41ac7495f95dbf2cb8188ab8

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.UI.Theme.Wpf.dll

Filesize
4.1MB

MD5
747f1c1f49b13b2f877467da9eda9c20

SHA1
f002715bc64b397d8a208cc86523931f19b608a6

SHA256
c3648a71f324812601a22218f1102334937c1b2a91795acd148fa26327bc5a82

SHA512
0d99129f20aa4215e0513e0b01fa0c915b5ce2fbcb85f20f28d1fc964b93bcfb4d7e374a7ba2d6538271368698d5e368f0be583bd3478c584a075ac07eae5145

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.UI.Window.Welcome.Wpf.dll

Filesize
103KB

MD5
a2e7d0e4b420cabc34c307c6ec89a092

SHA1
7312971fa70e42741df903311aa5704fbf9a254b

SHA256
0c6eb82cfebfead0b59062135f3dddcc676daadf44aa17e8dee95e9d18bd52ae

SHA512
eb806d06858ba0771ee1f0403f65a07dc2e3a7c206adf170a10bb9677338c855b76e854ef1eeb9c5e9e81d7feb30a9fc49648d331c3a9279612b6e7a4c658bc3

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.Ui.FileList.MultiColumn.Wpf.dll

Filesize
25KB

MD5
7b275851ba4ef2b2a9fadb821a1595fe

SHA1
abafa17e57278fbf77f24954c280c5044323fd34

SHA256
87e908a2b655ecc43b940dc6d9cf77209a756f8130293245a48aaee961d7711b

SHA512
68732c203548f04cad2f4e4ff196964e7c5dd8bb276b14868c7b4e7759e86153682b40bec51446c4467fd9811bd34b687bbc9cc5f486f7a79576c944cf926883

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.exe

Filesize
842KB

MD5
37a095ceae44f5d0c89f02a2b0e86776

SHA1
f51c415083fc3d99c51832a8b84df910a9932a27

SHA256
50bf9fa19a48e05660b4316c04d3d5fe437599a7dfad6f30560577b677f1eac7

SHA512
19f95ad9b031e7dc73c2c63fb7e28a7899ab8dbf37a07cc585c277067b59c0459883254f97bc231e5eb4262b48bab903f23a975b0ffd81f088816c585083174f

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.exe

Filesize
842KB

MD5
37a095ceae44f5d0c89f02a2b0e86776

SHA1
f51c415083fc3d99c51832a8b84df910a9932a27

SHA256
50bf9fa19a48e05660b4316c04d3d5fe437599a7dfad6f30560577b677f1eac7

SHA512
19f95ad9b031e7dc73c2c63fb7e28a7899ab8dbf37a07cc585c277067b59c0459883254f97bc231e5eb4262b48bab903f23a975b0ffd81f088816c585083174f

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.exe.config

Filesize
26KB

MD5
93215df764b213763d22a08689328cb8

SHA1
e03ac2a41d27fd69c9ce7cbc43032aa703fcc315

SHA256
aad290cb4523e21254b62d72447243aa8416afc49b08eba000cb54dba50849b2

SHA512
f047c280ad5817b551f4aedee2e0dbd5f046256e0a89fad17c47caa2faa7230f13fd06d2594ba529121f1b787b2d1d6a27fa582f1723faec2cc4aced9f04b771

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\Sourcetree.Api.Account.Pat.dll

Filesize
16KB

MD5
defbdf3f27a1fa83de9e84d67c41ff69

SHA1
bb56baac368c7c7f263c04d6b8d73466a21e7839

SHA256
1776b139b762287b45586fb4afadddaf5552f51d6489850537ea08adbbdac20b

SHA512
ef58d2c7333c839ad54302ecf6212ec21a9f4d42ed798bea0be19945bfcb1abbd6b8cd0c408d47d0e8585720b5cc09581f80eeeb8a2a3eb02be4840d5678687b

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\Sourcetree.Composition.VSMef.Net471.dll

Filesize
19KB

MD5
dc40b2919f3a5d51085dfa148a678837

SHA1
0870b20494a1618f939211fe2ac77a01419c0ebb

SHA256
8556b7df76d674236f0ef0d7809b58d08a558282b26f8b10a34dc3d742229807

SHA512
97854c4ae239dcfcd64a1bbd4df19588bcd913dcf603435f765e8a0556dbe7ec8d0653031b9b42aea83a3a9568a55eea8f3b98b7b3fa62bd8a0321b82e42669d

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\Sourcetree.Host.GitLab.dll

Filesize
44KB

MD5
2dc47b233ac894e96062817e4ce833f8

SHA1
b47b3a7aec257f4829bd686e1a13fb95766e3614

SHA256
e5b99757ae680d851d8f94dc8a3f71654857018b77059edba160c8262a989120

SHA512
09f9a7047f353b40df019b5b87552dc5df5318ba2e08d80d10926b6fbda44383dd03c0d0f165f753b181ed0a0436ce7de62b0eca71501d98800d71f4a1a82b3a

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\Sourcetree.Host.Msft.TeamServices.dll

Filesize
36KB

MD5
ba9ae75372876e25a6105b563fed4fdf

SHA1
53f3c2db764cd3e15f91708793fa765f2f4c9d8e

SHA256
9f15d0a0021f40b8331101393b848760f8b5fa80b6af5095f7faf7cd32af6957

SHA512
01ec996b0d67d83de9eebbef78c8199c955c61d43f6783569f77c4502c79c8b4b1871304f69a3ed20dcc961b4a5db4bffd1cdaacb9de9c870bce133c0ad94adb

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\Sourcetree.Installer.Squirrel.UI.dll

Filesize
36KB

MD5
b272690bdde042ffddd2d73a46925080

SHA1
543ff82b8023890f369aebd6cb430e2dcc3ff424

SHA256
a462e49b708444820d75b8640bd410ad7b4c194b3c5e1e61550c8a058ede1097

SHA512
a5e6bc146eaf48d0481bebe35a9e6f905be7766529978bcae4267bb31cfa585da8716faf188fd404f4e4c298839dd0d0da8e9e3af52ef01f9d833d82293152a2

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\Sourcetree.Installer.Squirrel.dll

Filesize
31KB

MD5
2b0788871c3b5cacee5f4f94f5288892

SHA1
2761fa6e15cfdcebdea97b84473ab39ebcc2dd82

SHA256
54aae4ecee803ba23f60bd898f1791a2984171d3a41f036e1dcc19a1a45253be

SHA512
e6f099fb4d4f58516ec3184836d520269c766a7bc4adb8ff1d257ff2b14f0e7da3addf6d1809f707ead6e5b4aa25992e99efe5849cfab3c7097f2d344b6ac3d3

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\System.Reactive.dll

Filesize
1.2MB

MD5
b5cc6edd50b049af8e26a02ae99a4760

SHA1
6cb154afd2cde5e269e5d88bf28655da61dbfe16

SHA256
791694d3e460ede3576d152df278274f55d146b11baeac69e8f3a7274d761380

SHA512
816f31d5a730c60abbe815608e3fc3a17846ab0b5b6e250325e713fbe11918c4f4c575ffbd40dc547d34ce77c809f42db1d44172e65bdd7f379c01ac220dd862

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\TaskDialog.dll

Filesize
92KB

MD5
49d873c2be7a455c9031af36c2b68c01

SHA1
e510e3e38bb5069d0b54c6195e76da58884408c3

SHA256
ee75cc6ac7f95db31785063e19dddbce5be4357b49f240bc9ed93711eb588628

SHA512
b30c8259b78aec216d0ef887ec6092826c4f2413f25386381f3c7361b7767708e2bac2e11790c2de89408b0e3a10901f4ded09d0c62ad2f7cbaa25cae9130626

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\chimera.extensions.logging.log4net.dll

Filesize
13KB

MD5
8c6e85d95403c4025764647bcdb220e6

SHA1
c5d9b2c0aa23613c03b3689df4dc05264360b168

SHA256
256c77c7af734bffc5161085be35ef2491d1751a72ffdcdd59bdcf3833a0f8a0

SHA512
7e9a4cf6a59a60820d844e701a442db5bbcf6264f1914d6d977db58a9f0681e0fba754b0954955d2a6b18a3b3efba6ddac7a40c9ca37574889d54e391192eecf

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\log4net.dll

Filesize
273KB

MD5
ea089d404028c2b64e47e74b3b9a0939

SHA1
8e89e93f4a20b6932f51a544fc319e5d0174d246

SHA256
1c8cb063b2c2663eadd7e7b8d5751cc9391f104e1651e8efca7b472044ba1a04

SHA512
9daab5934bc602067150918fbf9de7785b8cf84852d3df34a63025a50eb89baae6ae2f14b879ba268f74b427890835047159a93c4982841593e1165f42039c68

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\app-3.4.2\slf4net.dll

Filesize
20KB

MD5
dc89c3c0449626588b50ef0bc7a95485

SHA1
19f87b45e04beb918a5053d3acdd17a43dcd6158

SHA256
fbd89e0eef8b1b3e50475f692208b8d0b82dce9e131c54bc0938ff48663309a8

SHA512
1433ca2fad0f9385176bb7638e1ee6241dfcece88818e23c9c34fa94e03133606d7b2329f6d4861ce28356d119edec9beffc9f04524a05ced7fa6a4de3900ce7

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\packages\RELEASES

Filesize
80B

MD5
fa5e8a6735f0184a791d2f6b9096d360

SHA1
b57105c95da6655a13b06fd81e4875a59f774b23

SHA256
276cf4a0ef32dd13e9679f7f8b8ad6b199ea23386ca3c4ce047c846562967ae8

SHA512
3155f85a80d91c69b3d2e366e5179a3b048f86caa82a0c0ab36d7bf54bfceba17d8aebd4074a6be6f0e42433d405a1f1bcdb6f785480e2cee54faf0662615813

Download Submit
C:\Users\Admin\AppData\Local\SourceTree\packages\SourceTree-3.4.2-full.nupkg

Filesize
23.5MB

MD5
e46dc3a117218676afc11bda2a053ed8

SHA1
c9689ba08aa872661f1756b4d25233228b7fa071

SHA256
f0ee2d9c2c6af661f661a50cac4ab4e9662faff6c21b31b4a0ec258cd7de7169

SHA512
ae6ca2e8a50e448cd5b4c9a3ad1a8d77d29cab63de911383a9da761e4518e72ae621c7a9fcd4f26e500fba6f151d0648157c269d4e1c90720a861bd321733eb9

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\RELEASES

Filesize
80B

MD5
fa5e8a6735f0184a791d2f6b9096d360

SHA1
b57105c95da6655a13b06fd81e4875a59f774b23

SHA256
276cf4a0ef32dd13e9679f7f8b8ad6b199ea23386ca3c4ce047c846562967ae8

SHA512
3155f85a80d91c69b3d2e366e5179a3b048f86caa82a0c0ab36d7bf54bfceba17d8aebd4074a6be6f0e42433d405a1f1bcdb6f785480e2cee54faf0662615813

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\SourceTree-3.4.2-full.nupkg

Filesize
23.5MB

MD5
e46dc3a117218676afc11bda2a053ed8

SHA1
c9689ba08aa872661f1756b4d25233228b7fa071

SHA256
f0ee2d9c2c6af661f661a50cac4ab4e9662faff6c21b31b4a0ec258cd7de7169

SHA512
ae6ca2e8a50e448cd5b4c9a3ad1a8d77d29cab63de911383a9da761e4518e72ae621c7a9fcd4f26e500fba6f151d0648157c269d4e1c90720a861bd321733eb9

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe

Filesize
1.7MB

MD5
514ed6a45f057266abd4da60073713ca

SHA1
deae415b17e19c305647000d5ab058cb804aa680

SHA256
64767fa1dcdf20b2516bf669287e336a52cb8d784876b363ff01e56a88e831b2

SHA512
45079efa6d120f07c6bd36d8f13422ea797d15548b8569771545e43759b5c1536bbd94e6447ef23904567b4072834c3c149938a40516bd0a11577d68673ae9e6

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe

Filesize
1.7MB

MD5
514ed6a45f057266abd4da60073713ca

SHA1
deae415b17e19c305647000d5ab058cb804aa680

SHA256
64767fa1dcdf20b2516bf669287e336a52cb8d784876b363ff01e56a88e831b2

SHA512
45079efa6d120f07c6bd36d8f13422ea797d15548b8569771545e43759b5c1536bbd94e6447ef23904567b4072834c3c149938a40516bd0a11577d68673ae9e6

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\background.gif

Filesize
4KB

MD5
0dfd25b120d2617e38b96f501bcdb7e9

SHA1
62a620cd5c4bf23dd2d68b410a7a47557fbbbe35

SHA256
e3dc5a573764c9960fe992286d6628f82ccb7d26dceaa5d2d457a9b3ca18c691

SHA512
06a4a02368c66e9a1d7b1f3d425aaf62eebd71a668b1d1968af078acc67d04de464a6379702581190e4e26c8213c4e3e9cb6f33b70e469e3956154165296824c

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabCD5F.tmp

Filesize
61KB

MD5
f3441b8572aae8801c04f3060b550443

SHA1
4ef0a35436125d6821831ef36c28ffaf196cda15

SHA256
6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

SHA512
5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarCED8.tmp

Filesize
163KB

MD5
9441737383d21192400eca82fda910ec

SHA1
725e0d606a4fc9ba44aa8ffde65bed15e65367e4

SHA256
bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

SHA512
7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

Download Submit
\Users\Admin\AppData\Local\SourceTree\app-3.4.2\SourceTree.exe

Filesize
842KB

MD5
37a095ceae44f5d0c89f02a2b0e86776

SHA1
f51c415083fc3d99c51832a8b84df910a9932a27

SHA256
50bf9fa19a48e05660b4316c04d3d5fe437599a7dfad6f30560577b677f1eac7

SHA512
19f95ad9b031e7dc73c2c63fb7e28a7899ab8dbf37a07cc585c277067b59c0459883254f97bc231e5eb4262b48bab903f23a975b0ffd81f088816c585083174f

Download Submit
\Users\Admin\AppData\Local\SquirrelTemp\Update.exe

Filesize
1.7MB

MD5
514ed6a45f057266abd4da60073713ca

SHA1
deae415b17e19c305647000d5ab058cb804aa680

SHA256
64767fa1dcdf20b2516bf669287e336a52cb8d784876b363ff01e56a88e831b2

SHA512
45079efa6d120f07c6bd36d8f13422ea797d15548b8569771545e43759b5c1536bbd94e6447ef23904567b4072834c3c149938a40516bd0a11577d68673ae9e6

Download Submit
memory/2012-325-0x000000001B710000-0x000000001B790000-memory.dmp

Filesize
512KB

Download
memory/2012-426-0x000000001B6F0000-0x000000001B6FA000-memory.dmp

Filesize
40KB

Download
memory/2012-393-0x000000001AC90000-0x000000001AC9A000-memory.dmp

Filesize
40KB

Download
memory/2012-397-0x000000001BF20000-0x000000001BF6A000-memory.dmp

Filesize
296KB

Download
memory/2012-391-0x000000001AC80000-0x000000001AC88000-memory.dmp

Filesize
32KB

Download
memory/2012-399-0x000000001AFD0000-0x000000001AFD8000-memory.dmp

Filesize
32KB

Download
memory/2012-401-0x000000001AFE0000-0x000000001B002000-memory.dmp

Filesize
136KB

Download
memory/2012-403-0x000000001B220000-0x000000001B22A000-memory.dmp

Filesize
40KB

Download
memory/2012-389-0x000000001AC70000-0x000000001AC7A000-memory.dmp

Filesize
40KB

Download
memory/2012-387-0x00000000022B0000-0x00000000022B8000-memory.dmp

Filesize
32KB

Download
memory/2012-405-0x000000001B230000-0x000000001B23A000-memory.dmp

Filesize
40KB

Download
memory/2012-385-0x000000001B710000-0x000000001B790000-memory.dmp

Filesize
512KB

Download
memory/2012-384-0x000000001AC00000-0x000000001AC60000-memory.dmp

Filesize
384KB

Download
memory/2012-407-0x000000001C300000-0x000000001C35A000-memory.dmp

Filesize
360KB

Download
memory/2012-409-0x000000001B210000-0x000000001B21A000-memory.dmp

Filesize
40KB

Download
memory/2012-382-0x000000001ABE0000-0x000000001ABFC000-memory.dmp

Filesize
112KB

Download
memory/2012-380-0x000000001B710000-0x000000001B790000-memory.dmp

Filesize
512KB

Download
memory/2012-411-0x000000001B240000-0x000000001B248000-memory.dmp

Filesize
32KB

Download
memory/2012-413-0x000000001B630000-0x000000001B640000-memory.dmp

Filesize
64KB

Download
memory/2012-414-0x000000001B630000-0x000000001B640000-memory.dmp

Filesize
64KB

Download
memory/2012-379-0x00000000020F0000-0x00000000020FA000-memory.dmp

Filesize
40KB

Download
memory/2012-377-0x00000000020E0000-0x00000000020F0000-memory.dmp

Filesize
64KB

Download
memory/2012-416-0x000000001B640000-0x000000001B648000-memory.dmp

Filesize
32KB

Download
memory/2012-417-0x000000001B640000-0x000000001B648000-memory.dmp

Filesize
32KB

Download
memory/2012-375-0x0000000002270000-0x00000000022AE000-memory.dmp

Filesize
248KB

Download
memory/2012-419-0x000000001B650000-0x000000001B658000-memory.dmp

Filesize
32KB

Download
memory/2012-420-0x000000001B650000-0x000000001B658000-memory.dmp

Filesize
32KB

Download
memory/2012-422-0x000000001B6E0000-0x000000001B6EA000-memory.dmp

Filesize
40KB

Download
memory/2012-423-0x000000001B6E0000-0x000000001B6EA000-memory.dmp

Filesize
40KB

Download
memory/2012-372-0x0000000002040000-0x0000000002060000-memory.dmp

Filesize
128KB

Download
memory/2012-425-0x000000001B6F0000-0x000000001B6FA000-memory.dmp

Filesize
40KB

Download
memory/2012-395-0x000000001AF40000-0x000000001AF4C000-memory.dmp

Filesize
48KB

Download
memory/2012-431-0x000000001B790000-0x000000001B79A000-memory.dmp

Filesize
40KB

Download
memory/2012-429-0x000000001B700000-0x000000001B70E000-memory.dmp

Filesize
56KB

Download
memory/2012-428-0x000000001B700000-0x000000001B70E000-memory.dmp

Filesize
56KB

Download
memory/2012-369-0x000000001D5C0000-0x000000001D9DA000-memory.dmp

Filesize
4.1MB

Download
memory/2012-432-0x000000001B790000-0x000000001B79A000-memory.dmp

Filesize
40KB

Download
memory/2012-434-0x000000001B7A0000-0x000000001B7AC000-memory.dmp

Filesize
48KB

Download
memory/2012-435-0x000000001B7A0000-0x000000001B7AC000-memory.dmp

Filesize
48KB

Download
memory/2012-307-0x0000000000990000-0x0000000000A68000-memory.dmp

Filesize
864KB

Download
memory/2012-332-0x000007FEF5450000-0x000007FEF5E3C000-memory.dmp

Filesize
9.9MB

Download
memory/2012-437-0x000000001B7B0000-0x000000001B7BC000-memory.dmp

Filesize
48KB

Download
memory/2012-331-0x0000000000950000-0x0000000000958000-memory.dmp

Filesize
32KB

Download
memory/2012-330-0x000000001BDE0000-0x000000001BF18000-memory.dmp

Filesize
1.2MB

Download
memory/2012-328-0x000000001BBD0000-0x000000001BDD8000-memory.dmp

Filesize
2.0MB

Download
memory/2012-327-0x000000001B710000-0x000000001B790000-memory.dmp

Filesize
512KB

Download
memory/2012-324-0x00000000005E0000-0x00000000005E8000-memory.dmp

Filesize
32KB

Download
memory/2012-323-0x0000000000350000-0x000000000035E000-memory.dmp

Filesize
56KB

Download
memory/2012-321-0x0000000000340000-0x000000000034C000-memory.dmp

Filesize
48KB

Download
memory/2012-319-0x0000000000330000-0x000000000033C000-memory.dmp

Filesize
48KB

Download
memory/2012-317-0x00000000001C0000-0x00000000001D0000-memory.dmp

Filesize
64KB

Download
memory/2012-315-0x0000000000300000-0x000000000031A000-memory.dmp

Filesize
104KB

Download
memory/2012-314-0x00000000002D0000-0x00000000002F6000-memory.dmp

Filesize
152KB

Download
memory/2012-308-0x000007FEF5450000-0x000007FEF5E3C000-memory.dmp

Filesize
9.9MB

Download
memory/2856-367-0x00000000020A0000-0x00000000020AA000-memory.dmp

Filesize
40KB

Download
memory/2856-312-0x0000000004340000-0x0000000004380000-memory.dmp

Filesize
256KB

Download
memory/2856-310-0x0000000073EE0000-0x00000000745CE000-memory.dmp

Filesize
6.9MB

Download
memory/2856-311-0x00000000020A0000-0x00000000020AA000-memory.dmp

Filesize
40KB

Download
memory/2856-309-0x00000000020A0000-0x00000000020AA000-memory.dmp

Filesize
40KB

Download
memory/2856-370-0x00000000020A0000-0x00000000020AA000-memory.dmp

Filesize
40KB

Download
memory/2856-373-0x0000000004340000-0x0000000004380000-memory.dmp

Filesize
256KB

Download
memory/2856-11-0x0000000004340000-0x0000000004380000-memory.dmp

Filesize
256KB

Download
memory/2856-9-0x0000000000350000-0x0000000000514000-memory.dmp

Filesize
1.8MB

Download
memory/2856-10-0x0000000073EE0000-0x00000000745CE000-memory.dmp

Filesize
6.9MB

Download