2617f2a1997e44bd53606fd59cc222c7023aa607e745c35a50395e31d0732b8b

Analysis

max time kernel
95s
max time network
101s
platform
windows10-2004_x64
resource
win10v2004-20231023-en
resource tags

arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
submitted
26/11/2023, 17:10

Sharing

Copy URL

Twitter E-mail

Reason

Machine shutdown

Report Analysis Logs

General

Target

Major_setup.exe
Size

6.1MB
MD5

5c6f03da1b0b702c5dfa2efd37c94754
SHA1

848f9b3109cea492349b1042c01ffa559a1b2ad5
SHA256

2617f2a1997e44bd53606fd59cc222c7023aa607e745c35a50395e31d0732b8b
SHA512

948eb53da8751ec682c5cf9f06ce28c0209b727c97c37a5d756dc93ca3469bce87467ef50f7ff2a46480abc7610857b319ad950ef8dd675fe603b4c528d89c3a
SSDEEP

98304:BFsnZIkar3+mI1khAnT8cvbEmHLLw1DSpnF2t+j8pWOg+oPNekrvxp8:MfmEkuzEmrLw1DZ+L+geO+

Score

7^/10

aspackv2 discovery upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 6 IoCs

Detects file using ACProtect software.

resource	yara_rule
behavioral1/files/0x0006000000022d99-114.dat	acprotect
behavioral1/files/0x0006000000022d99-117.dat	acprotect
behavioral1/files/0x0006000000022d99-116.dat	acprotect
behavioral1/files/0x0006000000022d88-96.dat	acprotect
behavioral1/files/0x0006000000022d88-95.dat	acprotect
behavioral1/files/0x0006000000022d88-94.dat	acprotect

ASPack v2.12-2.42 3 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
behavioral1/files/0x0006000000022d86-61.dat	aspack_v212_v242
behavioral1/files/0x0006000000022d86-69.dat	aspack_v212_v242
behavioral1/files/0x0006000000022d86-67.dat	aspack_v212_v242

Executes dropped EXE 2 IoCs

pid	Process
628	is-93FE6.tmp
872	Major.exe

Loads dropped DLL 25 IoCs

pid	Process
872	Major.exe
872	Major.exe
872	Major.exe
872	Major.exe
872	Major.exe
872	Major.exe
872	Major.exe
872	Major.exe
872	Major.exe
872	Major.exe
872	Major.exe
872	Major.exe
872	Major.exe
872	Major.exe
872	Major.exe
872	Major.exe
872	Major.exe
872	Major.exe
872	Major.exe
872	Major.exe
872	Major.exe
872	Major.exe
872	Major.exe
872	Major.exe
872	Major.exe

UPX packed file 10 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/files/0x0006000000022d99-114.dat	upx
behavioral1/memory/872-118-0x0000000002690000-0x00000000026C0000-memory.dmp	upx
behavioral1/files/0x0006000000022d99-117.dat	upx
behavioral1/files/0x0006000000022d99-116.dat	upx
behavioral1/files/0x0006000000022d88-96.dat	upx
behavioral1/files/0x0006000000022d88-95.dat	upx
behavioral1/files/0x0006000000022d88-94.dat	upx
behavioral1/memory/872-124-0x0000000002710000-0x000000000271A000-memory.dmp	upx
behavioral1/memory/872-141-0x0000000002710000-0x000000000271A000-memory.dmp	upx
behavioral1/memory/872-185-0x0000000002710000-0x000000000271A000-memory.dmp	upx

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 25 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Major\Audio\is-V0H04.tmp	is-93FE6.tmp
File created	C:\Program Files (x86)\Major\System\is-G6Q7A.tmp	is-93FE6.tmp
File opened for modification	C:\Program Files (x86)\Major\Major.mdb	Major.exe
File created	C:\Program Files (x86)\Major\Audio\is-0HESB.tmp	is-93FE6.tmp
File created	C:\Program Files (x86)\Major\Audio\is-U7JOD.tmp	is-93FE6.tmp
File opened for modification	C:\Program Files (x86)\Major\system.mdb	Major.exe
File created	C:\Program Files (x86)\Major\is-C8I84.tmp	is-93FE6.tmp
File created	C:\Program Files (x86)\Major\Audio\is-87VMC.tmp	is-93FE6.tmp
File created	C:\Program Files (x86)\Major\Audio\is-J361R.tmp	is-93FE6.tmp
File created	C:\Program Files (x86)\Major\is-CUFFP.tmp	is-93FE6.tmp
File created	C:\Program Files (x86)\Major\Audio\is-1QDO1.tmp	is-93FE6.tmp
File created	C:\Program Files (x86)\Major\Audio\is-URVNN.tmp	is-93FE6.tmp
File opened for modification	C:\Program Files (x86)\Major\Major.url	is-93FE6.tmp
File created	C:\Program Files (x86)\Major\System\is-NH90I.tmp	is-93FE6.tmp
File created	C:\Program Files (x86)\Major\is-TOF83.tmp	is-93FE6.tmp
File created	C:\Program Files (x86)\Major\Audio\is-L9LFH.tmp	is-93FE6.tmp
File created	C:\Program Files (x86)\Major\Audio\is-RNAI8.tmp	is-93FE6.tmp
File opened for modification	C:\Program Files (x86)\Major\Major.ldb	Major.exe
File created	C:\Program Files (x86)\Major\is-N8B1R.tmp	is-93FE6.tmp
File created	C:\Program Files (x86)\Major\Audio\is-31HFA.tmp	is-93FE6.tmp
File created	C:\Program Files (x86)\Major\unins000.dat	is-93FE6.tmp
File created	C:\Program Files (x86)\Major\is-V5LHB.tmp	is-93FE6.tmp
File created	C:\Program Files (x86)\Major\Audio\is-KHIOP.tmp	is-93FE6.tmp
File opened for modification	C:\Program Files (x86)\Major\unins000.dat	is-93FE6.tmp
File created	C:\Program Files (x86)\Major\is-F6UJJ.tmp	is-93FE6.tmp

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies data under HKEY_USERS 15 IoCs

description	ioc	Process
Set value (data)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = a6d8ff0076b9ed00429ce3000078d700005a9e000042750000264200f7630c00	LogonUI.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365271"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "80"	LogonUI.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4288567808"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292311040"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365271"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1"	LogonUI.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292311040"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0"	LogonUI.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
872	Major.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	64	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	64	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 2 IoCs

pid	Process
872	Major.exe
872	Major.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2320	LogonUI.exe

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 4272 wrote to memory of 628	4272	Major_setup.exe	83
PID 4272 wrote to memory of 628	4272	Major_setup.exe	83
PID 4272 wrote to memory of 628	4272	Major_setup.exe	83
PID 628 wrote to memory of 872	628	is-93FE6.tmp	95
PID 628 wrote to memory of 872	628	is-93FE6.tmp	95
PID 628 wrote to memory of 872	628	is-93FE6.tmp	95

C:\Users\Admin\AppData\Local\Temp\Major_setup.exe
"C:\Users\Admin\AppData\Local\Temp\Major_setup.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4272
- C:\Users\Admin\AppData\Local\Temp\is-8SQI8.tmp\is-93FE6.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-8SQI8.tmp\is-93FE6.tmp" /SL4 $180030 "C:\Users\Admin\AppData\Local\Temp\Major_setup.exe" 6130902 72192
  2⤵
  - Executes dropped EXE
  - Drops file in Program Files directory
  - Suspicious use of WriteProcessMemory
  PID:628
- - C:\Program Files (x86)\Major\Major.exe
    "C:\Program Files (x86)\Major\Major.exe"
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Drops file in Program Files directory
    - Suspicious behavior: GetForegroundWindowSpam
    - Suspicious use of FindShellTrayWindow
    PID:872

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x514 0x50c
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:64

C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa39ad855 /state1:0x41c64e6d
1⤵
- Modifies data under HKEY_USERS
- Suspicious use of SetWindowsHookEx
PID:2320

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Major\Audio\bass_aac.dll

Filesize
147KB

MD5
73474a5f0253b514f8c81e95b71cac40

SHA1
de5e23bd6d8fca1a96b609702ce31db00892ca9d

SHA256
b6b82865cc119d96189d37a9fa9b0d6325b145d7d44a0b30c9a52b195cbdd1b7

SHA512
bc489df64be07e5c9ebcbcc3e42015270dd39c149969aa284c4e26dbe2ae29c494928c2406c0dce72c89c036b45a9649649a961d41f45fc2a16cdb8ab53e441b

Download Submit
C:\Program Files (x86)\Major\Audio\bass_aac.dll

Filesize
147KB

MD5
73474a5f0253b514f8c81e95b71cac40

SHA1
de5e23bd6d8fca1a96b609702ce31db00892ca9d

SHA256
b6b82865cc119d96189d37a9fa9b0d6325b145d7d44a0b30c9a52b195cbdd1b7

SHA512
bc489df64be07e5c9ebcbcc3e42015270dd39c149969aa284c4e26dbe2ae29c494928c2406c0dce72c89c036b45a9649649a961d41f45fc2a16cdb8ab53e441b

Download Submit
C:\Program Files (x86)\Major\Audio\bass_aac.dll

Filesize
147KB

MD5
73474a5f0253b514f8c81e95b71cac40

SHA1
de5e23bd6d8fca1a96b609702ce31db00892ca9d

SHA256
b6b82865cc119d96189d37a9fa9b0d6325b145d7d44a0b30c9a52b195cbdd1b7

SHA512
bc489df64be07e5c9ebcbcc3e42015270dd39c149969aa284c4e26dbe2ae29c494928c2406c0dce72c89c036b45a9649649a961d41f45fc2a16cdb8ab53e441b

Download Submit
C:\Program Files (x86)\Major\Audio\bass_ac3.dll

Filesize
16KB

MD5
60659e12eb56f05e7229a166655ccb6f

SHA1
aca2c66ac07cdc9af21f82d9aa58728a1b895894

SHA256
0ecc851484fcaca3365c2e660a4faae5344a05be9ce47ca59949c9a615bf737b

SHA512
183579b846ade60f96cb38ba07350a01d829ab8df4b97b3876609cc94e8665a1c3a370511b6c5070499376f9fc0291a3dd62df2503075d015444f5959dd55ec7

Download Submit
C:\Program Files (x86)\Major\Audio\bass_ac3.dll

Filesize
16KB

MD5
60659e12eb56f05e7229a166655ccb6f

SHA1
aca2c66ac07cdc9af21f82d9aa58728a1b895894

SHA256
0ecc851484fcaca3365c2e660a4faae5344a05be9ce47ca59949c9a615bf737b

SHA512
183579b846ade60f96cb38ba07350a01d829ab8df4b97b3876609cc94e8665a1c3a370511b6c5070499376f9fc0291a3dd62df2503075d015444f5959dd55ec7

Download Submit
C:\Program Files (x86)\Major\Audio\bass_ac3.dll

Filesize
16KB

MD5
60659e12eb56f05e7229a166655ccb6f

SHA1
aca2c66ac07cdc9af21f82d9aa58728a1b895894

SHA256
0ecc851484fcaca3365c2e660a4faae5344a05be9ce47ca59949c9a615bf737b

SHA512
183579b846ade60f96cb38ba07350a01d829ab8df4b97b3876609cc94e8665a1c3a370511b6c5070499376f9fc0291a3dd62df2503075d015444f5959dd55ec7

Download Submit
C:\Program Files (x86)\Major\Audio\bass_alac.dll

Filesize
12KB

MD5
ff7467b20ff664d3be83300879c3e667

SHA1
01ff69e1440195dd1edcb89d7a924c7d95682123

SHA256
5f6a4675699165d51f690b27c76cc7e7cac5593d8e10285f75412473b1d0bf07

SHA512
cc5b1e1b2d159be154c8b634368c8192be65d70a6c8fce167bd8e29db3e981b5f593534003428058c8d530f93de63b70b65bf8306491fd191499939711e68d4e

Download Submit
C:\Program Files (x86)\Major\Audio\bass_alac.dll

Filesize
12KB

MD5
ff7467b20ff664d3be83300879c3e667

SHA1
01ff69e1440195dd1edcb89d7a924c7d95682123

SHA256
5f6a4675699165d51f690b27c76cc7e7cac5593d8e10285f75412473b1d0bf07

SHA512
cc5b1e1b2d159be154c8b634368c8192be65d70a6c8fce167bd8e29db3e981b5f593534003428058c8d530f93de63b70b65bf8306491fd191499939711e68d4e

Download Submit
C:\Program Files (x86)\Major\Audio\bass_alac.dll

Filesize
12KB

MD5
ff7467b20ff664d3be83300879c3e667

SHA1
01ff69e1440195dd1edcb89d7a924c7d95682123

SHA256
5f6a4675699165d51f690b27c76cc7e7cac5593d8e10285f75412473b1d0bf07

SHA512
cc5b1e1b2d159be154c8b634368c8192be65d70a6c8fce167bd8e29db3e981b5f593534003428058c8d530f93de63b70b65bf8306491fd191499939711e68d4e

Download Submit
C:\Program Files (x86)\Major\Audio\bass_ape.dll

Filesize
28KB

MD5
0527af6148677c7019bc4495d9dc337e

SHA1
b12d66db922539665ec8a52e4b8bcce0a9bf7178

SHA256
a64303b8a6261fb5cd8b53a56eceaa774f88d4ae1b58c1820b780d4479f6e7ec

SHA512
4d4d62877d857a0e15b9d0655a269bc93b0178dff0cb70fb54e325a82c17f9ca10d8d6bbbcb0608e9b43257fddd15101fb971ebd426882d0097400845ddf62a8

Download Submit
C:\Program Files (x86)\Major\Audio\bass_ape.dll

Filesize
28KB

MD5
0527af6148677c7019bc4495d9dc337e

SHA1
b12d66db922539665ec8a52e4b8bcce0a9bf7178

SHA256
a64303b8a6261fb5cd8b53a56eceaa774f88d4ae1b58c1820b780d4479f6e7ec

SHA512
4d4d62877d857a0e15b9d0655a269bc93b0178dff0cb70fb54e325a82c17f9ca10d8d6bbbcb0608e9b43257fddd15101fb971ebd426882d0097400845ddf62a8

Download Submit
C:\Program Files (x86)\Major\Audio\bass_ape.dll

Filesize
28KB

MD5
0527af6148677c7019bc4495d9dc337e

SHA1
b12d66db922539665ec8a52e4b8bcce0a9bf7178

SHA256
a64303b8a6261fb5cd8b53a56eceaa774f88d4ae1b58c1820b780d4479f6e7ec

SHA512
4d4d62877d857a0e15b9d0655a269bc93b0178dff0cb70fb54e325a82c17f9ca10d8d6bbbcb0608e9b43257fddd15101fb971ebd426882d0097400845ddf62a8

Download Submit
C:\Program Files (x86)\Major\Audio\bass_mpc.dll

Filesize
18KB

MD5
09ee9c45b86ebbbee026a648553f0a95

SHA1
e68739da50cce2f576ec476029d45e227ac2e72b

SHA256
f68f5a4e681da6def4acc659c5e6676dc510b83c04e01cb7e3d19d65e9b0fc97

SHA512
d304485c310b53d1c9544e192528e3a3b9c1337b6d2af762fec7a03138ae5d08d9955c88b9cf2f2619e411168f01e719c776674c0aca9baaac8ab8d28cc40d4c

Download Submit
C:\Program Files (x86)\Major\Audio\bass_mpc.dll

Filesize
18KB

MD5
09ee9c45b86ebbbee026a648553f0a95

SHA1
e68739da50cce2f576ec476029d45e227ac2e72b

SHA256
f68f5a4e681da6def4acc659c5e6676dc510b83c04e01cb7e3d19d65e9b0fc97

SHA512
d304485c310b53d1c9544e192528e3a3b9c1337b6d2af762fec7a03138ae5d08d9955c88b9cf2f2619e411168f01e719c776674c0aca9baaac8ab8d28cc40d4c

Download Submit
C:\Program Files (x86)\Major\Audio\bass_mpc.dll

Filesize
18KB

MD5
09ee9c45b86ebbbee026a648553f0a95

SHA1
e68739da50cce2f576ec476029d45e227ac2e72b

SHA256
f68f5a4e681da6def4acc659c5e6676dc510b83c04e01cb7e3d19d65e9b0fc97

SHA512
d304485c310b53d1c9544e192528e3a3b9c1337b6d2af762fec7a03138ae5d08d9955c88b9cf2f2619e411168f01e719c776674c0aca9baaac8ab8d28cc40d4c

Download Submit
C:\Program Files (x86)\Major\Audio\bass_ofr.dll

Filesize
6KB

MD5
1fb21c1552751f33e029accfb9613f64

SHA1
6c49b147fd284e11b4e980dc0daf56556c96db67

SHA256
9e3add58e1a1f5040648a940bb715ed37e595d0082fcc2d2653a4a2ec6b15194

SHA512
a92df8bc159b49625d77a2b605bcd0464354129c87b311925bc2e1c1674c8b156f6f2948d5b21d96bb98bb60a26443f280fff92d5bf8d329f5f1079bc8a1cff9

Download Submit
C:\Program Files (x86)\Major\Audio\bass_ofr.dll

Filesize
6KB

MD5
1fb21c1552751f33e029accfb9613f64

SHA1
6c49b147fd284e11b4e980dc0daf56556c96db67

SHA256
9e3add58e1a1f5040648a940bb715ed37e595d0082fcc2d2653a4a2ec6b15194

SHA512
a92df8bc159b49625d77a2b605bcd0464354129c87b311925bc2e1c1674c8b156f6f2948d5b21d96bb98bb60a26443f280fff92d5bf8d329f5f1079bc8a1cff9

Download Submit
C:\Program Files (x86)\Major\Audio\bass_ofr.dll

Filesize
6KB

MD5
1fb21c1552751f33e029accfb9613f64

SHA1
6c49b147fd284e11b4e980dc0daf56556c96db67

SHA256
9e3add58e1a1f5040648a940bb715ed37e595d0082fcc2d2653a4a2ec6b15194

SHA512
a92df8bc159b49625d77a2b605bcd0464354129c87b311925bc2e1c1674c8b156f6f2948d5b21d96bb98bb60a26443f280fff92d5bf8d329f5f1079bc8a1cff9

Download Submit
C:\Program Files (x86)\Major\Audio\bass_spx.dll

Filesize
34KB

MD5
215bf357c907689896fa2a9151b62e63

SHA1
920318aa0e9c6f753f6036b724a90af686f6deed

SHA256
cba5da1b57004c68ff91f825744cbe0baaf17bbb5b1245aca2b9712014323c3a

SHA512
ceb83ef5f73d33730760401f864c2fea9fbe79bd9d4232831d8118f3a7d00119ef5e37cca1d53feea1bf3eca335849c8a94b378966f94d412708fb7986cf8206

Download Submit
C:\Program Files (x86)\Major\Audio\bass_spx.dll

Filesize
34KB

MD5
215bf357c907689896fa2a9151b62e63

SHA1
920318aa0e9c6f753f6036b724a90af686f6deed

SHA256
cba5da1b57004c68ff91f825744cbe0baaf17bbb5b1245aca2b9712014323c3a

SHA512
ceb83ef5f73d33730760401f864c2fea9fbe79bd9d4232831d8118f3a7d00119ef5e37cca1d53feea1bf3eca335849c8a94b378966f94d412708fb7986cf8206

Download Submit
C:\Program Files (x86)\Major\Audio\bass_spx.dll

Filesize
34KB

MD5
215bf357c907689896fa2a9151b62e63

SHA1
920318aa0e9c6f753f6036b724a90af686f6deed

SHA256
cba5da1b57004c68ff91f825744cbe0baaf17bbb5b1245aca2b9712014323c3a

SHA512
ceb83ef5f73d33730760401f864c2fea9fbe79bd9d4232831d8118f3a7d00119ef5e37cca1d53feea1bf3eca335849c8a94b378966f94d412708fb7986cf8206

Download Submit
C:\Program Files (x86)\Major\Audio\bass_tta.dll

Filesize
8KB

MD5
8ac6d00f05a52fc24f7e0c4ed668d044

SHA1
338a57583526e94206d3b993c7f7d2c8d0b33d74

SHA256
9e3a26e8db0be560052d05b2b7c7aa43e6ed09636f85b5a3a35d704f1c9f5051

SHA512
95d4354d7aa2c46415b3f0c82d5d0015d0fb67f306e2c551bafefc77dc645a29fd6c5973ddf32b66a73f429be592db8f2e1b118b3370e2a3c5bd1c56b66932cd

Download Submit
C:\Program Files (x86)\Major\Audio\bass_tta.dll

Filesize
8KB

MD5
8ac6d00f05a52fc24f7e0c4ed668d044

SHA1
338a57583526e94206d3b993c7f7d2c8d0b33d74

SHA256
9e3a26e8db0be560052d05b2b7c7aa43e6ed09636f85b5a3a35d704f1c9f5051

SHA512
95d4354d7aa2c46415b3f0c82d5d0015d0fb67f306e2c551bafefc77dc645a29fd6c5973ddf32b66a73f429be592db8f2e1b118b3370e2a3c5bd1c56b66932cd

Download Submit
C:\Program Files (x86)\Major\Audio\bass_tta.dll

Filesize
8KB

MD5
8ac6d00f05a52fc24f7e0c4ed668d044

SHA1
338a57583526e94206d3b993c7f7d2c8d0b33d74

SHA256
9e3a26e8db0be560052d05b2b7c7aa43e6ed09636f85b5a3a35d704f1c9f5051

SHA512
95d4354d7aa2c46415b3f0c82d5d0015d0fb67f306e2c551bafefc77dc645a29fd6c5973ddf32b66a73f429be592db8f2e1b118b3370e2a3c5bd1c56b66932cd

Download Submit
C:\Program Files (x86)\Major\Audio\bass_wv.dll

Filesize
27KB

MD5
65a791d1455b19a74b4c1c4bf887a582

SHA1
2d899c12fe072f403942e695b99f32239ef813b3

SHA256
1262e50b9181b604e1ad5d63be6cc1a58ffb3de9da3ad550a6b94bcb5018171a

SHA512
4b22dc6f1864120b807dc2b419163f2a8c6530a1833a62cfc9e3fbbe02d6a6b9f0eed648df721611680ce76adb67bade40a7a532fe49d626f5511de352b0ab6c

Download Submit
C:\Program Files (x86)\Major\Audio\bass_wv.dll

Filesize
27KB

MD5
65a791d1455b19a74b4c1c4bf887a582

SHA1
2d899c12fe072f403942e695b99f32239ef813b3

SHA256
1262e50b9181b604e1ad5d63be6cc1a58ffb3de9da3ad550a6b94bcb5018171a

SHA512
4b22dc6f1864120b807dc2b419163f2a8c6530a1833a62cfc9e3fbbe02d6a6b9f0eed648df721611680ce76adb67bade40a7a532fe49d626f5511de352b0ab6c

Download Submit
C:\Program Files (x86)\Major\Audio\bass_wv.dll

Filesize
27KB

MD5
65a791d1455b19a74b4c1c4bf887a582

SHA1
2d899c12fe072f403942e695b99f32239ef813b3

SHA256
1262e50b9181b604e1ad5d63be6cc1a58ffb3de9da3ad550a6b94bcb5018171a

SHA512
4b22dc6f1864120b807dc2b419163f2a8c6530a1833a62cfc9e3fbbe02d6a6b9f0eed648df721611680ce76adb67bade40a7a532fe49d626f5511de352b0ab6c

Download Submit
C:\Program Files (x86)\Major\Audio\bassflac.dll

Filesize
20KB

MD5
47a295a0bdfc18159262e405f86cf116

SHA1
e42add7492549efe3e7cff219ec8a705cf08dea2

SHA256
88a38b23077fdadf6388d1574e0952054b79088d65f3ec98b212f6020b7277af

SHA512
845c345a1a698fe2cdc434e711eac8a1ea37009483f2accd3dc50c9b3245229cf971e7d82c584cf292afdfc2b8df6d812cc5311143f18111237643e1b600a02e

Download Submit
C:\Program Files (x86)\Major\Audio\bassflac.dll

Filesize
20KB

MD5
47a295a0bdfc18159262e405f86cf116

SHA1
e42add7492549efe3e7cff219ec8a705cf08dea2

SHA256
88a38b23077fdadf6388d1574e0952054b79088d65f3ec98b212f6020b7277af

SHA512
845c345a1a698fe2cdc434e711eac8a1ea37009483f2accd3dc50c9b3245229cf971e7d82c584cf292afdfc2b8df6d812cc5311143f18111237643e1b600a02e

Download Submit
C:\Program Files (x86)\Major\Audio\basswma.dll

Filesize
46KB

MD5
a5006ade2e5ab95413a3d6193963f4f7

SHA1
17868478700fee41defacab61c63f58ad4590fae

SHA256
8f00a758fe2bf7e14e7fe7004fb1bb81561260f4eee9dd24767fd8d8b82ebd82

SHA512
831b001a9afb482cebb1f83a09f7d9a2968aa51a05c45b41347f3e2bcf53923d62530153343e756b1776ff177b8805afde035f760debd7e3bdc063acf9e13279

Download Submit
C:\Program Files (x86)\Major\Audio\basswma.dll

Filesize
46KB

MD5
a5006ade2e5ab95413a3d6193963f4f7

SHA1
17868478700fee41defacab61c63f58ad4590fae

SHA256
8f00a758fe2bf7e14e7fe7004fb1bb81561260f4eee9dd24767fd8d8b82ebd82

SHA512
831b001a9afb482cebb1f83a09f7d9a2968aa51a05c45b41347f3e2bcf53923d62530153343e756b1776ff177b8805afde035f760debd7e3bdc063acf9e13279

Download Submit
C:\Program Files (x86)\Major\DEMO.MP3

Filesize
3.5MB

MD5
79430b64bcc85680c124de8597bc48be

SHA1
4ff555fb8cc7bed987b12d523e87a53b3dd98ecc

SHA256
b804698355d147b9071dfc8f1916dafa0ee7e2aa99e3ba4e213ac29154f62fac

SHA512
1292fe57153bfa20dac957e80ed04a1d3e55da8d97f74dc1b42c4af849496f462667185b3e75dd985405243cf3c53d3583373801f8dc66c9deb8d12a5d15c0b4

Download Submit
C:\Program Files (x86)\Major\Major.exe

Filesize
1.6MB

MD5
b3c9acd96c75685f6410709fd2dd0c0d

SHA1
eedd054fc156ac753fa3fe50d0cc35b85ba0b1b4

SHA256
7cb8263d294c647958e67e080b21808ee510ec2727939cc18f0a093b7efcd50d

SHA512
ed745c68728f1fa56882b844d103a1b29ee6198bb5fe17f6090200017d8b662497cb6faa3ed20b147e1e9a11dcd98f7f479baf7baccf3715667b01cd5d5b446e

Download Submit
C:\Program Files (x86)\Major\Major.exe

Filesize
1.6MB

MD5
b3c9acd96c75685f6410709fd2dd0c0d

SHA1
eedd054fc156ac753fa3fe50d0cc35b85ba0b1b4

SHA256
7cb8263d294c647958e67e080b21808ee510ec2727939cc18f0a093b7efcd50d

SHA512
ed745c68728f1fa56882b844d103a1b29ee6198bb5fe17f6090200017d8b662497cb6faa3ed20b147e1e9a11dcd98f7f479baf7baccf3715667b01cd5d5b446e

Download Submit
C:\Program Files (x86)\Major\Major.exe

Filesize
1.6MB

MD5
b3c9acd96c75685f6410709fd2dd0c0d

SHA1
eedd054fc156ac753fa3fe50d0cc35b85ba0b1b4

SHA256
7cb8263d294c647958e67e080b21808ee510ec2727939cc18f0a093b7efcd50d

SHA512
ed745c68728f1fa56882b844d103a1b29ee6198bb5fe17f6090200017d8b662497cb6faa3ed20b147e1e9a11dcd98f7f479baf7baccf3715667b01cd5d5b446e

Download Submit
C:\Program Files (x86)\Major\Major.mdb

Filesize
132KB

MD5
ca84d7145de12674f7af688b1a7c6d92

SHA1
165ceebdbecfb0933366a3d012744225b38d9c26

SHA256
7df778839438d78c28229c12d51fe8441bc2d99d50c20f82360a844de50954e0

SHA512
d0789884dea7b5c910367970142a141a0ddf8f32334d370fa0599281264c029efaad884d73b150eec02e28650229513d65be82efc6e8eb8eff880417c22c86ad

Download Submit
C:\Program Files (x86)\Major\OptimFROG.dll

Filesize
74KB

MD5
f511cd6623d8b75955dcc4d503ac5817

SHA1
11b147dc1f6e06b3d3ef49be9a800f03a428814a

SHA256
de02e5a27a8ff0920187ff83b39b9b9866444fe58d3e57e4bbdb5741eb64563c

SHA512
b93be1955b2486cc6560911c41091001296cca75aa43f56265e2c3be6d7a97f51890cf48822f8215279eac83baf69caee0f552135dffbc669f949a7a784fcf95

Download Submit
C:\Program Files (x86)\Major\OptimFROG.dll

Filesize
74KB

MD5
f511cd6623d8b75955dcc4d503ac5817

SHA1
11b147dc1f6e06b3d3ef49be9a800f03a428814a

SHA256
de02e5a27a8ff0920187ff83b39b9b9866444fe58d3e57e4bbdb5741eb64563c

SHA512
b93be1955b2486cc6560911c41091001296cca75aa43f56265e2c3be6d7a97f51890cf48822f8215279eac83baf69caee0f552135dffbc669f949a7a784fcf95

Download Submit
C:\Program Files (x86)\Major\OptimFROG.dll

Filesize
74KB

MD5
f511cd6623d8b75955dcc4d503ac5817

SHA1
11b147dc1f6e06b3d3ef49be9a800f03a428814a

SHA256
de02e5a27a8ff0920187ff83b39b9b9866444fe58d3e57e4bbdb5741eb64563c

SHA512
b93be1955b2486cc6560911c41091001296cca75aa43f56265e2c3be6d7a97f51890cf48822f8215279eac83baf69caee0f552135dffbc669f949a7a784fcf95

Download Submit
C:\Program Files (x86)\Major\System\bass.dll

Filesize
90KB

MD5
628cbd88e2b02e734d22bf74867a5526

SHA1
8c2fcd445ff6167fe01132b95ec3ee5e2038e8e1

SHA256
e5a7720f8b29be7886ed36e9eecc3c077d56495bb7c2a22f354d037312e9fdc3

SHA512
a66ae75a2b5e53b54e1f4921b8f126c181c439fff1e25688f19717f96ce9b0696fff49a0873ea89f986f0818f3973876c1979e953cdab77cf4e25a07b02c7e52

Download Submit
C:\Program Files (x86)\Major\System\bass.dll

Filesize
90KB

MD5
628cbd88e2b02e734d22bf74867a5526

SHA1
8c2fcd445ff6167fe01132b95ec3ee5e2038e8e1

SHA256
e5a7720f8b29be7886ed36e9eecc3c077d56495bb7c2a22f354d037312e9fdc3

SHA512
a66ae75a2b5e53b54e1f4921b8f126c181c439fff1e25688f19717f96ce9b0696fff49a0873ea89f986f0818f3973876c1979e953cdab77cf4e25a07b02c7e52

Download Submit
C:\Program Files (x86)\Major\System\tags.dll

Filesize
10KB

MD5
d99213414b467083cbbd637e24c92425

SHA1
4919cc630905d9183aaad25c6834ba3df275c32d

SHA256
3162ef53c4b7b764d3c944f4d183c224717c0ca68d47c6e6bdca5e9e2836bc2f

SHA512
9160aeac660515b930d8969b36efff9443afb2b3769b17808bc33b2c3e43ecb7643f1c70d8e183b9f9a8650fdc475162f64cf6e193e57ab907b3374af50f21ac

Download Submit
C:\Program Files (x86)\Major\System\tags.dll

Filesize
10KB

MD5
d99213414b467083cbbd637e24c92425

SHA1
4919cc630905d9183aaad25c6834ba3df275c32d

SHA256
3162ef53c4b7b764d3c944f4d183c224717c0ca68d47c6e6bdca5e9e2836bc2f

SHA512
9160aeac660515b930d8969b36efff9443afb2b3769b17808bc33b2c3e43ecb7643f1c70d8e183b9f9a8650fdc475162f64cf6e193e57ab907b3374af50f21ac

Download Submit
C:\Program Files (x86)\Major\System\tags.dll

Filesize
10KB

MD5
d99213414b467083cbbd637e24c92425

SHA1
4919cc630905d9183aaad25c6834ba3df275c32d

SHA256
3162ef53c4b7b764d3c944f4d183c224717c0ca68d47c6e6bdca5e9e2836bc2f

SHA512
9160aeac660515b930d8969b36efff9443afb2b3769b17808bc33b2c3e43ecb7643f1c70d8e183b9f9a8650fdc475162f64cf6e193e57ab907b3374af50f21ac

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-8SQI8.tmp\is-93FE6.tmp

Filesize
636KB

MD5
173c724d5c5f918ab99451d4fe12c8e9

SHA1
c3273acd6ba4eb2f994a7e4b029658fa8a5ac95e

SHA256
4eac3bb09018fb9c896a822f8befa50487c7a63c6ecfaeea534df7e264bb48ef

SHA512
89e27ccfd9ae061476ad0cccbb96618a77ba3131da722912c43e7bf849f94ae16cb5226189e5d0b35913535925b0409f1b6212094f490fce0d2ce46d5bb66984

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-8SQI8.tmp\is-93FE6.tmp

Filesize
636KB

MD5
173c724d5c5f918ab99451d4fe12c8e9

SHA1
c3273acd6ba4eb2f994a7e4b029658fa8a5ac95e

SHA256
4eac3bb09018fb9c896a822f8befa50487c7a63c6ecfaeea534df7e264bb48ef

SHA512
89e27ccfd9ae061476ad0cccbb96618a77ba3131da722912c43e7bf849f94ae16cb5226189e5d0b35913535925b0409f1b6212094f490fce0d2ce46d5bb66984

Download Submit
memory/628-70-0x0000000000400000-0x00000000004AD000-memory.dmp

Filesize
692KB

Download
memory/628-7-0x0000000000650000-0x0000000000651000-memory.dmp

Filesize
4KB

Download
memory/628-12-0x0000000000400000-0x00000000004AD000-memory.dmp

Filesize
692KB

Download
memory/872-74-0x0000000010000000-0x0000000010041000-memory.dmp

Filesize
260KB

Download
memory/872-124-0x0000000002710000-0x000000000271A000-memory.dmp

Filesize
40KB

Download
memory/872-228-0x0000000010000000-0x0000000010041000-memory.dmp

Filesize
260KB

Download
memory/872-112-0x0000000000C60000-0x0000000000C72000-memory.dmp

Filesize
72KB

Download
memory/872-113-0x0000000000C80000-0x0000000000C8E000-memory.dmp

Filesize
56KB

Download
memory/872-79-0x0000000002630000-0x0000000002671000-memory.dmp

Filesize
260KB

Download
memory/872-186-0x0000000010000000-0x0000000010041000-memory.dmp

Filesize
260KB

Download
memory/872-115-0x0000000002680000-0x0000000002685000-memory.dmp

Filesize
20KB

Download
memory/872-118-0x0000000002690000-0x00000000026C0000-memory.dmp

Filesize
192KB

Download
memory/872-185-0x0000000002710000-0x000000000271A000-memory.dmp

Filesize
40KB

Download
memory/872-119-0x00000000026C0000-0x00000000026D0000-memory.dmp

Filesize
64KB

Download
memory/872-120-0x00000000026D0000-0x00000000026D6000-memory.dmp

Filesize
24KB

Download
memory/872-121-0x00000000026E0000-0x00000000026F1000-memory.dmp

Filesize
68KB

Download
memory/872-122-0x0000000010400000-0x000000001040D000-memory.dmp

Filesize
52KB

Download
memory/872-123-0x0000000010100000-0x000000001011C000-memory.dmp

Filesize
112KB

Download
memory/872-111-0x0000000000B00000-0x0000000000B09000-memory.dmp

Filesize
36KB

Download
memory/872-125-0x0000000002990000-0x0000000002991000-memory.dmp

Filesize
4KB

Download
memory/872-100-0x0000000000AD0000-0x0000000000ADD000-memory.dmp

Filesize
52KB

Download
memory/872-172-0x0000000010000000-0x0000000010041000-memory.dmp

Filesize
260KB

Download
memory/872-128-0x0000000010000000-0x0000000010041000-memory.dmp

Filesize
260KB

Download
memory/872-141-0x0000000002710000-0x000000000271A000-memory.dmp

Filesize
40KB

Download
memory/872-142-0x0000000010000000-0x0000000010041000-memory.dmp

Filesize
260KB

Download
memory/872-143-0x0000000010000000-0x0000000010041000-memory.dmp

Filesize
260KB

Download
memory/872-157-0x0000000002990000-0x0000000002991000-memory.dmp

Filesize
4KB

Download
memory/872-158-0x0000000010000000-0x0000000010041000-memory.dmp

Filesize
260KB

Download
memory/4272-2-0x0000000000400000-0x0000000000418000-memory.dmp

Filesize
96KB

Download
memory/4272-0-0x0000000000400000-0x0000000000418000-memory.dmp

Filesize
96KB

Download
memory/4272-11-0x0000000000400000-0x0000000000418000-memory.dmp

Filesize
96KB

Download
memory/4272-71-0x0000000000400000-0x0000000000418000-memory.dmp

Filesize
96KB

Download