214793e31a3b7076a1c45771242d66c28b35b0c06fa87f6e3e986e85a1f81bc2

Analysis

max time kernel
23s
max time network
65s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
17/01/2024, 18:58

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

RokokoStudio_v1.0.0.9962.exe
Size

43.5MB
MD5

395b42b0621b3fe669cb5662521b19d5
SHA1

d88b2e15d7f7b528827e63694879b8bfa1279dbc
SHA256

214793e31a3b7076a1c45771242d66c28b35b0c06fa87f6e3e986e85a1f81bc2
SHA512

47db794c068ead63e100b71257c120bc8a2e1c0cad0d57efe0cef8cb2540e66d89bd5948a103d459e823120f00c19a44eb16215dda3aa1278f9dc8b0fa8e936d
SSDEEP

786432:cK0WDEHEGPyE5HR6DnYWYFh+fRHtvCM9QsplxKigyMosZ56fCp55vbvLJUKK2:c10EHEGPPHR6Dn0D+fRQ+Q/yMosZQfQZ

Score

8^/10

discovery evasion

Malware Config

Signatures

Modifies Windows Firewall 1 TTPs 2 IoCs

evasion

Windows Service

T1543.003

pid	Process
2256	netsh.exe
1488	netsh.exe

Executes dropped EXE 3 IoCs

pid	Process
2368	RokokoStudio_v1.0.0.9962.tmp
1040	dotnet-runtime-6.0.10-win-x64.exe
1984	dotnet-runtime-6.0.10-win-x64.exe

Loads dropped DLL 5 IoCs

pid	Process
2140	RokokoStudio_v1.0.0.9962.exe
2368	RokokoStudio_v1.0.0.9962.tmp
2368	RokokoStudio_v1.0.0.9962.tmp
1040	dotnet-runtime-6.0.10-win-x64.exe
1984	dotnet-runtime-6.0.10-win-x64.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Avalonia.Styling.dll	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-CQQNN.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-2MH6Q.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\runtimes\win-x86\native\is-RU9R0.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-BF384.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-2T71E.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-HHGFE.tmp	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\runtimes\win\lib\netcoreapp2.0\Microsoft.Win32.SystemEvents.dll	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Microsoft.Win32.SystemEvents.dll	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\ColorTextBlock.Avalonia.dll	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-H8BI9.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-LOB9V.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-A15MM.tmp	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Avalonia.Layout.dll	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\CliWrap.dll	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Markdown.Avalonia.SyntaxHigh.dll	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\runtimes\win-arm64\native\av_libglesv2.dll	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-FELUC.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-VO7EE.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-F07GS.tmp	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\unins000.dat	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Avalonia.OpenGL.dll	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Avalonia.Input.dll	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Avalonia.Dialogs.dll	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Avalonia.Themes.Fluent.dll	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Avalonia.DesignerSupport.dll	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-QCPQJ.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-IQHPO.tmp	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\runtimes\win7-x86\native\av_libglesv2.dll	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\System.Drawing.Common.dll	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-2LPG3.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-N4K77.tmp	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\MessageBox.Avalonia.dll	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\runtimes\win\lib\netcoreapp2.0\is-VENOF.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-KR62Q.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\runtimes\win-x64\native\is-TPBQV.tmp	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\runtimes\win-x64\native\libSkiaSharp.dll	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Avalonia.Markup.Xaml.dll	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-1HFPB.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-V7CNR.tmp	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Markdown.Avalonia.dll	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-QI7IA.tmp	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Avalonia.Win32.dll	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\runtimes\win-arm64\native\libSkiaSharp.dll	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-6ARGH.tmp	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Avalonia.Base.dll	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\runtimes\win7-x64\native\av_libglesv2.dll	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Flurl.dll	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\runtimes\win-x86\native\libSkiaSharp.dll	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Avalonia.FreeDesktop.dll	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-7FQBD.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-S1PKE.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\runtimes\win\lib\netcoreapp2.0\is-BNF01.tmp	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Avalonia.MicroCom.dll	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-IG4LT.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-5ONDF.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-HJ3NR.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\runtimes\win-arm64\native\is-FAEQC.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-UU2D1.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-9POD1.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-OLN9R.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\runtimes\win-arm64\native\is-TO051.tmp	RokokoStudio_v1.0.0.9962.tmp
File created	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\is-3OP7F.tmp	RokokoStudio_v1.0.0.9962.tmp
File opened for modification	C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Avalonia.X11.dll	RokokoStudio_v1.0.0.9962.tmp

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2368	RokokoStudio_v1.0.0.9962.tmp
2368	RokokoStudio_v1.0.0.9962.tmp

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2368	RokokoStudio_v1.0.0.9962.tmp

Suspicious use of WriteProcessMemory 21 IoCs

description	pid	Process	procid_target
PID 2140 wrote to memory of 2368	2140	RokokoStudio_v1.0.0.9962.exe	28
PID 2140 wrote to memory of 2368	2140	RokokoStudio_v1.0.0.9962.exe	28
PID 2140 wrote to memory of 2368	2140	RokokoStudio_v1.0.0.9962.exe	28
PID 2140 wrote to memory of 2368	2140	RokokoStudio_v1.0.0.9962.exe	28
PID 2140 wrote to memory of 2368	2140	RokokoStudio_v1.0.0.9962.exe	28
PID 2140 wrote to memory of 2368	2140	RokokoStudio_v1.0.0.9962.exe	28
PID 2140 wrote to memory of 2368	2140	RokokoStudio_v1.0.0.9962.exe	28
PID 2368 wrote to memory of 1040	2368	RokokoStudio_v1.0.0.9962.tmp	29
PID 2368 wrote to memory of 1040	2368	RokokoStudio_v1.0.0.9962.tmp	29
PID 2368 wrote to memory of 1040	2368	RokokoStudio_v1.0.0.9962.tmp	29
PID 2368 wrote to memory of 1040	2368	RokokoStudio_v1.0.0.9962.tmp	29
PID 2368 wrote to memory of 1040	2368	RokokoStudio_v1.0.0.9962.tmp	29
PID 2368 wrote to memory of 1040	2368	RokokoStudio_v1.0.0.9962.tmp	29
PID 2368 wrote to memory of 1040	2368	RokokoStudio_v1.0.0.9962.tmp	29
PID 1040 wrote to memory of 1984	1040	dotnet-runtime-6.0.10-win-x64.exe	30
PID 1040 wrote to memory of 1984	1040	dotnet-runtime-6.0.10-win-x64.exe	30
PID 1040 wrote to memory of 1984	1040	dotnet-runtime-6.0.10-win-x64.exe	30
PID 1040 wrote to memory of 1984	1040	dotnet-runtime-6.0.10-win-x64.exe	30
PID 1040 wrote to memory of 1984	1040	dotnet-runtime-6.0.10-win-x64.exe	30
PID 1040 wrote to memory of 1984	1040	dotnet-runtime-6.0.10-win-x64.exe	30
PID 1040 wrote to memory of 1984	1040	dotnet-runtime-6.0.10-win-x64.exe	30

C:\Users\Admin\AppData\Local\Temp\RokokoStudio_v1.0.0.9962.exe
"C:\Users\Admin\AppData\Local\Temp\RokokoStudio_v1.0.0.9962.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:2140
- C:\Users\Admin\AppData\Local\Temp\is-K8JOP.tmp\RokokoStudio_v1.0.0.9962.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-K8JOP.tmp\RokokoStudio_v1.0.0.9962.tmp" /SL5="$40128,44762408,883200,C:\Users\Admin\AppData\Local\Temp\RokokoStudio_v1.0.0.9962.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Drops file in Program Files directory
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:2368
- - C:\Users\Admin\AppData\Local\Temp\is-LQMCA.tmp\dotnet-runtime-6.0.10-win-x64.exe
    "C:\Users\Admin\AppData\Local\Temp\is-LQMCA.tmp\dotnet-runtime-6.0.10-win-x64.exe" /q /norestart
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious use of WriteProcessMemory
    PID:1040
  - - C:\Windows\Temp\{8D788D49-116C-444E-8665-B1012A1115D2}\.cr\dotnet-runtime-6.0.10-win-x64.exe
      "C:\Windows\Temp\{8D788D49-116C-444E-8665-B1012A1115D2}\.cr\dotnet-runtime-6.0.10-win-x64.exe" -burn.clean.room="C:\Users\Admin\AppData\Local\Temp\is-LQMCA.tmp\dotnet-runtime-6.0.10-win-x64.exe" -burn.filehandle.attached=180 -burn.filehandle.self=188 /q /norestart
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      PID:1984
    - - C:\Windows\Temp\{3CFC90AB-3A7C-4377-B2BC-C1B031F932FB}\.be\dotnet-runtime-6.0.10-win-x64.exe
        
        "C:\Windows\Temp\{3CFC90AB-3A7C-4377-B2BC-C1B031F932FB}\.be\dotnet-runtime-6.0.10-win-x64.exe" -q -burn.elevated BurnPipe.{D60B6CDB-2913-443E-B4A2-AB0A8951B3DF} {412717AB-A9C4-4B1D-A732-63E27442EFCD} 1984
        5⤵
        
        PID:2064
- - C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Studio2Updater.exe
    "C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Studio2Updater.exe"
    3⤵
    PID:2032

C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
1⤵
PID:2556
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 57532256D41CADDE03E1BAA2860559A1
  2⤵
  PID:1044
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding C1DBC724174934B1C24D5ED00E0C71AB
  2⤵
  PID:2996
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 86F1D0A7C16E9995C48133B20E7C9ED7
  2⤵
  PID:1036

C:\Windows\system32\netsh.exe
"C:\Windows\system32\netsh.exe" advfirewall firewall show rule name="Rokoko Studio" verbose
1⤵
- Modifies Windows Firewall
PID:2256

C:\Windows\system32\netsh.exe
"C:\Windows\system32\netsh.exe" advfirewall firewall add rule name="Rokoko Studio" dir=in action=allow enable=yes program="C:\Users\Admin\AppData\Roaming\Rokoko Electronics ApS\RokokoApplicationUpdater\Rokoko Studio\Rokoko Studio.exe"
1⤵
- Modifies Windows Firewall
PID:1488

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

T1543

Windows Service

T1543.003

Privilege Escalation

Create or Modify System Process

T1543

Windows Service

T1543.003

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Config.Msi\f768f97.rbs

Filesize
55KB

MD5
5d82e88e531f236536739a9b7d58f69d

SHA1
839daec3e42f85e1047fe22a2d6fc38596102a83

SHA256
8f1da4ff9a89db6f3fa4396533156cca2d91170d9e9fff4fd4315d16be6109a0

SHA512
736c2d04d41854ac619a43f265bd820eacc914ba1486d6cd072150eab30e80f8c7574aedc729332192da8342bd1c04a58fe79ec6928911d8ab0f911416491615

Download Submit
C:\Config.Msi\f768f9d.rbs

Filesize
8KB

MD5
b7b828372e7ff2309fe4d11c36df6a52

SHA1
505fb1188b92e64cd14862e91811f775afe3a33e

SHA256
17d1093387763cf8621cf798369f3a60259dbaa55f711e1c4dc5619ebf656733

SHA512
ae794d8d20bfd0ee1ce3e8f5baf143014bbe8f8a21ebaabb98646f4e020434a3a93d141aa04f240838dae742f9aea4ba29905d4cdf57ca982540b79cb19dddd7

Download Submit
C:\Config.Msi\f768fa3.rbs

Filesize
9KB

MD5
25dd31987b64e890a439a5518e6cfa34

SHA1
2a9476d61c53e94c9afceffc705e5f8f40f9a81f

SHA256
a88e418e945fb06abe1fe3ca9745e21557d7e08cf1df802b6eeeb4ce416d3112

SHA512
e4604ee021fae4da095b87102a333980b6c102913e398fd9b840cc27197fee5cf00a02d795e549f6ec55ea887ff309cc0d2b23c9a34af533d09c2ac071de6df1

Download Submit
C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Avalonia.Animation.dll

Filesize
66KB

MD5
fa31ec4a36884194133b70034c466463

SHA1
c9cf1ee64b20956cfae7b0e5ca6fa126a7712bfc

SHA256
8a73cdfc1c88e4c7db1a42c4f5ed1f79a608674366b1f78d85e89195baa0a132

SHA512
c8afe458c97837a272343be4a77a0ccac8f515902165293e6971eac849c94b7155f6749be96e39fb189b7a0e2633905eb0c569be50cf25683bb1a55edd1d84be

Download Submit
C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Avalonia.Base.dll

Filesize
294KB

MD5
6547b376a50d19f1ed589a5ac9bc4fa9

SHA1
34ac7b9caa230e9ad219b903ef386fea1ee61aa1

SHA256
61b24cd0739643f3210fa56bfd0c71d4f7b9634e857cc9d8b3d6cc5805c76325

SHA512
a89fa78c9a566c3984f14c3dbe50f1f30b2ca8d0f4dd4138f2e0957ae083db0ef0dbe7ea1c4abb80bb9899d738f243edc330f564c73b5fe0d7bf0dfe8bd6dc7a

Download Submit
C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Avalonia.Controls.dll

Filesize
254KB

MD5
202008b7fd89b0f78b2c00a9d336fec3

SHA1
cccf3972ae7e2cbe4f0070ae6b4341e718656ee0

SHA256
d5ed273265f53adab16722284a78f90f53e54399db9e8e4988bc9db43e171170

SHA512
f127a263560b58dbf90161c67a6926772ab27266c4d5f9bd18f11b4b3ede1e90c21e14db18b63b39f899ee1e01229f572456089442689f29b0ab859396ac2dbb

Download Submit
C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Avalonia.DesktopRuntime.dll

Filesize
35KB

MD5
bc837da881ea1acebff0d44718012a71

SHA1
97430cf097a84cb9cce83db6f5343b0c825bba46

SHA256
0329a955da72ceb02919ed99af7dcdafa1e35ed7edcb87d2de32276d92994d72

SHA512
93bd45caf58a2da0e835a380b31edc473b5fbfc16f1081c03a26327140d794ab12c016c47e746ebcafba52a86991614186d8f1a25e6e84320489b3866cfb0012

Download Submit
C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Avalonia.Input.dll

Filesize
116KB

MD5
70385f3d931d5303d67726bb2e327554

SHA1
099b0b0b9f8be85ce0db7b239a19de3afb3c30e2

SHA256
bb331558aca25cd56ac702e173c790fdeaecf4bc4af7133f2552d079491da5ea

SHA512
5231b41578d672159815501e003e0c5cd029e4bc6f195e329b27da80ade6f9cde0ba6bc4536571990a89d1a32a84208847caf69562f555c165e60952b32c3088

Download Submit
C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Avalonia.Interactivity.dll

Filesize
28KB

MD5
84766ad61197313fa53b52f6efa9e60f

SHA1
15146b48c23f3db9af330abde63e33a2e64ae960

SHA256
6e5ac097279c9a0d205473e00771a3e19537de020a8e9898bcbf439a6ae25dfd

SHA512
b4a6bcdc57faa30a7cd579692e3d820fad81c6820929c7ba099263805b09630e41061272e89ad6cf4e4b8043ef30fb67103eaae45d458d094960ee1ab03c630c

Download Submit
C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Avalonia.Layout.dll

Filesize
91KB

MD5
ee1bfe00d4848f130fa9ef7b569abdc7

SHA1
d341da8e99598b26fcc04ae759b111158471c019

SHA256
679ff4ce7f13d2de065305451d72817f28bc04795052b0c19805f2be94282fb6

SHA512
d9c45a7f7e2e9aec9e1c03d0b19cf7edd0b90cfdb28ccd58e58567bca7e4ff460838790cffcb95086d7385afd37dd45107b04ffa2be44b3f8c21bdbe35a20540

Download Submit
C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Avalonia.Styling.dll

Filesize
97KB

MD5
756478839170170faa1415d6b2a41734

SHA1
3b2258f7a1a9c484c54f040c0e96ccf7062bec8a

SHA256
ad5d0030effb60c14cd4c85e3a52ba7396f2a564d81f40bbb13c1a4f69b9ef1b

SHA512
8356a9f9b7607dd52b8895212dd917e21c2126e5bf60abead717d8ff03f6406e4937ab4e3ac698229d58bcf37d369b881d0db780c47a6d7a32e0544722a51fa8

Download Submit
C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Avalonia.Visuals.dll

Filesize
268KB

MD5
a2eb3b9b0022c962bd7b985e8084d33f

SHA1
51037b65dad42c548b72dd3adba37fb451b0175c

SHA256
4237a3f47775290cf5488ddc7613df8df53cf881caf122f148298beddec4f6bf

SHA512
7bb89eaccd868b6fdde593955ed9cac77669f93837769c5c7b3d15f242c164d90847f033cd10ac7b90bac7ea84ccc7839d4b15e7c0cc2e3786d2090b1dfbd689

Download Submit
C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Studio2Updater.deps.json

Filesize
33KB

MD5
5c4c738244ad33d865347e33d4d42206

SHA1
15c4c3d7d82c7d19c3d6c89083d8d8b464deee9a

SHA256
2b6ba6d23e47cce810b4d6bb277a6facc60ebe4ec9477c69aad0bddd564e19ed

SHA512
378807de970a7705ad448f5394a265fbf8d73fae0c62de4d23770ae8402ec3050f3443bc64b7e5b667bf5509ae26ba2c93acfd9941f41f4d8d288d15c84f401b

Download Submit
C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Studio2Updater.dll

Filesize
331KB

MD5
0d0a96c4c3282ab3d429163537516e36

SHA1
675d0d1923174f7ae760d08cd67e07628bb36afc

SHA256
b5ff83174e0be0e4e3f2ccbf3a5c39e9f18a9e2cbde4c22294ea26364fe6d063

SHA512
9d01f1e5eae10e9c931e6186ea3d70259b8ec58c5aa6884110ebd8431d8726b257ce4c6f95a08953e372d398a3a26ec2a12a32db393761a512000931cc778898

Download Submit
C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Studio2Updater.exe

Filesize
250KB

MD5
6ac6a99f1d33e4ddfacd093e1d6089e2

SHA1
5561aabd4fb2e4f936a03cbdf2bde09653aca5cb

SHA256
c24ce54d8c5820dcad631f093434464de68c851b3e3640acfc7a9254fc056b01

SHA512
e5575b187997a506e1037a96dc1ba85fb57a4ebce5b23b1b21fd5ff5c72384edd4e403710bb04a551aa0cc8d2c90118c4e6b6edc30d6fde77169adbdf0844ce4

Download Submit
C:\Program Files (x86)\Rokoko Electronics ApS\Rokoko Studio\Studio2Updater.runtimeconfig.json

Filesize
253B

MD5
24e4653829de1022d01cd7ddd26e2f22

SHA1
9160a009cb381e044ba4c63e4435da6bfeb9dc6d

SHA256
ded3aeb5856a11db0b654a785574490cab55839ebfb17efe9e39b89618fc5b91

SHA512
efd4bbba1baec0b47003831510e3aa539db9ef468e0f06ba9d7ba6d0b3800035f7c818d7d90171bfd377ec97d08c4617555bcff635dd83efceb412b1a9cca820

Download Submit
C:\Program Files\dotnet\LICENSE.txt

Filesize
9KB

MD5
31c5a77b3c57c8c2e82b9541b00bcd5a

SHA1
153d4bc14e3a2c1485006f1752e797ca8684d06d

SHA256
7f6839a61ce892b79c6549e2dc5a81fdbd240a0b260f8881216b45b7fda8b45d

SHA512
ad33e3c0c3b060ad44c5b1b712c991b2d7042f6a60dc691c014d977c922a7e3a783ba9bade1a34de853c271fde1fb75bc2c47869acd863a40be3a6c6d754c0a6

Download Submit
C:\Program Files\dotnet\ThirdPartyNotices.txt

Filesize
78KB

MD5
f77a4aecfaf4640d801eb6dcdfddc478

SHA1
7424710f255f6205ef559e4d7e281a3b701183bb

SHA256
d5db0ed54363e40717ae09e746dec99ad5b09223cc1273bb870703176dd226b7

SHA512
1b729dfa561899980ba8b15128ea39bc1e609fe07b30b283001fd9cf9da62885d78c18082d0085edd81f09203f878549b48f7f888a8486a2a526b134c849fd6b

Download Submit
C:\Program Files\dotnet\host\fxr\6.0.10\hostfxr.dll

Filesize
366KB

MD5
7a6cb049ef08bae6b0ae2290c7bb382b

SHA1
cbb75f6a400723469d36e4a105de5f79169dffdd

SHA256
0146e0888c21e8fbe66628bd664c08e0283aa2f5eeb00752aaabd91b4afd1b76

SHA512
ef2553ce60b5a2c3c193e325ae9412ef817af3de1205acce449a2050184933c1928d36313c33e5ffd3d7ce73b73e59fee4b7d3fefe0f8a9c5929fb87307076b7

Download Submit
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.10\Microsoft.NETCore.App.deps.json

Filesize
32KB

MD5
6db1f8f6ece266f8f27b1e2468dc0ef7

SHA1
d1c09b203e69017b08244e1f6a32b58b597667cb

SHA256
0150d4ef9fa01236786d4e36f2bd88af8842fc5758631aa59209147f89b3b6e3

SHA512
fd67e3c132f657bd92be318d0f75a809c88de7bc213a1c812e86666af403a4000aa972e3e39c386f09fd0bd33b354c6e34afe73f75eafd04aaaa2af4f09bd6d1

Download Submit
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.10\Microsoft.NETCore.App.runtimeconfig.json

Filesize
159B

MD5
3fbd84a952d4bab02e11fec7b2bbc90e

SHA1
e92de794f3c8d5a5a1a0b75318be9d5fb528d07d

SHA256
1b7aa545d9d3216979a9efe8d72967f6e559a9c6a22288d14444d6c5c4c15738

SHA512
c97c1da7ae94847d4edf11625dc5b5085838c3842a550310cca5c70ba54be907ff454ca1e0080ba451eacfc5954c3f778f8b4e26c0933e55c121c86c9a24400b

Download Submit
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.10\System.Collections.dll

Filesize
45KB

MD5
423135a5a1123a3a745abc505d739034

SHA1
94e61840f6d75c1ae471e699529fc30e9ddef044

SHA256
8c14860877c6d6131176f18021d7c8807212cbf55232a597e5b14ac2ec3db93a

SHA512
3ee92b7592ae4b973bca6a1ec2dc6a0aa03a573d3ce913525deeae6a7e1a96bb8537dd43bf962cf01cf9abda905b696438a2ce55c44543283364a64e400b29ae

Download Submit
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.10\System.ObjectModel.dll

Filesize
89KB

MD5
302e6974cc6b2ac54aab8b7535cc1f40

SHA1
64041c4ed8c8c71683f7d6496a1ed3bc07c35155

SHA256
a636e8b3620dfde2a4fdaae79a0f5307cecfac3c800ebfc03cda0161c2ceea82

SHA512
00df8cf07ac06e3d2345e1365d7d0dee690a052ae7b731a8c49af0013469f8545b7211cc8514473a0139b8c5c6ec9f9061955ea2923769fc8994291bb78c5f24

Download Submit
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.10\System.Private.CoreLib.dll

Filesize
198KB

MD5
370cb706b88bb2d02e8dc69a3194e6ff

SHA1
ca3f5d6310e9bb8cda4eb48674a5808cc296c1c5

SHA256
da7813539ae1d03845f9faaf9705b007ac0d47b6bd6c50a3f264b27721b13123

SHA512
5ab74be0ebe076e7faa6115d80bc2f7d86437ee77ea914d7461ff1c03bebfa6c6274b0dc8c027622688ec36a67eddad6a1109b6db9a04c022ba1349e5eb83e1b

Download Submit
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.10\System.Runtime.dll

Filesize
41KB

MD5
ef31886f30afaf4ea5f6cb93f5d3fe77

SHA1
3aac1f2f1771eddcf5d6e56340b523224ca8f623

SHA256
954db53722dabbfe7a7fcb4e09141f7aef0dcf2b631285b80edd181af668f2de

SHA512
cc41e456ddf9372d7d9288f857d57d72829d25f69c83be768400fcc35ae19c1c22dd486f1f670cca8820ab1907661c2acc4c0f4eddeee77582f86b389258847d

Download Submit
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.10\clrjit.dll

Filesize
374KB

MD5
70a3e9e0f3cbf999c9a31fdd13b634bd

SHA1
0610f570b03ce8a1755ab402ca1b75fd456f1262

SHA256
2c01c73ba5b7180211681b7a3f979d8c003b317b998d6fd1e40a72bd8ca2045b

SHA512
190e8a322bc0f235de2831e5ff63b3582d654e67cf5fa5da6ddf9a447ca60b21fefc6e4686b8eb746d030a65e3dc202fbc3a8beccc4956537a249df2671aebce

Download Submit
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.10\coreclr.dll

Filesize
342KB

MD5
f1e5a08fc0e6439aa61fb2f6a7015e9a

SHA1
b7dddd18fc9105ba8548d0af41e25fa18d83cacb

SHA256
9abf23ac4897006e26bd71f2c09ee3e35bcb7986d01f79b7347fb6f7c4919edf

SHA512
cc09754e8eac6f0f6daa282f5bc5d0b88da056665655f0386196067d8646d11987ef94211c6488811470b3dad16b72406cd084f26ea79a28f6ec5f6b98baa571

Download Submit
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.10\hostpolicy.dll

Filesize
226KB

MD5
073bd9d16566e78cb1245a01991e39c8

SHA1
e18fe440039d1efdb20bd22f7cca99ec5d7ff2c5

SHA256
1884321bd3456a2a39d39a33d23cc71d6bfc2b19bfd62893e79a884f31041638

SHA512
de171a6a0c9926bdd459d72511df0e7f42d4e7bafeba30b8916d3925805df8b01d1d388b2252f7eb206bf86a2cd6a2d8cee263dd87b0f19ed977e75740c5ad6e

Download Submit
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.10\mscorrc.dll

Filesize
143KB

MD5
83e9392df1682a9655db98ab65231d91

SHA1
d54f8eb699474b95c2e09b4f3eef2ef688404367

SHA256
f0e1ee0df485bf507117d704f313b4ea1d73be14a500b6de2d636e5dd3816099

SHA512
8a4042ed32a39a76cb8fbaabac50e31e04d0e085c25baba10e234e47a7dc57705b94ca8f0f8e33665a3e0bb0266416248c435f78f09319fef2825cae6960ad0d

Download Submit
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.10\netstandard.dll

Filesize
99KB

MD5
23a2fdc1fe32e4e61ff9f63a3d51dabe

SHA1
3227fe47da09827dbc4b4d06994309cbf9ab76f3

SHA256
dfc8396347e6001b6cf774903aa8763285a4c69cc0596773732f91b95f8165e8

SHA512
686ca3b09fe170e72ac11647467a05de530ddd1a2cf60c2be36471f1cdf66ffb7a23435ceac76732249eab577532bb0e9f990fee20840cd950a6ddcaac77884c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4c386aa8d2d7fc692f813f636bab088e

SHA1
a59e2fbc23a0306b7c1b3267c4d8f51517d773b3

SHA256
75b615e7981948990260dfbf381caf4cb689ea74e7e47c3651e64971d9b1a0f1

SHA512
5e61e8a139033f0265bff21c9c77775a10427665ce80a1bb8974c570f2be778f2c141c7dabe7e7e7c91803e231637cfa1254476ee2741fb40b4a351778f64306

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ef8279000c42cc4b62db159ce7a5f874

SHA1
03014354fa7032c214c70ce7de1c356f1e32b77c

SHA256
e771e67be73896924094dad6f2b82314bc3252db6b0fa3303ee82531d7979d19

SHA512
80faec73ca6c60a92a206c4be258c000cc997a8373d88b30eedf2706a43e273c6c14336c15f5fea73900a600f289bdaeaeaa7f6d398d849dec8afb18f3ed0226

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab9040.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Microsoft_.NET_Runtime_-_6.0.10_(x64)_20240117185905_000_dotnet_runtime_6.0.10_win_x64.msi.log

Filesize
1KB

MD5
86c54695cbbebae58d598212a60c980e

SHA1
36973b80792c00d7c9718473b6ade3c3932a45ea

SHA256
54bf53a240f3a998c240f1f6896f0f5591bfbbc2059c0a3af82b73fc8950128a

SHA512
679830860216f07f4c9b88a09d56bfcbd0135de52f31a5d3c39939d73638235fc354fbdd6a921d95f30a586ad8af0d466c7f85cc8bb66913396ba83da99b8eea

Download Submit
C:\Users\Admin\AppData\Local\Temp\Microsoft_.NET_Runtime_-_6.0.10_(x64)_20240117185905_001_dotnet_hostfxr_6.0.10_win_x64.msi.log

Filesize
2KB

MD5
d0ef22bc548615ab10fe9f5dd7c93b29

SHA1
99a8a3fe59f02f4b4538f26e1276e2d340ecbe5d

SHA256
a91230dd8fe81db5e5231d74cc7701a5ff57658e7b244ebd8a7e09ca0f8ac8cb

SHA512
24d11443d20464019fc346f7221f8f0e82d39b090a7607f297b08d80fc2df51e240eedc72b427666d406d9c7b8767c7e2d3fbc1b7f1ad932e7abd55fd2deefa6

Download Submit
C:\Users\Admin\AppData\Local\Temp\Microsoft_.NET_Runtime_-_6.0.10_(x64)_20240117185905_002_dotnet_host_6.0.10_win_x64.msi.log

Filesize
2KB

MD5
d189f2f9447be56558a4256228f8591e

SHA1
cf6c2c0a0d9ac430de21bd3b22b6872b6486065d

SHA256
fbd869c5b064be3b4df3f50af5e9e4696feb8f27959d7222ae6b46ddd546079e

SHA512
1337005fa01673c4cf6f85c403ac9934c11653e454d987c5709849f816f494c8fe3ee8750c7552e0b0affb673928a4d51eff13145fcf5845358c711bc84886f0

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar9053.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-K8JOP.tmp\RokokoStudio_v1.0.0.9962.tmp

Filesize
3.1MB

MD5
1e101b1900787cd231bd90c6da92c956

SHA1
958d3f93a9e64247791623c111d16b45d17b6e99

SHA256
d0030c5bfd6398bfb368106da4c08dbf2193cc41c9b2dc6274d5c37538573743

SHA512
6cd11215d625cc708ae0e55a5e70bc4ce73ac123c557cc2496f53deb095b436a6d975ce34e5ec203efc638e43954b48cf2769106563af6cdb19c5b1cd4657b85

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-K8JOP.tmp\RokokoStudio_v1.0.0.9962.tmp

Filesize
1.7MB

MD5
3697d29c81a8280d898763256cbd6e88

SHA1
3ddb25f7651fb5913a15e0e538b41a0d03b8eeae

SHA256
ad31c4710ac3cb5311d6762eb51c73223578a270e3de02f0d28c7f5d5723189d

SHA512
46a723fc4bfa30c990e03feed0cffc96d425341b602d6142edf61c52b650c6dbb64f16630854c60b090098a7b226df24c65411b02ffd0d32db9f92dcff91d3ac

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-LQMCA.tmp\dotnet-runtime-6.0.10-win-x64.exe

Filesize
1.4MB

MD5
e5c7ad8179d6b7b625b860b5458c89ee

SHA1
69594653ad68b2d124911ddf5aac1fc2f78a4105

SHA256
a24f1b1cea9aa489be900c0193bc2b6d6ff2ca96339d4746daed477b17345ef5

SHA512
79f4f043c03bb63eb7730ceb09895a3a31ed6d29870f80149d6b826f1cce518ca9df0412b66a644fe9c89756af151846700fb558ab825cbc9c1d32953f3f6716

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-LQMCA.tmp\dotnet-runtime-6.0.10-win-x64.exe

Filesize
795KB

MD5
5ff5e63bcc5cfec361875d153d69fbfa

SHA1
629df9cb21b231ff0d6d2532ec8430e7d08a0370

SHA256
0b739bccc67e347c2336b82febbc024cc95e06ef015e3bd902122bafd8d23ed4

SHA512
f46bbef3cba34416c5d85447e8e38e41dd43c16d30b058382399d441827faf605461d3b304052ce947a2b0e64ffcbf8e1faddc1910391f24d19d80fed9ecdb60

Download Submit
C:\Windows\Installer\f768f98.msi

Filesize
269KB

MD5
91e9c60dde7a7c198f4d32e9fc7df00f

SHA1
91fe0fd9cf5aac012f4d605ba654d8639ea76333

SHA256
07d73b87c20942a5195e408dd18d15f6904643ef8d41eed30190792e4fe72ac0

SHA512
62606b0b09c81906c1ff1b4f7eed3b02c3c7a0defde83b87957421d8121122e00da700f8687c8f206defea0ce72d24c80a601c90f8ee9e4d71f03c0a915905c2

Download Submit
C:\Windows\Installer\f768f99.msi

Filesize
214KB

MD5
ef655c829d6b03ed0ab4242146ca3ec8

SHA1
cfc4fc1d102dedcb9dd02471d4ec1237f4beebe8

SHA256
31df4264eff9915938f3a826372a300e364c084a7253fab1db8e711f7a084ae1

SHA512
29e3d0af450c344c669ae96a1cf857aaf9ac3eb5b7d688e3c5019ca5adbf7967221db92521c4416eb6fd43eb7c476c30628e778146d6f25519df03ee01df26d3

Download Submit
C:\Windows\Temp\{3CFC90AB-3A7C-4377-B2BC-C1B031F932FB}\.ba\bg.png

Filesize
4KB

MD5
9eb0320dfbf2bd541e6a55c01ddc9f20

SHA1
eb282a66d29594346531b1ff886d455e1dcd6d99

SHA256
9095bf7b6baa0107b40a4a6d727215be077133a190f4ca9bd89a176842141e79

SHA512
9ada3a1757a493fbb004bd767fab8f77430af69d71479f340b8b8ede904cc94cd733700db593a4a2d2e1184c0081fd0648318d867128e1cb461021314990931d

Download Submit
C:\Windows\Temp\{3CFC90AB-3A7C-4377-B2BC-C1B031F932FB}\dotnet_host_6.0.10_win_x64.msi

Filesize
1KB

MD5
e0b8430b1e3319f06f71ce0c73586a7a

SHA1
4b4703e4f16c81997dbdc1e8d2c5228a4da2bd3e

SHA256
051af0f5dfe13f98054c52b6b6bb29eeefa8d0ceb9b771a48e101432b169101d

SHA512
44cc78c4775e4798f11df8f90917e1c55816341a2a33637a91fd89291263055f14abb5f6c0b8a8be404a3baa824f97670d8b46468b71adf2168038080465638e

Download Submit
C:\Windows\Temp\{3CFC90AB-3A7C-4377-B2BC-C1B031F932FB}\dotnet_runtime_6.0.10_win_x64.msi

Filesize
215KB

MD5
45547ddeba4d914958ba10cfa812dbd2

SHA1
2865a17235d58160621e8d4a17cabbbdb88ae549

SHA256
84cfdb4b1421d7d53683e30cec4712f15197a54eb76d93b45aa33a8ccc646c9d

SHA512
5addf092e2e38cf149496579d6a774c2c598c55ffe400d10922e7033632edaca81e8e9386a67a3a43499c8b201532d1fab0bd63bdfe8b3057c0434c8040d324b

Download Submit
C:\Windows\Temp\{8D788D49-116C-444E-8665-B1012A1115D2}\.cr\dotnet-runtime-6.0.10-win-x64.exe

Filesize
609KB

MD5
3e655f447311b65244c46b3c2767359f

SHA1
d71dc9710f2c6eb25b816e3b49bb70103060ec4d

SHA256
df18d5985e69e16bb0bfa1a41f6f27d363948b78127e3573da301b29b3f30d68

SHA512
d89ae67e0b090b2bc49eb0c9c3ba6a644fb4c3d2dbd4c2ba5d99e5be6267c3c4c174ef8e312d2b7b4853cac840e51bab834b3ff297cad52f29fe956f00ebfdbc

Download Submit
\Program Files\dotnet\dotnet.exe

Filesize
133KB

MD5
cabf964efe8482fa54a2048c51ee6f75

SHA1
06ef72082479cd4fdb78ae178fb7c884c2a9556d

SHA256
5912a35b708cf92e703898a16fc8e16eeb062b152f27b66cedf22726db091411

SHA512
3d08e1bda18d450d2cd66a50c85b20aefd08e0ad57e15b2e02694618ed789cea311b83c7f4bdee5ce525c67f0474de3dd59204cecf224b8e1e05ef60acadb021

Download Submit
\Program Files\dotnet\host\fxr\6.0.10\hostfxr.dll

Filesize
83KB

MD5
0ba26789bfccf871993d38ee072c061e

SHA1
ebe4d8f3422a5f31fda8b1bcc4546b7c627b3b5e

SHA256
3d75a17aff91e7d2e6df8aeee02af2f2817af17d2c34b875d2091561d7c08fa5

SHA512
3f574649777eb5acc4c17e513dfc03421bc0c1b8778db9bd05744f20df788f78c3a3aaf222c8955eaa65b9d2cb164a93e9b63fb61df495902a71ee6f1d97f583

Download Submit
\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.10\System.ComponentModel.Primitives.dll

Filesize
73KB

MD5
7e3fbecc43fd1f2cf8c217343b25b24d

SHA1
91d24408afa1ee36e86aecf5733e6242071e7889

SHA256
4cad8487b75655e64fb4faa75d13a86a80d49245824311b9e758f743823ff747

SHA512
3c61d9324f5a26c699036757e53fb2996f3d617cf3c2da6cb2c0d9a5b6adc49c1a6ef601e637a45e0f20220d2be094ce5cbc8455d6a77c6b94e352de47c70709

Download Submit
\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.10\System.ObjectModel.dll

Filesize
26KB

MD5
5e915d4bcb75b046dbd141ad865c4c57

SHA1
df9c3f13439a97de970320768d8bc6627aad752b

SHA256
e153cef87ce20dce13bb6fda829d4a0135fa97d85329718daf0e5e201e657643

SHA512
1aea35915c413a708dc997552bcaf1ba3a5d08830da9e8cd02bdafd932fdb3d442e26f75ad7796a9796559b61fd5b8c35416312f8bd4527e5b4289aa00b67366

Download Submit
\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.10\System.Private.CoreLib.dll

Filesize
23KB

MD5
8cac88c3578f77293e4d6a9982f2f3c7

SHA1
22760d51289224d5f124cfbaa69674cfc16a94cd

SHA256
6856551a77de528f02f18903562fef2b5d0f1d6d9e2cad06a0c68e02e9b3258a

SHA512
91d304ee9a8354a5c5ce1aa33390b419839b42ee08a977125803c4a9b98594b20c7f8fa7d3314ca4760bf5835cb554468245263df0986cb232b9fd9e98a006bd

Download Submit
\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.10\api-ms-win-crt-utility-l1-1-0.dll

Filesize
20KB

MD5
fcd6b29932d6fb307964b2d3f94e6b48

SHA1
be560f8a63c8e36a7b3fa48ff384f99f69a5d4f7

SHA256
cfb2ee4e426bb00b76163c1a66cf8cfef8d7450cbf9bbce3bc9eb2053f51e0e5

SHA512
3edfcf559f1e21870277358e6d266a1a0cea68b163b11c73108f3b6a56006d20b51410a3b4ea39bf80906bf6c9d573e1072697cfcd6a3d37e3679ea54757c69f

Download Submit
\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.10\clrjit.dll

Filesize
10KB

MD5
d9df42a46a246223fd30e0db28fa3240

SHA1
2b3a8bfc7b89eda5555c19f7dc0f7a98d33bed95

SHA256
f7e97eac27ca91faabd315f513d6db39005781466d51911075a20cd98f8400e8

SHA512
1c126a03bea13448fdc17ec487da056cb6938efec2c29d579845a7979138384947488ce867c986c6bd4148952757610d53ca4d3b98b311f7416f98ba97e6c6e1

Download Submit
\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.10\coreclr.dll

Filesize
333KB

MD5
3115e0f5305f9d3dfa72a4f069e93e7f

SHA1
ab9a12d8ab5e05082b4eaeb922d670a2891dcf15

SHA256
a985ce6486faa56881165557824a41ff54635650580e673e20e29d5a17d6c329

SHA512
e42ee848795f7d26b03d7468716502954a1f3e0be80b54454cd379d5cea5e2836dc3958445b7ae3d12b2cfd79fd3b304e58b4d534061cf94b45a8d2cb95b867f

Download Submit
\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.10\hostpolicy.dll

Filesize
383KB

MD5
7fdc2fcd16097614a67cc60d6a6ebb3b

SHA1
2cbd3985b7c2017ec4e1818a192db4979eb4c68e

SHA256
f786d5839f5f409b4028b304e577688f1cc115cd5cd5389be41e4531ebb3d244

SHA512
ce7d939dd110b55a1d087d0dae91bedf014718baa3a6eb60c2dabebf9137d0e1742b4a7af0815885487225887d563aa3ec5126f69dbebb516e85c9baf5aa0a3b

Download Submit
\Users\Admin\AppData\Local\Temp\is-K8JOP.tmp\RokokoStudio_v1.0.0.9962.tmp

Filesize
2.0MB

MD5
72aa8c8e604f8fd8631da14cbd9c3063

SHA1
8747bbc6127fea8ba291da1c8799a53c7eef0af6

SHA256
35e611bb929baaecdf419a6acd56cb60396abf5a499544cbaa9dab714c461f56

SHA512
bbe08230316a5c5c770a0197f0a60e12a37e21ccb4a6aeb44310ddc913d745846119b6e1a64fe0273ac3ce8df62a3e4ce1a0717b786924e53db82aa131611bab

Download Submit
\Users\Admin\AppData\Local\Temp\is-LQMCA.tmp\dotnet-runtime-6.0.10-win-x64.exe

Filesize
1.4MB

MD5
7012cc5f5820744258f99191d8446e1b

SHA1
7852f02c363618b49f936e7c1992c9ea15f8f65f

SHA256
69caab6193d8328e44a86a33e1513d9da9b8a36effd0ffb624403ed46e2e58d1

SHA512
a9b86a223a52c9dc52983c1fa5ad0c82b6bdef19f544fd068fa7b6184a2d643f00b016ffd3cb7255d47d14968310cffbec58535cf49c642e92bf30c79ba93afe

Download Submit
\Windows\Installer\MSI9A63.tmp

Filesize
225KB

MD5
d711da8a6487aea301e05003f327879f

SHA1
548d3779ed3ab7309328f174bfb18d7768d27747

SHA256
3d855b58ce7da9f24f1bef8d0673ba4a97105a7fd88433de7fb4e156b4306283

SHA512
c6d1c938e8a0acf080dcab1276d78237e342a98772e23ac887b87a346878c376fb0af8364e52a36c5b949005aa3218308bc6193f8b580f622ef39d9955c7c681

Download Submit
\Windows\Installer\MSI9CE9.tmp

Filesize
142KB

MD5
96344b0c9557f2d14dc1a0e5590ab858

SHA1
2e30bd06d38fd093e5054f8e41be7014b42fe16f

SHA256
b81add94c83a5b6d880a17c48f6cd13012bd259a36be1ab5f1db9a2601b6b04f

SHA512
08d70921c0597256489e65811ff7a30610bd5c0d54d3af6e56f827699c58f73104003caa16eab26e27e49187a7bd52872e08fd76d98a2ce4a1af9b6e63add137

Download Submit
\Windows\Temp\{3CFC90AB-3A7C-4377-B2BC-C1B031F932FB}\.ba\wixstdba.dll

Filesize
197KB

MD5
4356ee50f0b1a878e270614780ddf095

SHA1
b5c0915f023b2e4ed3e122322abc40c4437909af

SHA256
41a8787fdc9467f563438daba4131191aa1eb588a81beb9a89fe8bd886c16104

SHA512
b9e482efe9189683dabfc9feff8b386d7eba4ecf070f42a1eebee6052cfb181a19497f831f1ea6429cfcce1d4865a5d279b24bd738d702902e9887bb9f0c4691

Download Submit
memory/2032-846-0x000007FEF6030000-0x000007FEF652E000-memory.dmp

Filesize
5.0MB

Download
memory/2032-844-0x000007FEF6030000-0x000007FEF652E000-memory.dmp

Filesize
5.0MB

Download
memory/2140-1-0x0000000000400000-0x00000000004E5000-memory.dmp

Filesize
916KB

Download
memory/2140-10-0x0000000000400000-0x00000000004E5000-memory.dmp

Filesize
916KB

Download
memory/2140-849-0x0000000000400000-0x00000000004E5000-memory.dmp

Filesize
916KB

Download
memory/2368-315-0x0000000000400000-0x0000000000721000-memory.dmp

Filesize
3.1MB

Download
memory/2368-132-0x0000000000400000-0x0000000000721000-memory.dmp

Filesize
3.1MB

Download
memory/2368-11-0x0000000000400000-0x0000000000721000-memory.dmp

Filesize
3.1MB

Download
memory/2368-8-0x00000000001D0000-0x00000000001D1000-memory.dmp

Filesize
4KB

Download
memory/2368-216-0x00000000001D0000-0x00000000001D1000-memory.dmp

Filesize
4KB

Download
memory/2368-848-0x0000000000400000-0x0000000000721000-memory.dmp

Filesize
3.1MB

Download