f39c0091f56186d91804f2051699ecdd1cce2bc6c51e133250653eff26b8e0f0

Analysis

max time kernel
143s
max time network
119s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
19-01-2024 16:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

LegacyLauncher_Installer_mcl.exe
Size

112.3MB
MD5

71f8ce4a8f559dca25662bbaa496fa7f
SHA1

09899d58b121ef998d894ca01d9be6408be091c4
SHA256

f39c0091f56186d91804f2051699ecdd1cce2bc6c51e133250653eff26b8e0f0
SHA512

f3d5b6069893fc819b915487db6b8c067716c9d961ddfecb9c4b17c2fd4443a333905963cf626e258163a9509a59a5d33f7eb7c7c1108b7d08e27659447d8819
SSDEEP

1572864:OCR3EXzMNaTUn8gquVvsaq/cBwI2ek+b7r0nKT5wfomYadr420Dt7RweD+gT9i0:T3uINa4nR4EBNlh5QjYads267REgT9t

Score

7^/10

discovery

Malware Config

Signatures

Executes dropped EXE 4 IoCs

pid	Process
2508	LegacyLauncher_Installer_mcl.tmp
2600	TL.exe
2852	javaw.exe
2356	java.exe

Loads dropped DLL 64 IoCs

pid	Process
3040	LegacyLauncher_Installer_mcl.exe
2508	LegacyLauncher_Installer_mcl.tmp
2508	LegacyLauncher_Installer_mcl.tmp
2508	LegacyLauncher_Installer_mcl.tmp
2508	LegacyLauncher_Installer_mcl.tmp
2600	TL.exe
2600	TL.exe
2600	TL.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2852	javaw.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe
2356	java.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 4 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	javaw.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	javaw.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	java.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	java.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2508	LegacyLauncher_Installer_mcl.tmp
2508	LegacyLauncher_Installer_mcl.tmp

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2508	LegacyLauncher_Installer_mcl.tmp

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2508	LegacyLauncher_Installer_mcl.tmp

Suspicious use of WriteProcessMemory 21 IoCs

description	pid	Process	procid_target
PID 3040 wrote to memory of 2508	3040	LegacyLauncher_Installer_mcl.exe	28
PID 3040 wrote to memory of 2508	3040	LegacyLauncher_Installer_mcl.exe	28
PID 3040 wrote to memory of 2508	3040	LegacyLauncher_Installer_mcl.exe	28
PID 3040 wrote to memory of 2508	3040	LegacyLauncher_Installer_mcl.exe	28
PID 3040 wrote to memory of 2508	3040	LegacyLauncher_Installer_mcl.exe	28
PID 3040 wrote to memory of 2508	3040	LegacyLauncher_Installer_mcl.exe	28
PID 3040 wrote to memory of 2508	3040	LegacyLauncher_Installer_mcl.exe	28
PID 2508 wrote to memory of 2600	2508	LegacyLauncher_Installer_mcl.tmp	32
PID 2508 wrote to memory of 2600	2508	LegacyLauncher_Installer_mcl.tmp	32
PID 2508 wrote to memory of 2600	2508	LegacyLauncher_Installer_mcl.tmp	32
PID 2508 wrote to memory of 2600	2508	LegacyLauncher_Installer_mcl.tmp	32
PID 2508 wrote to memory of 2600	2508	LegacyLauncher_Installer_mcl.tmp	32
PID 2508 wrote to memory of 2600	2508	LegacyLauncher_Installer_mcl.tmp	32
PID 2508 wrote to memory of 2600	2508	LegacyLauncher_Installer_mcl.tmp	32
PID 2600 wrote to memory of 2852	2600	TL.exe	33
PID 2600 wrote to memory of 2852	2600	TL.exe	33
PID 2600 wrote to memory of 2852	2600	TL.exe	33
PID 2600 wrote to memory of 2852	2600	TL.exe	33
PID 2852 wrote to memory of 2356	2852	javaw.exe	35
PID 2852 wrote to memory of 2356	2852	javaw.exe	35
PID 2852 wrote to memory of 2356	2852	javaw.exe	35

C:\Users\Admin\AppData\Local\Temp\LegacyLauncher_Installer_mcl.exe
"C:\Users\Admin\AppData\Local\Temp\LegacyLauncher_Installer_mcl.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:3040
- C:\Users\Admin\AppData\Local\Temp\is-BCP92.tmp\LegacyLauncher_Installer_mcl.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-BCP92.tmp\LegacyLauncher_Installer_mcl.tmp" /SL5="$9014E,115846600,1202688,C:\Users\Admin\AppData\Local\Temp\LegacyLauncher_Installer_mcl.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:2508
- - C:\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\TL.exe
    "C:\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\TL.exe"
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious use of WriteProcessMemory
    PID:2600
  - - C:\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\javaw.exe
      "C:\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\javaw.exe" -Xmx128m -Dtlauncher.bootstrap.restartExec=TL.exe -jar "C:\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\launcher\bootstrap.jar"
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Checks processor information in registry
      Suspicious use of WriteProcessMemory
      PID:2852
    - - C:\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\java.exe
        
        C:\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\java.exe -Xmx128m -Dfile.encoding=UTF-8 -Dtlauncher.systemCharset=windows-1252 -Dtlauncher.logFolder=C:\Users\Admin\AppData\Roaming\.tlauncher\logs --add-exports java.desktop/sun.awt=javafx.swing -Dtlauncher.bootstrap.restartExec=TL.exe -classpath C:\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\launcher\bootstrap.jar ru.turikhay.tlauncher.bootstrap.Bootstrap --packageMode windows --targetJar launcher/launcher.jar --targetLibFolder launcher/libraries -- --settings tl.properties
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Checks processor information in registry
        
        PID:2356

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\is-BCP92.tmp\LegacyLauncher_Installer_mcl.tmp

Filesize
2.3MB

MD5
c38d05dba47c1a22d2d171f7f02ca24a

SHA1
7b1b82b896a586e212deb8190231f1389885910f

SHA256
b96378c84a07804d491bb1ed97d9da177419b57efda0fdca32fd5d1a4e1d0de1

SHA512
b1b88135e3e76ac0410026b606f14c2a87354c979ab21ae16e7f3d26b1dd8b29c5fdde87fb41cfb0d0954e5ac7525856de5f1869dc67521f98ff7cef46aaa508

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-BCP92.tmp\LegacyLauncher_Installer_mcl.tmp

Filesize
485KB

MD5
1442b681b31d15ad2d48c2b3d49cb434

SHA1
360c0b23e4e9309c2f7e983a3453daff14aabf15

SHA256
006cff9edc68b96998f48424097eaa7494eac0dcdf5b42878569d3d6c6ac6557

SHA512
8389112e592a94403b1efe24789d1c1d34f7cad9e022b784f52b88e2c4645f7b7f5cf5deb90ada02e119f5237deaebd1ebb23bf968111e650503efd74baae3da

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\TL.exe

Filesize
399KB

MD5
96c64d11cf26ebd227ad754b62d480ae

SHA1
cb40090b892c34feb8ceb995a0d0b90ecfe54acf

SHA256
2b11f487e853e952dc677071202cbe25d6800ccaf3f93a3232c5eed715a1c033

SHA512
0be0c2b657ba8814112a9ea075e1ec6c6a0fb965c7308ba24e40b98ec90e9e60afbe09328c0f6c3aa27b54762bf880dfec4aee5f20d24c3b644288e0be311d5f

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\TL.exe

Filesize
256KB

MD5
c3e682ccb8e393f8c54a85b892152cba

SHA1
be1c158a8cff21b476d10e70ecc2b84de367c1bc

SHA256
ad396cf81509b9f441fa04d13f3e078fee76bd1327405fd22691a4a88006ac5f

SHA512
2fef16c48c4c7799ff0beaa5cbebd56363c0b34f0b073a7285e60313f0a0c465b6328a0ad556d79bffc67ad7fc73e599a57108ffab7da67179a924e4322fdf58

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\javaw.exe

Filesize
46KB

MD5
d5b6b6976511114000dfaea05c8a9c8a

SHA1
122df7bfbc5b058242e0c18fee9d9bc6489d512c

SHA256
3850d4f443b2a97014a1dcb94db893f0b3396201a8573aa4c4b967ff61528ac6

SHA512
cebaee71e2813670534c18a8363a127c6f8ca759b86262d3e69f6d2ee180ed0fc34bfcde63bf1fd3e91088f09c5950cac22be4cb5d875f2901a7b323ebe2f739

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\msvcp140.dll

Filesize
552KB

MD5
cb75d6437418afe1a7b52acf75730ff1

SHA1
54c2da9552671b161cc87eb50fbdb86319b00f56

SHA256
7c4ce9d6bfcd6d9db4eef4e75ecdcf5a8e5320106e80f1eca617439fa43f33e8

SHA512
f58abb740a30467e2d8aedd7eed357da020fdc7d966e245890d102a52e96fea296e122c1d2bc112423fc64b6f5e70b7df3f3eb7de1bf5c2f5f0eb3644f1e06d6

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\server\jvm.dll

Filesize
1.7MB

MD5
70ec468afbba4f86d2ab8ee10283f8d1

SHA1
b742ce29fa2eb1cc0daa74591fe8a07b61a79d73

SHA256
c33f37fa68a7f355ef114f66a01b427810cd4d17e816995007fed01e55e7c2a4

SHA512
9fa2092affd5849f893fda09e0498c173d00b4e8f1aa7f40a23daf8898d94bcf69efbe599f66f5bab51a8acf8642cf501deb310288132939826ee885b935297b

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\legal\java.compiler\is-4KUFB.tmp

Filesize
33B

MD5
16989bab922811e28b64ac30449a5d05

SHA1
51ab20e8c19ee570bf6c496ec7346b7cf17bd04a

SHA256
86e0516b888276a492b19f9a84f5a866ed36925fae1510b3a94a0b6213e69192

SHA512
86571f127a6755a7339a9ed06e458c8dc5898e528de89e369a13c183711831af0646474986bae6573bc5155058d5f38348d6bfdeb3fd9318e98e0bf7916e6608

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\legal\java.compiler\is-6C8LP.tmp

Filesize
44B

MD5
7caf4cdbb99569deb047c20f1aad47c4

SHA1
24e7497426d27fe3c17774242883ccbed8f54b4d

SHA256
b998cda101e5a1ebcfb5ff9cddd76ed43a2f2169676592d428b7c0d780665f2a

SHA512
a1435e6f1e4e9285476a0e7bc3b4f645bbafb01b41798a2450390e16b18b242531f346373e01d568f6cc052932a3256e491a65e8b94b118069853f2b0c8cd619

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\legal\java.compiler\is-KJUST.tmp

Filesize
49B

MD5
19c9d1d2aad61ce9cb8fb7f20ef1ca98

SHA1
2db86ab706d9b73feeb51a904be03b63bee92baf

SHA256
ebf9777bd307ed789ceabf282a9aca168c391c7f48e15a60939352efb3ea33f9

SHA512
7ec63b59d8f87a42689f544c2e8e7700da5d8720b37b41216cbd1372c47b1bc3b892020f0dd3a44a05f2a7c07471ff484e4165427f1a9cad0d2393840cd94e5b

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\lib\jvm.cfg

Filesize
29B

MD5
7ce21bdcfa333c231d74a77394206302

SHA1
c5a940d2dee8e7bfc01a87d585ddca420d37e226

SHA256
aa9efb969444c1484e29adecab55a122458090616e766b2f1230ef05bc3867e0

SHA512
8b37a1a5600e0a4e5832021c4db50569e33f1ddc8ac4fc2f38d5439272b955b0e3028ea10dec0743b197aa0def32d9e185066d2bac451f81b99539d34006074b

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\launcher\bootstrap.jar

Filesize
64KB

MD5
ecbeceb2b759887b972266dd56968ac2

SHA1
281ca4fc8c4c644d97bc95470d6f18998d2cab5f

SHA256
db51c22b5206523113e665ea9f4c5de6f752b1505f5e6c7f872f0b8b44e232fe

SHA512
1c500482577005ce54e74896eb8e773b272055fcc9b123e61a2c624430c9174baff443a358f54b73b5546e4f3f33c779e177e885c1073566e26026e47c586a55

Download Submit
\Users\Admin\AppData\Local\Temp\is-BCP92.tmp\LegacyLauncher_Installer_mcl.tmp

Filesize
528KB

MD5
dfc5c9a7bb8e88de10db56ea5eabcc26

SHA1
41ce37860f0ed7db370f620790cd97982008117b

SHA256
b6439858969962b483b049b264209ca1ef797e2f514a2d13a49d6e4adf1fbf53

SHA512
94a3c7d853c1ff44c792489e7ee5d28517aa8c4bdbdc316032a1200a7f9e51ff507f767e2d57acff6e02ea76a2264f80e8adaec66abb8a4e82dfbeb120204d6b

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\api-ms-win-core-file-l1-2-0.dll

Filesize
20KB

MD5
b59d773b0848785a76baba82d3f775fa

SHA1
1b8dcd7f0e2ab0ba9ba302aa4e9c4bfa8da74a82

SHA256
0dc1f695befddb8ee52a308801410f2f1d115fc70668131075c2dbcfa0b6f9a0

SHA512
cbd52ed8a7471187d74367aa03bf097d9eac3e0d6dc64baf835744a09da0b050537ea6092dcb8b1e0365427e7f27315be2145c6f853ef936755ad07ef17d4a26

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\api-ms-win-core-file-l2-1-0.dll

Filesize
20KB

MD5
4c9bf992ae40c7460a029b1046a7fb5e

SHA1
79e13947af1d603c964cce3b225306cadff4058b

SHA256
18655793b4d489f769327e3c8710aced6b763c7873b6a8dc5ae6f28d228647f4

SHA512
c36d455ac79a73758f6090977c204764a88e929e8eaa7ce27a9c9920451c014e84ae98beb447e8345a8fa186b8c668b076c0ed27047a0e23ad2eeaf2cbc3a8d8

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\api-ms-win-core-localization-l1-2-0.dll

Filesize
20KB

MD5
9d8e7a90dd0d54b7ccde435b977ee46d

SHA1
15cd12089c63f4147648856b16193cf014e6764f

SHA256
dc570708327c4c8419d4cced2a162d7ca112a168301134dd1fb5e2040eee45b6

SHA512
339fe195602355bce26a2526613a212271e7f8c7518d591b9e3c795c154d93b29b8c524b2c3678c799d0ea0101eabea918564e49def0b915af0619e975f1c34b

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
20KB

MD5
d399c926466f044f183faa723ba59120

SHA1
a9534b4910888d70eefba6fcc3376f2549cb4a05

SHA256
19b018be16afe143fb107ef1dd5b8e6c6cb45966806eb3d31ec09ff0dc2b70d1

SHA512
fc55f4cfe7c6c63e0720971d920c5c6ead4db74a671f7bb8dc830aa87cb54459a62e974456875bdfda449d82a0acb368e3b6c2cc20c32b1b407e8de7cc532057

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\api-ms-win-core-synch-l1-2-0.dll

Filesize
20KB

MD5
da5d400ade0d2288b17dcc11ed339e25

SHA1
f4a340079477a2c91e091968fe2d252cb01eeae2

SHA256
69dd52caffe1ea6e0900fb9604a57a87618f8468dc68cbb2a9bcefd1265f3f49

SHA512
3bfa3b4f93a0a68e1c0ac17c74c91c0a01b779961af4811756223fd1f47a86ce1f3ebd7ee4190a2edb84a50b1b444318965cad3a74d1ed4acfa014d0f5bbe34a

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\api-ms-win-core-timezone-l1-1-0.dll

Filesize
20KB

MD5
ea5f768b9a1664884ae4ae62cec90678

SHA1
ae08e80431da7f4e8f1e5457c255cc360ef1cac0

SHA256
24f4530debf2161e0d0256f923b836aeccc3278a6ff2c9400e415600276b5a6d

SHA512
411db31e994ebbc69971972e45d6e51186d8f8790e8c67660b6a846e48a5a5c53a113916a5a15d14c33d8c88037d7f252135e699cb526c4bb3b5abd2e2dfee7c

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\api-ms-win-crt-convert-l1-1-0.dll

Filesize
24KB

MD5
cf95a8f66313283f046ba9e6e5cdbba4

SHA1
b25c686fcc6729a88a8776cdb75ff21cbceb1c5d

SHA256
2ccb01b62188ddc051a582c128bf880608111c602534e487ec09a7cf67c22d17

SHA512
59f5901e513aceeeb819c73c5b9fe2504e80af28df54db19775d7c0e0481f14c21ce38e6db207672cc10facfdd217638829af2d3f0f85a0a413d10e3a81dae9c

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\api-ms-win-crt-environment-l1-1-0.dll

Filesize
20KB

MD5
71407c52ff12b113cc0498fdd42db8dc

SHA1
f0c6a3c1308177b090b2a94fee90156e1df6bb9b

SHA256
5a2ae5b270c1eaf467878e7f5dbdc689b71914bdf30293d7d46c01d9dd11bdd4

SHA512
b9bb29d76a144c10b234835b6006637c84103abeb8f5db19991f3ab2baaabe3ea3fc1a87132263d097addd01afcad08e77c9834dccd4c6723b3ca204f50aac1e

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\api-ms-win-crt-filesystem-l1-1-0.dll

Filesize
20KB

MD5
bbbf361746440219a3f7933ced5234bb

SHA1
1e3ededaa28e41f51e903c2ca66e7bd048fbaee7

SHA256
42a99227775e85ca8c197811a86aad0e2af496bd21623e4c9a2dd747571c8990

SHA512
f6681875bc02903676cd3ea3303920202c563a1a6e82dd687ed9bd0fafe92c9abba4a6df3e9c93f2bb0da9dccf0abb4543b6a5e5f0c92fa06e809b30b84085aa

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\api-ms-win-crt-heap-l1-1-0.dll

Filesize
20KB

MD5
bacc491eb1dee4786ade841e7b480cd8

SHA1
84cb8f770cdf873415403edf48e625514aecad02

SHA256
43c80120970be1efed3ea60bf7aa37b46fcce946b94fb11ca6e3ffff2f16bb29

SHA512
7832912f38cd6ba145af57548c2a1d4da3bed9392a0ab3a0faffe18fab40087e1d74676e2af004627a37f7e079b9146dccf7aaa04e360a88443196fede4ccadc

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\api-ms-win-crt-locale-l1-1-0.dll

Filesize
20KB

MD5
fb992bbb73e0127c70d075f81e52aaf9

SHA1
e9d326d436e2e55c521261ad9a5b73d2e998f644

SHA256
6011ece89f4833dcb4cefb02ea366b828725205eae6f25ab704b76fd9e5d86eb

SHA512
f568898a660c3850998b71a854fb5b8ffee59f02ebe7bc8c12ad9bc68f5472a0c812cf0a8ebc096fcc462e941a86a2a46619d4f03030e7ab69a0e4a9e7b1e0b6

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\api-ms-win-crt-math-l1-1-0.dll

Filesize
28KB

MD5
0936c89e36a8bac313de187e50c61078

SHA1
7f0e64a66301e1926fa9acdc36ad728958ce6d78

SHA256
5ba8f9c2842990ccdb447fc6d22023103b03f5387f341d3375809f060b5bb4ef

SHA512
a72fcadc55d12c97770f1222bb3b605b7d58157f6f55814d900fe0f1b5ff8075f84914c7ac66d4b0e59ef41c01504a35c391bfb182e2e9019d152037ef4ec20f

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\api-ms-win-crt-runtime-l1-1-0.dll

Filesize
24KB

MD5
01380df01b9e61fc241f82f8fb984c2d

SHA1
18f92390b292af0db8aaa7c7e6f6aa24463f9b84

SHA256
698fa887c5b994375c9271222e21d0d4c74810e73d377ad898927549fb69dcb3

SHA512
743d45fae759d8ff3ef862ffa70584696824b86991f262ddc897f6f469fbb4264cf7da3fe001f33c6305523753d37a7a64874c5010cc7fe63252c53cd96b06f0

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\api-ms-win-crt-stdio-l1-1-0.dll

Filesize
24KB

MD5
a3f3ffcde3dd59cc94fb7dba16715671

SHA1
bbf272dab014d4cde1a57831a2daf4fde03b4884

SHA256
c1541ed4dc6879a136bf532393f7cefd3c48ad371d2ed9965e7cbd44c87a1137

SHA512
0e323b44b4ed7959c5f6409e565707e6e402382c950d2a0fc18d18f56ab588a49a260c99ecbda1bdb3778be131fb71b1b1158d852981e2e86d0b989b05496e02

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\api-ms-win-crt-string-l1-1-0.dll

Filesize
24KB

MD5
535d1195f493f7d92fe9007258494ebc

SHA1
1bf95ec546a6c1a8832d9002b7cd01265a1bbdad

SHA256
4429b8e6707645fb503ebc3bd50ce2a84f559b6a2ed778196835808bdfec2f48

SHA512
cd47f34032fc59a89dd286115db2cc2d1918f6ecc069fa37d2295126876fc5c931d6272892fb22db5eff1f810de818e64e6140617786a4d3fb153fd80c107468

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\api-ms-win-crt-time-l1-1-0.dll

Filesize
20KB

MD5
ed44b4aac3c881a9bc524d15ae3f3944

SHA1
a87983d6c714aac9242bb60037864139863b1848

SHA256
f3e6f692cec86adb3985b929345c731469777aeaeb088e3ce070957df481f924

SHA512
25513c666f228365ce7e092782a92fb7eb144f6b3293f896b08317c36323006ba10f4133bbfdadd2576053c1d6ac0e28cc3ad5798b92eec34fc8fa36e8d83047

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\api-ms-win-crt-utility-l1-1-0.dll

Filesize
20KB

MD5
e79464524fbc2c266da52d0a903d85d3

SHA1
6bad715617992277751a8ddfc180ba291ba75d59

SHA256
6c78d4aba91877c5bb33e545b6a69a818f377e07ff62e791b804fa5b4d2bcf02

SHA512
def71789e238ecd3b2d68dbd204acc62537ad39ce50a5bf09f320fc8cacc1b3f561822784d006ab2145eab5ab7be3f74c1c773fbe814efa040a1dbb3ffa6744e

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\java.dll

Filesize
128KB

MD5
45e2b5967a21e18f60c609bdaaca88bc

SHA1
1667211889a3814e3eb570f85daca0a87027b4fe

SHA256
59613c356f32a3c7c021eface95407e0834c559affa62834085617d1d592d991

SHA512
579c1dcfe72f0e7d73187bdfb1886488fc582f8985915eec601b139c72bdcb0343f65429d9030afe3a312a26c13229b9956a1df5682defca8b0780ea5f076d88

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\jimage.dll

Filesize
30KB

MD5
36eaca4b8c0e14921e79a47f91f3a3b3

SHA1
ffdf367e09a2d365de26527b53bf04758b7bfd76

SHA256
8e8903cc2231f28e682df62ec7623fabfa6a2112bcd14cee6f79e6924239b75f

SHA512
32d20959585aea57554f74baa36ea0dd54d47aa9f055cea39182267d70034d99a2d7aa3e8935dcdb2ea32c6b03c0485132404cd9717593e16f7a0ae5b7bda748

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\jli.dll

Filesize
83KB

MD5
e9c6f790d97a491dc6dba58605d0a48f

SHA1
8d39cf612880ab33b4c247997649e12035783c2f

SHA256
d6eae7c72044fdd83eea7ae2c36dfa163b6093df19e360f980980334b14ff934

SHA512
a47c38871f08d47ac4b0e59f8a01dc9865dc730afceb66337f046a28a0e90c34700cffe00dc85be2294713fb507d3d89ab0142797beb490b6394575cde1b2091

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\msvcp140.dll

Filesize
128KB

MD5
ba2ac25e6d40b4385f0204b062688841

SHA1
434c7eb4dc06eda51f3de3ed3c6b64407fbe8465

SHA256
591e3522303016eef12cd9671d029dbf30a84bfa7bff8a78997d9804982c8dd7

SHA512
f967b142c914f33fa39de44628cdcc4e7a6b9763059ce9bd4804eed7fc045ffaa785ef0cb94d64cfcde3c874329fefdab4c008e580fcc9052bd85242643123f9

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\server\jvm.dll

Filesize
128KB

MD5
5dfe2d48b2e22a16b2164d4558fac38d

SHA1
486149c0c41f87e152deed62675417002d4003c7

SHA256
3690d266131792678c0bfd2d13ee3fad71142a399bca4e4979ef7b4b04274c9b

SHA512
ac0c4d6a798c7b0c4daf7a042761812a0755bcbf90c2c110bc1f6eefc14f3dd8520e951025782b553571c99775194acfdbc6935deac1719bee87671c74c3542e

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\ucrtbase.dll

Filesize
128KB

MD5
8b914d95d5008faf26185947c3b5d1ff

SHA1
674389a03267bbe9c759672face58757c131e7de

SHA256
cb186528ac11125c9aa6bd4ce160d6332a3669c99df5d0b2e2cfc3e23af9f7a1

SHA512
18f0df701c1940527d11145dbcc692f08daad46c9306114e8ac0910fb4906619b00b55edbf2e1923351d8b7cf7c58422bc9d43cd1894da917cf261e23eb965a5

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\vcruntime140.dll

Filesize
94KB

MD5
a87575e7cf8967e481241f13940ee4f7

SHA1
879098b8a353a39e16c79e6479195d43ce98629e

SHA256
ded5adaa94341e6c62aea03845762591666381dca30eb7c17261dd154121b83e

SHA512
e112f267ae4c9a592d0dd2a19b50187eb13e25f23ded74c2e6ccde458bcdaee99f4e3e0a00baf0e3362167ae7b7fe4f96ecbcd265cc584c1c3a4d1ac316e92f0

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\mcl\Minecraft\jre\bin\vcruntime140_1.dll

Filesize
36KB

MD5
37c372da4b1adb96dc995ecb7e68e465

SHA1
6c1b6cb92ff76c40c77f86ea9a917a5f854397e2

SHA256
1554b5802968fdb2705a67cbb61585e9560b9e429d043a5aa742ef3c9bbfb6bf

SHA512
926f081b1678c15dc649d7e53bfbe98e4983c9ad6ccdf11c9383ca1d85f2a7353d5c52bebf867d6e155ff897f4702fc4da36a8f4cf76b00cb842152935e319a6

Download Submit
memory/2356-969-0x00000000088B0000-0x00000000098B0000-memory.dmp

Filesize
16.0MB

Download
memory/2356-958-0x00000000088B0000-0x00000000098B0000-memory.dmp

Filesize
16.0MB

Download
memory/2356-994-0x00000000088B0000-0x00000000098B0000-memory.dmp

Filesize
16.0MB

Download
memory/2356-991-0x00000000088B0000-0x00000000098B0000-memory.dmp

Filesize
16.0MB

Download
memory/2356-997-0x00000000088B0000-0x00000000098B0000-memory.dmp

Filesize
16.0MB

Download
memory/2356-996-0x0000000009140000-0x0000000009150000-memory.dmp

Filesize
64KB

Download
memory/2508-14-0x0000000000240000-0x0000000000241000-memory.dmp

Filesize
4KB

Download
memory/2508-8-0x0000000000240000-0x0000000000241000-memory.dmp

Filesize
4KB

Download
memory/2508-11-0x0000000000400000-0x0000000000776000-memory.dmp

Filesize
3.5MB

Download
memory/2508-942-0x0000000000400000-0x0000000000776000-memory.dmp

Filesize
3.5MB

Download
memory/2508-22-0x0000000000400000-0x0000000000776000-memory.dmp

Filesize
3.5MB

Download
memory/2508-463-0x0000000000400000-0x0000000000776000-memory.dmp

Filesize
3.5MB

Download
memory/2508-932-0x0000000000400000-0x0000000000776000-memory.dmp

Filesize
3.5MB

Download
memory/2600-875-0x0000000000400000-0x0000000000472000-memory.dmp

Filesize
456KB

Download
memory/2852-943-0x0000000008820000-0x0000000009820000-memory.dmp

Filesize
16.0MB

Download
memory/2852-948-0x0000000008820000-0x0000000009820000-memory.dmp

Filesize
16.0MB

Download
memory/2852-949-0x0000000008820000-0x0000000009820000-memory.dmp

Filesize
16.0MB

Download
memory/2852-950-0x0000000008820000-0x0000000009820000-memory.dmp

Filesize
16.0MB

Download
memory/3040-2-0x0000000000400000-0x0000000000533000-memory.dmp

Filesize
1.2MB

Download
memory/3040-947-0x0000000000400000-0x0000000000533000-memory.dmp

Filesize
1.2MB

Download
memory/3040-0-0x0000000000400000-0x0000000000533000-memory.dmp

Filesize
1.2MB

Download
memory/3040-10-0x0000000000400000-0x0000000000533000-memory.dmp

Filesize
1.2MB

Download