Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

2024-01-26...ia.exe

windows7-x64

8

2024-01-26...ia.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    144s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/01/2024, 10:23 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia.exe

  • Size

    14.0MB

  • MD5

    6ef9eb531fd516f470c8ceae141e2ee3

  • SHA1

    52cdacceebe2d3eaeafd27147c1d9ba7b29393ed

  • SHA256

    f37147d4bbcaf8b05f96820aaf8d148adb18336e3f01cbecb7b5f4b21e58c845

  • SHA512

    8009f7e51fa9570a0ebbc2a1e1f996d2226c7d8ad6f3ac80ba4184a8f69344d3c0eee80e18951cf85f55a9da1d371c7d82f9048c6034972844e29312ce2a86b8

  • SSDEEP

    393216:5wMYHSUFvsLSO3xbg5/tKjCV8jbbWXxicoUYo7wRTW8NCILTR/:OVaSO3O5/tqTwgCYo8RhEILl/

Score
8/10

Malware Config

Signatures

  • Drops file in Drivers directory 4 IoCs
  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 7 IoCs
  • Loads dropped DLL 4 IoCs
  • Drops file in System32 directory 29 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 17 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Checks SCSI registry key(s) 3 TTPs 64 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Modifies data under HKEY_USERS 41 IoCs
  • Suspicious use of AdjustPrivilegeToken 10 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 21 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia.exe"
    1⤵
    • Checks computer location settings
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4020
    • C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\cmd.exe /c ""C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\applyconfig.bat" -l="C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\SCE5023.tmp""
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:3928
      • C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\x86_64\HAPI\hapint64.exe
        x86_64\HAPI\hapint64.exe -i -q -k CCTK-SCE -p "hapint64.exe"
        3⤵
        • Executes dropped EXE
        • Drops file in System32 directory
        • Drops file in Windows directory
        • Suspicious use of WriteProcessMemory
        PID:4636
        • C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\x86_64\HAPI\dcmdev64.exe
          dcmdev64.exe remove root\dcdbas
          4⤵
          • Executes dropped EXE
          • Checks SCSI registry key(s)
          PID:3740
        • C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\x86_64\HAPI\dcmdev64.exe
          dcmdev64.exe install .\dcdbas64.inf root\dcdbas
          4⤵
          • Executes dropped EXE
          • Drops file in System32 directory
          • Drops file in Windows directory
          • Checks SCSI registry key(s)
          • Suspicious use of AdjustPrivilegeToken
          PID:6132
        • C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\x86_64\HAPI\dchcfg64.exe
          dchcfg64.exe command=getsupportedsystypes
          4⤵
          • Executes dropped EXE
          • Loads dropped DLL
          PID:1760
      • C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\x86_64\cctk.exe
        x86_64\cctk.exe -i config.ini -l "C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\SCE5023.tmp"
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:4068
      • C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\x86_64\HAPI\hapint64.exe
        x86_64\HAPI\hapint64.exe -r -q -k CCTK-SCE
        3⤵
        • Drops file in Drivers directory
        • Executes dropped EXE
        • Drops file in System32 directory
        • Drops file in Windows directory
        • Suspicious use of WriteProcessMemory
        PID:1632
  • C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
    1⤵
    • Drops file in Windows directory
    • Checks SCSI registry key(s)
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:1404
    • C:\Windows\system32\DrvInst.exe
      DrvInst.exe "4" "0" "C:\Users\Admin\AppData\Local\Temp\{3b990070-fedc-9740-814d-1c2c2eda17a6}\dcdbas64.inf" "9" "4dfcb1ac3" "000000000000014C" "WinSta0\Default" "000000000000015C" "208" "c:\programdata\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\x86_64\hapi"
      2⤵
      • Drops file in System32 directory
      • Drops file in Windows directory
      • Checks SCSI registry key(s)
      • Modifies data under HKEY_USERS
      PID:460
    • C:\Windows\system32\DrvInst.exe
      DrvInst.exe "2" "211" "ROOT\SYSTEM\0001" "C:\Windows\INF\oem3.inf" "oem3.inf:ef423affc3c959fa:dcdbas:8.2.0.454:root\dcdbas," "4dfcb1ac3" "000000000000014C"
      2⤵
      • Drops file in Drivers directory
      • Drops file in Windows directory
      • Checks SCSI registry key(s)
      • Suspicious use of AdjustPrivilegeToken
      PID:2960
  • C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\x86_64\HAPI\dcmdev64.exe
    dcmdev64.exe remove root\dcdbas
    1⤵
    • Executes dropped EXE
    • Drops file in Windows directory
    • Checks SCSI registry key(s)
    • Suspicious use of AdjustPrivilegeToken
    PID:4496

Network

  • flag-us
    DNS
    196.249.167.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    196.249.167.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    187.178.17.96.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    187.178.17.96.in-addr.arpa
    IN PTR
    Response
    187.178.17.96.in-addr.arpa
    IN PTR
    a96-17-178-187deploystaticakamaitechnologiescom
  • flag-us
    DNS
    2.159.190.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    2.159.190.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    95.221.229.192.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    95.221.229.192.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    sf.symcd.com
    Remote address:
    8.8.8.8:53
    Request
    sf.symcd.com
    IN A
    Response
    sf.symcd.com
    IN CNAME
    mpki-ocsp.digicert.com
    mpki-ocsp.digicert.com
    IN CNAME
    fp3011.wpc.2be4.phicdn.net
    fp3011.wpc.2be4.phicdn.net
    IN CNAME
    fp3011.wpc.phicdn.net
    fp3011.wpc.phicdn.net
    IN A
    152.199.19.74
  • flag-us
    GET
    http://sf.symcd.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTSqZMG5M8TA9rdzkbCnNwuMAd5VgQUz5mp6nsm9EvJjo%2FX8AUm7%2BPSp50CEBTUeF0Js47o0lLrwC%2BxHsE%3D
    Remote address:
    152.199.19.74:80
    Request
    GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTSqZMG5M8TA9rdzkbCnNwuMAd5VgQUz5mp6nsm9EvJjo%2FX8AUm7%2BPSp50CEBTUeF0Js47o0lLrwC%2BxHsE%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/10.0
    Host: sf.symcd.com
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Age: 4883
    Cache-Control: public, max-age=86400
    Content-Type: application/ocsp-response
    Date: Fri, 26 Jan 2024 10:24:00 GMT
    Last-Modified: Fri, 26 Jan 2024 09:02:37 GMT
    Server: ECAcc (lhc/790F)
    X-Cache: HIT
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    X-XSS-Protection: 1; mode=block
    Content-Length: 1551
  • flag-us
    DNS
    74.19.199.152.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    74.19.199.152.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    28.118.140.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    28.118.140.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    157.123.68.40.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    157.123.68.40.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    15.164.165.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    15.164.165.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    18.134.221.88.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    18.134.221.88.in-addr.arpa
    IN PTR
    Response
    18.134.221.88.in-addr.arpa
    IN PTR
    a88-221-134-18deploystaticakamaitechnologiescom
  • flag-us
    DNS
    173.178.17.96.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    173.178.17.96.in-addr.arpa
    IN PTR
    Response
    173.178.17.96.in-addr.arpa
    IN PTR
    a96-17-178-173deploystaticakamaitechnologiescom
  • flag-us
    DNS
    21.236.111.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    21.236.111.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    194.178.17.96.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    194.178.17.96.in-addr.arpa
    IN PTR
    Response
    194.178.17.96.in-addr.arpa
    IN PTR
    a96-17-178-194deploystaticakamaitechnologiescom
  • flag-us
    DNS
    9.173.189.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    9.173.189.20.in-addr.arpa
    IN PTR
    Response
  • 152.199.19.74:80
    http://sf.symcd.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTSqZMG5M8TA9rdzkbCnNwuMAd5VgQUz5mp6nsm9EvJjo%2FX8AUm7%2BPSp50CEBTUeF0Js47o0lLrwC%2BxHsE%3D
    http
    509 B
     2.1kB
     6
    5

    HTTP Request

    GET http://sf.symcd.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTSqZMG5M8TA9rdzkbCnNwuMAd5VgQUz5mp6nsm9EvJjo%2FX8AUm7%2BPSp50CEBTUeF0Js47o0lLrwC%2BxHsE%3D

    HTTP Response

    200
  • 8.8.8.8:53
    196.249.167.52.in-addr.arpa
    dns
    73 B
     147 B
     1
    1

    DNS Request

    196.249.167.52.in-addr.arpa

  • 8.8.8.8:53
    187.178.17.96.in-addr.arpa
    dns
    72 B
     137 B
     1
    1

    DNS Request

    187.178.17.96.in-addr.arpa

  • 8.8.8.8:53
    2.159.190.20.in-addr.arpa
    dns
    71 B
     157 B
     1
    1

    DNS Request

    2.159.190.20.in-addr.arpa

  • 8.8.8.8:53
    95.221.229.192.in-addr.arpa
    dns
    73 B
     144 B
     1
    1

    DNS Request

    95.221.229.192.in-addr.arpa

  • 8.8.8.8:53
    tls
    63 B
     177 B
     1
    1
  • 8.8.8.8:53
    sf.symcd.com
    dns
    58 B
     172 B
     1
    1

    DNS Request

    sf.symcd.com

    DNS Response

    152.199.19.74

  • 8.8.8.8:53
    74.19.199.152.in-addr.arpa
    dns
    72 B
     143 B
     1
    1

    DNS Request

    74.19.199.152.in-addr.arpa

  • 8.8.8.8:53
    28.118.140.52.in-addr.arpa
    dns
    72 B
     158 B
     1
    1

    DNS Request

    28.118.140.52.in-addr.arpa

  • 8.8.8.8:53
    157.123.68.40.in-addr.arpa
    dns
    72 B
     146 B
     1
    1

    DNS Request

    157.123.68.40.in-addr.arpa

  • 8.8.8.8:53
    15.164.165.52.in-addr.arpa
    dns
    72 B
     146 B
     1
    1

    DNS Request

    15.164.165.52.in-addr.arpa

  • 8.8.8.8:53
    18.134.221.88.in-addr.arpa
    dns
    72 B
     137 B
     1
    1

    DNS Request

    18.134.221.88.in-addr.arpa

  • 8.8.8.8:53
    173.178.17.96.in-addr.arpa
    dns
    72 B
     137 B
     1
    1

    DNS Request

    173.178.17.96.in-addr.arpa

  • 8.8.8.8:53
    21.236.111.52.in-addr.arpa
    dns
    72 B
     158 B
     1
    1

    DNS Request

    21.236.111.52.in-addr.arpa

  • 8.8.8.8:53
    194.178.17.96.in-addr.arpa
    dns
    72 B
     137 B
     1
    1

    DNS Request

    194.178.17.96.in-addr.arpa

  • 8.8.8.8:53
    9.173.189.20.in-addr.arpa
    dns
    71 B
     157 B
     1
    1

    DNS Request

    9.173.189.20.in-addr.arpa

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\dell\drivers\2024-0~1\X86\HAPI\dcdipm32.sys
    Filesize

    17B

    MD5

    9d4d9ec6ce9c703fcde269b7f1665c67

    SHA1

    d7e78cde5f87fd3ca5478a61b65af4b64ea97123

    SHA256

    ee57916b76f7c9895a83933fe239addf1a7d76ebe597bf41b8133196a0779a68

    SHA512

    4dfe5a3d8f5a675e927c1798ea6eec868c7b5dec6dd72ca584d93c69e0ed782aa25d413bb4a37ff1907e8637c4f476c4f6523e402f9c6f0193b467adfd0439a7

    Download Submit

  • C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\X86_64\HAPI\dchapi32.dll
    Filesize

    336KB

    MD5

    e3d920f761c9535ecf5d92cd7d9ad5cf

    SHA1

    da4d20b4873837fcd0609c4a30aabcd76bde0aee

    SHA256

    081ae3fa46059f97a4b7b1115f6d796bc27c751bae0da57b14cc6b6c4a15f540

    SHA512

    021068eb0db2aca4e0b9220905c673a13c1af81c7aad0d5fc354b74ae03f983f72f1558326bdc4509d7cd7347c6a3dadb5243180c60d1d165847375ba22bacb4

    Download Submit

  • C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\X86_64\HAPI\dchapi64.dll
    Filesize

    256KB

    MD5

    03807821350ae95e8d280e0eaf9b4b25

    SHA1

    883c884d5eb09a037be34a4c0c2f8af434ca8dd5

    SHA256

    1485c73147d0bf38099ab184999d2eef87a6b9d4fdf4e8b5cb42c8cdf5bc79eb

    SHA512

    ccaecf15e42a205cbacf6a57a8c37fa78788cdefd4826e3a38ab55f9e54fcb707916292b7d22dbe400348ca22eb3b2391550b217859d8b85eafc28af48cff6ac

    Download Submit

  • C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\X86_64\HAPI\dchbas64.dll
    Filesize

    443KB

    MD5

    1fd890b5d6b7e5d374dc185d1f898e80

    SHA1

    e4c29d3f441064f249ad8fddba0fe463ef5e46e4

    SHA256

    ad6471c1084e39721e7df423d50cda8992fee44a492b9cf9d699438263ddeb7e

    SHA512

    46ed33dfd8a7f49a9f2153fbc1231d27ebb46ead1ba26639b72e727522b59d6bd2ef38e0a3cddf66f73b6da5f80016c2812886bfce2ba14620a9f3adde198208

    Download Submit

  • C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\X86_64\HAPI\dchbas64.dll
    Filesize

    452KB

    MD5

    cf004f9bae9042ba447a962555973658

    SHA1

    e889d6ea667a3ff57da93d83ca27e8edc00b6fa3

    SHA256

    0ed95ce084b64bf89a519f3e3cbc5b392ab3ced63cc72f5732d1d4e6cadb2910

    SHA512

    3457aa19684ceb3f4e5244215b23e4fc8b8399f92f80c7941dc98eeec07d3169298f13421d44bcef8f427532aaf3dfdc01c2b49c86c7920ae1f0aab79ce044c6

    Download Submit

  • C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\X86_64\HAPI\dchcfg32.exe
    Filesize

    347KB

    MD5

    c2c8ac125b287d8b78ab182067fed555

    SHA1

    56f73c9bc0c088dae2c5b261d8717d5370202944

    SHA256

    b7c33620286db0c9a123d092a9f7eb3bcf9923eca3932484b2e142c79cf01f6f

    SHA512

    e5cdbd443d9deac31092e47d8f8d403b0ceeefb4fa3e6b5618b1f317a8086d41d9e3bddc718c237c7eb575cb85e64de14591ecc7e5cee883a7beb5732949a964

    Download Submit

  • C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\X86_64\HAPI\dchcfg64.exe
    Filesize

    416KB

    MD5

    de426e0013fd5508bc01e2976a7bdd12

    SHA1

    b861a727c7f6bba4c944b1818e8b224044ff56b4

    SHA256

    b35e2ef5e343e5397f3f3d14bce7a5ea8955e0f3958869615b1912835fe3584d

    SHA512

    fb28ebe8c2ab2146e6390b1e01ead664b32643d54a78e6b587b5072fc4610ce67e65413e849f6ba4e8019cca92f24e5e3bd9e5ad263193d7a266a0fa3c421420

    Download Submit

  • C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\X86_64\HAPI\dchcfl64.dll
    Filesize

    333KB

    MD5

    a300bb3f80773475042a4e13911f8e01

    SHA1

    e98109986b89e4ff44e07e89e7f889e70f0e9c92

    SHA256

    a3685ca5d69c1934e0bfd884761df95086e01de7e133ea3107cfca26f7c4e980

    SHA512

    6f32d5467dc8da2b58415fcec119bf6615cc2551febb5d2b83f0160b2fe9e67e2c2b7f3e4ce67c969ea4d6b98ccad0398c1ce0a8b913c5d54ca7cdcbd8b44ca7

    Download Submit

  • C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\X86_64\HAPI\dcmdev64.exe
    Filesize

    223KB

    MD5

    800d58aab609fb7fd456846f237d90eb

    SHA1

    5c031a0251b814b6c1297b1f426c145c712dd688

    SHA256

    95a8065e71b0d8091198adf3290e3bf36e32cb34eb53dce67218a02d0150fb48

    SHA512

    e829abe0835fa36d253c1b6720c9c2e3e40097417eb6eadf27344baaa490fc00d2325bf0ddc6bb2c3c904fbaf7c3122ddf976d61f73312d8dee80d346c1def10

    Download Submit

  • C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\X86_64\HAPI\hapint64.exe
    Filesize

    477KB

    MD5

    f6e20063546210f36e95c05efdce22ad

    SHA1

    db4618172eb2d80424d3556408d71471c29ff80b

    SHA256

    23835a3fc69f19d2221a311bc60b6e2698a9859d9b2c8ab329a1264ca2c3745a

    SHA512

    70e90dcfb23e9d99fb011bd998db4eb8d5811ef9468d9741d256e16207fe6bdd6ddc562e212fb4e9da2b7d787137c953775df1e521c4b5b089766438e3fc02e1

    Download Submit

  • C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\applyconfig.bat
    Filesize

    885B

    MD5

    21636cd59fbdb36ee31ca1bd06c244a4

    SHA1

    8741556987ac6acef7475f4d5562a2984b8749ba

    SHA256

    f4128c23625b915afbd307d91a2395fda20656dd63f7b4fa408a96b3c10186b4

    SHA512

    e8e581cda06e21c5943dc11bc937bb12faa094b5c81af9d77a2f7e956d1640115f0985e4359f2e53a73d7ef3b6e965e656fb365ebdccca7efec418a738aa1ee2

    Download Submit

  • C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\x86_64\HAPI\dcdbas64.inf
    Filesize

    1KB

    MD5

    7c2a6ffecdf1b526bc3fc9d1b18b28ae

    SHA1

    54ca9c16094486e242b3b641e012f74700f93ad1

    SHA256

    095ae098e9a41605fba14c0bb7f3254be7fcc05b327c27c4c78aff59d0a24853

    SHA512

    1a1523ef86755fa24589ef56662ece11f0abcb0d727219c5bf521a6dc92c152236ecbec369626212870b96c82c67e1aae23caecc97098e37e580f69bceafaa57

    Download Submit

  • C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\x86_64\MXML1.dll
    Filesize

    113KB

    MD5

    18a91d7814414a47be9e5ca8c2586c9b

    SHA1

    c39291cd62d3507212b4736c6848f62b719a98b3

    SHA256

    c1504e798402c5ee36cd382e1e4a9339af5b20e9f83449aa0add6fc61eadbe16

    SHA512

    a611f85c785583849ced8bf174ffc148284fd1946587da53601c0f81a7e415f59fb98a1ace5d34c311b49f3c00fc20d2a2ccd18ecbdd0e573d81f307a56113d5

    Download Submit

  • C:\ProgramData\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\x86_64\cctk.exe
    Filesize

    624KB

    MD5

    c60b4facc70a1fc3e2a71c3918361d97

    SHA1

    ffe25785a3f7dc00ef68c2cd40f73d906d882569

    SHA256

    259b5fa5dd9a49cad025a42e4875665dfb34d84a7d0cb6ecc5ed3c8e26cb62f4

    SHA512

    135f33ee2d04e43fe15bf1494fa8d2a830409a31feeceba42fc3a3821cf4642b0c026f283fdbbc793f315f1da901f4bde98dc3a3aea0ab10bbc232e941a52bd0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\{3b990070-fedc-9740-814d-1c2c2eda17a6}\dcdbas64.sys
    Filesize

    47KB

    MD5

    3ab549325a7067d23c97fc9669dd8a65

    SHA1

    55b59d442bd1abd4ba862e763ec1241a9a5d3f5f

    SHA256

    4058ff9422d30d3795b5bdc796636852e33efddbd9b6df584f3da5d2fb2d7daa

    SHA512

    b68549df9eb46857ed4df508357f94661d371bad708e1773fd835f1becb52cd833397ec7bfd843ba952a4561b6e7ea4cf48986005f384a07952a2f8493e6a972

    Download Submit

  • C:\Windows\SysWOW64\dchapi32.dll
    Filesize

    278KB

    MD5

    6b1c374573a30983c2f284afc6a5fa0f

    SHA1

    7223c8040e32195ef1db80b95bf55893e538ab47

    SHA256

    0165990c7b5ff4cde8245c16ecc9548bcafb39ea88d11da94e0f5829bf8ed008

    SHA512

    ceb2cf64befa0b6031ddbcb6660cadbc9c880ab48a0aa9b0bb0f053129e16c4beae354923a0d2c5c63b7e7bed948837dfb3998712a30ee345ac0b93c77c2cf41

    Download Submit

  • C:\Windows\SysWOW64\dchbas32.dll
    Filesize

    376KB

    MD5

    cd26cb34bba6d1ed20212b737e1dc7ef

    SHA1

    7447358f686f29a7a919cb39abd5e82b9fedac66

    SHA256

    ea6e0180a99a4a600605cf461934fbc772b4c52437f3d7c545609018c949b565

    SHA512

    f8fbea2fabba3866895c92b5a903fbee24a2e18b46368e74f2e0f88c35d0a9b183669d08d49e299e14785a377fceaae8875f3c83c624c286ad886b1033576901

    Download Submit

  • C:\Windows\SysWOW64\dchcfl32.dll
    Filesize

    287KB

    MD5

    b04598ff628e05d41318ce50fe9aa471

    SHA1

    30155cb82a8ec2218d981467492310e92dcda705

    SHA256

    18d33b974fe001863f55e1bdb2942e919e9e9755bf9d44a35616fbefcfb21d6c

    SHA512

    998f9a47808eead3781590cc3f7fb2f21c4c2304aeaae3faa308bbfccf760f84cd21d7c8353c08e0d57ed52fdefaa78bab17145d9c6e408b411100f979e459a0

    Download Submit

  • C:\Windows\system32\dchapi64.dll
    Filesize

    400KB

    MD5

    8f6f86f82fab15ecb18701a94801602c

    SHA1

    0bd48f782e532a42acd1b5d3028643763232f951

    SHA256

    4f02da8a8a122ff0504f52e3a8f27a0fd0fdba172e0377d37f13a6143c650cde

    SHA512

    7d4fa83cb08a0f36a0f8997f8f9bda35e50f9478ce52faa695bbbb0b24831888b65dd013ee9fd0e31c4ca2a6bc4967511e6971c5999af1c043a7d0ae983b295b

    Download Submit

  • \??\c:\programdata\dell\drivers\2024-01-26_6ef9eb531fd516f470c8ceae141e2ee3_mafia\x86_64\hapi\dcdbas64.cat
    Filesize

    8KB

    MD5

    d2383b90b4aab1cbb4c21aabfadc233b

    SHA1

    2ca61e2a3c097959ad25df8d99536547a8db6d8a

    SHA256

    639634a5c26e86c9545c95c31c463d4d5dd0f1822328fd9ff89190662ecf60fc

    SHA512

    605c27f229c2f55db35bc93aa3153197e813e8dfbba3e966bc1b17662f4419068e92838a1599fb1e29fd0d71accc9d329f7f0604ede0a08b0a15976c1a8e702f

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.