03ab69f48bc2dbe9eed9c025444c98fd25ddc947c4b93c50ce19421e331a4d65

Analysis

max time kernel
9s
max time network
10s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
01/02/2024, 03:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ClipPlusCommunitySetup.msi
Size

17.1MB
MD5

eb64b1dbb38961bdb4c0f4b724b1ed3d
SHA1

a375bc847388cdddc6cffd57dc7f0c3d6be72cdf
SHA256

cf5d6c68811f37d9ae1a9cc62abc1987fdd8900d271fdaa01d4a84853d7db10d
SHA512

5c56b478f88002e10b3bea6ed2151a8e89e1693270effaa6ded943b1325b0d1e1a4aa9fa66fd8b372f70da86feab6cee781518bb50514dfb341a9767a01d36a7
SSDEEP

393216:QnEbwdw5PBbXDqPiHNTS3ByWhGhz3iQw0FHufQMfh1GD6QGhNgqx9OPNQNI62vho:pbwdwnBtcFhG1w0MVZ1GD6QGhNpwsIne

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
2336	dsw.exe

Blocklisted process makes network request 3 IoCs

flow	pid	Process
3	1752	msiexec.exe
5	1752	msiexec.exe
7	2252	msiexec.exe

Enumerates connected drives 3 TTPs 46 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\G:	msiexec.exe
File opened (read-only)	\??\H:	msiexec.exe
File opened (read-only)	\??\I:	msiexec.exe
File opened (read-only)	\??\R:	msiexec.exe
File opened (read-only)	\??\X:	msiexec.exe
File opened (read-only)	\??\H:	msiexec.exe
File opened (read-only)	\??\R:	msiexec.exe
File opened (read-only)	\??\V:	msiexec.exe
File opened (read-only)	\??\J:	msiexec.exe
File opened (read-only)	\??\N:	msiexec.exe
File opened (read-only)	\??\Y:	msiexec.exe
File opened (read-only)	\??\I:	msiexec.exe
File opened (read-only)	\??\N:	msiexec.exe
File opened (read-only)	\??\O:	msiexec.exe
File opened (read-only)	\??\U:	msiexec.exe
File opened (read-only)	\??\L:	msiexec.exe
File opened (read-only)	\??\O:	msiexec.exe
File opened (read-only)	\??\L:	msiexec.exe
File opened (read-only)	\??\S:	msiexec.exe
File opened (read-only)	\??\Z:	msiexec.exe
File opened (read-only)	\??\M:	msiexec.exe
File opened (read-only)	\??\Q:	msiexec.exe
File opened (read-only)	\??\T:	msiexec.exe
File opened (read-only)	\??\E:	msiexec.exe
File opened (read-only)	\??\Y:	msiexec.exe
File opened (read-only)	\??\Q:	msiexec.exe
File opened (read-only)	\??\B:	msiexec.exe
File opened (read-only)	\??\E:	msiexec.exe
File opened (read-only)	\??\M:	msiexec.exe
File opened (read-only)	\??\A:	msiexec.exe
File opened (read-only)	\??\B:	msiexec.exe
File opened (read-only)	\??\J:	msiexec.exe
File opened (read-only)	\??\K:	msiexec.exe
File opened (read-only)	\??\T:	msiexec.exe
File opened (read-only)	\??\W:	msiexec.exe
File opened (read-only)	\??\K:	msiexec.exe
File opened (read-only)	\??\U:	msiexec.exe
File opened (read-only)	\??\W:	msiexec.exe
File opened (read-only)	\??\P:	msiexec.exe
File opened (read-only)	\??\X:	msiexec.exe
File opened (read-only)	\??\Z:	msiexec.exe
File opened (read-only)	\??\A:	msiexec.exe
File opened (read-only)	\??\P:	msiexec.exe
File opened (read-only)	\??\S:	msiexec.exe
File opened (read-only)	\??\V:	msiexec.exe
File opened (read-only)	\??\G:	msiexec.exe

Drops file in Windows directory 10 IoCs

description	ioc	Process
File opened for modification	C:\Windows\Installer\f762f8a.ipi	msiexec.exe
File opened for modification	C:\Windows\INF\setupapi.ev1	DrvInst.exe
File created	C:\Windows\Installer\f762f8a.ipi	msiexec.exe
File opened for modification	C:\Windows\Installer\	msiexec.exe
File opened for modification	C:\Windows\Installer\MSI31ED.tmp	msiexec.exe
File created	C:\Windows\Installer\f762f8c.msi	msiexec.exe
File opened for modification	C:\Windows\INF\setupapi.ev3	DrvInst.exe
File opened for modification	C:\Windows\INF\setupapi.dev.log	DrvInst.exe
File created	C:\Windows\Installer\f762f89.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\f762f89.msi	msiexec.exe

Modifies data under HKEY_USERS 43 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\My	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\CRLs	DrvInst.exe
Set value (data)	\REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\CTLs	DrvInst.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2252	msiexec.exe
2252	msiexec.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1752	msiexec.exe
Token: SeIncreaseQuotaPrivilege	1752	msiexec.exe
Token: SeRestorePrivilege	2252	msiexec.exe
Token: SeTakeOwnershipPrivilege	2252	msiexec.exe
Token: SeSecurityPrivilege	2252	msiexec.exe
Token: SeCreateTokenPrivilege	1752	msiexec.exe
Token: SeAssignPrimaryTokenPrivilege	1752	msiexec.exe
Token: SeLockMemoryPrivilege	1752	msiexec.exe
Token: SeIncreaseQuotaPrivilege	1752	msiexec.exe
Token: SeMachineAccountPrivilege	1752	msiexec.exe
Token: SeTcbPrivilege	1752	msiexec.exe
Token: SeSecurityPrivilege	1752	msiexec.exe
Token: SeTakeOwnershipPrivilege	1752	msiexec.exe
Token: SeLoadDriverPrivilege	1752	msiexec.exe
Token: SeSystemProfilePrivilege	1752	msiexec.exe
Token: SeSystemtimePrivilege	1752	msiexec.exe
Token: SeProfSingleProcessPrivilege	1752	msiexec.exe
Token: SeIncBasePriorityPrivilege	1752	msiexec.exe
Token: SeCreatePagefilePrivilege	1752	msiexec.exe
Token: SeCreatePermanentPrivilege	1752	msiexec.exe
Token: SeBackupPrivilege	1752	msiexec.exe
Token: SeRestorePrivilege	1752	msiexec.exe
Token: SeShutdownPrivilege	1752	msiexec.exe
Token: SeDebugPrivilege	1752	msiexec.exe
Token: SeAuditPrivilege	1752	msiexec.exe
Token: SeSystemEnvironmentPrivilege	1752	msiexec.exe
Token: SeChangeNotifyPrivilege	1752	msiexec.exe
Token: SeRemoteShutdownPrivilege	1752	msiexec.exe
Token: SeUndockPrivilege	1752	msiexec.exe
Token: SeSyncAgentPrivilege	1752	msiexec.exe
Token: SeEnableDelegationPrivilege	1752	msiexec.exe
Token: SeManageVolumePrivilege	1752	msiexec.exe
Token: SeImpersonatePrivilege	1752	msiexec.exe
Token: SeCreateGlobalPrivilege	1752	msiexec.exe
Token: SeBackupPrivilege	2300	vssvc.exe
Token: SeRestorePrivilege	2300	vssvc.exe
Token: SeAuditPrivilege	2300	vssvc.exe
Token: SeBackupPrivilege	2252	msiexec.exe
Token: SeRestorePrivilege	2252	msiexec.exe
Token: SeRestorePrivilege	2452	DrvInst.exe
Token: SeRestorePrivilege	2452	DrvInst.exe
Token: SeRestorePrivilege	2452	DrvInst.exe
Token: SeRestorePrivilege	2452	DrvInst.exe
Token: SeRestorePrivilege	2452	DrvInst.exe
Token: SeRestorePrivilege	2452	DrvInst.exe
Token: SeRestorePrivilege	2452	DrvInst.exe
Token: SeLoadDriverPrivilege	2452	DrvInst.exe
Token: SeLoadDriverPrivilege	2452	DrvInst.exe
Token: SeLoadDriverPrivilege	2452	DrvInst.exe
Token: SeRestorePrivilege	2252	msiexec.exe
Token: SeTakeOwnershipPrivilege	2252	msiexec.exe
Token: SeRestorePrivilege	2252	msiexec.exe
Token: SeTakeOwnershipPrivilege	2252	msiexec.exe
Token: SeRestorePrivilege	2252	msiexec.exe
Token: SeTakeOwnershipPrivilege	2252	msiexec.exe
Token: SeRestorePrivilege	2252	msiexec.exe
Token: SeTakeOwnershipPrivilege	2252	msiexec.exe
Token: SeRestorePrivilege	2252	msiexec.exe
Token: SeTakeOwnershipPrivilege	2252	msiexec.exe
Token: SeRestorePrivilege	2252	msiexec.exe
Token: SeTakeOwnershipPrivilege	2252	msiexec.exe
Token: SeRestorePrivilege	2252	msiexec.exe
Token: SeTakeOwnershipPrivilege	2252	msiexec.exe
Token: SeRestorePrivilege	2252	msiexec.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1752	msiexec.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2252 wrote to memory of 2336	2252	msiexec.exe	32
PID 2252 wrote to memory of 2336	2252	msiexec.exe	32
PID 2252 wrote to memory of 2336	2252	msiexec.exe	32
PID 2252 wrote to memory of 2336	2252	msiexec.exe	32

Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware

C:\Windows\system32\msiexec.exe
msiexec.exe /I C:\Users\Admin\AppData\Local\Temp\ClipPlusCommunitySetup.msi
1⤵
- Blocklisted process makes network request
- Enumerates connected drives
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:1752

C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
1⤵
- Blocklisted process makes network request
- Enumerates connected drives
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:2252
- C:\Users\Admin\AppData\Local\Programs\Clip Plus Community\dsw.exe
  "C:\Users\Admin\AppData\Local\Programs\Clip Plus Community\dsw.exe"
  2⤵
  - Executes dropped EXE
  PID:2336

C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2300

C:\Windows\system32\DrvInst.exe
DrvInst.exe "1" "200" "STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot19" "" "" "61530dda3" "0000000000000000" "00000000000003A4" "00000000000005B4"
1⤵
- Drops file in Windows directory
- Modifies data under HKEY_USERS
- Suspicious use of AdjustPrivilegeToken
PID:2452

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Config.Msi\f762f8b.rbs

Filesize
12KB

MD5
887d72d4d8c100149f9289c1409634d3

SHA1
133b55db661cd47e2ac96172208797554e6e795d

SHA256
719471bd38fded54efe7f234d8bc7fecf19753ea7e7d56c9d1df8de4802de509

SHA512
fc9da272485b9b078b69914bb0d3758073e09aa0a43cb2b73df27260405bb65a6349ea7928c7b2fda0a19e458830ae2e192ff651efb5c4af67595e8f41ca6734

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
762e389f1d67ca38d7c3aafdd25af6aa

SHA1
7f9cec8349d6651e8971fdb41f7fa2fa3699d24e

SHA256
5524b8c15e07488ed79954acb87559fac8effccfadb095a251de26e71a8328ed

SHA512
43dc6aeb09f1941aa0124c078b521eee95456d8d18b25cc551a09b217109e2d59139395c352e7696055d732bda3f719ce83d3e21da8562e6dd1f39fd44dde933

Download Submit
C:\Users\Admin\AppData\Local\Programs\Clip Plus Community\bass.dll

Filesize
135KB

MD5
8e58fcc0672a66c827c6f90fa4b58538

SHA1
3e807dfd27259ae7548692a05af4fe54f8dd32ed

SHA256
6e1bf8ea63f9923687709f4e2f0dac7ff558b2ab923e8c8aa147384746e05b1d

SHA512
0e9faf457a278ad4c5dd171f65c24f6a027696d931a9a2a2edd4e467da8b8a9e4ab3b1fd2d758f5744bf84bece88c046cda5f7e4204bead14d7c36a46702b768

Download Submit
C:\Users\Admin\AppData\Local\Programs\Clip Plus Community\bass_vst.dll

Filesize
27KB

MD5
5efb2702c0b3d8eeac563372a33a6ed0

SHA1
c7f969ea2e53b1bd5dbeba7dd56bff0cc4c9ea99

SHA256
40545a369fa7b72d23a58050d32dc524b6905e9b0229719022dbda0d2fa8765b

SHA512
8119526f8573ea6e5bed16a57d56084260afee511c9aad3d542388a783548e5b32ed8fb568d5b97deed791162bcd5577fcc3c76abf4d147ea13bea5c2a6ea794

Download Submit
C:\Users\Admin\AppData\Local\Programs\Clip Plus Community\bassenc_opus.dll

Filesize
99KB

MD5
26f75c4dd4a8a7c98f0d76aa6b2522af

SHA1
4e45cd0e91334b56fb0a1e29e2b5922b828b9127

SHA256
587492c53f4b61403f39996d5676092feb4cc340b6455fd947484398bed8a02f

SHA512
e3e19781ceafa2aeea8bfe9aa8eb5b764557b583cbc9ae38e7639e65c7889c642af356e7e6c26f72f4fe4282858f770d99af04e1aa953e1fcc07379f81b1fac6

Download Submit
C:\Users\Admin\AppData\Local\Programs\Clip Plus Community\dsw.exe

Filesize
768KB

MD5
490ffe88b9b87b90f50e41c8fa72f68d

SHA1
2e9d2f448db6593bf27b4a71cccb156a4758f683

SHA256
a783de929d2442aeabce2d6ca55d0a14b7e72200502826080307937b1d218ce4

SHA512
1a07103aff0da5fb3e91e93921bcfeaae264be5de859fc0f7a4eabe31c9f49b35b759eb78bd6bdcba3596f849587a15f376301b623f88481ecd19ad86f0dc10e

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab1335.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar13E3.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit
C:\Windows\Installer\f762f89.msi

Filesize
832KB

MD5
289098e37d2bd3d1ec3a89eb4967fe49

SHA1
99a58b3fad8889582177379e7c657ef1d48965ea

SHA256
8fd8406fd678a8bc3c22c10bb6d51a6b599c9a57090c3fcdc071c32a8a60c544

SHA512
ede816228a73681903bdf8ef3a1437ac56c80795d559a62336094877748a63027ed797d7c4b9ddf67f4abe433b7ee1de5f93e31dc467f610416449a0d1b48eb5

Download Submit
\Users\Admin\AppData\Local\Programs\Clip Plus Community\SampleDisplay.dll

Filesize
64KB

MD5
34cce64d0c4656a98af9aa032f435dda

SHA1
60ce5f40533e156c715c5ae25c276a81304ee50d

SHA256
23fd95fcd2e6c9f4fbbf2a800516d432fb101f2a084dc018486b926dbfef8629

SHA512
cbdb3497b5d4dcf3709005c523ec1b7605ed0c835e4faade4e5de34efb849b0b43d2408b47b7000e20ef06982959b69efd0f5d905e4bed2ddfeabf7a1ca15986

Download Submit
\Users\Admin\AppData\Local\Programs\Clip Plus Community\bass.dll

Filesize
126KB

MD5
861e5ce2570714f160bd7a1c589ce76b

SHA1
32abb50bca2afe681ec37a1e11692e6c81c6f8ed

SHA256
ce51320f7fd9c31ced6c791800937bb261f1e1995a348dc3120781ddd96c623f

SHA512
6edcb4367342377cd56c1ea13cd184fd03795462dd8f1bc050162b58fdc22f04bf1b54985c1a7cd7562ca286ed21c0530a3007ea2d7134b4d98bc67b52d77503

Download Submit
\Users\Admin\AppData\Local\Programs\Clip Plus Community\bass_fx.dll

Filesize
67KB

MD5
d8ccb4b8235f31a3c73485fde18b0187

SHA1
723bd0f39b32aff806a7651ebc0cdbcea494c57e

SHA256
7bc733acc1d2b89e5a6546f4ebc321b1c2370e42354ea415bc5fcc6807275eba

SHA512
8edafd699f9fbec0db334b9bc96a73a9196895120f3406fff28406fd0565415ac98665c9837a5b1e0c5027162ff26bf3a316ecda6a0b51d92eb5d7002b814713

Download Submit
\Users\Admin\AppData\Local\Programs\Clip Plus Community\bassenc.dll

Filesize
31KB

MD5
a6f27196423a3d1c0caa4a0caf98893a

SHA1
58b97697fa349b40071df4272b4efbd1dd295595

SHA256
d3b9e4646f7b1cb9123914313cec23ec804bd81c4ff8b09b43c2cde5ee3e4222

SHA512
0a84cf847b80b0c2e6df9274a4199db8559757781faec508cd8999bea2c8fb5cd9bed1698144b82b86b2c6938fa8006c482a09c1b46d6bb8d2a2648a2011dea0

Download Submit
\Users\Admin\AppData\Local\Programs\Clip Plus Community\bassenc_opus.dll

Filesize
64KB

MD5
0bace2cd6cf0710216276a20e6ba3227

SHA1
b2174c6deff11dbe833e7d7e0980006fdfadd03d

SHA256
fd71c3a4650d2227ce4e07619fb812e4e0213c33284ac081750767ed0a9b644a

SHA512
8a6f207326b82bbd1d002e58e485932f0128f6f196e8ae21308296aa65d7c49c85dc4658509747a396677ba1e0c57abead5d326ecd3e74e67e860473970dac56

Download Submit
\Users\Admin\AppData\Local\Programs\Clip Plus Community\basswasapi.dll

Filesize
21KB

MD5
cdfbe254cc64959fc0fc1200f41f34c0

SHA1
4e0919a8a5c4b23441e51965eaaa77f485584c01

SHA256
9513129c0bb417698a60c5e4dd232963605d1c84e01b9f883f63d03b453173a9

SHA512
63704a7a4d0cd8b53972e29fcbee71f2c3eb86a0411f90fc8375e67cb4b3bddb36c753f3f5b113c3ca333c381f86a19e2168218cc2074f05ad1143bc118cd610

Download Submit