58bc85b2306a383a333e8ae4013e0e4b0fbdb7b02e5ec5abbcab202fad149e6c

Analysis

max time kernel
162s
max time network
162s
platform
windows11-21h2_x64
resource
win11-20231215-en
resource tags

arch:x64arch:x86image:win11-20231215-enlocale:en-usos:windows11-21h2-x64system
submitted
03/02/2024, 10:19

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

AJAZZ_ AKP153E_ Single mode keyboard driver_ V1.174 (Win_ International Edition).rar
Size

109.4MB
MD5

9c551278ab719a80794d58868c4fd618
SHA1

ec19f1467b75990435cee26e73f55408cf26ce92
SHA256

58bc85b2306a383a333e8ae4013e0e4b0fbdb7b02e5ec5abbcab202fad149e6c
SHA512

12cd673f21782b939780fd6860fbb68175c8eaa776885768e0d2d48f2855d532356fc2eaecf00ad75d938b1c157e8692e8b2815995018eefcd32e41bf0e24019
SSDEEP

1572864:5fbiyR8waBSlvKQuxnaxwi7Jm6MkMa+Et5vNSoqsMp0avXQmP+3T0FxZ1:5fbpR8wblX4ayKJm3laTNSsa9PET0FD1

Score

7^/10

persistence spyware stealer

Malware Config

Signatures

Executes dropped EXE 7 IoCs

pid	Process
4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
2568	Stream Dock AJAZZ.exe
72	SplashScreen.exe
3364	Stream Dock AJAZZ.exe
1960	SplashScreen.exe
5928	Stream Dock AJAZZ.exe
5988	SplashScreen.exe

Loads dropped DLL 64 IoCs

pid	Process
4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
3352	MsiExec.exe
4648	MsiExec.exe
4648	MsiExec.exe
4648	MsiExec.exe
4648	MsiExec.exe
4648	MsiExec.exe
1820	MsiExec.exe
1820	MsiExec.exe
1820	MsiExec.exe
1820	MsiExec.exe
4648	MsiExec.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
72	SplashScreen.exe
72	SplashScreen.exe
2568	Stream Dock AJAZZ.exe
72	SplashScreen.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
72	SplashScreen.exe
2568	Stream Dock AJAZZ.exe
72	SplashScreen.exe
72	SplashScreen.exe
72	SplashScreen.exe
72	SplashScreen.exe
72	SplashScreen.exe
72	SplashScreen.exe
3364	Stream Dock AJAZZ.exe
3364	Stream Dock AJAZZ.exe
3364	Stream Dock AJAZZ.exe

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-1725696949-2443092314-1471438111-1000\Software\Microsoft\Windows\CurrentVersion\Run\Stream Dock AJAZZ = "C:\\Program Files (x86)\\Stream Dock AJAZZ Global\\Stream Dock AJAZZ.exe --RunInBackground"	msiexec.exe

Enumerates connected drives 3 TTPs 64 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\J:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
File opened (read-only)	\??\P:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
File opened (read-only)	\??\X:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
File opened (read-only)	\??\M:	msiexec.exe
File opened (read-only)	\??\A:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
File opened (read-only)	\??\H:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
File opened (read-only)	\??\Q:	msiexec.exe
File opened (read-only)	\??\R:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
File opened (read-only)	\??\E:	msiexec.exe
File opened (read-only)	\??\K:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
File opened (read-only)	\??\I:	msiexec.exe
File opened (read-only)	\??\S:	msiexec.exe
File opened (read-only)	\??\L:	msiexec.exe
File opened (read-only)	\??\N:	msiexec.exe
File opened (read-only)	\??\Z:	msiexec.exe
File opened (read-only)	\??\L:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
File opened (read-only)	\??\U:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
File opened (read-only)	\??\O:	msiexec.exe
File opened (read-only)	\??\W:	msiexec.exe
File opened (read-only)	\??\O:	msiexec.exe
File opened (read-only)	\??\T:	msiexec.exe
File opened (read-only)	\??\X:	msiexec.exe
File opened (read-only)	\??\R:	msiexec.exe
File opened (read-only)	\??\U:	msiexec.exe
File opened (read-only)	\??\Y:	msiexec.exe
File opened (read-only)	\??\G:	msiexec.exe
File opened (read-only)	\??\N:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
File opened (read-only)	\??\H:	msiexec.exe
File opened (read-only)	\??\X:	msiexec.exe
File opened (read-only)	\??\M:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
File opened (read-only)	\??\Q:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
File opened (read-only)	\??\N:	msiexec.exe
File opened (read-only)	\??\A:	msiexec.exe
File opened (read-only)	\??\M:	msiexec.exe
File opened (read-only)	\??\B:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
File opened (read-only)	\??\H:	msiexec.exe
File opened (read-only)	\??\V:	msiexec.exe
File opened (read-only)	\??\Y:	msiexec.exe
File opened (read-only)	\??\O:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
File opened (read-only)	\??\Y:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
File opened (read-only)	\??\B:	msiexec.exe
File opened (read-only)	\??\Q:	msiexec.exe
File opened (read-only)	\??\B:	msiexec.exe
File opened (read-only)	\??\S:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
File opened (read-only)	\??\V:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
File opened (read-only)	\??\K:	msiexec.exe
File opened (read-only)	\??\I:	msiexec.exe
File opened (read-only)	\??\J:	msiexec.exe
File opened (read-only)	\??\E:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
File opened (read-only)	\??\G:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
File opened (read-only)	\??\I:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
File opened (read-only)	\??\W:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
File opened (read-only)	\??\G:	msiexec.exe
File opened (read-only)	\??\W:	msiexec.exe
File opened (read-only)	\??\P:	msiexec.exe
File opened (read-only)	\??\T:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
File opened (read-only)	\??\A:	msiexec.exe
File opened (read-only)	\??\E:	msiexec.exe
File opened (read-only)	\??\L:	msiexec.exe
File opened (read-only)	\??\P:	msiexec.exe
File opened (read-only)	\??\V:	msiexec.exe
File opened (read-only)	\??\Z:	msiexec.exe
File opened (read-only)	\??\R:	msiexec.exe
File opened (read-only)	\??\Z:	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\translations\qtwebengine_locales\mr.pak	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\defaultData\defaultPlugins\com.hotspot.streamdock.system.monitor.sdPlugin\images\actions\HardDisk.png	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.multiactions.sdPlugin\fr.json	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.system.multimedia.sdPlugin\Images\PS-40-停止播放.PNG	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\defaultData\defaultPlugins\com.hotspot.streamdock.system.monitor.sdPlugin\PropertyInspector\GpuCoreClockIndex.html	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.quickcontrol.sdPlugin\Images\[email protected]	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.touchbar.sdPlugin\Images\inputMethod\action.jpg	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\translations\qtwebengine_locales\hi.pak	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\translations\qtwebengine_locales\hu.pak	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\translations\qtwebengine_locales\id.pak	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\defaultData\defaultPlugins\com.hotspot.streamdock.system.monitor.sdPlugin\opencv_imgcodecs4.dll	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\defaultData\defaultPlugins\com.hotspot.streamdock.weather.sdPlugin\propertyInspector\action1\index.html	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\defaultData\defaultPlugins\com.hotspot.streamdock.weather.sdPlugin\static\img\Luxury\多云.png	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.profile.openchild.sdPlugin\ko.json	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\translations\qtwebengine_locales\bn.pak	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\defaultData\defaultPlugins\com.hotspot.streamdock.weather.sdPlugin\static\img\Modern\301-fill.svg	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.browser.sdPlugin\es.json	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.multiactions.sdPlugin\es.json	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.quicktool.sdPlugin\Images\mailAction20.png	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.quicktool.sdPlugin\Images\notificationDefaultImage.png	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\vccorlib140.dll	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\defaultData\defaultPlugins\com.hotspot.streamdock.system.monitor.sdPlugin\PropertyInspector\css\sdpi.css	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\defaultData\defaultPlugins\com.hotspot.streamdock.time.sdPlugin\action2\index.html	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.obsstudio.sdPlugin\Images\actions\scene\off.jpg	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.obsstudio.sdPlugin\Images\actions\screenshot\icon.png	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.system.website.sdPlugin\en.json	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\translations\qtwebengine_locales\sl.pak	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\defaultData\defaultPlugins\com.hotspot.streamdock.memo.sdPlugin\static\img\icon-2.png	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\defaultData\defaultPlugins\com.hotspot.streamdock.time.sdPlugin\static\utils\color.js	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.multiactions.sdPlugin\de.json	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\Qt5WinExtras.dll	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\defaultData\defaultPlugins\com.hotspot.streamdock.weather.sdPlugin\static\css\g_d8d8d8.svg	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.profile.openchild.sdPlugin\Images\create_folder_white.png	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.system.password.sdPlugin\es.json	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\translations\qtwebengine_locales\ja.pak	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.soundboard.sdPlugin\en.json	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.system.multimedia.sdPlugin\Images\PS-20-快退.png	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\defaultData\defaultPlugins\com.hotspot.streamdock.weather.sdPlugin\static\img\Luxury\中雨.png	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.device.brightness.sdPlugin\Images\btn_keybrightness_decrease.png	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.system.multimedia.sdPlugin\Images\PS-40-快进.PNG	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\defaultData\defaultPlugins\com.hotspot.streamdock.time.sdPlugin\propertyInspector\action3\index.html	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\defaultData\defaultPlugins\com.hotspot.streamdock.time.sdPlugin\static\action.js	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\defaultData\defaultPlugins\com.hotspot.streamdock.time.sdPlugin\static\img\index.jpg	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\defaultData\defaultPlugins\com.hotspot.streamdock.time.sdPlugin\static\plugin.js	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\defaultData\defaultPlugins\com.hotspot.streamdock.weather.sdPlugin\static\img\Luxury\阵雪.png	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.mouse.event.sdPlugin\ru.json	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.quickcontrol.sdPlugin\Images\[email protected]	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\defaultData\defaultPlugins\com.hotspot.streamdock.time.sdPlugin\static\中文文档.md	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\imageformats\qicns.dll	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.obsstudio.sdPlugin\ja.json	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.page.sdPlugin\Images\pageIndicator.png	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.system.text.sdPlugin\Images\btn_text.png	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\resources\icudtl.dat	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\defaultData\defaultPlugins\com.hotspot.streamdock.system.monitor.sdPlugin\liblzma.dll	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\defaultData\defaultPlugins\com.hotspot.streamdock.time.sdPlugin\fr.json	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.network.sdPlugin\it.json	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\defaultData\defaultPlugins\com.hotspot.streamdock.system.monitor.sdPlugin\es.json	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\defaultData\defaultPlugins\com.hotspot.streamdock.system.monitor.sdPlugin\ko.json	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\icons\com.hotspot.obsstudio.sdIconPack\icons\OBS-icon-126-23.jpg	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.profile.rotate.sdPlugin\Images\[email protected]	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.touchbar.sdPlugin\Images\dndMode\action.jpg	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\translations\qt_da.qm	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\api-ms-win-crt-string-l1-1-0.dll	msiexec.exe
File created	C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.quicktool.sdPlugin\de.json	msiexec.exe

Drops file in Windows directory 22 IoCs

description	ioc	Process
File created	C:\Windows\Installer\e57e436.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\e57e436.msi	msiexec.exe
File created	C:\Windows\Installer\e57e438.msi	msiexec.exe
File opened for modification	C:\Windows\Panther\UnattendGC\setupact.log	UserOOBEBroker.exe
File opened for modification	C:\Windows\Panther\UnattendGC\setuperr.log	UserOOBEBroker.exe
File opened for modification	C:\Windows\Panther\UnattendGC\diagwrn.xml	UserOOBEBroker.exe
File opened for modification	C:\Windows\Installer\	msiexec.exe
File created	C:\Windows\SystemTemp\~DF70F785B95D00102A.TMP	msiexec.exe
File created	C:\Windows\SystemTemp\~DF3093B6D00F1E640C.TMP	msiexec.exe
File created	C:\Windows\Installer\{A588B557-9C60-4455-BA69-3D30F7AE8AFF}\Applogo.exe	msiexec.exe
File created	C:\Windows\SystemTemp\~DF8948AFC3BA19B289.TMP	msiexec.exe
File created	C:\Windows\SystemTemp\~DF55896D7C3CED8420.TMP	msiexec.exe
File opened for modification	C:\Windows\Panther\UnattendGC\diagerr.xml	UserOOBEBroker.exe
File opened for modification	C:\Windows\Installer\MSIE4B4.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\MSIE561.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\MSIE5B0.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\MSIE708.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\{A588B557-9C60-4455-BA69-3D30F7AE8AFF}\Applogo.exe	msiexec.exe
File opened for modification	C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log	msiexec.exe
File opened for modification	C:\Windows\Installer\MSIE493.tmp	msiexec.exe
File created	C:\Windows\Installer\inprogressinstallinfo.ipi	msiexec.exe
File created	C:\Windows\Installer\SourceHash{A588B557-9C60-4455-BA69-3D30F7AE8AFF}	msiexec.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks SCSI registry key(s) 3 TTPs 5 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Set value (data)	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters\Partmgr\SnapshotDataCache = 534e41505041525401000000700000008ec7416a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000	vssvc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters	vssvc.exe
Key queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters	vssvc.exe
Key created	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters\Partmgr	vssvc.exe
Set value (data)	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters\Partmgr\PartitionTableCache = 0000000004000000d663cd00a411206d0000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000c01200000000ffffffff000000002701010000080000d663cd000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d01200000000000020ed3a000000ffffffff000000000700010000680900d663cd00000000000000d012000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0ff3a0000000000000005000000ffffffff000000000700010000f87f1dd663cd00000000000000f0ff3a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000d663cd0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000	vssvc.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\22\52C64B7E	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\22	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\23	msiexec.exe

Modifies registry class 27 IoCs

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\755B885A06C95544AB96D3037FEAA8FF\PackageCode = "BE97AEEF2D3241C46AEFB60948EBF17A"	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\AC5D30F21BB1E68458FDBABEE9386314\755B885A06C95544AB96D3037FEAA8FF	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\755B885A06C95544AB96D3037FEAA8FF\MainFeature	msiexec.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\755B885A06C95544AB96D3037FEAA8FF\Assignment = "1"	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\755B885A06C95544AB96D3037FEAA8FF\SourceList\Media\DiskPrompt = "[1]"	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\755B885A06C95544AB96D3037FEAA8FF\SourceList\Media\1 = "Disk1;Disk1"	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\755B885A06C95544AB96D3037FEAA8FF\SourceList\LastUsedSource = "n;1;C:\\Users\\Admin\\AppData\\Roaming\\HotSpot\\Stream Dock AJAZZ Global 2.9.174\\install\\"	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\755B885A06C95544AB96D3037FEAA8FF\ProductIcon = "C:\\Windows\\Installer\\{A588B557-9C60-4455-BA69-3D30F7AE8AFF}\\Applogo.exe"	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\755B885A06C95544AB96D3037FEAA8FF\SourceList\PackageName = "Stream-Dock-AJAZZ-Installer_Windows_global.msi"	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\755B885A06C95544AB96D3037FEAA8FF\SourceList\Net\1 = "C:\\Users\\Admin\\AppData\\Roaming\\HotSpot\\Stream Dock AJAZZ Global 2.9.174\\install\\"	msiexec.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\755B885A06C95544AB96D3037FEAA8FF\Clients = 3a0000000000	msiexec.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\755B885A06C95544AB96D3037FEAA8FF\Version = "34144430"	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\755B885A06C95544AB96D3037FEAA8FF\Transforms = ":1033"	msiexec.exe
Key created	\REGISTRY\USER\S-1-5-21-1725696949-2443092314-1471438111-1000_Classes\Local Settings\MuiCache	MiniSearchHost.exe
Key created	\REGISTRY\USER\S-1-5-21-1725696949-2443092314-1471438111-1000_Classes\Local Settings	cmd.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\755B885A06C95544AB96D3037FEAA8FF	msiexec.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\755B885A06C95544AB96D3037FEAA8FF\DeploymentFlags = "3"	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\755B885A06C95544AB96D3037FEAA8FF\SourceList	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\755B885A06C95544AB96D3037FEAA8FF	msiexec.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\755B885A06C95544AB96D3037FEAA8FF\Language = "2052"	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\AC5D30F21BB1E68458FDBABEE9386314	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\755B885A06C95544AB96D3037FEAA8FF\SourceList\Media	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\755B885A06C95544AB96D3037FEAA8FF\SourceList\Net	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\755B885A06C95544AB96D3037FEAA8FF\ProductName = "Stream Dock AJAZZ Global"	msiexec.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\755B885A06C95544AB96D3037FEAA8FF\AdvertiseFlags = "388"	msiexec.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\755B885A06C95544AB96D3037FEAA8FF\InstanceType = "0"	msiexec.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\755B885A06C95544AB96D3037FEAA8FF\AuthorizedLUAApp = "0"	msiexec.exe

Suspicious behavior: AddClipboardFormatListener 5 IoCs

pid	Process
2568	Stream Dock AJAZZ.exe
72	SplashScreen.exe
3364	Stream Dock AJAZZ.exe
1960	SplashScreen.exe
5928	Stream Dock AJAZZ.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
3128	msiexec.exe
3128	msiexec.exe
3952	7zFM.exe
3952	7zFM.exe
3952	7zFM.exe
3952	7zFM.exe
3952	7zFM.exe
3952	7zFM.exe
2568	Stream Dock AJAZZ.exe
2568	Stream Dock AJAZZ.exe
3364	Stream Dock AJAZZ.exe
3364	Stream Dock AJAZZ.exe

Suspicious behavior: GetForegroundWindowSpam 2 IoCs

pid	Process
3952	7zFM.exe
72	SplashScreen.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeRestorePrivilege	3952	7zFM.exe
Token: 35	3952	7zFM.exe
Token: SeSecurityPrivilege	3952	7zFM.exe
Token: SeSecurityPrivilege	3128	msiexec.exe
Token: SeCreateTokenPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeAssignPrimaryTokenPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeLockMemoryPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeIncreaseQuotaPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeMachineAccountPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeTcbPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeSecurityPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeTakeOwnershipPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeLoadDriverPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeSystemProfilePrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeSystemtimePrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeProfSingleProcessPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeIncBasePriorityPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeCreatePagefilePrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeCreatePermanentPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeBackupPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeRestorePrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeShutdownPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeDebugPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeAuditPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeSystemEnvironmentPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeChangeNotifyPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeRemoteShutdownPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeUndockPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeSyncAgentPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeEnableDelegationPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeManageVolumePrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeImpersonatePrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeCreateGlobalPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeCreateTokenPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeAssignPrimaryTokenPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeLockMemoryPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeIncreaseQuotaPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeMachineAccountPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeTcbPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeSecurityPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeTakeOwnershipPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeLoadDriverPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeSystemProfilePrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeSystemtimePrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeProfSingleProcessPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeIncBasePriorityPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeCreatePagefilePrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeCreatePermanentPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeBackupPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeRestorePrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeShutdownPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeDebugPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeAuditPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeSystemEnvironmentPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeChangeNotifyPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeRemoteShutdownPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeUndockPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeSyncAgentPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeEnableDelegationPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeManageVolumePrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeImpersonatePrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeCreateGlobalPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeCreateTokenPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
Token: SeAssignPrimaryTokenPrivilege	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe

Suspicious use of FindShellTrayWindow 5 IoCs

pid	Process
3952	7zFM.exe
3952	7zFM.exe
4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
4852	msiexec.exe
4852	msiexec.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2568	Stream Dock AJAZZ.exe
72	SplashScreen.exe
3924	MiniSearchHost.exe
3364	Stream Dock AJAZZ.exe
1960	SplashScreen.exe
5928	Stream Dock AJAZZ.exe

Suspicious use of WriteProcessMemory 40 IoCs

description	pid	Process	procid_target
PID 384 wrote to memory of 3952	384	cmd.exe	76
PID 384 wrote to memory of 3952	384	cmd.exe	76
PID 3952 wrote to memory of 4896	3952	7zFM.exe	79
PID 3952 wrote to memory of 4896	3952	7zFM.exe	79
PID 3952 wrote to memory of 4896	3952	7zFM.exe	79
PID 3128 wrote to memory of 3352	3128	msiexec.exe	82
PID 3128 wrote to memory of 3352	3128	msiexec.exe	82
PID 3128 wrote to memory of 3352	3128	msiexec.exe	82
PID 4896 wrote to memory of 4852	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe	81
PID 4896 wrote to memory of 4852	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe	81
PID 4896 wrote to memory of 4852	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe	81
PID 3128 wrote to memory of 4648	3128	msiexec.exe	83
PID 3128 wrote to memory of 4648	3128	msiexec.exe	83
PID 3128 wrote to memory of 4648	3128	msiexec.exe	83
PID 3128 wrote to memory of 4364	3128	msiexec.exe	87
PID 3128 wrote to memory of 4364	3128	msiexec.exe	87
PID 3128 wrote to memory of 1820	3128	msiexec.exe	89
PID 3128 wrote to memory of 1820	3128	msiexec.exe	89
PID 3128 wrote to memory of 1820	3128	msiexec.exe	89
PID 4896 wrote to memory of 3908	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe	101
PID 4896 wrote to memory of 3908	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe	101
PID 4896 wrote to memory of 3908	4896	AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe	101
PID 3908 wrote to memory of 4272	3908	cmd.exe	99
PID 3908 wrote to memory of 4272	3908	cmd.exe	99
PID 3908 wrote to memory of 4272	3908	cmd.exe	99
PID 3908 wrote to memory of 2140	3908	cmd.exe	98
PID 3908 wrote to memory of 2140	3908	cmd.exe	98
PID 3908 wrote to memory of 2140	3908	cmd.exe	98
PID 3908 wrote to memory of 2248	3908	cmd.exe	97
PID 3908 wrote to memory of 2248	3908	cmd.exe	97
PID 3908 wrote to memory of 2248	3908	cmd.exe	97
PID 3908 wrote to memory of 1988	3908	cmd.exe	96
PID 3908 wrote to memory of 1988	3908	cmd.exe	96
PID 3908 wrote to memory of 1988	3908	cmd.exe	96
PID 2568 wrote to memory of 72	2568	Stream Dock AJAZZ.exe	95
PID 2568 wrote to memory of 72	2568	Stream Dock AJAZZ.exe	95
PID 3364 wrote to memory of 1960	3364	Stream Dock AJAZZ.exe	121
PID 3364 wrote to memory of 1960	3364	Stream Dock AJAZZ.exe	121
PID 5928 wrote to memory of 5988	5928	Stream Dock AJAZZ.exe	125
PID 5928 wrote to memory of 5988	5928	Stream Dock AJAZZ.exe	125

Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware

Views/modifies file attributes 1 TTPs 2 IoCs

evasion

Hidden Files and Directories

T1564.001

pid	Process
2140	attrib.exe
4272	attrib.exe

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\AJAZZ_ AKP153E_ Single mode keyboard driver_ V1.174 (Win_ International Edition).rar"
1⤵
- Modifies registry class
- Suspicious use of WriteProcessMemory
PID:384
- C:\Program Files\7-Zip\7zFM.exe
  "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\AJAZZ_ AKP153E_ Single mode keyboard driver_ V1.174 (Win_ International Edition).rar"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:3952
- - C:\Users\Admin\AppData\Local\Temp\7zO07FA7487\AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe
    "C:\Users\Admin\AppData\Local\Temp\7zO07FA7487\AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe"
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Enumerates connected drives
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of FindShellTrayWindow
    - Suspicious use of WriteProcessMemory
    PID:4896
  - - C:\Windows\SysWOW64\msiexec.exe
      "C:\Windows\system32\msiexec.exe" /i "C:\Users\Admin\AppData\Roaming\HotSpot\Stream Dock AJAZZ Global 2.9.174\install\Stream-Dock-AJAZZ-Installer_Windows_global.msi" TRANSFORMS=:1033 AI_SETUPEXEPATH="C:\Users\Admin\AppData\Local\Temp\7zO07FA7487\AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe" SETUPEXEDIR=C:\Users\Admin\AppData\Local\Temp\7zO07FA7487\ EXE_CMD_LINE="/exenoupdates "
      4⤵
      Enumerates connected drives
      Suspicious use of FindShellTrayWindow
      PID:4852
  - - C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\EXE12BB.tmp.bat" "
      4⤵
      Suspicious use of WriteProcessMemory
      PID:3908

C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
1⤵
- Adds Run key to start application
- Enumerates connected drives
- Drops file in Program Files directory
- Drops file in Windows directory
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:3128
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding E8478E9AFAFD2B404A5AF4A2E286BC8A C
  2⤵
  - Loads dropped DLL
  PID:3352
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 2B3AB1C24B8EC467E371841429FA2F5E C
  2⤵
  - Loads dropped DLL
  PID:4648
- C:\Windows\system32\srtasks.exe
  C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:2
  2⤵
  PID:4364
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding D06D1694768206EDCE54ADF15ABD7785
  2⤵
  - Loads dropped DLL
  PID:1820

C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
1⤵
- Checks SCSI registry key(s)
PID:4692

C:\Program Files (x86)\Stream Dock AJAZZ Global\Stream Dock AJAZZ.exe
"C:\Program Files (x86)\Stream Dock AJAZZ Global\Stream Dock AJAZZ.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2568
- C:\Program Files (x86)\Stream Dock AJAZZ Global\SplashScreen.exe
  .\SplashScreen.exe ./CoreConfiguration/splash.gif 1 "Stream Dock AJAZZ" "Version: 2.9.174" Loading ""
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious behavior: AddClipboardFormatListener
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of SetWindowsHookEx
  PID:72

C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /S /D /c" cls"
1⤵
PID:1988

C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /S /D /c" del "C:\Users\Admin\AppData\Local\Temp\EXE12BB.tmp.bat" "
1⤵
PID:2248

C:\Windows\SysWOW64\attrib.exe
ATTRIB -r "C:\Users\Admin\AppData\Local\Temp\EXE12BB.tmp.bat"
1⤵
- Views/modifies file attributes
PID:2140

C:\Windows\SysWOW64\attrib.exe
ATTRIB -r "C:\Users\Admin\AppData\Local\Temp\AIE980A.tmp"
1⤵
- Views/modifies file attributes
PID:4272

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:3924

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
1⤵
PID:3840

C:\Windows\System32\oobe\UserOOBEBroker.exe
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
1⤵
- Drops file in Windows directory
PID:3232

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
1⤵
PID:4504

C:\Program Files (x86)\Stream Dock AJAZZ Global\Stream Dock AJAZZ.exe
"C:\Program Files (x86)\Stream Dock AJAZZ Global\Stream Dock AJAZZ.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:3364
- C:\Program Files (x86)\Stream Dock AJAZZ Global\SplashScreen.exe
  .\SplashScreen.exe ./CoreConfiguration/splash.gif 1 "Stream Dock AJAZZ" "Version: 2.9.174" Loading ""
  2⤵
  - Executes dropped EXE
  - Suspicious behavior: AddClipboardFormatListener
  - Suspicious use of SetWindowsHookEx
  PID:1960

C:\Program Files (x86)\Stream Dock AJAZZ Global\Stream Dock AJAZZ.exe
"C:\Program Files (x86)\Stream Dock AJAZZ Global\Stream Dock AJAZZ.exe"
1⤵
- Executes dropped EXE
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:5928
- C:\Program Files (x86)\Stream Dock AJAZZ Global\SplashScreen.exe
  .\SplashScreen.exe ./CoreConfiguration/splash.gif 1 "Stream Dock AJAZZ" "Version: 2.9.174" Loading ""
  2⤵
  - Executes dropped EXE
  PID:5988

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Hide Artifacts

T1564

Hidden Files and Directories

T1564.001

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Config.Msi\e57e437.rbs

Filesize
197KB

MD5
73aefabcdf5d4b99b2cc1cb11152fa8a

SHA1
cf0ed74f869d61a05364969644ea474ede6a5b80

SHA256
41e1ebb4a2a28f34f3346a5ffff3057c595c6b01fa47a7d512c441d95eed2ee9

SHA512
9a1372f977ae7e0989b4dce1594d9ab5faf1629130acbd81597b8c9566192aaebca6888dc69d6bad6578c7ae90b48cd5aff2c0b27ffa14f054e03331f01bb715

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\MSVCP140.dll

Filesize
149KB

MD5
04cd54ef914d3a4fb895f98f03c7dec6

SHA1
98a2f9825ac07b3ef1b138281d80e6a4e3409158

SHA256
9b9c2d09e77ec67deb74549d600c705264a7690b428f1d4baafbd7cac64219ea

SHA512
2de5ada384bcfe132ea6d208fc25cd0eb77fdb78a1482fa3abed6517b646b992f01fb602f76002d2c577e112c3a3e16d97f869a89ad0475d4be7d76a177349d8

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Qt5Core.dll

Filesize
73KB

MD5
1a1f0cf5154851f39e760f27161d7bd9

SHA1
3f43deb209c2eae10871bc6e55af1cb640bdb13b

SHA256
6fabf4a3db772b389367d37065788f634eae76a465a1787264178d29cf741af9

SHA512
bbbdd80e3d4d2084c38dba3fed44840476f09f17c223025ac28e98a15f43cc5605627ab471ec28447bcae3f20647b45502f7b35dc7022f81bad0d251098204a8

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Qt5Core.dll

Filesize
87KB

MD5
3cd2826d550d28913affce0c1aab6be4

SHA1
9657b4667c8227efe83af1e2314fb10ee05c935b

SHA256
5adaf2ef7ed253e0fe2a8911c24234e5fff49708a0bfaeba2b63c41dbd427186

SHA512
01f9e5a07d7a072fd65b80b4589e286a94866ecde2713241db7851d1d2da2446b658265b27f475bed44d8a779f4ded4af30103492ce1aef6027ef2fb10a8502a

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Qt5Gui.dll

Filesize
142KB

MD5
d2b1d0a37839ca2f29e2a49009ab0032

SHA1
f0e94ebf6c4afc04e55e8d9220d298d17908e65f

SHA256
ef2460b8a9dcbec888159aaaf8a0131ddc11956ce737090a6faf152a8385559d

SHA512
f9b779191049dddd84d1803dff6f25d36fdcd01967751e7af8bb06ad840f28858d513e28b2d440026cbd43255c90e005d84e1548633f5779398a0528fe5cea2b

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Qt5Gui.dll

Filesize
117KB

MD5
5de26298649ed42e58d276aabc4bd529

SHA1
94d1239bee83020b2c8a7b02be087980b54d4f15

SHA256
61bc1c3f96f104196b3039a93d5f39aa8650354509bccd162000294062df323d

SHA512
88f304ce3a452756df1a7e88a35aceac147cc3dcab509f1dd4f57eb298c6414e6bd1360762f207fc3b53b8a4ac2c5f52eed5943c5b8a7a048b05930a0a95b44a

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Qt5Multimedia.dll

Filesize
266KB

MD5
1c2b252b34ec4e16a144fb937207c50f

SHA1
0175a71377302067da05bc55b9a7e35c91f02979

SHA256
8d9a8024a6a0b0a5bc61462dbe2514b4ad3009808d707df55804eff4242110a9

SHA512
255c9f2d37be21508ed294834dff46029abd0792a2d9ce89741c427a3cf3da25ba85ce3a735b4815eb684d93bd33bea49c07ca2cfe1c7231e7b5074c2af120ce

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Qt5Multimedia.dll

Filesize
127KB

MD5
837e5726258bfcac174c2a5bd4687483

SHA1
f7e5d7a3e0997cbf57f0aa30503608c3b3d0cf73

SHA256
f22d8cc7784c371b7cb8ae8028decebd65ebb666b24d5725847a8a31dbf90f58

SHA512
bbc4ab48521a8afd4b5af5c9b95fccc85ca47c1b848c88c57fa746e26472f6addd8114fbd6d2dca1c85f1af0565f43bf234dcfd9801e207f7c0e31d1f62e8508

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Qt5MultimediaWidgets.dll

Filesize
99KB

MD5
d5cab2d254f3b55f1b8a30a7dfc4789a

SHA1
d1a517dff6032e5c05bef8ecd0497e6dd7ea76e9

SHA256
16b8154863b3abfc94051e10feef5046b0d643e6d7de62d3271082a7b32f51bd

SHA512
b9922c3edb319f6a72212e483d4a32a28dc3ce11d804bf3682bb8504b181a6904bb8c0967bd01cf49035076b05f2a5a4f4f92aed59aadbfa8b386bd0d5cf8042

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Qt5Network.dll

Filesize
88KB

MD5
77303f90306df0b9296e3cfab9d7c06a

SHA1
a20cae4317d26907b7d755655bc207b7f057181f

SHA256
43d1b73f42df3c62d535f345f0428d810aba2f18764715d22c4f067343a66f99

SHA512
4926d33b70ae3eb73d4f133e8d5ba54979fdd8f8a705a177bfa1d91505edf891090ff58767ff046e4f335a2fdbb38ba6b212c87d9366207d1d8820c1afd7cfed

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Qt5Quick.dll

Filesize
81KB

MD5
7e15e1194bf09fd51483ddef4f6494ad

SHA1
6ed645ed6ad997e67353fb48a4746b167fd26a5e

SHA256
47fa0bcadcf850e56c118ecf56f9d9999c66d2222654bd9d69578a173be3d1bd

SHA512
a0cd36590490f1f26f01c9d8e1863464466ccb0b2c6a5f9bc41a6d58d55f5a8f74811171d0a409b85e25be08679b1ea66438e3f978870166ee6755465eb9f2e3

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Qt5Quick.dll

Filesize
92KB

MD5
619171efe9a77df8ebf4f3807576d97c

SHA1
f1aa0d2bd946a46c51d14742ed747f217b8772e0

SHA256
aafd263d0f8d00caee2a8c20b5b58b15ac25090052bd392029b3485764629c71

SHA512
b7429c10afbc44914d173db407165df67483b4eb05958618aa5a1bb0ad2bd7ea10ea9ad18f9f91264a5511ff7f5cd943d8f48bf14e902054504a4512d5157e6d

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Qt5WebEngineCore.dll

Filesize
149KB

MD5
f6c52b96a4decbdd6dcf8128f691be5c

SHA1
c46ad1f64a6ce17e9259b94e06a60942198b3188

SHA256
0a55bee91ff02bdd54e4c9eeaee0823058a7936908e0787babf416d902c22f86

SHA512
a7b09bf2f9500c2ddab2bd8915cdcb1076216c6468160899cb91cb7c7cb6124b03c2b1fe243c70d804fb57b413f86f8e00357ef3e2fe5e5d473f818efd215bae

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Qt5WebEngineWidgets.dll

Filesize
142KB

MD5
f2b83184cb1bf8c836af494764a9f873

SHA1
a2e92cb0a9176e384c08ff05eaa8b7189fd7f7aa

SHA256
8796473f0bd3067fef8a8bc766d2d8ed643e89e9595154c7fb26878cf6f46b4a

SHA512
8c8354267611207371cdfc3cf4cd638b0ec1b94cc8fcc239dd1f9f32f0ac4f22ac3cb5015440fb47bdea7fcbc9593006b473441927f7134ff61be5c680705bdd

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Qt5WebEngineWidgets.dll

Filesize
99KB

MD5
ad3b16c295769346a5fdbdb5026b1c9a

SHA1
04ddb9a3169b3cf062e0ef532c4893e1b0e6dc4c

SHA256
9500e98c5f4ac18c8f59ad1e8a7e8fb0b263eaeecce667d189341a39a5b06384

SHA512
be344caf7f6f0173af8c57ac001e1175949b664e645e94ef20abd37532d42e595b280f6c7ac782a8a97b56942887b2121d93a4b3843fe495c9a85fe880835318

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Qt5WebSockets.dll

Filesize
61KB

MD5
368614a85bf9c5722730f5eb7d809b83

SHA1
d14d2ee67793232b5e1344270e20424f8564e9f6

SHA256
fbb6e2c43d84c99ddd69120d455dcae6d0832d924e048ad4087a09abb05378ca

SHA512
2a0d9d1183518069765d9ea84a705f9794ef4d6c0912a2b48db79d19318d38489926b0e030a7b64c826383eae0ad4304b973716bd0ac7f39c3a89cfe1fce599c

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Qt5WebSockets.dll

Filesize
43KB

MD5
7829b8f275456836149b888aabf86333

SHA1
e0eadc80d5f4e8c4fbe9f09cda893e88ec9fe399

SHA256
9e485f5178b97259388b9c7dd1cc4b05863d6672203a7a675960ea66786cac38

SHA512
deb3b198b9cf60f747fb99ab8966e6d81c34fce490509b3d0da86f4c242c7d615633620957f3664ac4bfb1c9fbc077d4074127e8afebfee66712e70288d1a9c6

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Qt5Widgets.dll

Filesize
145KB

MD5
baaf97952ac35e1a0b69a80a8711024e

SHA1
6e7ba7c6c8eb1cc2b3ae5845a7d8844f1590d5d2

SHA256
ab79af960db6894d309382b0a06ea465a98765ca62e5549ee40602ca7defe734

SHA512
1297ab9c3bf94f2e87af29514e3295bc2a329d59d1c9fe0f6d16394667a3726e7b86ac96e44200539fc09a10635ea5bbd9b3a3fee68f50c56d8b1b465fcecf51

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Qt5Widgets.dll

Filesize
169KB

MD5
0d99d18937df611de8dc4dfddda59b70

SHA1
95e54d110b5a2f5249ba40ec639ba2427aedc3a9

SHA256
4058928d55b037ab7f57af5ca18e8e94937c1764080d434812e98fa310259584

SHA512
eff86c9f95962bd084bc34374bf9fbd050f95549f062166115c9b7a0905b4bc497abec809d386746c8af22b01dbd96be50c3abc42988f9e7384dc5c41ff10fcd

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Qt5WinExtras.dll

Filesize
125KB

MD5
99e0138c3b1c78295ea3d6b771f9b61b

SHA1
15dafac25187fa6edf32ca701dc4ee63c441df74

SHA256
dfc4c38047352a191ac320a5765f6f2bbc81c78a7ddebab2271c5ca9dd03dbb4

SHA512
5e962dbefb0ac05db3d5fa775ac90fab3b3410103e2555d59d5e0f3104b751cf5f60dfc66b1c6b46f32b29536b5b09f01a0a109eabe5f2c881acbccab9289e83

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Qt5WinExtras.dll

Filesize
80KB

MD5
d31f1fa96dc0cef64d5a8f4ceec57f13

SHA1
ad17aa9d297ce79fee43d41cf81e1d0263aa74fd

SHA256
c6de6a2b67bc4c696b575d739eb7ffbebfcfaddd3e02f75c270f1e7783d52868

SHA512
386a595e6ce9937a70dc6a70e6007ef26e08bd08be71788bcad929a94ce41ea0ef93fad191a927f5a57a40f74388e4e5f10b3a471828d04c99ea9598b5313cdf

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Qt5Xml.dll

Filesize
148KB

MD5
5fa497bc566cbf322641ea42bc2ad7db

SHA1
07fdd0837d310c9767033730a0544a13b18197ef

SHA256
958f537c251a30ba528de2a1b9586d7e4a0fa783cf5ed37a6dcc9a83b7c9aa82

SHA512
93392defd283829cf0518ffe97864295ec30e212755778458850235baff96220dd6d817c7347911abe16abc47d9738bc1874e88c946732440ed9095174660815

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Qt5Xml.dll

Filesize
72KB

MD5
93b5327b52454694431d9d27089183f3

SHA1
3a5075c145015d26526ec2bc9d96780925cd6343

SHA256
b1ec878e8c92c8c0fa88ab6f0a182d1500923d1ef9168fdd6240470746cf52d7

SHA512
e69d15aebc3a4418ddd4f355bc70b8e8dfdef04b78718f82aab77be0d0e441df8f5d7e41c9064f3b06b31ae50896924714b7cbe906a6bc1d7f303d4e696d2011

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Stream Dock AJAZZ.exe

Filesize
572KB

MD5
e383f74816edfe18455c0797455ecea5

SHA1
b81f0c5698f2beadd80ca35bcf6175fd55b12994

SHA256
289c1c31c34492b39f5046eca1fd8388da4aa42affe948b2abad975d4bc506c5

SHA512
41f164fff4f8a82d207811ea24641821e6b03becf3f46e3117a5741186fadb68257acb57fd847e789f8d84c495b8d31b0a46be31896615dfcc5d87458386a0f9

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Stream Dock AJAZZ.exe

Filesize
184KB

MD5
33cdb37059d64282b9e3f8f694224b64

SHA1
5e067364b314de561a2acb6aa8ecddf7b5333c66

SHA256
b884bb04c8fe893e86f41be9637874e090d21161bcf39fe9f6fa5497a3fd7c07

SHA512
b54843a1dcc07e91445f2661b6f0029177f4f0b3abd574f9b3b89e3ca2ff11a0292e5b11c71ed02b8d4e2f7bee832e9a7a005e1376bae557de8619d4967eea30

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\Stream Dock AJAZZ.exe

Filesize
196KB

MD5
65beecf09d16bbc3f9463545292b1227

SHA1
d106dc0150b470e10bd96e7f3e8277b0b0827065

SHA256
07444f5986a47e4236135b07116499b57d04080cf657de01614969f7c35a2385

SHA512
1e318e51689829820c473bfdfa7b91b86bf84002612bb7f23c38940252daee2f4532dbf8871b7d4538699175ee928dece69d58426f2af5252a4226d3171f6469

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\icons\com.hotspot.obsstudio.sdIconPack\icons\OBS-icon-126-05.jpg

Filesize
51KB

MD5
91886308554f19bb32c8a3274f291161

SHA1
448ad58892cd747ea5cb5c7fcee987dd23ce6178

SHA256
b7903f8e4feedf3afdf278deb75c62c72007e689d50306eff0ce0d9c9ff92558

SHA512
3ea968348a052ee43a12c8aad940800a2afe1dbc66b89fb7af4330ef3b8a1d2b0caf48ecd6d662e0cf04e9912366c01ec3dea12b95a20e57f221e0cb9888222c

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\icons\com.hotspot.obsstudio.sdIconPack\icons\OBS-icon-126-13.jpg

Filesize
50KB

MD5
3d40ef3a30f3f7ba4178ffaf4b1aa82a

SHA1
f67acca5e183f98afda293c0159d07adcdb23eb7

SHA256
bcca9febc3a7d6cf766030b97eba14a45faec689ef19ab03e60d75ac064e2e89

SHA512
781874c8b69ae09104d7befa86175e888834c51574c09723f4a6e0fcdcf950242600bbe2415a34d4d0067cfb1c60cd7bb1818962fd2b09210287a1a9de3f64f9

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\libusb-1.0.dll

Filesize
188KB

MD5
f9cc51f9c2b9c184b0b9348e25afe383

SHA1
fcdbf786a99be35f374a45603e682aac5bea5c06

SHA256
c989a02566cbe8181a815293c515b2ba0f9decd83d2005fa9bd1e58ea33b3457

SHA512
afc2eccbb44fb1f100f88138a6c1785a7e98f7d16d3d9253560d28d6be3fef9e3782f84f70c64b939607c0701612fcf4a606fac70a35e7f06c54fbfccb8d66d7

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\libusb-1.0.dll

Filesize
64KB

MD5
ffddb6bbe23f2bff87b3a83966c2db0c

SHA1
7964eadf314f68dff3ec80f67d48372227874123

SHA256
6484fcb15d015022913610c4e7e665ae87fc6b0ee43d3dfe530430d3ef9f4b99

SHA512
9697dbf5eb67150967bd278022fc9e0ddceeb9c1319d429043d0ab13dd48bb1a01109dc99daa65c3650fd1fcecf483e10af1004aa2b8920a35949d2de7e22e3f

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\libz.dll

Filesize
78KB

MD5
ba57519b9d89e4a14908242fa6048773

SHA1
911007ee369a99b686ac1bbe51f126d089a61bdc

SHA256
09617ad3f88e75755ab5e94c20d21fc1b82d44d98bbb51f43cdeceb1ac9e4b04

SHA512
4d48f4077c078dcdbf8bf9fc9757aa91cce9346c2f4e36b0cb71388d4e851936d42a7bee0fa4cd3726964e5b9968f2a95a32f8ab938a85212bcd28d2cd8c51f3

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\libz.dll

Filesize
111KB

MD5
ed42f66878a1c9bf733d98c411363c57

SHA1
87195b2ffdcef15cab2ecf6a9b85d331fa7ff939

SHA256
38390965a20be41700d9d259c3578098fc327605cfcc0e24619c941884d129d6

SHA512
5d246fe3391654b6db3a9e695bbbb0576885c4b10d8b9efc9693cd31af5f4388a9bc27b24a958dfb5f5646767314dd73d2f7c20f5a2b1227d5524297e233993c

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\msvcp140.dll

Filesize
72KB

MD5
98b213a4123ca7cbc7b0bfe6bfb34ea8

SHA1
bf22d9b79460274934f095bb1dcbd86104f57e7e

SHA256
d2e2e1ca602dffc8097ec5b3a18b73fd45cebaa57b65509d33fb7bb141e56f4b

SHA512
a6433e30ec5b488591ad205d3dadb2b972c244b455927c3e4c096b82590da927d2a0dd54ce1d481a4729f71fc950feecd8ba19b682926f3b6037ed16bb8f9c6b

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.obsstudio.sdPlugin\Images\actions\scene.item.visibility\off.jpg

Filesize
55KB

MD5
84ffda244092cb19d587c696b333e72f

SHA1
b0a22dede20662a33521dc33232d32c8ebae6c65

SHA256
68b165612d1a0dddf9a6060900b57d0965185bd77eec13185bd2161a888bc0b9

SHA512
0d5b615d55515e716869ac7b7550135d29ff53029b5337f484aa7ed0afc748059b52aedba42f92189d0a3b8fe02e310cae328fd6f18590227c3e1a18c722797c

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\plugins\com.hotspot.streamdock.obsstudio.sdPlugin\Images\actions\source.audio.mute\off.jpg

Filesize
54KB

MD5
8d72aee715cc457cd9a26033f8b2d6ff

SHA1
9631271e47ef2db8177c4a8eb8ec1e6c66081bee

SHA256
50a0721382315bc0989b7ffd8bf7969170f0f7720923c433eedcd71ed09f59c3

SHA512
1b279a4c55c21d3065d19606b98b690ec77785449fb24619a18dfe1f3c860594ce064bd5ca564246793c10ab399fcdf75af78696336b8e463936a84b75daccaf

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\vcruntime140.dll

Filesize
95KB

MD5
f34eb034aa4a9735218686590cba2e8b

SHA1
2bc20acdcb201676b77a66fa7ec6b53fa2644713

SHA256
9d2b40f0395cc5d1b4d5ea17b84970c29971d448c37104676db577586d4ad1b1

SHA512
d27d5e65e8206bd7923cf2a3c4384fec0fc59e8bc29e25f8c03d039f3741c01d1a8c82979d7b88c10b209db31fbbec23909e976b3ee593dc33481f0050a445af

Download Submit
C:\Program Files (x86)\Stream Dock AJAZZ Global\vcruntime140_1.dll

Filesize
36KB

MD5
135359d350f72ad4bf716b764d39e749

SHA1
2e59d9bbcce356f0fece56c9c4917a5cacec63d7

SHA256
34048abaa070ecc13b318cea31425f4ca3edd133d350318ac65259e6058c8b32

SHA512
cf23513d63ab2192c78cae98bd3fea67d933212b630be111fa7e03be3e92af38e247eb2d3804437fd0fda70fdc87916cd24cf1d3911e9f3bfb2cc4ab72b459ba

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

Filesize
10KB

MD5
a3f9af1e1a0e1e77e6bce753a84a10b4

SHA1
961ea86ed0043c6c4437f1dc70ff479bc2c54d4c

SHA256
f0d6575a7fa344bba67ccff1df33ed686e77d0f0bdaac507275d47cebd5b34c8

SHA512
845ec44781de9badf2ae293b802b84b7e5cd4af6d7d7fb18d85feb9b39f844ec827badc879ca67d9909fb5d428bf86f8397406d08dd886534dff062bd068f852

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

Filesize
10KB

MD5
865c7aeb271067032d3afe1c13c184b8

SHA1
8a0a27709a620494cc278c1d329d13470b6e3678

SHA256
2b7d5bf4f8dbcd08fb674c090e6881976ff96fcc281d1f12acc1684ec0f28043

SHA512
8176e64894bff8a3b8b421a51c9abbd80ee5abd6103786e05a544f131de64ce5d581d34809da0b48f1c2abc897745ad63f566df163ad26706ef01861adf85a14

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zO07FA7487\AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe

Filesize
1.3MB

MD5
0027b18659b3d4524dab0b271f6f93f4

SHA1
29aaa3e4ef0847f23d0dad7a072eb183c3720bd3

SHA256
4bc3c30b2a02a67cee6b713df1de9bc0bf36d14e8b1dc3ab7bd2df57cf39f474

SHA512
ed2d8eab8526668b3cf6199da1125c13d30570e350edd179e63dc30a0c8490092571b8cc3d93f81e60233d1afdcf6629328a31daea7070252900e579fe8ed25c

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zO07FA7487\AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe

Filesize
503KB

MD5
4b1baf567d5c3a3719d2575fdb039886

SHA1
310c43782326d6fc056a5343517a0b9dd0ab8770

SHA256
4234520e92687962b5e05c1b418584470dd0a571004edb88d31625f10323337a

SHA512
23744e191f2806d2c3567d8c37a747280a17805da14fc73890b95ac0ee824bf0d6e75b1aade310749704bd12e0ad453134f1053ed93a2234978ea16f58b2d372

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zO07FA7487\AJAZZ_AKP153E_ 单模键盘驱动_V1.174版(Win_国际版).exe

Filesize
137KB

MD5
b650df739df7ae5b3e308358f0ea31fb

SHA1
464597cbad885812dc27a2b9f3d7722bf9749d5b

SHA256
f5a41313aa5f8b3b900eef5116c5caeae74a5442c06ce62c3bde7b9c7a2a1b79

SHA512
2e0bddcc7c1cda83dc54e97c51292dd21b4f127bba1cd4fc1a0599cd964a0feb8d29c4ec3575d6d54113d898ee61bb469f87c4bc78da45cc62ae22f7017e9d78

Download Submit
C:\Users\Admin\AppData\Local\Temp\AIE980A.tmp

Filesize
316KB

MD5
cd3106610cdb80a4c5fb10475b4dc7bb

SHA1
23b3c6eb5771dbae9823eed6c875e74e80ee5b04

SHA256
a53deb3f29cb1e8776541a17d108c9352b791b4a456428a0955e99f7e6a798f1

SHA512
dc6bb7ef60754c07c8e004e4cde7c8d3d3349fd0848d94fed10159f801adab597061d10507767bfa3bbd3ccc70c52f01cc7345702572a18d8be341dcacbe9a86

Download Submit
C:\Users\Admin\AppData\Local\Temp\AIE980A.tmp

Filesize
390KB

MD5
610d65019e0198011fe8862ac01768f9

SHA1
2e0ffd693645772ac48194071aac7c188d3969c0

SHA256
b747e62ac60340e3bead2ed6c5306f770862e5a5e125d1926b95f6cc43fe5f46

SHA512
cba617c32242481f1638830dae2fdee3f5b42614854fe9561a22f211cbd12b708e7e1f1fe77e52c79006340f3b96e291142c967f7499afae8e70c57ec2c6466c

Download Submit
C:\Users\Admin\AppData\Local\Temp\MSI104C.tmp

Filesize
53KB

MD5
694b4ea4039dc8f6367a8bcf209ea007

SHA1
92cb91fdd29ef93cf527d84880fa29f8efe30e15

SHA256
1fb919f408c6b49b8d993f2ef3962dc07782e99259cfd723e629211ce96236c8

SHA512
1a792d6f18d2c918510bffb96b47832e0709a5f8b23c4ca9486bc20b734ef76d5db3fb426591d442fb8c0b6cb52ea1f0ce226283f05a7d37ac539cf3a6b61eef

Download Submit
C:\Users\Admin\AppData\Local\Temp\MSI104C.tmp

Filesize
85KB

MD5
6a0a5284954dd52f3ddf2ce54f2928fd

SHA1
db7a406804a7170acab686269d714d5efb923aca

SHA256
8571c7fb6ad295e7e91f34334a55ccb10291c557dca7d5437fb73e44d07da221

SHA512
090138a26014fe83cf132434d3815713131be0a75f4d0ba1278f8d6f6a2f3fc10cef59c68d97610131e5d95057d25aa78f52f6882bdd9e19762c5a5c8ecd95ff

Download Submit
C:\Users\Admin\AppData\Local\Temp\MSI9915.tmp

Filesize
114KB

MD5
70ec73de041a0aba75d5333504d837cb

SHA1
69e551f1d7b611926f6ac0112ce4ea9506245265

SHA256
26daf16ebb7b56806dbef7ca8e261fc70637b4ba5b1d0e327dd62ba6cc75b249

SHA512
de1ea59b529c25d6a0f2078e63ad0554cb8b3b958b08d5fc16d93d8dd81eb3e400d7ebb7548851959271a0de029783d7a72e3c462ca4bb4e541a5f86d7b05e21

Download Submit
C:\Users\Admin\AppData\Local\Temp\MSI9915.tmp

Filesize
212KB

MD5
9202f3475c0af5a93b2f0657ffda9302

SHA1
55880b295d6197c2c1e0941a927ef21ffb2e8cef

SHA256
002ae99e947fa811f10c62b01bc3c23f9cdb83e44d6d656ab8871f374304d781

SHA512
345d7814d148dce8bd827effa96058519b4d463aabf187e0a92d912e358aab0c22e5b773d9b749e6df80f7da46db29a14ae105ce58ae06cc5cbbcbddb958b383

Download Submit
C:\Users\Admin\AppData\Local\Temp\MSI9A2D.tmp

Filesize
75KB

MD5
b28baea3e2802e3f3c30cb8e56444816

SHA1
09dfde7ec7f22f5813ec385289b54abe34c9c6a9

SHA256
4889b7b4905d9160a51ecfb683b925cdc2fde8dfaff3a533cd90371908436aed

SHA512
368f1b8aa01b5e345bc701cec8b660390bc9804ecaf66781d35f20af869fdb791f4e840bd56efd4ca277e6b090c03fd16d45fa90a359a3098cb35784916a10ea

Download Submit
C:\Users\Admin\AppData\Local\Temp\MSI9A2D.tmp

Filesize
62KB

MD5
4e73cbddfe1ee2a3f8c48a7eb7d89e9a

SHA1
53050e466ac31f09ec2e6f3b39d8c10b425945db

SHA256
993a45f35a1e2ccb48ed47bc0d73536772147c846f31f7a25b8af8af84ac5c41

SHA512
c51199ad0bcf646d417a9ebe8bd9c731317bb89ecc8fc4d904d94f10f78a58f3057d45487ad976d711f59924b440a52b17bc4170fc11198aa1dea03826420764

Download Submit
C:\Users\Admin\AppData\Local\Temp\MSI9A5C.tmp

Filesize
77KB

MD5
dd10c29a9b5a067143024348bee0b55f

SHA1
781896d496cc8290a2129c064b1dca5f43bfbc22

SHA256
a64f37f53734f65307f33fc2ecd3364385ba0b8b7af2de2f38b03ce364661e1c

SHA512
56eec1509e94b3c741646806cf96d3485536f2bd8a2490d99f1d9f9c8d63c80d8a6818dd1134ad49c6ee299d48c44ac45b0339bada19b057ac1e3e72fe36690c

Download Submit
C:\Users\Admin\AppData\Local\Temp\MSI9A5C.tmp

Filesize
1KB

MD5
67a94358f55c5bec82dc147b890b4b54

SHA1
01adfaf20e5d5a489f929594578e2cc32d91b174

SHA256
a5223e3d122f42ab008dac19113411c014913fca74699491181886522b3de0ec

SHA512
29efefe0b313753f2fb32ea64bf496cb9fc8b5d7bf100964d4962cdd9e84f5b396d42f97dc4ea19f98eed7a6b72f36fcdbc5be51f8c64b6dca0e268bd1c7bbfc

Download Submit
C:\Users\Admin\AppData\Local\Temp\MSI9A5C.tmp

Filesize
86KB

MD5
fadce8cf6fa6aa261240ab882e9f2882

SHA1
2c428e8b1f40960984a63c3f932d6972ac95a745

SHA256
ac3e75217a77f271cd7b70a7f6a9b777c65b76d8c20af9ce1fc42813f8eb8dfa

SHA512
e246bad6f5fa13d6b302b3128a70692afdd7a55ea71fef04d46b87bc3325ca1a6d43b84b543f737b0c0f2de43273c37ae1e3ee3c2ff8c8a8145bb0bfef00dae6

Download Submit
C:\Users\Admin\AppData\Local\Temp\MSI9A6D.tmp

Filesize
13KB

MD5
c91c9cc9f3287ce45d5da78aa01eafdf

SHA1
ad685de13d3cb226f83652e07cf28983caefec6d

SHA256
42299cf77242e027eac0fc3ade643b1c9c3c19417bb87340b090270a3d71f620

SHA512
91266eaca0922694aa67905d68a6570655fa45e076e9122480cc261792f3f4dcdbb9ebf208b2bdf30b324561642d8d99027a944c06e4f6a720a635453de75dc5

Download Submit
C:\Users\Admin\AppData\Local\Temp\MSI9A6D.tmp

Filesize
36KB

MD5
782ef4fc74671370335eb93b35240385

SHA1
a28d36f5fbbf787d3641290628f9c18e68813678

SHA256
3c402a3583c1bfa2625d745fb7e575de0cc4ffc9fe1aa2ecfdd40925b93f84ee

SHA512
f327b7349718350565c7c398ac8416d30a0b467825a5abef4ce2c56aabf98538789ad3611f8fefd7f07d0ac9cb1d90db0696e61f7867bfd05cf81cfd06030bdc

Download Submit
C:\Users\Admin\AppData\Local\Temp\MSI9A7E.tmp

Filesize
61KB

MD5
94613b1f2eace0695c3d66f5e17a7948

SHA1
0283f7653b035c7bab2bc1ac828e099bb6b08c95

SHA256
8cd0069186acf53a92765a4e314c083c04d373418e9b70e34429944e23870c18

SHA512
e067d1889318d54b203a551d1d585982b715a9bb568144a1a8185b26359639ac3c6870cd7ad515c04912998897d1ce751df02c34794446cf4626cd461d56ffee

Download Submit
C:\Users\Admin\AppData\Local\Temp\MSI9A7E.tmp

Filesize
17KB

MD5
2da724012b468f8347c0f5ad03aefac7

SHA1
24b8f5bfa119e0d010e77cd11f53484f96fd4f3a

SHA256
19f1a4750c45b41b2af33b61d374d2ae6ab94ff46295728178a5fdea50a92da6

SHA512
ebdfa72baed8d42b504c1a62cd70b3e753a52327fc587d139ae65681556a2a06950cb0eb496e81f2d60a162fb818b817fc4f98c779bb5e380f86bfc1b4804f49

Download Submit
C:\Users\Admin\AppData\Local\Temp\MSI9ADC.tmp

Filesize
260KB

MD5
f0e3167159d38491b01a23bae32647ca

SHA1
6c385f0ceaaa591b40497ee522316a7987846ed1

SHA256
15fb0bda4e4644d5769b90108c87a469cc75f74113d03240236f272396aa49fb

SHA512
dce7ebec5f1a101805467536972f08505f7ebf0e01a276af1228ed6b2a0e424f17faf402fd3c0ae5e93cda95b8c78f1d5fe163dfe8d4ed2012da4491e1498b90

Download Submit
C:\Users\Admin\AppData\Local\Temp\MSI9ADC.tmp

Filesize
37KB

MD5
c7133eb29b989c836226e17975ae5df3

SHA1
9b1e3cccdf4abdaceb66ddb6745042337d71e836

SHA256
d3358bd9edba0e1153f8c312d7f5d7088705d914f81caefd051c7e66105f8e6b

SHA512
c1427c48367f0a6d0ebc289d1dbb40a18c1dc5a2a6816b2c801642bc62dec31329b34ed6a86f684a532a93133628cec97ce2311ccd022d3bae92fe9c5664b3b1

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\Stream Dock AJAZZ Global 2.9.174\install\1033.dll

Filesize
31KB

MD5
57a68a7b4151082a9349558f207dd0ec

SHA1
adb3643e85628aa0807fee82f3eccf5bd9b881d8

SHA256
0527618b7c14e2ba4e4bd3a91891787294920b30a56738422015d8b9492dce38

SHA512
e6dbe8bba60f49bf9b9083580b61691728226c45cd9a3a747542e5f539675cf14140e0ff7c8ed2b5b1e93541ba52f624cb6876e326bb597fcb21895d0d793f6b

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\Stream Dock AJAZZ Global 2.9.174\install\1033.dll

Filesize
105KB

MD5
87422755c2541e1cee4cd836ff3bbf4b

SHA1
634c5f44034345c3b30a860ba86d8bbd536994e0

SHA256
da91bf835236f54923d6556608b9456ac0f1f89ce1a2ef412cdd3e62f6c62309

SHA512
191c5b7242aab4ca9f0118b88e0b6fe68609bc7ce15a20b3893352f1315a64d9e0f40417d8d6aadd119cb61377c99c24dd18d7b708bbf5e3df6a04b66065041f

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\Stream Dock AJAZZ Global 2.9.174\install\Stream-Dock-AJAZZ-Installer_Windows_global.msi

Filesize
140KB

MD5
14b9fd8530a9721bd59a76fe3f6fbd03

SHA1
55987ef46aa1b5c089052194c5900df1f4af33b0

SHA256
a02a30f4de0eb7c3327975cb0816f949151425efb862f2cd3c89bc369097b492

SHA512
8dd037ee2cbb5f5607b5737a1647a89d066ea74db6a5fc2d0b34f3766e630b501ff074eb4a83e1314b1246ba7cea296325dd9a5ed101b6d34d57434e6ff3d2a7

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\Stream Dock AJAZZ Global 2.9.174\install\Stream-Dock-AJAZZ-Installer_Windows_global1.cab

Filesize
91KB

MD5
bdfe795e90b00a7437de53d41a2288e9

SHA1
1c08e7bb121526b84120bd54624747afc266c4da

SHA256
600efcca2c928c274f1a3160f2912ca0874d26f24baefaf03afe7dfee8d72acf

SHA512
ef7cdff3e17efb8e8f81dfd7a8eeed3932d98d9037a876ad322e7c02c4be344fef74e4b441ad38119ef7337d1f19f481ae5c57619fa77f965aa3a26b030e4c3f

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\config\StreamDockConfig.ini.lock

Filesize
70B

MD5
1da932301f1899156847d6f3c283a1dc

SHA1
9c1b9baebf4f27e40d670a8e9e1b5094a28bf91e

SHA256
cf4564a4512e2be52d871b9703e466507b94609ae0ad2ec25e2c686fe9dc77a9

SHA512
227dfa3ac2f469f712531a03a21e4e5fcee7480e8ee488296a798127cad69926fcb01e21fcd9d8766641d711299314ef8eab1b43d4c1de3684b21b5433d523d6

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.memo.sdPlugin\manifest.json

Filesize
1KB

MD5
d1a83cce8ebc324757a8633eb33bdc71

SHA1
2029db5b4095db865f0e8366172d4e3e403f4e63

SHA256
7e6cb06c8a7e369777304b33a8950ef1ae7e2511ff05135fcbb71e510a10e099

SHA512
0e4f850d726e89e45429b58bcb986f91f134d255bea7a25c2095bc9da6877bfc6ec05f135df0f1b1bea695ced348b4c6ad1167ac863d5abb84536e65233fbe79

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.memo.sdPlugin\static\action.js

Filesize
44KB

MD5
d77e067ddb424ea55879b418c52fb533

SHA1
353e1f477f481eb627e9d3dce05cbd887d592c0a

SHA256
ea293832a1801abda7176339d6cfd1691a18e3134f9914765cb48195f9d63f37

SHA512
36be9bb71fb3a10829e4a97677e3291b82c9b1146a76cf472ebf73ff4d8357daf960d5b517d36f1902fa3037dba84bd97ba91e252335a1fc8cd8787c5839adac

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.memo.sdPlugin\static\css\caret.svg

Filesize
174B

MD5
9653c2655868a370346c624574884831

SHA1
aaf09f56a4087c4c886e2c809e3d020d6ce8b327

SHA256
fddd4d2330003d0da8b7076bb0a014512eaefb43d789c91bab577eea11a959b1

SHA512
5f3183f8640bcdde9a4a7da87261165828c1f5ef1cfbfbe4155909c98c09bba359250cc9e59f000f75510fadadbc255f39627a8f4a01cbddee08ad14542c5173

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.memo.sdPlugin\static\css\check.svg

Filesize
213B

MD5
c3f69b0c5e40da20dd189edc7644498c

SHA1
44ff5d9abe16e78343e69eece302e2086efe8672

SHA256
5219ac49b82c325cfadc705ee50d82682f652b66c7187d40af243c22cd3ddd11

SHA512
1fa29a321609a6baf95b571f9febade248fe287f4d13bf1d55bf5705074fdfba17d4f787e18bd66980c2e79ea9798643914d50b95d04da29145b509a93787557

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.memo.sdPlugin\static\css\elg_calendar.svg

Filesize
1KB

MD5
caaed126ea7d3d3a7dd1e19347cbe27c

SHA1
4388dc9bb846c4b77b461637e567b514d0fb61f6

SHA256
cfb84ec9989f8f858bd529b2a760826e20f3fb21986e94b8a287b495a9c3a0d0

SHA512
01c79055f2e09ad5f47d6b3ac92598a77a3b4fa5f51f6582b402b12c59df3efc410e6550527d12056c70023c1e1d795decb064b1639c9599e60a993779483054

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.memo.sdPlugin\static\css\elg_calendar_inv.svg

Filesize
771B

MD5
906dd217d23961dac1c03eddf9304592

SHA1
a8283ed9541f721dfb6a50241e97def97cad6d4d

SHA256
22126b4c02d4ac5540463014b9286169c701714964fc09c75564e927398c2ccf

SHA512
79faf0cfc8f5c3e8008ed43e1ff405e6217cd5b97798023fea140dae5a41cb485a359114c6f33ba13a2bfda2a39e276c07a1e759687c6d0b1d050871ea4b0c01

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.memo.sdPlugin\static\css\rcheck.svg

Filesize
134B

MD5
59e78730fb3e86ef5699ab35ba88b366

SHA1
36f83b60826d1ee0ea19457b994b542ea086c41d

SHA256
63363a9d1780a0444bc7457f66fd425f744312a3d1be85f0f76399bc1da36859

SHA512
7a678ae01dfe26ec013ef7cdf3934dfb59f101c0ef1e7fb1c7d89a5ca72ea1c0b96801f12d48e333467ffc2ef06e25ea6e0f08ad28acd539f877d37383dc31a5

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.memo.sdPlugin\static\css\sdpi.css

Filesize
44KB

MD5
46ab9f25c741d11159b3c726666002df

SHA1
47581bfb2e8be37a61cb617add44d079474754dd

SHA256
273e3ce6309e5424348a8a540defab847fe2a9b623abe67d0e4eb719e6403e46

SHA512
a8751e9c6b807afda95bb22aa8d9169542a80882c0c3a1858e196635d3ca1d69bf578aad1bda0adb9b935944f3be9cad57becde1064fe4464fddb0161036ab99

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.memo.sdPlugin\static\worker.js

Filesize
105B

MD5
99b7e767cb8a3acbc0d747b9c106c2af

SHA1
819ff78bd00063fe15317f569793dbd2ef2a148b

SHA256
01d0ea631412ee0edabe75365f94e039f525f4c608f78cf2dbaf25a7338d6874

SHA512
49fcb76e5b3e7f0563b68f28b8c9a74dfb9edf55efaf600f0e8e6c7afa8577fe4403aa2f1ff21badaa65d120fe648e39d39ef102556850254dff7f03802398c8

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.memo.sdPlugin\static\事件速查.md

Filesize
2KB

MD5
9875e6f8de830a7d3415e4595e08489d

SHA1
cd7186e36f41ea71d152f09fada3ffea5f99f6b1

SHA256
ce02309d72a52753dce155a6fc248bc9773f88c60117bb4b08503e843e9fd0a5

SHA512
624619defe0ea2778b228d3ce0e4fd57b2a21bc5ca962f2951fd9a1b1080a029c4aeedc562887567479a1a3f21eab4ceee45286a434b2a7fd9042ec3e1493367

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.system.monitor.sdPlugin\HardDisk_126.png

Filesize
18KB

MD5
0856c2a5ef719aeb94d66de7284ef980

SHA1
1e820b171c08cc43eadff1cf872f0a3d529552d0

SHA256
51e858937c67aaad5a470b8e660e7f9011e5054ddd06df2253893cf51e1ee3a9

SHA512
cfc2d314c27a90666b4378df4f10e06e0e5c0c45c65ab8c53f3243c368c9904de328646257803beec5fedafbbcfbb8a4b1387fcf85daddce2960d0edf8ad79d8

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.system.monitor.sdPlugin\concrt140.dll

Filesize
310KB

MD5
cd12471b295f6a1c66dcc9fc519eef5b

SHA1
dbca64bc390ea30d54c184086f0505fef35cd969

SHA256
573229a07f38ab9d2fc2e1a5b98e9243b9b39100323180c83ad7ddaf98eee46a

SHA512
c8a75f285e12f3e65ea18b002d4661f01ebf54d464fec761917ac09709ff6005f0e15bf76756ccde8d19fe88f096d05df20bab252bb2c26248af5aaad846b988

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.system.monitor.sdPlugin\images\actions\HardDisk_Choosen.png

Filesize
14KB

MD5
47058ce497867b163c4afaab198b6f8a

SHA1
97ff28f32ee5bfc6edb5c313db630b8572fc5f89

SHA256
ef50dcc241591893b2111e59005c7d80d88ebd79592782e1a84865efa288f18a

SHA512
01262872dd264ebceaa05765f63d641cd1a10b0ec016675b7d7db591d55283dda0972dd84f958976f2eee59b0c442552fd123e3b32eb26d6d713e1094d2de565

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.system.monitor.sdPlugin\images\actions\NetWork_HardDisk\HardDisk.bmp

Filesize
46KB

MD5
e8ba2b5b7641f7cf608cf81b81b3f427

SHA1
9455f85dbb9d6eb4f4e77c9625df71be911c1b67

SHA256
04d88133b373f24f91272c5c76e1aa507064bd71586607415671f8b2510567ea

SHA512
18db87b2a85cc253418e10a7e704a8954b3a4460ca868e1a75ead9ca14cefba4d9f44f61a48355bdd44c440562ac4a1317d6fc7f45d6eaa948ee12dd7f654dca

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.system.monitor.sdPlugin\images\zh_CN.json

Filesize
2KB

MD5
26b4d066b6fc94f881015c551df11ab0

SHA1
0bd837fa2825f9db9215c69ac01f46ea371dfb4b

SHA256
a5e18f75633f4b5075c400c0e41ecf27c344b7a1e1a022ca68727e5858a1f4b5

SHA512
100e4e9c268f51607e93f7f9651ab50ff8e3ef1f7c8ba0e7b77465e11207575117c03c46aef5064f2403a3fa72967e5ce47f2d2362855c1b84d2c406a4881b3e

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.system.monitor.sdPlugin\msvcp140.dll

Filesize
553KB

MD5
6da7f4530edb350cf9d967d969ccecf8

SHA1
3e2681ea91f60a7a9ef2407399d13c1ca6aa71e9

SHA256
9fee6f36547d6f6ea7ca0338655555dba6bb0f798bc60334d29b94d1547da4da

SHA512
1f77f900215a4966f7f4e5d23b4aaad203136cb8561f4e36f03f13659fe1ff4b81caa75fef557c890e108f28f0484ad2baa825559114c0daa588cf1de6c1afab

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.system.monitor.sdPlugin\msvcp140_1.dll

Filesize
23KB

MD5
0832532fab0d5c949aa0c65169aa9d61

SHA1
26f1bee679b7a6289b663c4fa4e65eba33a234e8

SHA256
8731a93e519c2595c9fd489e6d9ac07e964448c0da1c8ee9ee500a7989482617

SHA512
03147a59ee35fb3d2752d4c40741a39674ccd4474a575746bc574d2b2fae1fd04f5ab9c2e02b0dc6268fc6aee8fbb46dc4bf5ff23b5fcc4a0e9b847f57ca79d0

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.system.monitor.sdPlugin\msvcp140_2.dll

Filesize
182KB

MD5
e35261e9f4478aabe736bb2269c20b59

SHA1
f17330804c159418d4acf7a803662b8c1f7686fd

SHA256
366af8e071f004da5d95a832a46b2e8821a8e0294340a93f7c95cf48c441067e

SHA512
2694d21431e9b72a9591c4658dc3ade5795a52fcf2bc8631928181a7aeee49184cf741d50e28581b96d439360d21cb176c6bb011db4fa742a2fc64afa38baaf9

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.system.monitor.sdPlugin\msvcp140_atomic_wait.dll

Filesize
55KB

MD5
4e81a05a4b996d180f811426c5e23278

SHA1
95f57da55ae2dad5807b87a0c2bae2784a788dec

SHA256
c61a28711f8c6e9bfd4879cf5f53b013d653badad308abe3e887c694b223d6f0

SHA512
246aa70c5eb924d13c8a45fe1c75d1c5c9fbc9ae4e4af0fade44242af395bba9c65e9ed7eef7f52e29aaf987bbbddd8e775467705cb6da4934e440688ffef8ee

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.system.monitor.sdPlugin\msvcp140_codecvt_ids.dll

Filesize
20KB

MD5
c7e047cea075a9256916cfb83eaed1a6

SHA1
64e128c1f9cc440a3fd7564d00ae6f7e70cc2fa7

SHA256
9b45fd069bd0076d8abfeb7c3c30a1f5c5fc8e7124017853a93d831a346c3d21

SHA512
1e0ac2dfc18e88500fb89191b1f8a875db3b8013acac06d82d815d53b6ac5d3b5e3b79ad4c5f965ce11f5e68ed649b76475a3e40e986640fb95a8c6d194bcc85

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.system.monitor.sdPlugin\vccorlib140.dll

Filesize
327KB

MD5
2d581d8598f4db0fc55b415b841c7544

SHA1
e8a3d709a2cfe4262e0cb020851ec728134ccc34

SHA256
79284659bf4302162302737d2513b17e09742cdefb9540e80f97d30c93077d7c

SHA512
adbcfc80afcfe69db9587536ea88ab09570f51d2213b0f29e55e01eeb518c9f35a7723fdf0e06284e2cadc63c49b25575ddea3b4032501917d002b648998c98e

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.time.sdPlugin\static\action.js

Filesize
4KB

MD5
97a59d28ddafe7ec343f15ee8796c5fd

SHA1
92f6bfde1da772455c8a7ffafd1eb5213015e15e

SHA256
fdd55d7fac00825fee48218b3cad819719a433ce01b77aed188c16f5b30f26f1

SHA512
dece18d3ac54d615f1ccf23e70c23c6497197e13c946b3696d4b24d033c4bc21f80560dc0d7997c3580777879daeabf5eba69e5c39462932f7435d1f0edd443e

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.time.sdPlugin\static\css\check.png

Filesize
234B

MD5
cf0d898ab81a706b28da406b4cb04456

SHA1
98215a45ac5475fcf7e01652de52d396822088b4

SHA256
b5fb6fbe1417751ca7dd87552398d4585cb002654aa69632fdf6f43dbc65220c

SHA512
60d2d12cac97e422ffce32130c1bd356bdce49d49f78577633cd992aaebd57b98e9bb88f95de31d208ce704881d644ce7c8682faaecafc96fe121756683f3fb3

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.time.sdPlugin\static\css\g_d8d8d8.svg

Filesize
3KB

MD5
a070a491a29b046858166d9c076431e8

SHA1
644d01a94f383512d672dd3cc46ba61edecaa4bd

SHA256
b362e786858e836ec7a8ae739ead1f17389fee9dbeb8d7a8b2cd369e96b9930b

SHA512
0940c623c3c75636607ac832f80e56678b259181889e6e846a1eb92895dfc7ee4ba579313fb1ddfa87b6d3731c50e352ae990bcdec3c9905ac3a74a8d54bdaad

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.time.sdPlugin\static\css\sdpi.css

Filesize
36KB

MD5
16ede76d7114c9aba7370adde0e94e4f

SHA1
aab789b05d9fdf31940566fc975fa8f47e235418

SHA256
c0606353c24a6a8f07723b45ab43f4d57397a5045aaf08ec907964560ffdfeec

SHA512
533c390c10a1e4882202d1d5427a69b8cc81a49a6cf7144496437beb6a0e023ffaa5e8ee7cb529f41718378fa4d5b4ff8f74be8e43e47ffcb1702355f6dd6d56

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.time.sdPlugin\static\img\index.jpg

Filesize
27KB

MD5
5fe8f8cc9d454622082c66011f7a8b78

SHA1
d7abbfd3d2de4151ff32f33790d7fc5cc9c8b514

SHA256
ff17985234ef3241e67d694602d4dc3617621fe6d42be54aef55779fa7ae6605

SHA512
26966e7ad79fc5c7529c68878e29166ca0f6181dcaa7c96d270563a256e43ecd6d55f595cdaceafb524b48eeb653a84ae791c97db20e1e502c699860a8212e49

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.time.sdPlugin\static\plugin.js

Filesize
4KB

MD5
70af8c2db678405344a1fb36d30faa35

SHA1
e9cad4416f8ee4778c15c22f17a32caf2c3714ab

SHA256
3e99d42bef258e35045272aace9ac80b41d79002806bc1d5758cd81b6d2aee1a

SHA512
cf2035c0b135ae4c9ccd944033f0a928e37cfae7c29756fbb8a41e8962d80e197362dcbae625f90cecddf27c8c3268ea6fba5a48fcd39b2a531608e883e899c9

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.time.sdPlugin\static\utils\axios.js

Filesize
31KB

MD5
73ee54f4d3d80418e4a73c17c20c55f3

SHA1
2efbd54acac87f1a47fb51db47d4b934f798c7a6

SHA256
b38e84fad4b6a237f833bbaf87d726cc3c38e8e63322731f365d2d0dd40a9cc5

SHA512
cd0a381b62fe4fa9718c834326b5d788080b7db8c2425160569721178cb8529005fc081f8f588095fe43b89d85f6020d9dd6a7d40e548c3c3f1cfd7086b0eab9

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.time.sdPlugin\static\utils\color.js

Filesize
2KB

MD5
ac269fc8c5461afe8fbfb65fd91c2de3

SHA1
8de365f38a73c1c0cbecec7d593db224bc6795c5

SHA256
cd6172c963f14b89af5174b5641d03b1cc41fa0fe8f1225844812d1cd842554f

SHA512
189580f473e6f8ed121db317fa7a9bd99b42cf9b109542853b2c02d08473c28ded0ea21624bcb01f5b0b432f60d636efc7451acfed83b8ac386ca97c0563ea7a

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.time.sdPlugin\static\utils\common.js

Filesize
2KB

MD5
efcab2928672f4478d9cc3d048656fac

SHA1
8f2445e6823bbc130999280d50c10050bc1fbc49

SHA256
80858f9bcc47e07cab2bd1bb4aad625927a6c01c46f0597846449b83b47266b6

SHA512
be63564a9e237b9d0e2e37f8e26ef0ad03735a791ac163681eaa14916ac66f774e8d9567b02c08247e97c10a4b4b74bf78e2b5e299fe213f584a1c8ce741cc27

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\plugins\com.hotspot.streamdock.time.sdPlugin\static\中文文档.md

Filesize
6KB

MD5
0be0ec76c14a2905f567d9cb4503eb40

SHA1
4a4074b3605ccc1169ae6e75ba23a7731d880cb5

SHA256
c4cb853986b5a4a4e8fb89dfde8f981c22d1b5e2de9cf3c4f6ea5377479aefc2

SHA512
97bc0912c9f028030bb3308b52eea919acd9a2bc4ac593f0e5feb0a4441a01207ef54bf8758aff0a61c303e9b6294263c79f662bef536f51e098ad2cbc9d05ad

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\profiles\68T3GGS7-2HB0-B9I2-KTI3-6YNA52JU698J.sdProfile\Images\O1GWWTCR3HG0XPQ236GC4425A4A.png

Filesize
62KB

MD5
5204749ecc5033c5c37d2a3a4735892c

SHA1
1f4705bfab252b533c54b79d0c89d655d0560534

SHA256
45e4e645733d561cb90e4ae1d9fbc788eae7e14f49b8d9ab6e40264af0a7cbdd

SHA512
bd24477628f2c523c503fe1cb3a3da9848bc773004566f4f699dae4572abb7cb9faf28e8562f682b0485d7867446080d030dbda71cffa88cb2348310d4155243

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\profiles\68T3GGS7-2HB0-B9I2-KTI3-6YNA52JU698J.sdProfile\Images\Q00P50KV57BVJN4MFE9062SHHX5.png

Filesize
64KB

MD5
795310efce78eedbf65c2b188f473f0f

SHA1
0b9b0aa9108a3a39e18e049c5e6d11d7888058ee

SHA256
bf352c3fc487c46db2a67c803795a6c83ce93fdb0899350c897083518629ea08

SHA512
800df51c2bd5ecc39c613bb714efee24fb3360d322927b3b1aacb1cd5883be2f01ca03a16129b51d89dc39c956868f9b264da1daa465130af24afd04ac60170c

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\profiles\8DCYD2Z7-7PR1-73XN-S3PJ-K282L38Q1404.sdProfile\profiles\D4E3V3XP-3W74-XM48-LFDR-YAOUM60HCZ7E.sdProfile\manifest.json

Filesize
126B

MD5
22767a043bffd274cc2e20aab95ef8e7

SHA1
3b9948610576a786bb4cd1e44cbda3dcb0667165

SHA256
cfd334cae0750ad54c9469a17283ecdc5c0ccb5d91c47478865bf2c949ca960b

SHA512
6b85e5361483dc4ab915ff71937dad2c282eec74fccf058eafc1c846e51e26d2848303abbada1e8e9e7286046a1d53f4912cde0545348a040a4fc461391afd95

Download Submit
C:\Users\Admin\AppData\Roaming\HotSpot\StreamDock\profiles\951IGBH2-L7A3-1LDP-3E3M-WYO0KJP27N4H.sdProfile\Images\83BW8V4I1MJILK4ZD3A16SZ06KG.png

Filesize
53KB

MD5
0111b333010c4787db8a777150f0b7e5

SHA1
bdb36c43c4dc2ce4b50ff26a79d66c6cf1824cb3

SHA256
5e7291d5cb854eecc1c9d3cde9196a7448640e44a05026b0489b4ec0ec181304

SHA512
b888a650869df7ae326bf766a15f7676b22d8650055a3643d8c9139bd1a7ba1d9a7a632d34f2b2138fff1764dfa8253ed4195553bde6dfe056da0753c32505c7

Download Submit
C:\Windows\Installer\MSIE5B0.tmp

Filesize
381KB

MD5
85cb050d57d631fbed862aef48c50d8b

SHA1
fe15e935e871c640196d20db1d4681bb60d55add

SHA256
8b190f2dd956572773f4c9927e3137227e46f5907651d00103bcea09e50c3bef

SHA512
d09e3b09d7a66833693f12dfee844ba0db85132b8da3499dc0e0c7ab9c3d8221bf8cb5a97bc0190544670bdaf4e4e3917c0cefd75cbbca8ff0e0f11e5619f38e

Download Submit
\??\GLOBALROOT\Device\HarddiskVolumeShadowCopy2\System Volume Information\SPP\metadata-2

Filesize
147KB

MD5
8aa0b80c916801dbe51b4d92c381fac4

SHA1
5f0a0e539389c8513032ecf11f04bc27b3ffb077

SHA256
bb582383ed12d3d4b22f9c2db891019884d60a63e5cd83f3932ea9860d35fb1d

SHA512
0557de9a713c0bfa4b5973cdbd3e967af7f8c502c8ae67b34d07555ad92f01aea8cbc949407d4c233851a55f60fcf81ce65fdcb6b14e7cfc51016480e36d13d4

Download Submit
\??\Volume{00cd63d6-0000-0000-0000-d01200000000}\System Volume Information\SPP\OnlineMetadataCache\{008acf28-6e5f-44f0-9fd2-6fcaa650bddd}_OnDiskSnapshotProp

Filesize
6KB

MD5
8bac506029d25822c509a6c4bff71963

SHA1
984da1ea817945473c608c6279d7a3b446139f3c

SHA256
f81c4ec12449dfba5c38ddf28c660ba081da89f0645daa0aa30c51512b2e0b62

SHA512
80c60bec559304ebb58b89a473edda8206b8c25599a77e6285883fdd955408c72b69b9503eaf13427915a61856e4128191c6ec62ef4c8ae5d7d140d83f9bf73d

Download Submit
memory/72-1284-0x0000029F50890000-0x0000029F508A0000-memory.dmp

Filesize
64KB

Download
memory/72-1283-0x00007FFD64640000-0x00007FFD64B81000-memory.dmp

Filesize
5.3MB

Download
memory/1960-1785-0x00007FFD64640000-0x00007FFD64B81000-memory.dmp

Filesize
5.3MB

Download
memory/1960-2059-0x0000021948020000-0x0000021948030000-memory.dmp

Filesize
64KB

Download
memory/2568-1275-0x0000024C70AE0000-0x0000024C70AF0000-memory.dmp

Filesize
64KB

Download
memory/2568-1267-0x00007FFD63460000-0x00007FFD63858000-memory.dmp

Filesize
4.0MB

Download
memory/2568-1264-0x00007FFD64640000-0x00007FFD64B81000-memory.dmp

Filesize
5.3MB

Download
memory/2568-1265-0x00007FFD63460000-0x00007FFD63858000-memory.dmp

Filesize
4.0MB

Download
memory/2568-1268-0x00007FF661E40000-0x00007FF663158000-memory.dmp

Filesize
19.1MB

Download
memory/2568-1266-0x00007FF661E40000-0x00007FF663158000-memory.dmp

Filesize
19.1MB

Download
memory/3364-1740-0x0000020751720000-0x0000020751730000-memory.dmp

Filesize
64KB

Download
memory/3364-1739-0x00007FF661E40000-0x00007FF663158000-memory.dmp

Filesize
19.1MB

Download
memory/3364-1737-0x00007FFD64640000-0x00007FFD64B81000-memory.dmp

Filesize
5.3MB

Download
memory/3364-1738-0x00007FFD62FD0000-0x00007FFD633C8000-memory.dmp

Filesize
4.0MB

Download
memory/5928-2079-0x000001920DD10000-0x000001920DD20000-memory.dmp

Filesize
64KB

Download
memory/5928-2078-0x00007FF661E40000-0x00007FF663158000-memory.dmp

Filesize
19.1MB

Download
memory/5928-2077-0x00007FFD62FD0000-0x00007FFD633C8000-memory.dmp

Filesize
4.0MB

Download
memory/5928-2076-0x00007FFD64640000-0x00007FFD64B81000-memory.dmp

Filesize
5.3MB

Download
memory/5988-2093-0x00007FFD64640000-0x00007FFD64B81000-memory.dmp

Filesize
5.3MB

Download
memory/5988-2278-0x00000207CF490000-0x00000207CF4A0000-memory.dmp

Filesize
64KB

Download