32debd21dbe46268e2305271fd63b96afa4284ffa3cf7ae005f1b70e79699ff1

Analysis

max time kernel
621s
max time network
623s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
13/02/2024, 02:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

namebench-1.3.1-Windows.exe
Size

5.0MB
MD5

2a26c182bcc0afee88434e64b7b633be
SHA1

b33778303d37bb6a2e6fe4861c72390a41f3ab7a
SHA256

32debd21dbe46268e2305271fd63b96afa4284ffa3cf7ae005f1b70e79699ff1
SHA512

3b4ab8a648864039dd2cf9f00c3d26c15dc2c191589e346240b5cb024c81a5b49037f8db426554c74560ebaf198ad21e67cc90a61cb505ab3ead0f176ad58de9
SSDEEP

98304:4WZu6rAhzWyY5uwWsyIC+64ZFmFkrRVA+BqetVnEVVcdelwEzbTEUEs8T/F:4WZFrAhzjTsyIC+6hKketVEV2de2UbOJ

Score

9^/10

discovery spyware stealer upx

Malware Config

Signatures

Contacts a large (4433) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046

Executes dropped EXE 1 IoCs

pid	Process
4684	namebench.exe

Loads dropped DLL 15 IoCs

pid	Process
4684	namebench.exe
4684	namebench.exe
4684	namebench.exe
4684	namebench.exe
4684	namebench.exe
4684	namebench.exe
4684	namebench.exe
4684	namebench.exe
4684	namebench.exe
4684	namebench.exe
4684	namebench.exe
4684	namebench.exe
4684	namebench.exe
4684	namebench.exe
4684	namebench.exe

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/1348-0-0x0000000000400000-0x000000000041B000-memory.dmp	upx
behavioral2/memory/1348-16-0x0000000000400000-0x000000000041B000-memory.dmp	upx
behavioral2/memory/1348-375-0x0000000000400000-0x000000000041B000-memory.dmp	upx

Unexpected DNS network traffic destination 64 IoCs

Network traffic to other servers than the configured DNS servers was detected on the DNS port.

description	ioc
Destination IP	66.214.48.27
Destination IP	124.195.15.98
Destination IP	195.178.32.2
Destination IP	132.178.4.39
Destination IP	209.213.64.2
Destination IP	64.233.128.10
Destination IP	198.144.192.4
Destination IP	206.80.254.68
Destination IP	67.100.88.27
Destination IP	64.119.60.5
Destination IP	193.251.169.83
Destination IP	68.87.73.246
Destination IP	208.70.22.22
Destination IP	194.192.21.151
Destination IP	80.88.192.2
Destination IP	203.50.2.71
Destination IP	193.140.100.220
Destination IP	24.149.0.6
Destination IP	61.128.128.68
Destination IP	216.81.96.68
Destination IP	213.132.33.15
Destination IP	142.177.1.2
Destination IP	203.81.162.22
Destination IP	167.206.251.130
Destination IP	131.114.69.20
Destination IP	200.23.242.201
Destination IP	66.253.230.60
Destination IP	194.119.232.3
Destination IP	202.138.194.36
Destination IP	168.95.192.2
Destination IP	81.12.12.201
Destination IP	80.10.246.2
Destination IP	66.36.250.14
Destination IP	210.0.255.251
Destination IP	128.147.128.83
Destination IP	222.46.120.5
Destination IP	193.204.187.131
Destination IP	130.94.25.65
Destination IP	84.21.0.5
Destination IP	201.117.66.4
Destination IP	202.51.16.14
Destination IP	213.184.238.6
Destination IP	63.240.76.198
Destination IP	212.82.225.12
Destination IP	82.216.111.124
Destination IP	212.103.160.22
Destination IP	64.80.255.251
Destination IP	194.51.3.56
Destination IP	193.188.97.193
Destination IP	194.176.224.3
Destination IP	213.16.20.3
Destination IP	66.115.210.4
Destination IP	193.135.252.2
Destination IP	69.64.224.67
Destination IP	66.92.64.2
Destination IP	216.220.93.193
Destination IP	216.52.1.1
Destination IP	210.131.249.33
Destination IP	205.152.144.23
Destination IP	195.67.199.33
Destination IP	202.148.1.196
Destination IP	217.218.29.3
Destination IP	217.71.105.254
Destination IP	213.239.128.3

Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
4684	namebench.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1348 wrote to memory of 4684	1348	namebench-1.3.1-Windows.exe	93
PID 1348 wrote to memory of 4684	1348	namebench-1.3.1-Windows.exe	93
PID 1348 wrote to memory of 4684	1348	namebench-1.3.1-Windows.exe	93

C:\Users\Admin\AppData\Local\Temp\namebench-1.3.1-Windows.exe
"C:\Users\Admin\AppData\Local\Temp\namebench-1.3.1-Windows.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1348
- C:\Users\Admin\AppData\Local\Temp\namebench.exe
  namebench.exe
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious use of FindShellTrayWindow
  PID:4684

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Network Service Discovery

T1046

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\FE3D95.tmp

Filesize
798B

MD5
22b87765d9e22f33898885336d86d5b3

SHA1
baed9043ab985c71d91635b7e6832f7f4340ecc8

SHA256
4b82c5ef5e8188fae4ca89c8a66f96fffaa9c4ad2db5cbc45b41fb7287e2b318

SHA512
d9e607d7d28009181ca94d99efe4846787ccc1351d231fc5fc3713c3ad477532af22a10257e746dcf2de4562f27e2742c38a7750045970e808255ba35d9634d7

Download Submit
C:\Users\Admin\AppData\Local\Temp\PYTHON27.DLL

Filesize
1.8MB

MD5
28524fd2f052196d40b7f391de55076d

SHA1
b510d802d593bbdd0096c7bf13d00a7699e3a97a

SHA256
73c2ddd7dc22910961ebd4a36442774361d054975d6465d01e6e69bf8df58c18

SHA512
7eaf8caf927b9a6c968aeaca3d3efae4911c7c3660b16f721e28b59438f775c94be828ce3e1e31ef560c5bf18a46165240611f3d1252216ee9181945615b5384

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ctypes.pyd

Filesize
71KB

MD5
7fe9f2b2bd7a1887c449ff7a1f87f937

SHA1
cb9643466055502e980a5d7a84e58bd01df1fceb

SHA256
da6389d593c0a0581d56e44e0cf1f0ccd91f49db70bc7d4f9fbabe74e753999b

SHA512
81cd9b8ab9584afcc937b6367f2d7bf41f0484c2546ff7570ccaecc5297652e30c89194392977ec620a4085ce7a96512a86fdf090b98a1905f3999b2e7a65c24

Download Submit
C:\Users\Admin\AppData\Local\Temp\_hashlib.pyd

Filesize
280KB

MD5
e24e495a0d16bf58b6b371353987fffa

SHA1
b0330fb21d513e7855dae4209c6f2d9b47dc83de

SHA256
0d4d5d6e8337ae95269535bae6f420386bdb0d6b243c21a922cdaff15fa5507f

SHA512
94f5b988c993e48224c7d898f4d72fe849d0c255a24b937d4f6923577d47db74ac4f9ccd0887890cfc9a3fb745806e04f152b9684143da6cf099ea23b60535fb

Download Submit
C:\Users\Admin\AppData\Local\Temp\_socket.pyd

Filesize
40KB

MD5
8da3672fd8764cf80584a009c2b0b86e

SHA1
4dd98a5d10912b1e9663db3a4588dbf97c42905a

SHA256
098eb607e6932e6fdcf87a399ff864d9d7439ae5b3e9a9668eb2871b5b1a2786

SHA512
3fa14bb7f752ca51401666d0e6000cd2d9f739563f4c74426fcbdc15b5d02c2b8cd0259bee7014f58b2c43209cf93f211b7d4592aa0d2cd180cd0d4de2cf7148

Download Submit
C:\Users\Admin\AppData\Local\Temp\_ssl.pyd

Filesize
704KB

MD5
074bc6e8877d46590b3a6460662fdf61

SHA1
b1a505fe4addcde2f0a4b1c52e968cc6d4362d2c

SHA256
54593c97995b443fea49f5647e079cfe471917aba93caaf163c71e28c6d0ff5b

SHA512
1c2062529d63902e8c33f5add9f5600ba7a0b96c76312d35befc63718dab2490e20168a62e234aab3a385de845629b0eab33746975a66e0913ad29a6d4d71579

Download Submit
C:\Users\Admin\AppData\Local\Temp\_tkinter.pyd

Filesize
29KB

MD5
f2c04577ea845a7221851c178d1a2f1d

SHA1
1c1d782aac61499d539ad51ef48ec16eadcf4f21

SHA256
6c7487dc877e3cdcc8e109e5e692b6f54cd3281d24e9fdfc1cab728a228d5a25

SHA512
b50293576dbb3888f76dcaacf22890eac3193c69ec175e283b5996bdd9ea20d602c08d477aa32b0faf4f72074addd0dd9db2a3424bf69094bd14f8a4c9a48c75

Download Submit
C:\Users\Admin\AppData\Local\Temp\namebench.exe

Filesize
20KB

MD5
1a1814781c8e85f9ad8ff8e2f8d9781e

SHA1
1750d7630cbe977b0a715f4c4b959c1bfa3497ef

SHA256
e6aa34ead07078e64f47a3bddcab27b1e7a8eae8363b75405d87e7d756d27b17

SHA512
8aac64f3b839cf55ea1f3883ab3d4a1b1085f6abada0fc30b9c3b53c7b5d40be767b9823eb7c9bf166e04f7b3ee8afa6dfc6423f28555ec7cd80f178a867fcd2

Download Submit
C:\Users\Admin\AppData\Local\Temp\namebench.zip

Filesize
2.2MB

MD5
19ec1b7be8b3c86c7afba7f478b7869d

SHA1
fb529047b30f36e005b118db0ff544b4b5bc184d

SHA256
fd2401dafe3a5692d90ef7ef1f266363e4eb9bd4d43bb082e1abc5c26da54c16

SHA512
1a1759ef608de2e5e39212b259421c0ea6c0c91b16fd099eb5e4ae3c68c0cd4c117ed15e369e98ccde5da535caea52d534569f5d59d96500796afd80fe8e9ba1

Download Submit
C:\Users\Admin\AppData\Local\Temp\namebench\config\data_sources.cfg

Filesize
3KB

MD5
3b5f3956ffa9c0d94b3dfd3421eff9e7

SHA1
3a25dbb55d8cc17d9b2632e97aa8093331f7366f

SHA256
0ca4cbcd3a98608710ed5ab63ff67aa2d786c1eb7284e330b4ee5a33b89e36ee

SHA512
4b184d2c6d3b8ffede6153c6438d4ecb403ed19101b4d2d1270a4f0b8f8012a132ee0550312b634ca88c4ca8a2a4adff1ac1c87f4e5333da00a8d3486c2fa5cc

Download Submit
C:\Users\Admin\AppData\Local\Temp\namebench\config\namebench.cfg

Filesize
127KB

MD5
d4f014f675fb072687bac68087324f92

SHA1
0b0a831b51d6d41c1ca562af7701a07392b24928

SHA256
96a2f8d67fdba8e0ae6c37763a7f4fa60fc481b1b27f084b1a1b5f15518b34f9

SHA512
dd164cdc4cbedb7a8e241aedcf9b609e8a0b2b6894b3f0cfe892f1401f3ee0c6a9d22127e1eeccf8f6422d08380d0c4bf675204bb36cfe93aac26b9fc0df1efb

Download Submit
C:\Users\Admin\AppData\Local\Temp\python27.dll

Filesize
2.1MB

MD5
0fd610b94ab29ced115602dfd282e560

SHA1
0e09826da78cefd12c90313cfebd15381a9aab64

SHA256
b1a14e2e04e9179edbdc6b102171dce86b977ada23515037a3c9900f4e896cf4

SHA512
a7b942014b28cf1994c5f28036aed92c170367ce3427b57c395529e470c51b40023a4890fe6a43be94aa12e83c61622df495dfccc962bd142d28b3ee9dee437f

Download Submit
C:\Users\Admin\AppData\Local\Temp\select.pyd

Filesize
11KB

MD5
9bde99c2037ebaf2a8777a8df8e7fc17

SHA1
430739704da767fe447375b213c11d1ba2e9503f

SHA256
ac6944ffd02c388701fd874ef58a645eb54a2df264a8a1957c6c6e6309e2d7d8

SHA512
354731a8703db0a86c0edac72ae0d5410d0446dd447dc4691d4fd1d0eb53c04bc1567449e2b19d1916d5c9e515bc2049153639ad701204a8d755b3d9106b256c

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl85.dll

Filesize
847KB

MD5
e86ea681c97f48a082610c9b6e38834e

SHA1
04de511d5d6bb2d5d274faa5de7b17ddbfb9dcdf

SHA256
048ea2404c71448d889b94f092bca796b68205ebfeeaffc21e9292a553986c9f

SHA512
7c1429aaf4d871e3f00804b991dabac3b02d5e9845a288098fd05112ad3593078de8815f8081b9d7bc16845aa9f96427aa679f75458c715fca10a82d2714a80d

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tcl8.5\auto.tcl

Filesize
19KB

MD5
667aacc63fb13a5090f3724f2224a0cc

SHA1
1eb3fd2a8f2b748e8a831a4f13f992eacb22f647

SHA256
33a3078b6ff6f34b5903ef48a8412d89e0b9687740df156d49255222c54de2ac

SHA512
b5f9bafd876bfd8a6fc16186e0d2cd5cf2cfe3bb5cdf35bde42b97edd1610546a91aeedead88431dda983df70014ec0bd0b5683dd377fbdad5f54b360ada59f2

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tcl8.5\encoding\cp1252.enc

Filesize
1KB

MD5
5900f51fd8b5ff75e65594eb7dd50533

SHA1
2e21300e0bc8a847d0423671b08d3c65761ee172

SHA256
14df3ae30e81e7620be6bbb7a9e42083af1ae04d94cf1203565f8a3c0542ace0

SHA512
ea0455ff4cd5c0d4afb5e79b671565c2aede2857d534e1371f0c10c299c74cb4ad113d56025f58b8ae9e88e2862f0864a4836fed236f5730360b2223fde479dc

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tcl8.5\http1.0\pkgIndex.tcl

Filesize
735B

MD5
10ec7cd64ca949099c818646b6fae31c

SHA1
6001a58a0701dff225e2510a4aaee6489a537657

SHA256
420c4b3088c9dacd21bc348011cac61d7cb283b9bee78ae72eed764ab094651c

SHA512
34a0acb689e430ed2903d8a903d531a3d734cb37733ef13c5d243cb9f59c020a3856aad98726e10ad7f4d67619a3af1018f6c3e53a6e073e39bd31d088efd4af

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tcl8.5\init.tcl

Filesize
24KB

MD5
48243dbba86f38463098acac935636f8

SHA1
8074c429015bd29c345c378d79865e289dcd7ffe

SHA256
e05df6facbfd3f1c4ef6861efc177a41b9234729de06aa31566b476b8409b893

SHA512
709cf9f6a829749d2c488977f7d85b90e9b2cc68d4202cd41cb40112e79eef4a7c740b6fc769d52d59323d77d411c5194eb67100ac6151f83858be50b739f50f

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tcl8.5\opt0.4\pkgIndex.tcl

Filesize
607B

MD5
f46d9d88d3cc6634963091b3bdc07610

SHA1
67d9fefb7a5881a84e8021f948747826550c8dac

SHA256
a088e549d18ade683273e31c004daa7e614642fe801afb3861eb85445250186b

SHA512
bd216b84c029cb851a7c6476cb14f3508d963ab9680546f50bb3c542b713164ec0bbc2fb85f63613245184d09935964d9025e35802d2ef1600053a7f7f0a031c

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tcl8.5\package.tcl

Filesize
22KB

MD5
898601cfc8065bec4c1bbd4f23923c4d

SHA1
19cafefa1f3fb472938823e723e12ccb009d7a27

SHA256
8fb50b870a4ac3fc8155c4079b1197bf1cffe95d6c5f3bfdc39ce1c7b107be5f

SHA512
571f181e8dbf14099e9294792974e653ce85e5702555d868a64a2c08bcfd50c37c338a4e114e746d573ecb9066a660a542b9e0d08e2e15920929a2a315d7c987

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tcl8.5\tclIndex

Filesize
6KB

MD5
43a727c946b8f530f6e9035170990748

SHA1
8927c23098098c00d24d526c7d90d6df47c81cfc

SHA256
416d5565a8841d1e8d68b2b68a9b67de5b4af1632fba1933b748ea1ef8a2e37e

SHA512
c5cddd181bf9bb9c557b6edbfb47ec1cf147719eccd5bb3e1a24934db586c1b5777897e6d563574b4dc17ee96922685513f56fc536e2d18d8559fc2a3668372b

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tcl8.5\tm.tcl

Filesize
10KB

MD5
107b5d537eb372b4a78d27d8c28cd902

SHA1
e17bc41346bb82d720e0b0c65b000be1fe8b6e8a

SHA256
520c3f38472506234421c291a713f37b9a45b40968dce32a1021260cb0703a4a

SHA512
b666d62fb4831ef3944aa1d107ac1f74fb0a1a969442445a5e3a02b1e67c53f212fde5641cafc96ac60ea1d714c204a7a212289a232d7c360b94a7352901ba57

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\button.tcl

Filesize
16KB

MD5
0b732091f746f83a536932ff82e2b61f

SHA1
3d55da2a7e95521a3b73e4bdb96d5d2a37c82f1c

SHA256
d038ad1b44d6fe3b66f8b613c498efc1c58c437cc6020f3e887f2b92bb2248fa

SHA512
c1bf52f8264b8fbbba2138f24ccb9af37d08c72f640fbb834eb4743b40d26b99c273e11367595763165ccee7b4bad2fb63164ddd74583aa1ccb370d61ea7c6e3

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\entry.tcl

Filesize
16KB

MD5
6b49a1b5bb12c0f20fd6dc42d3281bf6

SHA1
62a568de41d2305b9cb122c01e4cc5dd731c896e

SHA256
00e8941c48530a2cf05415350ae2a8c371c5153594d349724751ecd4fe620369

SHA512
85930d587fd84450dd29050f7ab22fde079965457f8ebfcebc7bfa391917fcfbb1ab5d178fa44677787eff8f02b5d2a77250c4ed111c5b0abb15e66a854d9dda

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\listbox.tcl

Filesize
13KB

MD5
841c0e1a415708a5d713ba544b77c4cd

SHA1
58ae20026760b48b6536b189142b4dbbb98ad090

SHA256
1f34d51a4051b79eed3cefe5fc8d8c20ebd0acc2629abb2d3efbb6dcf0ccf0be

SHA512
989aee0afddecab2771d797449fad3019d64f2727d8d6d9fdeeca6cb1adcfde1657677f9067e490418ca7d26731933fbf5f392c76e45d47973924d35b766d951

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\menu.tcl

Filesize
35KB

MD5
c1a22bb91bbe8bfecd3d25858f2104ab

SHA1
3a3b1f5eb9671c885ba42f4e32df53db8231114e

SHA256
022f0120b2a6fef706cb4bcdfc8fa9168a12f82ce4648fcde494d02a4456ad04

SHA512
0abd47101cc369939d228924f6a808b5e5d2e1637486e7d8755c3755f5edead347edc50ed3191e66da045a2200e3497bc0e8b65b961852eac4eec7b0d7d51de7

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\panedwindow.tcl

Filesize
5KB

MD5
3998d69727a91ec1fd2d13b9114a7058

SHA1
01420fcd7295043d91c9ce787b5737f806e9022a

SHA256
56329e18e422390c72e5c103dfa720a4af9e833d9abbf190d228c8206d3f6df5

SHA512
9a8754d7b984ddc3811ae7d6d72e2abf2b70b0366471e2db832bee74430019b467721f63af2f04554775113e9c9ec19e273a83c9ea8722393f65a6c08b3a7141

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\pkgIndex.tcl

Filesize
147B

MD5
7ac554d74446747f2607d4b4b1c7122f

SHA1
71b0e451ba53a0f584443c5be93865a2c9175365

SHA256
66b016e728e57f4e98117567bd14d41df93b42883067102a46f29209b74b96e0

SHA512
338a9a7df7a861e3b5602d978b37e3006a4c4f03f1eb55aa685701741de3fa0e574cd62a9b3724b4280e73ddb3ca52ec31f7aa2481705bbb59b7087ed3164a6b

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\scale.tcl

Filesize
7KB

MD5
d8065477c01894a78e80a627a6c56b48

SHA1
a0f1726562a10e6fa1576dd446dd93d2648c6dd3

SHA256
706493877b25ffeb2946672226b3b21f6b6596e97fa450ee6cbc65e820243bdc

SHA512
f3e73e5700ce2374ea6999c68993ed003072aa87299e9e57eca968dc2cbf6cc10db67afa20644eace3055a373ba823bc9625c01fc156200ff12c1de624df17d9

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\scrlbar.tcl

Filesize
11KB

MD5
ad0c0ca61a74fdd174dd1bc4b3009474

SHA1
40ca1107e767809e3e64bbbe96e4414c0ecd42e3

SHA256
25124e960607fbfb152314e9dddc1bdd8ce4dc3cf94b23c6a744d43b5a073934

SHA512
fac6adab13f703dd8638ad5174f758d05676ecd4495035136585768be569aba97d020a0e9c75cc8c6b564622059da3aef379a48cd32ed07ad41a02c6968a7a72

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\spinbox.tcl

Filesize
14KB

MD5
00996e4aa505589bd378ae6870f5e17f

SHA1
5c5b95390175184c67065cbfefeb0fe8cf029fb0

SHA256
6fcd5b2ab2edbdae1a0b71436f833f92edc90715594ec9d59516b7eb6d6ee539

SHA512
4f1268d8b9e6ddac07e0801c15613236dedb765a899524d37610b1a147366f33ef6f79b5ef30fe15b891537de8c4d8ca43a87136c94efdc7f1b1bd721a9fedd1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\text.tcl

Filesize
31KB

MD5
a456b6031d24fa9b7613f973291351a4

SHA1
e4a374395c7f21443a7ecb46a6774584b0b91589

SHA256
3efefef28ea38f94eff80863258ed63b0fab0bf71c8d8d27b69c2c5d29989a21

SHA512
6026992b6508a67ca6327fb01602c0f959a4e35fdc676dd3a6be21e1b23a599fbf50b0d6afada3db6fe58ce8505aa42db67b5d9e12bc87b9f299e3ee54b909c2

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\tk.tcl

Filesize
17KB

MD5
4c9db68e724fbca1ee6f566ec342fa38

SHA1
97cd04b39c62f3b05448e562903ca1416c43999c

SHA256
81f975de646c254ee1bec79df1218bdcbe32d4f379c954bbe487873230fcc8bd

SHA512
97e7efe6b7a017da63622e26cc9336ca6cc2ef1248007dc65384d1a63bb55071bd1cf299d636e4f14bf925057560f8234eafa960f937f2e229c714beef6f991d

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\ttk\button.tcl

Filesize
2KB

MD5
4db861473955937cf4398a41487abeb0

SHA1
c102bd7a06f6a2c64f3530c9b66efe05151cbeaf

SHA256
4b95d0f0f7250a584dd77a3711083c3b91ecf2d924a1c0dc5459f3ccd221b313

SHA512
2e0e4b5a2d3442b4aceeaf8e1db871b89ed3451b664259a68d0199feb823edb36bdab219f7784fa40478ecde8166bc27005e1ff5449e78734b3a093821078681

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\ttk\combobox.tcl

Filesize
11KB

MD5
797a0737908a17f0aef15530d3b4fd45

SHA1
8478074cbddd8dea2912e3c4a8f5b4ebfb87a537

SHA256
790df9d815289fd0e59761ba1375198ea1ced8c9211cda36efe676187d72a05b

SHA512
ef2884dce8f6f0b6d65f77f9a2b003574d0d04ddb7c86a4eee2e17644685a58a2d016ea897f18b3101cbfeee7fb82d29a8cdbe4d0b361cdf27c41cba72be95ad

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\ttk\cursors.tcl

Filesize
568B

MD5
e2870543e6825262043ce271915cf9a1

SHA1
5d699d482d1ed5837394916a96dd60ab4aec81b9

SHA256
2b3b49d17afeb38899f036a379d58fb41295a7355622c3f3d3e264e9ce846f8c

SHA512
d2b5c34ec0a09068f9d1b998199431d99ecdca180da3441d5a63f556bf3223bf83cfabacc354d022f6543d04ba855a479ae2a4ce66a8e2f0d67425737421f9f6

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\ttk\entry.tcl

Filesize
15KB

MD5
99d970c076572e7f640b6ac918783531

SHA1
8b5427bb576b6d232cda899778b70d18830f8f71

SHA256
481c743383f82498d48c6f34b94b516c8421c28825419145739cd0b60c2fee92

SHA512
2d60aeb2932c307f18d16a675d8696c79348e8e801b327c94fd4081acb4763ce31f3614dcc4f575f1588d33366a90ff85b8b260207d55b4b203f874f09652c21

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\ttk\fonts.tcl

Filesize
5KB

MD5
199c12b576371dec20348c3fff998c3b

SHA1
d0d1e682d64923af87ac6ebb26c68ce491c154f6

SHA256
be27f834295a5229efbed9139ae20f9247cdd1c34833a051b95a10b1ed551e83

SHA512
959ab4036df7501afd8548e3b5d792ba1f02e1b3dddef861e9e7fad827049a7665a3a6c0556ed1668214c89069ffadf64a8cf09ba4edea6cd9354e886810302d

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\ttk\menubutton.tcl

Filesize
4KB

MD5
e348301272477daf7bec0c62c3d7a3e5

SHA1
e127300b26bbc1d62c1b4cef665b4ec58b70cb54

SHA256
2e0e8bd1af66d3fb9d8de5f336d5c4b92cafe803378b15ec578279a248c8ceed

SHA512
46ed5ba2f361cb7949e117b0e1bb77b9980efde01cd5c9a003347e8bdc9206d7dfcd474037fba86a2a83ba255411e1b1932fff8cb064a02a8851423690fb8c42

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\ttk\notebook.tcl

Filesize
5KB

MD5
262fbf776a88f01534cb039601f793ef

SHA1
c42d3b2e06dbfcc3c80528fb4f259f107091ab78

SHA256
83c6389ed103013e8fc995e76c0a7db76da3e116702bbd693748353117089070

SHA512
f9ad63662843868ebfa335769dc28873a4da0ad2e30e01752a0b1deff3637a15515503569f63beb4df01ae10ea363c799953cb2bc532d90eff7145f7d43793a7

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\ttk\panedwindow.tcl

Filesize
1KB

MD5
a47a24d0361208c2f8039722fa8115fb

SHA1
9ff360273a86cc34e2491ab531268232f5cf59f3

SHA256
449b954cbbbd36b0baaa713a3a8b7b93c74d67f128b349cd83f6f6769215bebd

SHA512
cdda1add14c80bff810802196d8787ca044e5dcfedb14bec034d6a359120eb55205e3747f08f3319940c5db25f8d7d5b0b96e4cecf266c236b32dad3ebe81e94

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\ttk\progress.tcl

Filesize
1KB

MD5
3322c91be4101063f2055ced6f844422

SHA1
7dcb3b220221ca4a66b645d62bbf1702f28180c8

SHA256
4a2b13191b8ab3a9d37db209ed2d63684ac699be10ce2419ddf076d47bcfedc9

SHA512
556bdd9b1ca442cd247069d7b80c52de2535e510da45958e9628b23e5479fb8387182cedfa365f24343e6f488a521782835e7afc9202d4da94f60183e5a408cf

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\ttk\scale.tcl

Filesize
1KB

MD5
05626fe8be96b90dd03e1932d98204d2

SHA1
55a747ff3f48a5090c28e1396ab24ee627d4c2d1

SHA256
bb85d970862e0052508496b08e424a89cbf5742b918e1fa0e41f00b464880dc7

SHA512
a165c577b2c927bdda582dd221e1d284303c52a32801e263cdfc8235326f76e0a596f915f8db03cb2b1a303a442275b8f65684a2e98ca7f1fae5569ac6b9138d

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\ttk\scrollbar.tcl

Filesize
3KB

MD5
7d5d83b5f7183e8cd99a69f98e1e0fae

SHA1
4e3b7003b1b85713b03e803711fa27252940ba36

SHA256
b4c416e3695e66888530f1cffddacc84fd07df47ba4facbe90bcaabb3eb39344

SHA512
d33da8f87d1103d905c6712aa699e83ba30fd4f8be693a689897196b4ceba084058772de63339a8cbdf574fef3c345ea43ae83eaa7ac7e7f149e3154fffc24a6

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\ttk\sizegrip.tcl

Filesize
1KB

MD5
e2aebc2f1b28208161af031c7b4fdcd3

SHA1
6f91a08d21c379c85a4052233044f384564f92a6

SHA256
23d5b53f7bdb819dc9101a54eb4a9abbcd53b6ba00c61558d5b65985fbb7d555

SHA512
e0b05d3409964676cd8a1429e9c8037047a64493ec4df6812c5f5e4ed2cb3183b05d27b939cad5fa92de142e957407cd8c43ed45c2d598cd91c64790145f8f92

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\ttk\treeview.tcl

Filesize
9KB

MD5
2fc04e411e2e9ac3eac432e3a955910a

SHA1
7da8545270a382086d2bf0f99c526affeb3ad81a

SHA256
0b3551bece61ea9a86ea487c68afafa55515345d713499c1bea92687f96c0c3b

SHA512
eb375efa8c8e0c5883dac6fe485a7d90ad161ba5ffe38f76f856680bcbf52f5d053da69e2676f51350985407810d3649ad9efca6bc8560341cfcdaedffa5d42e

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\ttk\ttk.tcl

Filesize
4KB

MD5
6c89372414ae961d9695606fbd0e19e2

SHA1
f3a6ab451aa2e2f11aa29ec618bce709e52f5a0d

SHA256
50ee0fe884695b7f3092ca18193c3c8d141f0c490a0fc00b67d4a0abf70d9f76

SHA512
f03bbdb8474a9d3676ae952c13eae3fffa7ac4f6f84552cff5fc58e31eb88c320ec6826092f55eebb43d7ad620fa0a456354e6911d7c458cc1a55cb456f5c0c7

Download Submit
C:\Users\Admin\AppData\Local\Temp\tcl\tk8.5\ttk\utils.tcl

Filesize
7KB

MD5
05296053bc23aa3cf08f6df590c1ff36

SHA1
16b4b73a0ccd00031d28bd5d0638b2bbf53a6e2c

SHA256
4684904b7785b08667b648667d98d40ae3392506ae3b8089ff81b5dae4f948bf

SHA512
219bf4beb4147a427c4ff358c85f1e05f36a5d29e198986ecf1ed8957b539fa22a2a957f308f53df48a8d8d62df85c16ef50df4b103c1e2c0ece254a5d2f1399

Download Submit
C:\Users\Admin\AppData\Local\Temp\tk85.dll

Filesize
1.3MB

MD5
72f95604065ab9f1bfb3ff0475a417dd

SHA1
e9b17fc1d6c0ff8c96e1d9f6a54ef6e9680c2c2c

SHA256
befac4eddc2da4cf21c88f04d73f3ff25641da1aab60a6ca5b2e26cfc36ed6e5

SHA512
5aec900b675d803dde21e64db003757d825f91ccd070329ae0c75f5a9f429d28c168318795d5da6c26d9e50e0704d52416a7e44bde8986905cd964f236b98b41

Download Submit
C:\Users\Admin\AppData\Local\Temp\unicodedata.pyd

Filesize
672KB

MD5
0814dff690c687142aa98c9a99a8ee21

SHA1
912f73d95fc84c711170162126fd7fb8fe088dbf

SHA256
d663ec6f7d95990f1e84f6572870b26e695ea5c2793bf2990e868d06453f1a6b

SHA512
337756e95aa33b0c15e66e132c7d0586e5b2fd89868aa6336097fd5c318763fe8f577200400313d968e62ed468dc66b11348eff6a2a70c822e68658b9fed034b

Download Submit
memory/1348-0-0x0000000000400000-0x000000000041B000-memory.dmp

Filesize
108KB

Download
memory/1348-375-0x0000000000400000-0x000000000041B000-memory.dmp

Filesize
108KB

Download
memory/1348-16-0x0000000000400000-0x000000000041B000-memory.dmp

Filesize
108KB

Download
memory/4684-385-0x00000000021E0000-0x00000000021EA000-memory.dmp

Filesize
40KB

Download
memory/4684-391-0x00000000034D0000-0x00000000035A7000-memory.dmp

Filesize
860KB

Download
memory/4684-381-0x0000000000610000-0x0000000000625000-memory.dmp

Filesize
84KB

Download
memory/4684-363-0x00000000005B0000-0x00000000005BC000-memory.dmp

Filesize
48KB

Download
memory/4684-369-0x0000000002C80000-0x0000000002CCA000-memory.dmp

Filesize
296KB

Download