0f7d6823ebff259935e259e5ae4fde5dce8f5adca69a4ec02b54d757b517d763

Analysis

max time kernel
223s
max time network
256s
platform
windows11-21h2_x64
resource
win11-20240221-en
resource tags

arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
submitted
10-03-2024 09:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cMAM_3.7.8.exe
Size

194.4MB
MD5

aef5f6f535f8edec64ee7cfe6bad3733
SHA1

3b2dfd3784601b5ffd13c60c76c9526fa4dfbf2b
SHA256

0f7d6823ebff259935e259e5ae4fde5dce8f5adca69a4ec02b54d757b517d763
SHA512

30330f604aeb67b11ebe9c1efa3bc118e44d1301d0a9d7747ff9982f9af2a44cf7b1b5d8f801645c50ca1480232505e2779cfb4116f73ef94d365cbd27d257de
SSDEEP

786432:6T+n9tsjjq2GYYQb9R45DDsOS0uDRulaOEmesyQ7oCB+HN5o8m9AtfTtLwSTRpfE:W+9HG4S0MUEmk6oCB+HN58cIvFturWTt

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 64 IoCs

pid	Process
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe
1116	cMAM_3.7.8.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1176	chrome.exe
1176	chrome.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1116	cMAM_3.7.8.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7fff17829758,0x7fff17829768,0x7fff17829778
1⤵
PID:2184

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1652 --field-trial-handle=1816,i,11027206362908639002,2554572069256685963,131072 /prefetch:2
1⤵
PID:1040

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1816,i,11027206362908639002,2554572069256685963,131072 /prefetch:8
1⤵
PID:4332

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2136 --field-trial-handle=1816,i,11027206362908639002,2554572069256685963,131072 /prefetch:8
1⤵
PID:3404

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --mojo-platform-channel-handle=3060 --field-trial-handle=1816,i,11027206362908639002,2554572069256685963,131072 /prefetch:1
1⤵
PID:3504

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --mojo-platform-channel-handle=3096 --field-trial-handle=1816,i,11027206362908639002,2554572069256685963,131072 /prefetch:1
1⤵
PID:2628

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3520

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4184 --field-trial-handle=1816,i,11027206362908639002,2554572069256685963,131072 /prefetch:8
1⤵
PID:2464

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4772 --field-trial-handle=1816,i,11027206362908639002,2554572069256685963,131072 /prefetch:8
1⤵
PID:2836

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4972 --field-trial-handle=1816,i,11027206362908639002,2554572069256685963,131072 /prefetch:8
1⤵
PID:3080

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=10 --mojo-platform-channel-handle=5040 --field-trial-handle=1816,i,11027206362908639002,2554572069256685963,131072 /prefetch:1
1⤵
PID:3148

C:\Users\Admin\AppData\Local\Temp\cMAM_3.7.8.exe
"C:\Users\Admin\AppData\Local\Temp\cMAM_3.7.8.exe"
1⤵
- Loads dropped DLL
- Suspicious use of AdjustPrivilegeToken
PID:1116

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3740 --field-trial-handle=1816,i,11027206362908639002,2554572069256685963,131072 /prefetch:2
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:1176

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
92f346b4216e4b6023cc17a353fac8a6

SHA1
265f834fb21e8e1725eee216b00e295add1b6e8e

SHA256
056a4a71c5141c90bf65aaf3709b9c57c6b13bc1d4ed0ad9d2a6e345b1b7a025

SHA512
e3f680f9e8127e203242feb1d41800b90ce5f2eee45ad5a63b0d635b7d6e90a1ba4c9e9f8d24361ef184665b070b6828cd931b299c6f0e5fcada8ae99601500a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
59cf721508b28e2c9ab6b7c597088a7b

SHA1
f98290a138ff6d533913d0b8eb58c97c2135ff95

SHA256
7dd37864e0489452534b32be8eb1ef74e87ad48ae924f180b16f98ee7349cc3c

SHA512
67ffddc8b53fe4b617a795ad71c06a8c00e1ef181921e813acd4d9bea23da608dbeda341955aa77fd53285170c411817da9ff33823562cbfade6ad014486db87

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\Data.Core.dll

Filesize
24KB

MD5
3b4931ece825ac5fcd3f791f8672867b

SHA1
1ba84e233ee5a506271eac09ed5090cd5fce0061

SHA256
d074421e0b2a68668d91122ddfa59c1d8c9d4a59ab1029b870f77523d9ecbae1

SHA512
a679d27a538fb8655c198cf14a7aa0cee87f7341c5b002539a20900f4bfca9a732be39b0bdd641b9e3188a2b5c9dc00b368195626d4007aa6caae70dfe613261

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\Data.LiteDb.dll

Filesize
23KB

MD5
d4af49eb8ee4352308ad183daf814d6c

SHA1
f66215ecd5a85b53223fbc27a39d0eb002c9d41c

SHA256
eec7569328c0a432ab3621be3f5e512119b193b5db0f1737e257b331d8f645c2

SHA512
4c34f43dd3774b04d6b1ece1460545d18df144a4bf845085495a979f88c0f9cb5aaa629507ea29b351567fd7b3e035e77c874926aaf8343eed07eb728ac66268

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\DirectWriteForwarder.dll

Filesize
491KB

MD5
c6d0654f83bee8ab869c76cee16a5839

SHA1
9e0e37233c807a64917754d2160cdab655816dfc

SHA256
e974b6fdaa432ad52714bba634e6c22375d624c1f82dd7ca0e2bf230b340e150

SHA512
c84f426f8d4e9fce2aed6b9168b3f7808c333bcd2608c85dcd16e1ace324f357644816d91235455aa524daba423aae5de4315de11da52ec4b2a6db205ea37fd0

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\Logging.Core.dll

Filesize
11KB

MD5
f892a148eaa99028cfe310bbd0fc0580

SHA1
fba212a58f12356f7f1690a80f8127a43b64fd34

SHA256
8f118ad337684dccf53e7496a31406eae330eddf1f73bc756f6f9c1e9598a5fe

SHA512
20d3aa410e789740ba5c3f9e0b21c03e409e936c721407cb96d254c14f7b8e58bb89fcc2d018c3454f1d9a5f0e855240a1b997b1ddad0d84bded678b70fa5bee

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\Logging.NLog.dll

Filesize
12KB

MD5
1665bef8bfa2f167591350e587e251d4

SHA1
9143a7df91eb339b36e946861302a3ec6c488505

SHA256
871c765ec82460f615777d8e9b4d2a4f64c13f2a48d0750978bc0239d8101312

SHA512
de6e1d0c3ed47861c7d47dfb1f0245c989b0ff8f856d6dda7c377b5b3bd96a30374f91f938bd2a4f6e1241a2780e473a74773db9f5a23489b49354899a725c15

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\Microsoft.Extensions.Configuration.Abstractions.dll

Filesize
24KB

MD5
134885709f7087d3a1bad3108179578a

SHA1
c524c7d46a343b75a64bf52b19e3c70c453f9061

SHA256
e4eb5eb7e28a5548cd904fe1a9c3569adef91f52b654db8a3c56a0a5177a09eb

SHA512
8d7016036e22e32cb5d34725d5b07667964ca593c78b986807ee45e09fe498145b8fcfcd46e28f1aa1afbe78d3e0eb14d3b08cfd51060bdef389b92cc1c5e974

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\Microsoft.Extensions.Configuration.Binder.dll

Filesize
33KB

MD5
90e58d5a0eb7af2cf55bb8022821e681

SHA1
144c4fa6c3cef6b532ce7b7c3c27753bda514714

SHA256
c0d2a11b73afc7c8eac5bb1ccf60002e5b132df23a18bd9dc8385eeb7992b283

SHA512
7a94e80a09b6dfa069d5c8f89f84d9c63b683a8996e914d66cb7867b5bad9af3a5b723d215fcea276bbd29605837ab357edef2d7876cb72aef9a4d1844e48ea0

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\Microsoft.Extensions.Configuration.Json.dll

Filesize
25KB

MD5
f632ba94ae101b3a171d59801a2d5c19

SHA1
182a3cdc49febc6ce3f96056c399af1311129af7

SHA256
476f3fcb02d6c48705c4ab43223d08c42f9b5e2e2ead7e811de2cbdb847ebd34

SHA512
b074266ec3b4bae741beeeb6fe8c5cdc759c541dd0a90b0ee6082ded8ffcb2bec15717cd1c646746b452a51ea0b08d30dd47b7ba6d647629b374651036b25a48

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\Microsoft.Extensions.Configuration.dll

Filesize
35KB

MD5
d7ce22d25b8f8ea05f0480291fac550f

SHA1
783fe3de87c8f617d52f662a6f0219c7fe98ed37

SHA256
73cc9885face04b1273818252d3bbda5e5d26c90f0169b93e144225d2bf6f0e8

SHA512
59ce8b737e6382bea149bebbe4b26a9c4803978ce8bd59319b5afcf3dd5776e44c0d255ce99a19319175b2e31d61dbcd445f685f69fbf0a25f8f27658b857a07

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\Microsoft.Win32.Primitives.dll

Filesize
24KB

MD5
dd8fc34eccdb3ae60fc11b713ca70d9a

SHA1
7a3f8e77332486ed0d4ecf81586298bede0c5810

SHA256
71c40c1bbe7043ec15b4a209a68abfbd7cd34fc0dafbcfa14bcb8dc925d84851

SHA512
c9940da634d1f8a0556ecc1f5f4e807028c5480627d4a2542253c238a6c9e2a5552e7d06e8c807741fd69ae1a70f24fc9f90755a3fe8673c415f12a7c2ab9c37

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\Microsoft.Win32.Registry.dll

Filesize
79KB

MD5
5b3c45bc7caecb3f3888a1b205cc4f31

SHA1
23f5c915b199f091e4acdd4dbd2a09dca4b4daf9

SHA256
da9306ede2cad443b97a674671874d9cc7be14c51abc697c8cb1024bac0fbb4e

SHA512
86528256b2747baf915b47b4066035b9f012e816eded6338aa2e830433131d3ed1030dc0d1e0b4d04feb17a1e2ec594e28ee51be8b6a21e745cd0f0caea5bf82

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\NetUtility.dll

Filesize
23KB

MD5
7bde0e323fa9637a844b3f3eb2aa90e3

SHA1
b9e920171a08801ff6ebd315da56388c8856b136

SHA256
5ed615f18760807b8267f39cb9199379017400d66791a40b61330ca07a256a0b

SHA512
9e82aae7efb7fd2a48ce67f1b83f3428da6a3b6f3f9d39fb03ce0316f5ad569c54a2919e2353adcdd2de36834a0aec2696f0ed91c36ec1225ed8095cf95e2883

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\PresentationCore.dll

Filesize
7.8MB

MD5
2dbbfd5a6a88c9f815241a61446b9965

SHA1
7b2540ca55b89d8cbe084c88ea32224c2a3d219d

SHA256
85045c57c83bd6be7db2be36f4a4a6ae9032873955a56edf9dc705a4de5def14

SHA512
9b6b362205dfa26328c99ff0a83d402efa3e3d42da24e0fc41cc68ef854d91d4bb36793c17e13a95e561841050ff3637fb1a00b733b93966b783921fb2cb68c1

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\PresentationFramework.dll

Filesize
14.6MB

MD5
5203240d7ad2c3e409744734f1290ab8

SHA1
18587b38ccd93a1768cec6c9e60236ce17e119fd

SHA256
d380a13fee2fd6ae8f3b82bea420e76795f0a3c2d71ceb45dc5e22fd65042bbe

SHA512
398069622298b0cc4974662b3bdb5ddd74c4332fa36b43fd728bfe4fe5ca08282e05db1c08bedd6fd8152577e6705f2a373c5b2b33a15d5a83c89ccb0fcba2d4

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\Prism.DryIoc.Wpf.dll

Filesize
26KB

MD5
bd3f6009fc2b6a04bb3401c0158a2868

SHA1
62aeb021c1fd18dd4bee4e3c6947571738582819

SHA256
ad1666c83f2554b09396386fcec856f9b3068b9bc2a29f13c08d3ce0c23d7d4f

SHA512
83e4ed6ff4351056c2003d776cb15916f280f1cd3aa4c6ae6e4cf982c0b69e21c1ad3c08d0ee4b3fbf7861f9b231f5ddb8735a037ee7beb76c1ac485fe49450d

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\Prism.Wpf.dll

Filesize
132KB

MD5
7a103c5bde44976ad0627443af2e1a4b

SHA1
55e4bb694cca644846bd4a39782d76d9b4996480

SHA256
c3b44b118486a5d74d696c14853e5306ec893dadd0be8ea6f404edae8c66f2d3

SHA512
8ca0142f855f776cd610c5e9e6ed46bae8d980deff2a8916c8fb4356d516d1f0d9b8c0114f456740402f1de1ea55c5eb4f797bb04f00196c7a647fe212e50836

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\Prism.dll

Filesize
89KB

MD5
0877a419afc7306cfa2d301e314f0548

SHA1
ba76afb78636546c5dd73162bba7a98ae3b34724

SHA256
92090c9c3c5195149885be91aa469b85d2cba9a215cb3bfb65e93945f33d852b

SHA512
5e3ac30005f4fdee8f85d2a632415bef7a9722add4cfc59745da9a41e87cf79e5c62a0c2fb52b79381495be94f7b7d0ec3a455f0f112e7b0bdaf63d6b46c6bd1

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\ScheduledTasks.dll

Filesize
6KB

MD5
ea0df33fce2f4928e53ec058088930de

SHA1
a7313b23316bb68aec6977e652fc85f48d856aff

SHA256
3af0fa63edde56201ea480b4967c5a337345fec7c5cb280e2dca5f5ef099d5df

SHA512
679df169900239cda6241cace2adffbbfedcee1a768ac480fe2b40e240c1420889dfbeeadff62a33079b4052ae214557e0e9c2ea3405260a97d5ac290c9885a8

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\Services.dll

Filesize
8KB

MD5
f6c38e755e5e81894372603096025691

SHA1
3dd3ca66b35459de538a317c929762a2fd94cec1

SHA256
000cc59bc2b899cb28649633e221d5d0aef7e006fe91bf866f8a6159bdf3c709

SHA512
f0d192c4964e08109deb8cb8a7f1b6f95cf22a896b991c912df8e959f8488d1d50a58de19f79e8d5a510a25741be1b261289514c6ed9e5d0ef01cd0ca34dc5e4

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\SharedModule.dll

Filesize
52KB

MD5
9ff76599a30764dfafca48685968291c

SHA1
9172850003ada2f35fae8a3941df89a316a8a229

SHA256
4d1e1451acab0eb106612a1286afd6b96481c5772ad5290933c68187be3d2775

SHA512
7811ea71400aeb336e95f1e0b0245ef96a7e183c7d49578057a6aa81b771a3cb3fb5760a8c1c6b8d28c1d93b30a70e1e49b4e1f4ebdd9499d794b9a771787383

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\System.Collections.NonGeneric.dll

Filesize
88KB

MD5
79e9657babee887d62ae9c44198f29f9

SHA1
17c6b6adc4b4d20c32a7638ca9e85e3771ca5524

SHA256
24fe635ff8d1e905a14bef0ce046793f10adf8c4b074a428072a96c1f86b53fb

SHA512
88a86c7a29153032e7d2dd918dbe7402fdfc923e6b26e4af16730ab013f0869bdf814c96ff4590b06de214d4893f16742f9d1a158d9e6f46837ee4145c3e7878

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\System.Diagnostics.Debug.dll

Filesize
15KB

MD5
33db322d9dc2d1533b53d297cbfe525b

SHA1
56fa93a1e598d708e1c00b0fc4453b3ce22a0aae

SHA256
592d5b4d74fa0c22d73a5f3beb43914d163ffe0962f427c4889521cc8ed355c6

SHA512
e420f9a752856f7d2a13873b9c98d51d6f415f78f22fcb7dbd80005b4682ec9ba2dfe605ede0bd0a7673fec788e9bec8a2d4e591be5778b74290677bf724ba61

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\System.IO.Packaging.dll

Filesize
246KB

MD5
960ec7bf7571f93e1fe8a88a0b7daefe

SHA1
13e88ef6c0b275910fcbef91bab93e028466da41

SHA256
42af5552abe6bc9123d39ac42aba4cd8b42d3939c48f15f094cc443a0eb7ecb2

SHA512
ff7694e8dac2f9a0c6961d548a4b1d28f757fb43e4bafc509a2327e6242e735768071e0f7562caa696c153a33ce450544d7b691272f3e22b7e5f703545253d8d

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\System.Linq.Expressions.dll

Filesize
3.3MB

MD5
95d02b2f94b5c8b76744912b39750c6c

SHA1
595ff1421f4675d017c597ee0087b8c776f684be

SHA256
64b72ffe724559aaf7eea5dadbc545f54bf5971b8c135e7af1185a1de847accc

SHA512
7b9f929baf978980378b11bdaddc9313bbc8dba0ecb1d455b625c40fde388ca9f5da0f0dd1819f24f547b01551f3c546d077fd509439d1435e06fb792e038614

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\System.Private.CoreLib.dll

Filesize
6.6MB

MD5
71a3f3c7f503b704c1840ceefe3075ce

SHA1
637adccaf7ce4baa2da906d79c8007c121dde8b9

SHA256
0293250f3cd99ab1c6c6e61caa97d9bc0dd30308d9f25bb4ee071204a368ddb3

SHA512
a1db7dce8b2448ac16ab7be1aa480da5f242c18c3ff2f1f5d3b3f8de914d2302c29c0b7d0e6f78c3dd4790375bc9e2595466b3e4abce821f442befa6cced59db

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\System.Private.Uri.dll

Filesize
241KB

MD5
85c8cdf1060fcf027e3c1dfe32b3d88a

SHA1
307bc2fb2cbef8a4ed5bd48fb136f5fc968e7b46

SHA256
0dd85d0273ec0f1a5598de915d5bada48391490dda73f2d00043ca79c9db91fd

SHA512
c69568ff6e65a1a537e7a6425d524c9f62b100ad2b40b025f2ad438a76d0352d107a0786d6c769c3389a1a3f41efc5f205723c146f5d4653cdcca44398344a6f

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\System.Runtime.CompilerServices.VisualC.dll

Filesize
19KB

MD5
b5bdfc48cb00712cc4fdfd0b06807cbf

SHA1
6dba2aae1515f218f997ca7f6f438e4d4437bbb3

SHA256
aba608e57b8c5bf82b52db4fb04302c29580e872c29731f41a9f18bde71b633a

SHA512
0a887dc55b89bbf3e6bd19fa4229cc1be4ba95258be2deabd25654de4a083010f3164183df3f2c0173f5f111b83878a0257f57bf38e3b49dfb28f902df5e7f15

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\System.Runtime.Extensions.dll

Filesize
17KB

MD5
658ea779cd19c2ba6e65f1c79793d72c

SHA1
fa6c0f53a60bf457d31842426e5dace34ce27809

SHA256
f00b63582805112e6b0e444d76fa91e836f532d67be6a457cd7cafdec7870d4e

SHA512
c75af64dce124e18a623d84df75e1892faf496e19318152ac3eed80e79b8146e55825b4184b05cf8171c592e9a9e2b1d156cc6ea62695df69df5560939d8e6a6

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\System.Runtime.InteropServices.dll

Filesize
48KB

MD5
b86fa37517caa610e3c844e33c3f0340

SHA1
b26da61ab7351430162d48bc32d5ec23344303b6

SHA256
c91b7f744a85af95edc5fd9c0d1dcb222cc712e184574debf24a4ec2464dbf4d

SHA512
0fb0f7c135043813a22e049eb8de047660233e49678e5fd4f019b646e455db18d065c09c81f3b3998fa40afbf985b85966cf79be30500ea513bba71872b16065

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\System.Runtime.dll

Filesize
41KB

MD5
7762aed99d5f783862b71f1855da2653

SHA1
24a603bb513479617997553f3d2e672e8594228d

SHA256
df44ffe9a56d13d8d6fc3c70ded4beaafa69f4f29a3ee1518d3ec17e4699df93

SHA512
39a0bf11761efa6a7117a0c18ff86bdc0000cd2af23a40780af85d955b0b0a8b54e73aa543533f2695de3e939f0a13062379e1c745f08eeb907179d75d5d8177

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\System.Threading.Thread.dll

Filesize
15KB

MD5
58597876acb81e60e07e0ea3949c96ae

SHA1
e55d83806d5db3e11f165c82b48ff51b4971b7a4

SHA256
48651fae2bbb243ee55b2a320639b96c3e08f7b62d6601951faeae0b01d9b959

SHA512
b02a029494d0c1a8e6890ac45dbf92c9d3dc5f23cbcd48381864c7897a6b49515c0327f87c1fa09c3a05b77beb582c6e1d48e847c5f364bc6ee629a5c3539b5e

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\System.Threading.dll

Filesize
75KB

MD5
94a1a6a5a0ffc66f860f78d076de5fb3

SHA1
593893edda64b63cb90e8ef5b778a97eee3e6ea8

SHA256
409884ffd47f53efb57c3d0df2e77a0ff30058c2751966b8f02a36c55b6c3741

SHA512
8d75dbdfe1c419e3ed56c0f2798118df18f1173b4bc3073fa9fa460bea1da4e2161776813f830cfa1e01601475d269ce844a739e57c4f5d5f17f8f3f5f304eee

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\System.Xaml.dll

Filesize
1.2MB

MD5
a883d087f9442e149539f409cc9603ae

SHA1
7b44a0a5cb899094c48ce4517601c3918f3917f7

SHA256
27cea62d4ffda68c962cf1f5ffa08ee8020a94d278be39291322741f9d2046e5

SHA512
36ceebd9322e2061cb718b7b96b0b2b9a526a825f0e8f1d0e9b792ef11a5f60b92d733bb16f60d3115ed262b901aef51256b859c24f4dd1f3f5f4c3e47b02197

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\WindowsBase.dll

Filesize
2.0MB

MD5
60c031c6fd9d6b6a4354c0f6c50e94d4

SHA1
6035580a7f1d0b3e3cd91b48a38f53508c1ea207

SHA256
3a3331529c0892451861836be2155922f4b0084d211b277350c37bc9f4e418e2

SHA512
1eea773c66ccba761d6a2a2706d2392beaa8e990c72060b1977e05aea3ea8e97d1cef1a7ce15a8d3dfabedb18ee667182ba70014d653b9209cab1ec9cee35462

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\cMAM.dll

Filesize
474KB

MD5
92b53855a61bd1e24cab65c82b2ead63

SHA1
9fcc932a5fc2c1a3dcd296e35503250f88165f29

SHA256
6849ceeb0a052e6abe41edabc6bd76de8c53759c2832807bf8980fb5dfdaeea4

SHA512
fddbf97da12977bc4e3779fb7f08723b9203f56c50c7672513af71447009fa2e196823f2bca5e9293db0bfffc8c0a974d1c08219163cfe6cddc49309af946aa5

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\cMAM_3.7.8\z9+qBM3QyqcshiMJNHgQ4J1A9qJhHhM=\netstandard.dll

Filesize
99KB

MD5
5e81a5d94c445ba0252c744700041957

SHA1
398ed8da687d7a29e1fa10370bb87caa6d3cbd6b

SHA256
cfc1c418e135058f8de93563332e8378ce0465794b6d0b2bcae10d8f35712c52

SHA512
6b08bc0ba83ba2a4d33d7eed2b4e6b2d656dc2485a9341cae39010e5a94404f35a96af655a399e7a90ec41aa97dcc2c938f32c6df79cf5d9e67f6342296e6a22

Download Submit
memory/1116-554-0x0000000000E90000-0x000000000170D000-memory.dmp

Filesize
8.5MB

Download
memory/1116-891-0x0000000000E90000-0x000000000170D000-memory.dmp

Filesize
8.5MB

Download