61b102e6f06bd4c2f350748a35626469e221355b44e289a066d73bc40184b2b9

Analysis

max time kernel
93s
max time network
131s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
09/05/2024, 22:06

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

SupportAssistInstaller.exe
Size

1.2MB
MD5

52156bacc0f203806c336a04b6ac5fc3
SHA1

653afb931d79d6998c978703f5e34ed929b0cf54
SHA256

61b102e6f06bd4c2f350748a35626469e221355b44e289a066d73bc40184b2b9
SHA512

d0c6dc6ad347d7b1a8d2efa34e0ee4233f43c8cf1fe2b150ee50c7160b14b6915fd81896276012513cfe0262fa37b41e45eed144082c52048a58dcd0c25cd22f
SSDEEP

24576:e/oe9YJLnbCQM0rbOwG8ihLXciDZZls8H9xCcjUtFTgGHV:33b5FrbOTLXci9Zj9fUtFTB

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
2608	SupportAssistInstaller.exe

Modifies system certificate store 2 TTPs 5 IoCs

Install Root Certificate

T1553.004

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\503006091D97D4F5AE39F7CBE7927D7D652D3431\Blob = 19000000010000001000000091fad483f14848a8a69b18b805cdbb3a0f0000000100000014000000327fc447408de9bf596f83d4b2fa4b8e3e7097d8090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b06010505070308530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c07f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b060105050703076200000001000000200000006dc47172e01cbcb0bf62580d895fe2b8ac9ad4f873801e0c10b9c837d21eb1770b000000010000001e00000045006e00740072007500730074002000280032003000340038002900000014000000010000001400000055e481d11180bed889b908a331f9a1240916b9701d0000000100000010000000e871723e266f38af5d49cda2a502669c7e000000010000000800000000c001b39667d601030000000100000014000000503006091d97d4f5ae39f7cbe7927d7d652d343120000000010000002e0400003082042a30820312a00302010202043863def8300d06092a864886f70d01010505003081b431143012060355040a130b456e74727573742e6e65743140303e060355040b14377777772e656e74727573742e6e65742f4350535f3230343820696e636f72702e206279207265662e20286c696d697473206c6961622e2931253023060355040b131c286329203139393920456e74727573742e6e6574204c696d69746564313330310603550403132a456e74727573742e6e65742043657274696669636174696f6e20417574686f7269747920283230343829301e170d3939313232343137353035315a170d3239303732343134313531325a3081b431143012060355040a130b456e74727573742e6e65743140303e060355040b14377777772e656e74727573742e6e65742f4350535f3230343820696e636f72702e206279207265662e20286c696d697473206c6961622e2931253023060355040b131c286329203139393920456e74727573742e6e6574204c696d69746564313330310603550403132a456e74727573742e6e65742043657274696669636174696f6e20417574686f726974792028323034382930820122300d06092a864886f70d01010105000382010f003082010a0282010100ad4d4ba91286b2eaa320071516642a2b4bd1bf0b4a4d8eed8076a567b77840c07342c868c0db532bdd5eb8769835938b1a9d7c133a0e1f5bb71ecfe524141eb181a98d7db8cc6b4b03f1020cdcaba54024007f7494a19d0829b3880bf587779d55cde4c37ed76a64ab851486955b9732506f3dc8ba660ce3fcbdb849c176894919fdc0a8bd89a3672fc69fbc711960b82de92cc99076667b94e2af78d665535d3cd69cb2cf2903f92fa450b2d448ce0532558afdb2644c0ee4980775db7fdfb9085560853029f97b48a46986e3353f1e865d7a7a15bdef008e1522541700902693bc0e496891bff847d39d9542c10e4ddf6f26cfc3182162664370d6d5c007e10203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041455e481d11180bed889b908a331f9a1240916b970300d06092a864886f70d010105050003820101003b9b8f569b30e753997c7a79a74d97d7199590fb061fca337c46638f966624fa401b2127cae67273f24ffe3199fdc80c4c6853c680821398fab6adda5d3df1ce6ef6151194820cee3f95af11ab0fd72fde1f038f572c1ec9bb9a1a4495eb184fa61fcd7d57102f9b04095a84b56ed81d3ae1d69ed16c795e791c14c5e3d04c933b653ceddf3dbea6e5951ac3b519c3bd5e5bbbff23ef6819cb1293275c032d6f30d01eb61aacde5af7d1aaa827a6fe7981c479993357ba12b0a9e0426c93ca56defe6d840b088b7e8dead79821c6f3e73c792f5e9cd14c158de1ec2237cc9a430b97dc80908db3679b6f48081556cfbff12b7c5e9a76e95990c57c8335116551	SupportAssistInstaller.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\503006091D97D4F5AE39F7CBE7927D7D652D3431\Blob = 040000000100000010000000ee2931bc327e9ae6e8b5f751b4347190030000000100000014000000503006091d97d4f5ae39f7cbe7927d7d652d34317e000000010000000800000000c001b39667d6011d0000000100000010000000e871723e266f38af5d49cda2a502669c14000000010000001400000055e481d11180bed889b908a331f9a1240916b9700b000000010000001e00000045006e0074007200750073007400200028003200300034003800290000006200000001000000200000006dc47172e01cbcb0bf62580d895fe2b8ac9ad4f873801e0c10b9c837d21eb1777f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b06010505070307530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f0000000100000014000000327fc447408de9bf596f83d4b2fa4b8e3e7097d819000000010000001000000091fad483f14848a8a69b18b805cdbb3a20000000010000002e0400003082042a30820312a00302010202043863def8300d06092a864886f70d01010505003081b431143012060355040a130b456e74727573742e6e65743140303e060355040b14377777772e656e74727573742e6e65742f4350535f3230343820696e636f72702e206279207265662e20286c696d697473206c6961622e2931253023060355040b131c286329203139393920456e74727573742e6e6574204c696d69746564313330310603550403132a456e74727573742e6e65742043657274696669636174696f6e20417574686f7269747920283230343829301e170d3939313232343137353035315a170d3239303732343134313531325a3081b431143012060355040a130b456e74727573742e6e65743140303e060355040b14377777772e656e74727573742e6e65742f4350535f3230343820696e636f72702e206279207265662e20286c696d697473206c6961622e2931253023060355040b131c286329203139393920456e74727573742e6e6574204c696d69746564313330310603550403132a456e74727573742e6e65742043657274696669636174696f6e20417574686f726974792028323034382930820122300d06092a864886f70d01010105000382010f003082010a0282010100ad4d4ba91286b2eaa320071516642a2b4bd1bf0b4a4d8eed8076a567b77840c07342c868c0db532bdd5eb8769835938b1a9d7c133a0e1f5bb71ecfe524141eb181a98d7db8cc6b4b03f1020cdcaba54024007f7494a19d0829b3880bf587779d55cde4c37ed76a64ab851486955b9732506f3dc8ba660ce3fcbdb849c176894919fdc0a8bd89a3672fc69fbc711960b82de92cc99076667b94e2af78d665535d3cd69cb2cf2903f92fa450b2d448ce0532558afdb2644c0ee4980775db7fdfb9085560853029f97b48a46986e3353f1e865d7a7a15bdef008e1522541700902693bc0e496891bff847d39d9542c10e4ddf6f26cfc3182162664370d6d5c007e10203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041455e481d11180bed889b908a331f9a1240916b970300d06092a864886f70d010105050003820101003b9b8f569b30e753997c7a79a74d97d7199590fb061fca337c46638f966624fa401b2127cae67273f24ffe3199fdc80c4c6853c680821398fab6adda5d3df1ce6ef6151194820cee3f95af11ab0fd72fde1f038f572c1ec9bb9a1a4495eb184fa61fcd7d57102f9b04095a84b56ed81d3ae1d69ed16c795e791c14c5e3d04c933b653ceddf3dbea6e5951ac3b519c3bd5e5bbbff23ef6819cb1293275c032d6f30d01eb61aacde5af7d1aaa827a6fe7981c479993357ba12b0a9e0426c93ca56defe6d840b088b7e8dead79821c6f3e73c792f5e9cd14c158de1ec2237cc9a430b97dc80908db3679b6f48081556cfbff12b7c5e9a76e95990c57c8335116551	SupportAssistInstaller.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\503006091D97D4F5AE39F7CBE7927D7D652D3431\Blob = 5c00000001000000040000000008000019000000010000001000000091fad483f14848a8a69b18b805cdbb3a0f0000000100000014000000327fc447408de9bf596f83d4b2fa4b8e3e7097d8090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b06010505070308530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c07f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b060105050703076200000001000000200000006dc47172e01cbcb0bf62580d895fe2b8ac9ad4f873801e0c10b9c837d21eb1770b000000010000001e00000045006e00740072007500730074002000280032003000340038002900000014000000010000001400000055e481d11180bed889b908a331f9a1240916b9701d0000000100000010000000e871723e266f38af5d49cda2a502669c7e000000010000000800000000c001b39667d601030000000100000014000000503006091d97d4f5ae39f7cbe7927d7d652d3431040000000100000010000000ee2931bc327e9ae6e8b5f751b434719020000000010000002e0400003082042a30820312a00302010202043863def8300d06092a864886f70d01010505003081b431143012060355040a130b456e74727573742e6e65743140303e060355040b14377777772e656e74727573742e6e65742f4350535f3230343820696e636f72702e206279207265662e20286c696d697473206c6961622e2931253023060355040b131c286329203139393920456e74727573742e6e6574204c696d69746564313330310603550403132a456e74727573742e6e65742043657274696669636174696f6e20417574686f7269747920283230343829301e170d3939313232343137353035315a170d3239303732343134313531325a3081b431143012060355040a130b456e74727573742e6e65743140303e060355040b14377777772e656e74727573742e6e65742f4350535f3230343820696e636f72702e206279207265662e20286c696d697473206c6961622e2931253023060355040b131c286329203139393920456e74727573742e6e6574204c696d69746564313330310603550403132a456e74727573742e6e65742043657274696669636174696f6e20417574686f726974792028323034382930820122300d06092a864886f70d01010105000382010f003082010a0282010100ad4d4ba91286b2eaa320071516642a2b4bd1bf0b4a4d8eed8076a567b77840c07342c868c0db532bdd5eb8769835938b1a9d7c133a0e1f5bb71ecfe524141eb181a98d7db8cc6b4b03f1020cdcaba54024007f7494a19d0829b3880bf587779d55cde4c37ed76a64ab851486955b9732506f3dc8ba660ce3fcbdb849c176894919fdc0a8bd89a3672fc69fbc711960b82de92cc99076667b94e2af78d665535d3cd69cb2cf2903f92fa450b2d448ce0532558afdb2644c0ee4980775db7fdfb9085560853029f97b48a46986e3353f1e865d7a7a15bdef008e1522541700902693bc0e496891bff847d39d9542c10e4ddf6f26cfc3182162664370d6d5c007e10203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041455e481d11180bed889b908a331f9a1240916b970300d06092a864886f70d010105050003820101003b9b8f569b30e753997c7a79a74d97d7199590fb061fca337c46638f966624fa401b2127cae67273f24ffe3199fdc80c4c6853c680821398fab6adda5d3df1ce6ef6151194820cee3f95af11ab0fd72fde1f038f572c1ec9bb9a1a4495eb184fa61fcd7d57102f9b04095a84b56ed81d3ae1d69ed16c795e791c14c5e3d04c933b653ceddf3dbea6e5951ac3b519c3bd5e5bbbff23ef6819cb1293275c032d6f30d01eb61aacde5af7d1aaa827a6fe7981c479993357ba12b0a9e0426c93ca56defe6d840b088b7e8dead79821c6f3e73c792f5e9cd14c158de1ec2237cc9a430b97dc80908db3679b6f48081556cfbff12b7c5e9a76e95990c57c8335116551	SupportAssistInstaller.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\503006091D97D4F5AE39F7CBE7927D7D652D3431	SupportAssistInstaller.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\503006091D97D4F5AE39F7CBE7927D7D652D3431\Blob = 0f0000000100000014000000327fc447408de9bf596f83d4b2fa4b8e3e7097d8090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b06010505070308530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c07f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b060105050703076200000001000000200000006dc47172e01cbcb0bf62580d895fe2b8ac9ad4f873801e0c10b9c837d21eb1770b000000010000001e00000045006e00740072007500730074002000280032003000340038002900000014000000010000001400000055e481d11180bed889b908a331f9a1240916b9701d0000000100000010000000e871723e266f38af5d49cda2a502669c7e000000010000000800000000c001b39667d601030000000100000014000000503006091d97d4f5ae39f7cbe7927d7d652d343120000000010000002e0400003082042a30820312a00302010202043863def8300d06092a864886f70d01010505003081b431143012060355040a130b456e74727573742e6e65743140303e060355040b14377777772e656e74727573742e6e65742f4350535f3230343820696e636f72702e206279207265662e20286c696d697473206c6961622e2931253023060355040b131c286329203139393920456e74727573742e6e6574204c696d69746564313330310603550403132a456e74727573742e6e65742043657274696669636174696f6e20417574686f7269747920283230343829301e170d3939313232343137353035315a170d3239303732343134313531325a3081b431143012060355040a130b456e74727573742e6e65743140303e060355040b14377777772e656e74727573742e6e65742f4350535f3230343820696e636f72702e206279207265662e20286c696d697473206c6961622e2931253023060355040b131c286329203139393920456e74727573742e6e6574204c696d69746564313330310603550403132a456e74727573742e6e65742043657274696669636174696f6e20417574686f726974792028323034382930820122300d06092a864886f70d01010105000382010f003082010a0282010100ad4d4ba91286b2eaa320071516642a2b4bd1bf0b4a4d8eed8076a567b77840c07342c868c0db532bdd5eb8769835938b1a9d7c133a0e1f5bb71ecfe524141eb181a98d7db8cc6b4b03f1020cdcaba54024007f7494a19d0829b3880bf587779d55cde4c37ed76a64ab851486955b9732506f3dc8ba660ce3fcbdb849c176894919fdc0a8bd89a3672fc69fbc711960b82de92cc99076667b94e2af78d665535d3cd69cb2cf2903f92fa450b2d448ce0532558afdb2644c0ee4980775db7fdfb9085560853029f97b48a46986e3353f1e865d7a7a15bdef008e1522541700902693bc0e496891bff847d39d9542c10e4ddf6f26cfc3182162664370d6d5c007e10203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041455e481d11180bed889b908a331f9a1240916b970300d06092a864886f70d010105050003820101003b9b8f569b30e753997c7a79a74d97d7199590fb061fca337c46638f966624fa401b2127cae67273f24ffe3199fdc80c4c6853c680821398fab6adda5d3df1ce6ef6151194820cee3f95af11ab0fd72fde1f038f572c1ec9bb9a1a4495eb184fa61fcd7d57102f9b04095a84b56ed81d3ae1d69ed16c795e791c14c5e3d04c933b653ceddf3dbea6e5951ac3b519c3bd5e5bbbff23ef6819cb1293275c032d6f30d01eb61aacde5af7d1aaa827a6fe7981c479993357ba12b0a9e0426c93ca56defe6d840b088b7e8dead79821c6f3e73c792f5e9cd14c158de1ec2237cc9a430b97dc80908db3679b6f48081556cfbff12b7c5e9a76e95990c57c8335116551	SupportAssistInstaller.exe

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 3220 wrote to memory of 2608	3220	SupportAssistInstaller.exe	86
PID 3220 wrote to memory of 2608	3220	SupportAssistInstaller.exe	86

C:\Users\Admin\AppData\Local\Temp\SupportAssistInstaller.exe
"C:\Users\Admin\AppData\Local\Temp\SupportAssistInstaller.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3220
- C:\Users\Admin\AppData\Local\Temp\6f88dd26-460d-43c2-bfa3-f0d18d79d429\SupportAssistInstaller.exe
  "C:\Users\Admin\AppData\Local\Temp\6f88dd26-460d-43c2-bfa3-f0d18d79d429\SupportAssistInstaller.exe"
  2⤵
  - Executes dropped EXE
  - Modifies system certificate store
  PID:2608

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\6f88dd26-460d-43c2-bfa3-f0d18d79d429\Dell.SupportAssist.Client.FrameworkLogger.dll

Filesize
18KB

MD5
8fb21349b0fb5e5d7de8b921e25e10d0

SHA1
bee87220da3d9513de14e7d303120ccc09de8505

SHA256
b9fe3a919470f29464d4537e8a569bc9561b956a7b82976b23ffb9b4e22db13a

SHA512
58a1728350c10ea68d9849a2746ee6c2ec2e9beb959f090aa1ff222a24cb8c5cb7d1ad80aaede11b695c7fd866606e83d3fe2dfa50a13b06f5c05384f80a941b

Download Submit
C:\Users\Admin\AppData\Local\Temp\6f88dd26-460d-43c2-bfa3-f0d18d79d429\Microsoft.Practices.Unity.dll

Filesize
143KB

MD5
27f24aed31d72c0a3214e54e4137fcf6

SHA1
93dab8c3392ab7eeb0062fc4224d57dde75b6794

SHA256
8355fd8ff475f1d032bc6667f185e25377e35644b5ffd2fe12c8e83705a03957

SHA512
16215965e7b317de67beae9c94a7187ff32b47e7a7ff1e38c2947769d53961defc9f8741d7e7e37ce74264c60e5c35df71065e36069776ffb3c71d3a064786c6

Download Submit
C:\Users\Admin\AppData\Local\Temp\6f88dd26-460d-43c2-bfa3-f0d18d79d429\Newtonsoft.Json.dll

Filesize
688KB

MD5
0428dddbd43486d805f6f72d6539dafb

SHA1
43502e57b6c1542d452562a013a4a0952937e1ad

SHA256
ef80e07b7819d8a82bbb8efc4109618b51c7df5e3463cf04e3b332cfc3c01efc

SHA512
9b67272ae8739b25f0ec5d0572a834c5edab7a9ecc27b47de9a5998849a8c4712c61a841ec94e49dfe4cf98f73690ea6e9020e1c247af105d746c9147f79f879

Download Submit
C:\Users\Admin\AppData\Local\Temp\6f88dd26-460d-43c2-bfa3-f0d18d79d429\Resource\SA4_Installer_BG_900x600.jpg

Filesize
113KB

MD5
305fd53cde696bc7603f21955dbe75f4

SHA1
f1400ac28e32270e4d981e4c4cf37ec47506f6b3

SHA256
8bd98eaa8f939d1c8e69d219982573bf8fdb9c62c25c71b7cf385ff41fc5b276

SHA512
b0032a438d29153e7e5f95409c0df36dd9a884961e7b41de42303ee5f577d009129f03dfc2bd1debf5ceffd7eb2499c45381faabc1109fbc442001cd8a1d0d50

Download Submit
C:\Users\Admin\AppData\Local\Temp\6f88dd26-460d-43c2-bfa3-f0d18d79d429\Resource\en-US\Installer.json

Filesize
6KB

MD5
607d5d437d88863e793eb4f659a37981

SHA1
c7b2f6ab7c52a2c0e4a8c776f27af21e8a4f539a

SHA256
3d509e191b06487e56638d1dfc4ea5f540a833c695219ccd241e70fa0751baee

SHA512
d18c5f4934d9fc07f646ea25f02019224c600b63ea5170d234fd78a9e8805e37ba82a543111a3fa7d6c266c6669063620af93437757040a02cbf42f71ad87647

Download Submit
C:\Users\Admin\AppData\Local\Temp\6f88dd26-460d-43c2-bfa3-f0d18d79d429\Resource\roboto-light.ttf

Filesize
123KB

MD5
46e48ce0628835f68a7369d0254e4283

SHA1
e321c183e2b75ee19813892b7bac8d7c411cb88a

SHA256
ee4352049603e5960550f55444ad720d8d4ce322c0dcba1afc77de78c430d0d5

SHA512
8ad21d9c1c0496de9d47a5f353e437de399e24e9f780ec9beef1963cb9ca4c657748eee2493d91d57f1be1393411303db7f21e4543696c9843ff0e570d2882d2

Download Submit
C:\Users\Admin\AppData\Local\Temp\6f88dd26-460d-43c2-bfa3-f0d18d79d429\Resource\roboto-medium.ttf

Filesize
124KB

MD5
894a2ede85a483bf9bedefd4db45cdb9

SHA1
6060ca726b9760b76f7c347dce9d2fa1fe42ec92

SHA256
6e2ec5c5f89e4ce302bb93b46cb7cc336236501de17348e284878914c5e0e723

SHA512
cecce690b1066f3424ba3684cd4f7993746551d3642fda4f044090fe285ec2a73bfecde27f0df79824b99c42aa6b033a890b5174215748716d8ac4741a5d6a72

Download Submit
C:\Users\Admin\AppData\Local\Temp\6f88dd26-460d-43c2-bfa3-f0d18d79d429\Resource\roboto-regular.ttf

Filesize
123KB

MD5
df7b648ce5356ea1ebce435b3459fd60

SHA1
824b5480c977a8166e177e5357d13164ccc45f47

SHA256
bde8a188e37aa936b167aecc5e5a3da40262f6e51fd54c584f2cf2b6b99d96ca

SHA512
d78cb378c0b5939fcba01c272616010e28c7878ef63944fc9bf48f2f0abec6f9c72c4f56ed9785194626fa6979ae3f4d7b43e924ef84686e6ff2b8058e5580a2

Download Submit
C:\Users\Admin\AppData\Local\Temp\6f88dd26-460d-43c2-bfa3-f0d18d79d429\Resource\roboto-thin.ttf

Filesize
124KB

MD5
94998475f6aea65f558494802416c1cf

SHA1
173ed64528b4d010a76d8d38deb1d7e7eed58eda

SHA256
db1d464343bf795307bc90da83d65b93c841fb20f38662f92f1e5e2c5a1d2ec5

SHA512
51cba34e46887078ee3101bfe6f652451d67a73c2a6c0b05bf353e1cc358b36ba99f09a0ffdbb59bea491590e935ba2b0a65798e9b67e6a3a3b8491bc0463ffa

Download Submit
C:\Users\Admin\AppData\Local\Temp\6f88dd26-460d-43c2-bfa3-f0d18d79d429\Resource\spinner_blue.png

Filesize
1KB

MD5
0d264f346bcc8a340a413d5234285786

SHA1
95b8c10c89e07b0a41e189f9016b48dd60fd6f17

SHA256
41d3b9695455de5c7e58894ae854ce34e72b1d808a3c02ebb2fefe97e9533281

SHA512
16770c22b8205c00e75a4bd284580389d9cfb7486669a68e7a76c5eef3413b00d66685104113aac9e960c83db44d57f43bc292f141a22d9d6528acdf53e1ada8

Download Submit
C:\Users\Admin\AppData\Local\Temp\6f88dd26-460d-43c2-bfa3-f0d18d79d429\Styles\DellStyles.xaml

Filesize
2KB

MD5
e0e508eaa2aff8fc6790d34a404c58bd

SHA1
e21ffc5aafd34f51cb7e6328a8eb7591f381a968

SHA256
9f96fb69b50c735eb4d1c0dff55a804f69ea7212ba9dc0332ac10c42a0b7b2db

SHA512
ab9e91f6aef37e0f84e31d095d607d5bac18109fae8807966a7be9834c00de44e5896d47ae6cb687a4fa616160a2da7af386b492d5aa9bf60a61e64c5677168b

Download Submit
C:\Users\Admin\AppData\Local\Temp\6f88dd26-460d-43c2-bfa3-f0d18d79d429\SupportAssistInstaller.exe

Filesize
943KB

MD5
797402be3e790bb35dea470ef063b66f

SHA1
676e9b40372de05b176e6306e5929218ad6800bf

SHA256
68b204dde251c0331a1f1554d9e7b9c50390deeb0afd0ae37ec23e8cd658a2d3

SHA512
cd51f5150a40c8ba61d52f932591a80f897fdb30bc504c25517139055949b71a2ea1b26bdb95a6dc37914490b38c1459c61a1999fc6198db69fe2368a22c7209

Download Submit
C:\Users\Admin\AppData\Local\Temp\6f88dd26-460d-43c2-bfa3-f0d18d79d429\SupportAssistInstaller.exe.config

Filesize
538B

MD5
e97ac84664026547fb344425a89c0edd

SHA1
6fd4dc83604a75e8c8057fb3008d044da91e16e1

SHA256
e93f8fbaece629c2d4621e7ca82ec57d1f05a746a06f45f8b41a43413885e518

SHA512
465a0ff55c6911cd6dcd1fc20b9d80ae45213994ddcc61b5dfbf0f84ec1994b87618d430952b41e7a242af44682cb38fb490d9a3a4f5fa23f4725e0daf410038

Download Submit
C:\Users\Admin\AppData\Local\Temp\6f88dd26-460d-43c2-bfa3-f0d18d79d429\log4net.config

Filesize
813B

MD5
f6f8cd68eabfb8b7131d0d4de878272f

SHA1
ddc0655264cfee990bcd96b834bcf6b0e76de7f9

SHA256
087197e3b5820d8b79cad05db5331ecc114e701f273571e2b833e01472897ea5

SHA512
617b6227542b25e0c53cf36897018e524895676d07ddbf95550c18091aaa1af23aedf2fb969b2c752364867d03252c624a537ffa23523e5bd10850e81b426e85

Download Submit
C:\Users\Admin\AppData\Local\Temp\6f88dd26-460d-43c2-bfa3-f0d18d79d429\log4net.dll

Filesize
274KB

MD5
8cc649cf5d9c869294f03297a131ed86

SHA1
5f1891ea1dea67e854991c6ab0a720b158ec42df

SHA256
8e5122fc22ad819e37591d2302ffc1d840483ad9a2bf9e342301f75c3baab2c7

SHA512
d39aa488f7560385e5617ff9c4ea1693c5672e4b6d82371051a2f3eb289287be29d34a3d2e1ea3362961f3d675082596a77405685e0eae3b746fcee58e884dc6

Download Submit
memory/2608-120-0x0000021FC8270000-0x0000021FC82B6000-memory.dmp

Filesize
280KB

Download
memory/2608-154-0x0000021FC8980000-0x0000021FC8A3A000-memory.dmp

Filesize
744KB

Download
memory/2608-122-0x00007FFFC7ED0000-0x00007FFFC8991000-memory.dmp

Filesize
10.8MB

Download
memory/2608-116-0x00007FFFC7ED0000-0x00007FFFC8991000-memory.dmp

Filesize
10.8MB

Download
memory/2608-134-0x0000021FC8390000-0x0000021FC8398000-memory.dmp

Filesize
32KB

Download
memory/2608-135-0x0000021FC8380000-0x0000021FC8388000-memory.dmp

Filesize
32KB

Download
memory/2608-136-0x0000021FC83B0000-0x0000021FC83B8000-memory.dmp

Filesize
32KB

Download
memory/2608-137-0x0000021FC83C0000-0x0000021FC83C8000-memory.dmp

Filesize
32KB

Download
memory/2608-138-0x0000021FC83D0000-0x0000021FC83D8000-memory.dmp

Filesize
32KB

Download
memory/2608-139-0x0000021FC85F0000-0x0000021FC85F8000-memory.dmp

Filesize
32KB

Download
memory/2608-140-0x0000021FC83A0000-0x0000021FC83A8000-memory.dmp

Filesize
32KB

Download
memory/2608-141-0x0000021FC8610000-0x0000021FC8618000-memory.dmp

Filesize
32KB

Download
memory/2608-142-0x0000021FC8600000-0x0000021FC8608000-memory.dmp

Filesize
32KB

Download
memory/2608-177-0x00007FFFC7ED0000-0x00007FFFC8991000-memory.dmp

Filesize
10.8MB

Download
memory/2608-145-0x0000021FC8650000-0x0000021FC8658000-memory.dmp

Filesize
32KB

Download
memory/2608-115-0x0000021FAE190000-0x0000021FAE19A000-memory.dmp

Filesize
40KB

Download
memory/2608-114-0x0000021FC69A0000-0x0000021FC69C8000-memory.dmp

Filesize
160KB

Download
memory/2608-150-0x0000021FC86B0000-0x0000021FC86D2000-memory.dmp

Filesize
136KB

Download
memory/2608-148-0x0000021FC8710000-0x0000021FC87C0000-memory.dmp

Filesize
704KB

Download
memory/2608-118-0x0000021FAE1A0000-0x0000021FAE1A8000-memory.dmp

Filesize
32KB

Download
memory/2608-156-0x00007FFFC7ED0000-0x00007FFFC8991000-memory.dmp

Filesize
10.8MB

Download
memory/2608-112-0x0000021FAC340000-0x0000021FAC430000-memory.dmp

Filesize
960KB

Download
memory/2608-111-0x00007FFFC7ED3000-0x00007FFFC7ED5000-memory.dmp

Filesize
8KB

Download
memory/2608-176-0x00007FFFC7ED0000-0x00007FFFC8991000-memory.dmp

Filesize
10.8MB

Download
memory/2608-175-0x00007FFFC7ED0000-0x00007FFFC8991000-memory.dmp

Filesize
10.8MB

Download
memory/2608-174-0x00007FFFC7ED0000-0x00007FFFC8991000-memory.dmp

Filesize
10.8MB

Download
memory/2608-162-0x0000021FC8910000-0x0000021FC8918000-memory.dmp

Filesize
32KB

Download
memory/2608-164-0x0000021FC8960000-0x0000021FC896E000-memory.dmp

Filesize
56KB

Download
memory/2608-166-0x00007FFFC7ED0000-0x00007FFFC8991000-memory.dmp

Filesize
10.8MB

Download
memory/2608-173-0x00007FFFC7ED3000-0x00007FFFC7ED5000-memory.dmp

Filesize
8KB

Download
memory/2608-163-0x0000021FCB1A0000-0x0000021FCB1D8000-memory.dmp

Filesize
224KB

Download
memory/2608-167-0x00007FFFC7ED0000-0x00007FFFC8991000-memory.dmp

Filesize
10.8MB

Download
memory/2608-169-0x0000021FCD190000-0x0000021FCD352000-memory.dmp

Filesize
1.8MB

Download
memory/3220-171-0x0000000074A5E000-0x0000000074A5F000-memory.dmp

Filesize
4KB

Download
memory/3220-172-0x0000000074A50000-0x0000000075200000-memory.dmp

Filesize
7.7MB

Download
memory/3220-1-0x00000000002A0000-0x00000000003D0000-memory.dmp

Filesize
1.2MB

Download
memory/3220-2-0x0000000004C70000-0x0000000004C7A000-memory.dmp

Filesize
40KB

Download
memory/3220-5-0x0000000004CA0000-0x0000000004CB2000-memory.dmp

Filesize
72KB

Download
memory/3220-72-0x0000000074A50000-0x0000000075200000-memory.dmp

Filesize
7.7MB

Download
memory/3220-0-0x0000000074A5E000-0x0000000074A5F000-memory.dmp

Filesize
4KB

Download