09dc02d8d3e49ae7dcb2983be0306fc59b59c862dabcf21f592c935c56d3cc7d

Analysis

max time kernel
148s
max time network
205s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
09/05/2024, 00:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Sonic.HEX Infected Menace (PATCH).exe
Size

416.4MB
MD5

d76db1c27e499704f4f361da5eadca41
SHA1

5d2f4264d5172961f73a403bedaed4455dd91d71
SHA256

09dc02d8d3e49ae7dcb2983be0306fc59b59c862dabcf21f592c935c56d3cc7d
SHA512

b03bda357c2e11126adbbf7d026f5ffdbf4e77936c2c967362abdc0f9e6d9c85b98ae63d023e9f2e0032646959a75c0d297149ae6377fc776cb021fc42d42f00
SSDEEP

12582912:vOwdCqfOqTkGgoRGzM47PG+yNAsNQ085C:vltOqMoRGI+Vm

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 63 IoCs

pid	Process
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
3948	Sonic.HEX Infected Menace (PATCH).exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2456	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	2456	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 2 IoCs

pid	Process
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe
3948	Sonic.HEX Infected Menace (PATCH).exe

C:\Users\Admin\AppData\Local\Temp\Sonic.HEX Infected Menace (PATCH).exe
"C:\Users\Admin\AppData\Local\Temp\Sonic.HEX Infected Menace (PATCH).exe"
1⤵
- Loads dropped DLL
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
PID:3948

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4b0 0x380
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2456

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3912

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\Box2DBase.mfx

Filesize
287KB

MD5
0572d03da13e13cecdccff2e64f9f4f5

SHA1
a1fcc08ac261edeb3c2b95f007c93fe1398583c7

SHA256
c4507e348be20dacff1caf80047009924a7dafde2f6d4fcd3a119e36c3b0a259

SHA512
68790d0a9b0ccac5389e551408c10bcb2430daa28162bf8de29fe327c78c72bc61181366d6e0f61ba661977daa825aa865255b71ba4cd0ecbc0f403d608d71d0

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\Box2DStatic.mvx

Filesize
126KB

MD5
4fdd5e5d3f9d15622e741160f8359d80

SHA1
08af8b2e361b4c73c17bca4a1de92aa57157207d

SHA256
f1b78b67fa0ec761b5ef24b074b6805a0713c9b8f1bd48b8c0822cf01a642645

SHA512
f8db8c0ef40c6293ea684f6ad8ab3dede3bddc91c65dbfe4dbe9c39b478d04e75d15adbf16fa178cf4016b247665af7b1b62c6957f24a6fd9f29e13db614513c

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\Easing.mfx

Filesize
168KB

MD5
052d1c7eed7b50a18eddc10dfad3ae22

SHA1
6f88687f930e73106d2b8af00f5317eca74e0c61

SHA256
1b5e79e999c4cff19fe0260bdeaeeaea0fcda6057bf6d17bf0f121e9797d20ef

SHA512
ef89c692a47d2ad66d6f4e722e9b330a85cca0faea2f022abfc3da3c1d32fc7c0cf01d6a6e36fddd0b82c97eebc707c9e00e2431792d551b7178fb8d50452966

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\INI++15.mfx

Filesize
439KB

MD5
760454c677adda4b319272641680e331

SHA1
348f18fb00889c3058451c2f034b51d6965522af

SHA256
4f7e3cc575de56d815589db22a1d96760e2f309e58b9bde1a57e108bda069393

SHA512
62f4d9c151adf2ce2430028185241f890849b3b0c2a11b5cc8c0e74bb3c02f3246e3abdc4031b75d2aaba9f24c26e60b165c410c2bf7c4e0569b34882b8477a7

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\InAndOut.mvx

Filesize
68KB

MD5
e0a46539bf68ea083867457c962b0edb

SHA1
1345276d8a0e2ffbc90bfd7a1aa7f75d9b908b77

SHA256
678073eea715bdb105d7316a2ccbdfbf6185b6bd23c3cd9528ebfeafb9ade716

SHA512
d23a7e70602bdcd5e3de488c86d83a97038762fa42d588d385cd0ef00a60f32b2344c730a3208352cd0b7fd9de9534e6e8527e8d1e9a5bb36da315724e602e21

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\Joystick2.mfx

Filesize
171KB

MD5
473880813d30a436bc8e4ac5ae29966a

SHA1
90f7eca461d0b4f42de5fa6812b89d023c152488

SHA256
75649299fb633f0753966ab8b7be56c97bf0e6e913e80685e5b41e7293c85b3c

SHA512
6aafa6490abfe1ccbdf983040ac7f6e90f55615d7a9c92baf7e835759a4d57020a6726ba14f8bd4c934fd8b64cd10504393519090da22ba5f85a5ce9b1a212d9

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\KcArray.mfx

Filesize
32KB

MD5
e6e75d5e75a02743fe0efd673620bc5a

SHA1
5366b499e6413f6ddbbf53ce3ba4da3da260f69b

SHA256
4acc16898136313b0ba79b458c33f8d2194edb7f398124800bac70796086e5f6

SHA512
efb1bac52b282fbea2b7003697ba959029b362a3c35c96c30d155636f1bc3735b858d80002427d575570c456318b4095d4b9443b24fa63f57211083a978f916a

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\KcBoxB.mfx

Filesize
40KB

MD5
86d2b0df60742ad2678a9b6f8683ea7b

SHA1
9c37306d8f55f4be975dc9c35e2346e5a7916ff9

SHA256
7f129f2a2305fbd396661ef2910ab48346d589f20ebc7eb85249ecce80d307af

SHA512
9d8d5e1583d5d6eb88be7a58bd2ec5676b3ca34c71931d0a6a755333be231f810765f8b9b8725c53360dfe0da863b97aac262740c159e6374326a723f36632f2

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\Layer.mfx

Filesize
136KB

MD5
5f7ab4b3ce5c2f35bd2caf55e51115ba

SHA1
6c492fba3c1f92d0a9537a7f574382f2b6b71692

SHA256
6f06ea2607309aecfc35589c5a0f1799dc3cf6627841e3dc56347810e6197dd8

SHA512
eaba9a833dc93ebce22846da5d1c697dce5ce738402b1635dfcdd7e740b8935499d03fe5649ff0773a51290f7dbbd050082d340fab2a96848fff1d18dc53bdec

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\Parallaxer.mfx

Filesize
25KB

MD5
de81d67c5238f35d402bd4fe82294237

SHA1
b4c7e96034a93bffe1156850e94077ee1c92fb66

SHA256
6388be433fbc58bd720da099ccbcc39034e15b497b9761638e06dc6ac70c7358

SHA512
76aac99a545b19e9cf4a0eb79089962c87bf895ab166f8299aff27983dfadfaa3b2895094e7b3fe2333ea4d91fda5f5ce1a60c0f79fe37c419427ea405fbd1d8

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\Platform.mfx

Filesize
21KB

MD5
f028a9790936f628964ffb256405aebb

SHA1
2dbecca5034f39a78e88cdf962208f742ff43302

SHA256
722e0aeb4d6424e95df58c01e5b787a7bcc0b1e1f1c0cf86b18388c42980cfcd

SHA512
f0d3d204e8ec563092d4dbb60dce0370acda92fe39b07e8f021dbc28f56041dc8ddc382b1326cfa8fb694a16a57ebdc56f0824cbf5c9abbe47498e973bff3b32

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\Surface.mfx

Filesize
301KB

MD5
9abb781bbb65b1c9649d5cfc124a2ed4

SHA1
d49c6e43cfbd6f360013b907d09b6eb7a43b9d2d

SHA256
e6bd038aaf37b486d326d9e1dd1a1c2ebf8eff51809a564245006bf3b25ba976

SHA512
f396a57d441d657ee613be1f7fdccb27be5df9c34ca930dfe6aea7d95acca5dc25988212697b89e46ad73273f90d4c07f17c888892a8f74ecc9c22a72399a821

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\ValueAdd.mfx

Filesize
101KB

MD5
32f45a7981e0796b2168bec9cc704f04

SHA1
d17202262b1d20a90e11dfd5dfbe0e34f73bdebb

SHA256
a921c2914a0d37e0f61e9b13384151819fd2f0738aaa6cd0de0f1983aa3a43f7

SHA512
0c6ef0bc4a00199459a22b779af97f9947a639b4bcca63cbbd2b404e11964abe03313bf85b67af31fd8d96f48609410bfbf39ad935847a286153a15435e46e30

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\XBOXGamepad.mfx

Filesize
83KB

MD5
aadd07ff9056c4f925789dccaae69b03

SHA1
c998a63c69f9f211efffdfc9cca65adb73f7af17

SHA256
c5972ea4bfb176e250cbc36d38661e5fd1be47ca235d2032a174097a9b006172

SHA512
f858455c1c0a29d494aff0e2044eafc0a75f677295f2c6a6a13536b459e7bb0cdd20669f94d73ec2c4105f0e10994c8c9219087a08bf373c9a38f8812eded4b5

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\ZipObject.mfx

Filesize
56KB

MD5
35e4d23c8a549fef5f470ae3d48d7fc1

SHA1
a3d86f82f5cc4f62115e955253b8746c81920cd3

SHA256
fedbfbbba75d20bbb7372dd0a70a437a787b93cf6818f38a254ccd1cd27463a3

SHA512
fe44015250f24ea5b534b80d5ec321d68bfc16f8546cea2bdd6d716ef5d3ec79da4e80c1ac518b7cf8ae91c1e8d2859f9f456250696114280a2448d62bd46835

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\aviflt.ift

Filesize
24KB

MD5
97b3b613ed1f994389b1a963b6e781c9

SHA1
13b38afdfd6ea283a2012bb8e5c652e13175440c

SHA256
cb5f43c24df39973b983b7fda4abcef60f425061d880c7dd9514b501b84790f8

SHA512
97cb23d76d926fe03573c127862b738217f91b0cb61517df7514597fdc50844ccb3d4f799b9a8b23b8da37a2b802ee2bd1e56b5e9fdb699bc3d511868ffd417c

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\bmpflt.ift

Filesize
24KB

MD5
a73a9c8e91ef95cf4eabadf8f7334abf

SHA1
763195d19f5467c593ab638dbdd0a0277a3048f3

SHA256
02d03c4847e34c9029cca452e37ada5ef40167406d4474a9393e11aace024c3d

SHA512
cb5f451d8e637d466fec2dde865d5daac5a15ea44b6e2ce0506070c123ffad506f5f9739a9ea440f01c8f331cc9d42802cc14f82e1252ac667fa7318bcdf3acb

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\cctrans.dll

Filesize
141KB

MD5
ce3a36f85d2ea504b6d19c5f366c3f47

SHA1
972629c730b65c17ac2c751aafeb612d0c7432f2

SHA256
55e75e784e436cccd978192fba869656f879f0f126e99b375c3849c99872ec56

SHA512
c6df293b4373552c3165ac27f2070973a8278bc72001a8c10f300ea30699a03811dc6a84864ff22aaa2b35d1ec75d41ceb2a8fee85b5404d4a5bbfd8333f248c

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\ctrlx.mfx

Filesize
44KB

MD5
ceb8b2e522d0aaaecdf69b3bcc89a530

SHA1
c1cf769a96a9612f7fd0c1965413f4a57e4907e1

SHA256
3407eb12f6bacec5ebd4df96ff3fd34741a3919fd46c2ec527364c5f1e753a65

SHA512
3c46743c635eb96351e6a82490cececb24e6a104433c962f263ec01cf78fa9747d4f56d05c3085c0a18eff7c180b145df5e8e74bc008fe2f617f7f4c24be0331

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\fliflt.ift

Filesize
28KB

MD5
91b37f29180a7bcca82dd4682d677b3d

SHA1
bca27cb7ddb271e6649f264777e04970f5ad1276

SHA256
4b651eaa60da09038984a9b7027826941f61f6da58d3f57d11349c8c1896a6d4

SHA512
2fb10952f2671e6a42a9748279aa94e9ce9b307d57d562f9ebbaaa88e27ca96eda36a5fa209df0f791adab7e8d896916b30330ba759b9278cac4bff43600d6e2

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\gifflt.ift

Filesize
28KB

MD5
9a1a0b8e7045c06c47abeb52d861c377

SHA1
6a1c36eb8354f62d5eab6d7c62316fd7d0e1aa92

SHA256
8fadc250c2afc00b0430c5df576cfd2d444367ad928027334c5d03829241cf92

SHA512
918a672f82be50a42c237eeb361b971c724a1d7b11cab183dfd5125bdb7663cae588fa92b142dc99a88407a133bbe58bd7bc0c5c60d93287c470375fc094f079

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\joystick.mfx

Filesize
36KB

MD5
9394a05326bf57420b77ac9712b9944b

SHA1
80ab9a741fef66f2c4b994fdfcf7b16eeef559c2

SHA256
2b4346eab390370db0f7ed1261e3c38d36d749c078b235f63be62a4317e33eea

SHA512
4a6884700f61e6cf755913cdfd35ab80dd6a6d211775d0cf534f72eeab3e1e2eca386a27ddede00e90fe5a6e09c132e0e6d97fbd78803b9dee13ea4f452572d6

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\jpgflt.ift

Filesize
96KB

MD5
ba4a1f5006fc3fc33f30e82a964cd7b3

SHA1
8099283e645b6ef523757afdf552da3dc9b72924

SHA256
5bcaaff4c698581603d4165308260412b38ac6cf708486b53bda3bc76241098d

SHA512
8eaa1bae465a0ddd498372fcc9bd9c2b3bd9ba861abcc9158a0e3b8cf14f2a6fc8aae8fb129f96ea090c023247dec56524b2f42fa25239c08145dbe7c664a11e

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\kcanim.mfx

Filesize
28KB

MD5
913cfd77a201854385bd6df283d2e594

SHA1
e9bc389b1bf741e4b928806812cb4831415406fc

SHA256
98fccdcd1bfe5f3b621d7472904df2e43f0f933ad13133ac0158702b2d98f079

SHA512
2886b734d56ad4ace8eaa746ba62686f7164ab776a8883b1e4de02c67f806110cf7f1698a3bb61e2e4f2d1027657970e6da54074519c4421de81af43506f0b52

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\kcfile.mfx

Filesize
116KB

MD5
fe2b4c6a45ce244f1c40f730008465c9

SHA1
9dfd41a915c19a4520a3024e9133e9a24e61779f

SHA256
7daa995fbf72b941859177b08b2785dc107f1a3deb99f6ab4c675d2b0f03a06b

SHA512
caf9e1bba2a5560b73c47d116f0f0f016a88f54e5397499fcd5b8a648bf676b93eb255a32fe7f71f0462b481737eba2d01cb9e790b75897c44ea741d73867b39

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\kcini.mfx

Filesize
114KB

MD5
7c0cb7fdc0d3519520cd4b8137edbd80

SHA1
bd4eddd8316a51baf4a3ae68b56acfbba734f46c

SHA256
d1471b2685d45956c323baa2cab11dfe479eb1021f04e2949f03557527c5fc84

SHA512
601c16892bef77d5842e0778f27d4f82e19ae66333b2b75c9a34b3ba6441169946e1167ceb21ed270bddba305abfe50f2e8f8ab2e9dc410c96a31944e597034a

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\kcwctrl.mfx

Filesize
79KB

MD5
2c34e977f898ab60eddb72075c4be223

SHA1
adf883dd06e5ae340a03e6c22a56a4c0caf909ea

SHA256
a0ada42e3a4760097c1c2f98905f12b19de47159543aa21e1c604dbcac7337f2

SHA512
73402857d09e5a0e8049bb7adf3bbfdfc9ac65966217751cbf6db2bf532aa3f92ffc3a1a5dcda638e83d6ede29ebe6e760cbad74d27aa6fa006c9296607d3c37

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\mmf2d3d9.dll

Filesize
1.1MB

MD5
72bb9180f8905c0da95566b778cdac5e

SHA1
e96145e8120514092b35f67f1f120b958997f921

SHA256
3cde7a9181ab63a42cd3535d279d0ab1397b7b78fa3ddddef832757ab2024101

SHA512
c2c8d8c74c53a78545e69f27a7fe1a6d1291888158962e93e16e6ec9950f86e74c68bd2eb50d04db0bff58e8dc93455aa384245991c5afe34abee36fef53710f

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\mmfs2.dll

Filesize
509KB

MD5
98f647d1ed220e1d715aed9dcf69f387

SHA1
d1d9f5361672553a394bee9afe1d30814dd0ac53

SHA256
3a288448e88a296b2bceeaf093e76a22e3083e937a3c4efeb6a61565ca7e35df

SHA512
e950658b0afdad722a9f243bb8ae7fbc1c541dd0513379ef9e1d99becf8b31b4098c6789204baf3f15ea26f43af665edaa9799a6617373009def81bb20f02a06

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\mp3flt.sft

Filesize
24KB

MD5
dadc138be9d36e6e4b8e4bf9ef2de4bc

SHA1
2758db786c544ec7889f26edf9bc4634c9240af0

SHA256
ddeafda7b28bf7545e3ba164aa4a74219eb961c36bb974e0f5085a07daf18f44

SHA512
63a21c5eda225c7fb8a67595c3180d4fdc1bc37d3b45f839e1b562ef946bf5b2237a9ff17c3f6f5de489779bbb9652ac2a1a74b83f153883bd436756acf249e1

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\oggflt.sft

Filesize
130KB

MD5
0c8c1ee3ba92189f4ce21d1b396a2765

SHA1
b7daa4a6e16416151dccbb0a89f304961b6cb627

SHA256
9e589f86317d840df9bb74f6ee20c24ca65afe58f4009740382f63a0f5531941

SHA512
0a4339092ac55bac3b1bdfaaa3401020f8f49918bd2fdb14524f3d558eb840b876aedfdeb54a1da163fa36393abf3fe8ab7e112a34ea9d891e82a22e96c85ddc

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\parser.mfx

Filesize
30KB

MD5
5903e2efe098dae179c07d670ff836b7

SHA1
93a2ce92a28c646735790d2cc9ff8959cc6e0c11

SHA256
9813631f63f79fbaa741094786d4b13c34515ec4a33c0d4e88b75a20973c887c

SHA512
e39bb67dc8765558274f93953de141e17de18550912bf79a94a2cc998918d07631a0251551abc080363ea52444c1511f15458232d0c656d8f62550d33756e740

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\pcxflt.ift

Filesize
24KB

MD5
56f80b514fa7cc1dd7fb24ef195c30eb

SHA1
e61d7dcbbb623219c625bc67ed0f382f26308600

SHA256
c9e1db8689c11a87f9ab30ebc705eeccc0fbd909ca493a6f589d6a9a5c2a1b15

SHA512
f391e04bd3e67317b3bb1f9541c94782d14e8b8287f5fd3e2f753688d85cc38bf5164c8faa5dc85b8c44a480f81462a4ddc16aafe64313601d21a608b546e721

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\pinball.mvx

Filesize
68KB

MD5
b208ae4e862a6c6bd6b99bc31b7bf1f9

SHA1
9f7cd9ea0b400c63f11c0a6e7ca5546db7ff218b

SHA256
cbcd1b19716940cb7b48986dfd51f36bc9e04625c4b6face3822a16ed7b49825

SHA512
8ee62a8fcdc26527a2f2b733eefb4fa629ce6ea4cf65d382d95af691874839e88cca8ceaa7e267dc69aa886bdce42c2f64d3cd0743d01bd6f8fdf825fc4e74a3

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\pngflt.ift

Filesize
288KB

MD5
d57365ca275388910be7b09d95ee65b9

SHA1
477e9afa81c0ba97323be56d15ade8fb17c45d78

SHA256
df948630fdb53ddad68d66994f5d2b18a67df32478b6b8b3720c28f40bde7b1f

SHA512
b6a7266c47245cdd5ccc1e4c1b490a22996cac3db53500405354d1a5892896f66aba255ff725808770489a199626a844a86cb80e081a47ed27671bd82ca1cfbb

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\tgaflt.ift

Filesize
24KB

MD5
00a5f50c4a0f8a2c8704fb0640dfcfb6

SHA1
960ff3909de1395de49bd9f36600b989851591ea

SHA256
756725f247592504d42c67257c3957e972ee490af06f12b00467b389e0ee6bbc

SHA512
2be74193a33f1b70f39be9a5565326d425ce02b6eb98b783f8749a209b95fdcbe8724c38c9dbd33e4a12b40756c5ad9177e557f62748b52be2cd7c4bc344b577

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\txtblt.mfx

Filesize
36KB

MD5
8740745e7af7926a0e7d3b194fb51fdf

SHA1
d7688925efd0287334d444a9e4bd584177ed0fbc

SHA256
09a214d9738946b14c4470ea95b45de41641e5d69b7559dbf336f7b4624859b0

SHA512
dc52c25b588f386cceb0eef912e0ac38ffb07443011c957ca3d0fda8c2c6d41e8fbcb33dfc1b7c5ff469216cd8c233d5025b88575bd10684827c18fb5ef52bb3

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\ultimatefullscreen.mfx

Filesize
73KB

MD5
96059dbec69c3904e4d7ce734a4b38d0

SHA1
5169934f8d89b0dba963861dcbae55e78fc21dfc

SHA256
fd179783ff6e6eb0959185087f33ed4a1b256e58762d9817bcb16888e20f7058

SHA512
82977b2c249e47ca37d6fd62f416ed995b4b5f953bc5c18c84bfbdacc2c5b17fdc50c1e736fafcac242a3f8921b5000e0ec84302bc4e0077d6eeee3aa43cc520

Download Submit
C:\Users\Admin\AppData\Local\Temp\23f05312-5394-4a1a-b4a3-c4babe97bf0f.FusionApp\waveflt.sft

Filesize
8KB

MD5
57ea61dd14314ef155e80c6a0be8a664

SHA1
963b0ef2fe976ff77044a821fe1e29be4a8cf8a7

SHA256
92a5053cf5973a6aa228c738d55387f12f1dfa8a837d7b938c60f05b6b56b3ad

SHA512
cc23cb30d76d22500c3ed7ce9ee0388588309d0779441b95559fce25a42f1eff52ca285c347655f8b33c15b75f9d2067738a151f81f605d3b563799a3a06c9a9

Download Submit
memory/3948-113-0x0000000002DE0000-0x0000000002E0F000-memory.dmp

Filesize
188KB

Download
memory/3948-70-0x0000000001500000-0x000000000151C000-memory.dmp

Filesize
112KB

Download
memory/3948-198-0x0000000003240000-0x0000000003258000-memory.dmp

Filesize
96KB

Download
memory/3948-160-0x0000000003090000-0x00000000030A2000-memory.dmp

Filesize
72KB

Download
memory/3948-143-0x0000000002FA0000-0x0000000002FF5000-memory.dmp

Filesize
340KB

Download
memory/3948-166-0x00000000030D0000-0x00000000030F2000-memory.dmp

Filesize
136KB

Download
memory/3948-154-0x0000000003050000-0x0000000003062000-memory.dmp

Filesize
72KB

Download
memory/3948-223-0x00000000032B0000-0x00000000032D4000-memory.dmp

Filesize
144KB

Download
memory/3948-99-0x00000000015A0000-0x00000000015E9000-memory.dmp

Filesize
292KB

Download
memory/3948-107-0x0000000002DC0000-0x0000000002DD1000-memory.dmp

Filesize
68KB

Download
memory/3948-133-0x0000000002F70000-0x0000000002F7B000-memory.dmp

Filesize
44KB

Download