eda533334f0690bfd96b796212c8331fd1c7fe16e24a42de9a2bdcbe30bad9a6

Analysis

max time kernel
117s
max time network
119s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
09-05-2024 18:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

setup64.exe
Size

94KB
MD5

2e20228c3c51a193037b6a26bda04d9c
SHA1

5e951af9dacaa49a298349552fbd98ff23660af5
SHA256

8ee7977bebe6286238ebeaee977b87dea0f2bc00f256f5ecae0bef6e6414573f
SHA512

b73f8cb39a1218b2438d31ed48429e2f67ad3e06133c0c6d79fe162ddaff12ec60f95a13d91a427b09af83f4ff46b21948dade14acd8bbb019d066fa310a8e25
SSDEEP

1536:d7uAINjpg5osxzMU4uqvC2tmO/tfIw64XyZaVArSGz:d7ENj/azr4uqvC2tmOtIt4X35Gz

Score

8^/10

Malware Config

Signatures

Drops file in Drivers directory 1 IoCs

description	ioc	Process
File created	C:\Windows\System32\Drivers\vrtaucbl.sys	setup64.exe

Loads dropped DLL 4 IoCs

pid	Process
2024	setup64.exe
2024	setup64.exe
2024	setup64.exe
2024	setup64.exe

Drops file in System32 directory 11 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\Temp\{03d14525-eb87-1e53-4f7b-463cc7c3b852}\SET63C3.tmp	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{03d14525-eb87-1e53-4f7b-463cc7c3b852}\vrtaucbl.cat	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{03d14525-eb87-1e53-4f7b-463cc7c3b852}\SET63C4.tmp	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{03d14525-eb87-1e53-4f7b-463cc7c3b852}\x64	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{03d14525-eb87-1e53-4f7b-463cc7c3b852}\x64\SET63C2.tmp	DrvInst.exe
File created	C:\Windows\System32\DriverStore\Temp\{03d14525-eb87-1e53-4f7b-463cc7c3b852}\x64\SET63C2.tmp	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{03d14525-eb87-1e53-4f7b-463cc7c3b852}\x64\vrtaucbl.sys	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{03d14525-eb87-1e53-4f7b-463cc7c3b852}\SET63C3.tmp	DrvInst.exe
File created	C:\Windows\System32\DriverStore\Temp\{03d14525-eb87-1e53-4f7b-463cc7c3b852}\SET63C4.tmp	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{03d14525-eb87-1e53-4f7b-463cc7c3b852}\vrtaucbl.inf	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{03d14525-eb87-1e53-4f7b-463cc7c3b852}	DrvInst.exe

Drops file in Program Files directory 10 IoCs

description	ioc	Process
File created	C:\Program Files\Virtual Audio Cable\vac.chm	setup64.exe
File created	C:\Program Files\Virtual Audio Cable\license.txt	setup64.exe
File created	C:\Program Files\Virtual Audio Cable\setup64.exe	setup64.exe
File created	C:\Program Files\Virtual Audio Cable\uninst.ini	setup64.exe
File opened for modification	C:\Program Files\Virtual Audio Cable\uninst.ini	setup64.exe
File created	C:\Program Files\Virtual Audio Cable\readme.txt	setup64.exe
File created	C:\Program Files\Virtual Audio Cable\homepage.url	setup64.exe
File created	C:\Program Files\Virtual Audio Cable\vcctlpan.exe	setup64.exe
File created	C:\Program Files\Virtual Audio Cable\audiorepeater.exe	setup64.exe
File created	C:\Program Files\Virtual Audio Cable\audiorepeater_ks.exe	setup64.exe

Drops file in Windows directory 6 IoCs

description	ioc	Process
File opened for modification	C:\Windows\INF\setupapi.app.log	setup64.exe
File opened for modification	C:\Windows\INF\setupapi.dev.log	setup64.exe
File opened for modification	C:\Windows\INF\setupapi.dev.log	DrvInst.exe
File opened for modification	C:\Windows\INF\setupapi.ev3	DrvInst.exe
File opened for modification	C:\Windows\INF\setupapi.ev1	DrvInst.exe
File opened for modification	C:\Windows\INF\setupapi.dev.log	DrvInst.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies data under HKEY_USERS 51 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPublisher	DrvInst.exe
Set value (data)	\REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPublisher\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPublisher	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\My	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPublisher\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPublisher\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\CTLs	DrvInst.exe

Opens file in notepad (likely ransom note) 1 IoCs

ransomware

pid	Process
1776	notepad.exe

Suspicious use of AdjustPrivilegeToken 46 IoCs

description	pid	Process
Token: SeLoadDriverPrivilege	2024	setup64.exe
Token: SeShutdownPrivilege	2024	setup64.exe
Token: SeRestorePrivilege	2024	setup64.exe
Token: SeRestorePrivilege	2024	setup64.exe
Token: SeRestorePrivilege	2024	setup64.exe
Token: SeRestorePrivilege	2024	setup64.exe
Token: SeRestorePrivilege	2024	setup64.exe
Token: SeRestorePrivilege	2024	setup64.exe
Token: SeRestorePrivilege	2024	setup64.exe
Token: SeLoadDriverPrivilege	2024	setup64.exe
Token: SeLoadDriverPrivilege	2024	setup64.exe
Token: SeRestorePrivilege	2024	setup64.exe
Token: SeRestorePrivilege	2024	setup64.exe
Token: SeRestorePrivilege	2024	setup64.exe
Token: SeRestorePrivilege	2024	setup64.exe
Token: SeRestorePrivilege	2024	setup64.exe
Token: SeRestorePrivilege	2024	setup64.exe
Token: SeRestorePrivilege	2024	setup64.exe
Token: SeRestorePrivilege	1548	DrvInst.exe
Token: SeRestorePrivilege	1548	DrvInst.exe
Token: SeRestorePrivilege	1548	DrvInst.exe
Token: SeRestorePrivilege	1548	DrvInst.exe
Token: SeRestorePrivilege	1548	DrvInst.exe
Token: SeRestorePrivilege	1548	DrvInst.exe
Token: SeRestorePrivilege	1548	DrvInst.exe
Token: SeRestorePrivilege	1548	DrvInst.exe
Token: SeRestorePrivilege	1548	DrvInst.exe
Token: SeRestorePrivilege	1548	DrvInst.exe
Token: SeRestorePrivilege	1548	DrvInst.exe
Token: SeRestorePrivilege	1548	DrvInst.exe
Token: SeRestorePrivilege	1548	DrvInst.exe
Token: SeRestorePrivilege	1548	DrvInst.exe
Token: SeRestorePrivilege	1996	rundll32.exe
Token: SeRestorePrivilege	1996	rundll32.exe
Token: SeRestorePrivilege	1996	rundll32.exe
Token: SeRestorePrivilege	1996	rundll32.exe
Token: SeRestorePrivilege	1996	rundll32.exe
Token: SeRestorePrivilege	1996	rundll32.exe
Token: SeRestorePrivilege	1996	rundll32.exe
Token: SeLoadDriverPrivilege	2024	setup64.exe
Token: SeLoadDriverPrivilege	448	DrvInst.exe
Token: SeLoadDriverPrivilege	448	DrvInst.exe
Token: SeLoadDriverPrivilege	448	DrvInst.exe
Token: SeLoadDriverPrivilege	448	DrvInst.exe
Token: SeLoadDriverPrivilege	2024	setup64.exe
Token: SeLoadDriverPrivilege	2024	setup64.exe

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 1548 wrote to memory of 1996	1548	DrvInst.exe	31
PID 1548 wrote to memory of 1996	1548	DrvInst.exe	31
PID 1548 wrote to memory of 1996	1548	DrvInst.exe	31
PID 2024 wrote to memory of 1776	2024	setup64.exe	33
PID 2024 wrote to memory of 1776	2024	setup64.exe	33
PID 2024 wrote to memory of 1776	2024	setup64.exe	33

C:\Users\Admin\AppData\Local\Temp\setup64.exe
"C:\Users\Admin\AppData\Local\Temp\setup64.exe"
1⤵
- Drops file in Drivers directory
- Loads dropped DLL
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:2024
- C:\Windows\System32\notepad.exe
  "C:\Windows\System32\notepad.exe" C:\Users\Admin\AppData\Local\Temp\eumusdesign_setup_log_20240509_182504.tmp
  2⤵
  - Opens file in notepad (likely ransom note)
  PID:1776

C:\Windows\system32\DrvInst.exe
DrvInst.exe "4" "0" "C:\Users\Admin\AppData\Local\Temp\{01787194-c15b-207c-c25b-4133913bb542}\vrtaucbl.inf" "9" "668e82127" "00000000000003C0" "WinSta0\Default" "00000000000003B8" "208" "c:\users\admin\appdata\local\temp"
1⤵
- Drops file in System32 directory
- Drops file in Windows directory
- Modifies data under HKEY_USERS
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:1548
- C:\Windows\system32\rundll32.exe
  rundll32.exe C:\Windows\system32\pnpui.dll,InstallSecurityPromptRunDllW 20 Global\{317f2832-7851-72f1-2cfc-3367b9e1b706} Global\{2f023bba-a190-57be-6795-1a138c487432} C:\Windows\System32\DriverStore\Temp\{03d14525-eb87-1e53-4f7b-463cc7c3b852}\vrtaucbl.inf C:\Windows\System32\DriverStore\Temp\{03d14525-eb87-1e53-4f7b-463cc7c3b852}\vrtaucbl.cat
  2⤵
  - Suspicious use of AdjustPrivilegeToken
  PID:1996

C:\Windows\system32\DrvInst.exe
DrvInst.exe "3" "201" "ROOT\MEDIA\0000" "" "" "668e82127" "00000000000003C0" "00000000000002C4" "0000000000000568"
1⤵
- Drops file in Windows directory
- Suspicious use of AdjustPrivilegeToken
PID:448

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\Cab62AB.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar62BE.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit
C:\Users\Admin\AppData\Local\Temp\eumusdesign_setup_log_20240509_182504.tmp

Filesize
20KB

MD5
7ee2b9e221fff3f6dd8e002d3d688251

SHA1
59308b21e554e5973b62355f609c1048cff1b66d

SHA256
244575eaa9a356733239a5b76d0d613b9d43f4ab90787df0767d0b6fc1d31508

SHA512
8d9382a58f2be77e5429cb0c6b10ede3836396d63594a3736dbfc9ca7c4e2c0e95864c3c2f3d486bd5898d972e5c5d61d6b727e47f092736eb01a3b73376aab7

Download Submit
C:\Users\Admin\AppData\Local\Temp\{01787194-c15b-207c-c25b-4133913bb542}\vrtaucbl.cat

Filesize
7KB

MD5
a78e7c41c8db9704715878d3d8384228

SHA1
e0f3380d8814cbf68bd058f2f0432ecfa290816d

SHA256
5ad66cbffcd35c77516d47b99a96e0dad0c3eb76defc03eeb3357d904d30ea5d

SHA512
2cc622f888d9653aca374639f0f41312d580877baba78f227fe4da2f0bea2f16605c620ce834066434695ff7e8f400ea786c83bfa647eae6d702ab351c5d426a

Download Submit
C:\Users\Admin\AppData\Local\Temp\{01787194-c15b-207c-c25b-4133913bb542}\vrtaucbl.inf

Filesize
146KB

MD5
cd284d30d5ec39f83b7c821613da2976

SHA1
5e3f1354c586c151707835862c6e5057452c0d98

SHA256
99ef786db4ba2d50baafbe92f03260f54897dc6fba44690e167d80fb10d2553a

SHA512
ee586d46bf046a7ff41e0aab2602de33f05eb91f4116981ca9afbd5ac8004ef8ff7b18f77470204607eedc8800abac7b348ebfef31069c87ca4229d7873680fa

Download Submit
C:\Users\Admin\AppData\Local\Temp\{01787~1\x64\vrtaucbl.sys

Filesize
111KB

MD5
fa179e2c627478688aea97755be41e08

SHA1
7fadc17c026a0c2071d0f83363be1d739ceb4510

SHA256
93f0e39029a802abb06115a89827a9a1d2a2eb28e0cacef16a59ed06c9d30113

SHA512
3da57630cecfd6eab011df8820ca35f9a11cce770b8333b3ee9a74a2ee1cb105c5b036553666f77ffa78eee4f1d9605cdd69c2eba8757c13a2746466b683b3a4

Download Submit
C:\Windows\Temp\Cab63F3.tmp

Filesize
29KB

MD5
d59a6b36c5a94916241a3ead50222b6f

SHA1
e274e9486d318c383bc4b9812844ba56f0cff3c6

SHA256
a38d01d3f024e626d579cf052ac3bd4260bb00c34bc6085977a5f4135ab09b53

SHA512
17012307955fef045e7c13bf0613bd40df27c29778ba6572640b76c18d379e02dc478e855c9276737363d0ad09b9a94f2adaa85da9c77ebb3c2d427aa68e2489

Download Submit
C:\Windows\Temp\Tar63F6.tmp

Filesize
81KB

MD5
b13f51572f55a2d31ed9f266d581e9ea

SHA1
7eef3111b878e159e520f34410ad87adecf0ca92

SHA256
725980edc240c928bec5a5f743fdabeee1692144da7091cf836dc7d0997cef15

SHA512
f437202723b2817f2fef64b53d4eb67f782bdc61884c0c1890b46deca7ca63313ee2ad093428481f94edfcecd9c77da6e72b604998f7d551af959dbd6915809c

Download Submit
\Program Files\Virtual Audio Cable\audiorepeater.exe

Filesize
43KB

MD5
083fe8d8ea14d13bbd7d397880a83f9c

SHA1
466ec02e7fb587e4e2d54982a6ecbd22aa576db3

SHA256
3fdab2a445aa7f66e55c623f12b5c00a2f589cf4b6bc6d322f7c9f1b949525d9

SHA512
2ef7b7f6747aa143f118fa7359d8e6adab7b6056301f0ea8ae568a6c48c106b611c8607ec5ffaf30538f97d2ebdd7cd6a7bf7af6fd9cc1a712784b578039724e

Download Submit
\Program Files\Virtual Audio Cable\audiorepeater_ks.exe

Filesize
69KB

MD5
df85436fb7df1fd4a42e09328a47f9c9

SHA1
5575195dfb181ec61a95d3b5ce9eb8be89f0e59c

SHA256
8ea0f046b5d8976371bbdf463a543d97caa1762dcc8b61dfd4ecc902cfe040a2

SHA512
8268ed58241edda2cc5d6e9020cbc0d9eb31bbb9346c6e920ed74a17c7c124f1db2807c9fb60fd2c94cf19ad7b35c7a988e05eb292633b4a5c56a3435bad5603

Download Submit
\Program Files\Virtual Audio Cable\setup64.exe

Filesize
94KB

MD5
2e20228c3c51a193037b6a26bda04d9c

SHA1
5e951af9dacaa49a298349552fbd98ff23660af5

SHA256
8ee7977bebe6286238ebeaee977b87dea0f2bc00f256f5ecae0bef6e6414573f

SHA512
b73f8cb39a1218b2438d31ed48429e2f67ad3e06133c0c6d79fe162ddaff12ec60f95a13d91a427b09af83f4ff46b21948dade14acd8bbb019d066fa310a8e25

Download Submit
\Program Files\Virtual Audio Cable\vcctlpan.exe

Filesize
79KB

MD5
2be1766707981ffd4113c7f0b55d4335

SHA1
988a06a7e758c0023e44581fe18cb762cb5b39e2

SHA256
e346a5b8e3ce5470dc3ebcc42597dcfb5e99df80efd75f7c3b01e899b4e66a24

SHA512
23c8ad6b212c47ecf623234611d62b8959f2541257758a777acd9aed3cd528479bf186b68c012fef7b28a5935225bed3803d6d207e58bc68e2e6f0420926a1ae

Download Submit