Overview

overview

10

Static

static

3

Voice.ai-D...er.exe

windows11-21h2-x64

10

$PLUGINSDIR/INetC.dll

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$PLUGINSDI...ss.dll

windows11-21h2-x64

3

Analysis

  • max time kernel
    61s
  • max time network
    76s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240419-en
  • resource tags

    arch:x64arch:x86image:win11-20240419-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    09-05-2024 18:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Voice.ai-Downloader.exe

  • Size

    477KB

  • MD5

    40ffaea0c96bc8fd1ac022ecf287980b

  • SHA1

    c9ff64fecee39aa1a4f1c930d6b6ad423e1b1c14

  • SHA256

    100dba151efe66c842fde4337857fd3db4568c1e3ee008e412927e67ed72094e

  • SHA512

    cc0f2ff6b650644564d7469031c96fcaf93b9dd82318eda244abb65970d2e5697ba27bb0c62e31f4f654cc031ac7f19f0692f444674fd174f9acbc201c8944dd

  • SSDEEP

    3072:ckBGWOsTIJgIDU5A/cNo68pMABlZQ2wpFD0ra42L5GYDxJ0ytta:c1ssjH5Mp2w7g+42LUS6

Score
10/10
zgratdiscoverypersistencerat

Malware Config

Signatures

  • Detect ZGRat V1 4 IoCs
  • ZGRat

    ZGRat is remote access trojan written in C#.

    ratzgrat
  • Drops file in Drivers directory 2 IoCs
  • Drops startup file 1 IoCs
  • Executes dropped EXE 13 IoCs
  • Loads dropped DLL 64 IoCs
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Enumerates connected drives 3 TTPs 23 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Drops file in System32 directory 64 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 30 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Checks SCSI registry key(s) 3 TTPs 47 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Modifies data under HKEY_USERS 59 IoCs
  • Modifies registry class 64 IoCs
  • Modifies system certificate store 2 TTPs 13 IoCs
    evasionspywaretrojan
  • Suspicious behavior: EnumeratesProcesses 32 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 45 IoCs
  • Uses Volume Shadow Copy service COM API

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware

Processes

  • C:\Users\Admin\AppData\Local\Temp\Voice.ai-Downloader.exe
    "C:\Users\Admin\AppData\Local\Temp\Voice.ai-Downloader.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of WriteProcessMemory
    PID:1304
    • C:\Program Files\Voice.ai\VoiceAI-Installer.exe
      "C:\Program Files\Voice.ai\VoiceAI-Installer.exe" /path "C:\Program Files\Voice.ai"
      2⤵
      • Drops startup file
      • Executes dropped EXE
      • Loads dropped DLL
      • Drops file in Program Files directory
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:1688
      • C:\Program Files\Voice.ai\tools\vc2019.exe
        "C:\Program Files\Voice.ai\tools\vc2019.exe" /q /norestart
        3⤵
        • Executes dropped EXE
        • Suspicious use of WriteProcessMemory
        PID:4320
        • C:\Windows\Temp\{FFD65D74-5392-4ACF-B989-A8762896044A}\.cr\vc2019.exe
          "C:\Windows\Temp\{FFD65D74-5392-4ACF-B989-A8762896044A}\.cr\vc2019.exe" -burn.clean.room="C:\Program Files\Voice.ai\tools\vc2019.exe" -burn.filehandle.attached=572 -burn.filehandle.self=568 /q /norestart
          4⤵
          • Executes dropped EXE
          • Loads dropped DLL
          • Suspicious use of WriteProcessMemory
          PID:2672
          • C:\Windows\Temp\{4759AD7C-A3DE-4D07-A49A-CD8CF03608F3}\.be\VC_redist.x64.exe
            "C:\Windows\Temp\{4759AD7C-A3DE-4D07-A49A-CD8CF03608F3}\.be\VC_redist.x64.exe" -q -burn.elevated BurnPipe.{1B82849F-3E96-446A-AC76-2F4823432039} {945C953A-0390-4DDF-A028-ECFB56EF0C65} 2672
            5⤵
            • Executes dropped EXE
            • Adds Run key to start application
            • Modifies registry class
            • Suspicious use of AdjustPrivilegeToken
            • Suspicious use of WriteProcessMemory
            PID:324
            • C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe
              "C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe" -uninstall -quiet -burn.related.upgrade -burn.ancestors={2aaf1df0-eb13-4099-9992-962bb4e596d1} -burn.filehandle.self=1052 -burn.embedded BurnPipe.{2B2E4CE5-7A8A-4B54-A990-B5644A1B45D7} {855E109D-B7C1-4BEE-B51D-284A38C45973} 324
              6⤵
              • Suspicious use of WriteProcessMemory
              PID:3012
              • C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe
                "C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe" -burn.clean.room="C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe" -burn.filehandle.attached=544 -burn.filehandle.self=560 -uninstall -quiet -burn.related.upgrade -burn.ancestors={2aaf1df0-eb13-4099-9992-962bb4e596d1} -burn.filehandle.self=1052 -burn.embedded BurnPipe.{2B2E4CE5-7A8A-4B54-A990-B5644A1B45D7} {855E109D-B7C1-4BEE-B51D-284A38C45973} 324
                7⤵
                • Loads dropped DLL
                • Suspicious use of WriteProcessMemory
                PID:1520
                • C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe
                  "C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe" -q -burn.elevated BurnPipe.{8BA1FC40-FA55-4F54-930B-4870816FA5F0} {35C669EA-85B8-424E-A6A6-9D0AF637AA69} 1520
                  8⤵
                  • Modifies registry class
                  PID:2680
      • C:\Program Files\Voice.ai\VoiceAI.exe
        "C:\Program Files\Voice.ai\VoiceAI.exe" installdriver
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • Drops file in System32 directory
        • Drops file in Windows directory
        • Checks SCSI registry key(s)
        • Modifies system certificate store
        PID:4072
      • C:\Windows\explorer.exe
        "C:\Windows\explorer.exe" "C:\Program Files\Voice.ai\VoiceAI.exe"
        3⤵
          PID:1604
    • C:\Windows\system32\vssvc.exe
      C:\Windows\system32\vssvc.exe
      1⤵
      • Checks SCSI registry key(s)
      • Suspicious use of AdjustPrivilegeToken
      PID:3040
    • C:\Windows\system32\srtasks.exe
      C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:2
      1⤵
        PID:4500
      • C:\Windows\system32\msiexec.exe
        C:\Windows\system32\msiexec.exe /V
        1⤵
        • Enumerates connected drives
        • Drops file in System32 directory
        • Drops file in Windows directory
        • Modifies data under HKEY_USERS
        • Modifies registry class
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of AdjustPrivilegeToken
        PID:3340
      • C:\Windows\system32\svchost.exe
        C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
        1⤵
        • Drops file in Windows directory
        • Checks SCSI registry key(s)
        • Suspicious use of WriteProcessMemory
        PID:72
        • C:\Windows\system32\DrvInst.exe
          DrvInst.exe "4" "0" "C:\Users\Admin\AppData\Local\Temp\{f6e22437-620d-1749-9da0-5afbd9bda455}\voiceaidriver.inf" "9" "46b7f3743" "0000000000000148" "WinSta0\Default" "0000000000000160" "208" "c:\program files\voice.ai\voiceaidriver"
          2⤵
          • Drops file in System32 directory
          • Drops file in Windows directory
          • Checks SCSI registry key(s)
          • Modifies data under HKEY_USERS
          PID:5008
        • C:\Windows\system32\DrvInst.exe
          DrvInst.exe "2" "211" "ROOT\MEDIA\0000" "C:\Windows\INF\oem3.inf" "oem3.inf:ed86ca11bfc96d40:VOICEAIDRIVER_SA:16.36.0.99:root\voiceaidriver," "46b7f3743" "0000000000000148" "20f9"
          2⤵
          • Drops file in Drivers directory
          • Drops file in Windows directory
          PID:1528
      • C:\Windows\explorer.exe
        C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
        1⤵
        • Suspicious use of WriteProcessMemory
        PID:2552
        • C:\Program Files\Voice.ai\VoiceAI.exe
          "C:\Program Files\Voice.ai\VoiceAI.exe"
          2⤵
          • Executes dropped EXE
          • Loads dropped DLL
          • Modifies system certificate store
          • Suspicious use of FindShellTrayWindow
          • Suspicious use of SendNotifyMessage
          • Suspicious use of SetWindowsHookEx
          • Suspicious use of WriteProcessMemory
          PID:2704
          • C:\Program Files\Voice.ai\VoiceAI.exe
            "C:\Program Files\Voice.ai\VoiceAI.exe" --type=gpu-process --no-sandbox --log-severity=disable --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --log-file="C:\Program Files\Voice.ai\debug.log" --mojo-platform-channel-handle=2564 --field-trial-handle=2620,i,2240804089996150846,4659129294859595989,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:2 --host-process-id=2704
            3⤵
            • Executes dropped EXE
            • Loads dropped DLL
            • Suspicious behavior: EnumeratesProcesses
            PID:4988
          • C:\Program Files\Voice.ai\VoiceAI.exe
            "C:/Program Files/Voice.ai/VoiceAI.exe" discord 2704
            3⤵
            • Executes dropped EXE
            • Loads dropped DLL
            • Suspicious behavior: EnumeratesProcesses
            PID:5088
          • C:\Program Files\Voice.ai\VoiceAI.exe
            "C:\Program Files\Voice.ai\VoiceAI.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --no-sandbox --log-severity=disable --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --log-file="C:\Program Files\Voice.ai\debug.log" --mojo-platform-channel-handle=3000 --field-trial-handle=2620,i,2240804089996150846,4659129294859595989,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 --host-process-id=2704
            3⤵
            • Executes dropped EXE
            • Loads dropped DLL
            • Suspicious behavior: EnumeratesProcesses
            PID:876
          • C:\Program Files\Voice.ai\VoiceAI.exe
            "C:\Program Files\Voice.ai\VoiceAI.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --log-file="C:\Program Files\Voice.ai\debug.log" --mojo-platform-channel-handle=3008 --field-trial-handle=2620,i,2240804089996150846,4659129294859595989,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 --host-process-id=2704
            3⤵
            • Executes dropped EXE
            • Loads dropped DLL
            • Suspicious behavior: EnumeratesProcesses
            PID:4552
          • C:\Program Files\Voice.ai\VoiceAI.exe
            "C:\Program Files\Voice.ai\VoiceAI.exe" --type=renderer --log-severity=disable --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Program Files\Voice.ai\debug.log" --use-fake-ui-for-media-stream --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3372 --field-trial-handle=2620,i,2240804089996150846,4659129294859595989,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker --host-process-id=2704 /prefetch:1
            3⤵
            • Executes dropped EXE
            PID:1376
          • C:\Program Files\Voice.ai\VoiceAI.exe
            "C:\Program Files\Voice.ai\VoiceAI.exe" --type=renderer --log-severity=disable --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Program Files\Voice.ai\debug.log" --use-fake-ui-for-media-stream --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3400 --field-trial-handle=2620,i,2240804089996150846,4659129294859595989,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker --host-process-id=2704 /prefetch:1
            3⤵
            • Executes dropped EXE
            • Loads dropped DLL
            • Suspicious behavior: EnumeratesProcesses
            PID:4168
          • C:\Program Files\Voice.ai\VoiceAI.exe
            "C:\Program Files\Voice.ai\VoiceAI.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-sandbox --log-severity=disable --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --log-file="C:\Program Files\Voice.ai\debug.log" --mojo-platform-channel-handle=3928 --field-trial-handle=2620,i,2240804089996150846,4659129294859595989,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 --host-process-id=2704
            3⤵
            • Executes dropped EXE
            • Suspicious behavior: EnumeratesProcesses
            PID:1428
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://voice.ai/register?redirect=app
            3⤵
              PID:4736
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x12c,0x130,0x134,0xfc,0x100,0x7ff85b013cb8,0x7ff85b013cc8,0x7ff85b013cd8
                4⤵
                  PID:1620
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1840,6685627420449069976,6354853099593903948,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1852 /prefetch:2
                  4⤵
                    PID:3176
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1840,6685627420449069976,6354853099593903948,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2380 /prefetch:3
                    4⤵
                      PID:4556
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1840,6685627420449069976,6354853099593903948,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2524 /prefetch:8
                      4⤵
                        PID:4856
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,6685627420449069976,6354853099593903948,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
                        4⤵
                          PID:1880
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,6685627420449069976,6354853099593903948,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
                          4⤵
                            PID:5132
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1840,6685627420449069976,6354853099593903948,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5032 /prefetch:8
                            4⤵
                              PID:5584
                      • C:\Windows\system32\AUDIODG.EXE
                        C:\Windows\system32\AUDIODG.EXE 0x00000000000004DC 0x00000000000004C0
                        1⤵
                          PID:3268
                        • C:\Windows\System32\CompPkgSrv.exe
                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                          1⤵
                            PID:3316
                          • C:\Windows\System32\CompPkgSrv.exe
                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                            1⤵
                              PID:5356

                            Network

                            MITRE ATT&CK Enterprise v15

                            Replay Monitor

                            Loading Replay Monitor...

                            Downloads

                            • C:\Config.Msi\e57fcb4.rbs
                              Filesize

                              19KB

                              MD5

                              f7495049c48d2b6f0743680b10b35bcf

                              SHA1

                              20db81381f6ac06db704d9c6270cf44f229bdd52

                              SHA256

                              4526af2cdd5431e2ec67023e7fb068d80a8185d45edb64d866d4507977ea0e68

                              SHA512

                              efeff2abb93120c96ec6ec340ccbf696bb7f1b99cef9402f4cd2dab9a1baf8440630836d6fa1b865c7a0a73346c3d79189b6ddbd756818f60cc27d9551bdac4d

                              Download Submit

                            • C:\Config.Msi\e57fcc0.rbs
                              Filesize

                              19KB

                              MD5

                              04ed5b96b6da01dac85ae80a612c999f

                              SHA1

                              cc608320a9dada52d5b35f58687165152e4315a6

                              SHA256

                              7e069426fe2d2b6982ea8da94dbc3df03efc1e3004b47a965ab099b8bd6f2ece

                              SHA512

                              49eba535ec8870f76d0ea49edbb40cece73b5fcd3712549472ad37f12cc701235c9401e01ca7e62e533bfea64924bc60812dd098f761585f1501577154038787

                              Download Submit

                            • C:\Config.Msi\e57fcc7.rbs
                              Filesize

                              21KB

                              MD5

                              1309e37727bcb98b45350f8e7dc44db7

                              SHA1

                              276cf1a8824213249a2500e30bebe9e27c9a6c4e

                              SHA256

                              90f4ef3086221af45768e8a83ed725a1d3e39e075980d668b17b6583a76fa331

                              SHA512

                              700ec2fce161fe0eb4d65431975688f754135e813790934f4862a02a686b236bffb357a79b57f832a6448facaae03591f18ed41378f1115197484e3ff1166c47

                              Download Submit

                            • C:\Config.Msi\e57fcd6.rbs
                              Filesize

                              21KB

                              MD5

                              30f6bf6d1bcd58332c0546321577b99f

                              SHA1

                              fa2428258bd1ece021cd3be6d718c9d30ae413b0

                              SHA256

                              a77574340d22b9c5c386a88d8c63213e8707bd2cd82a6bcd33adfd59c9cdbefe

                              SHA512

                              247c7419e9195e30207b775c13a7017a0eaf29259f58da978120454032add48da18a7abaac1f5bc39abbbbfd961d0d9f219d4736487b434c5d107b21bcc030e8

                              Download Submit

                            • C:\Program Files\Voice.ai\AudioConverter.dll
                              Filesize

                              425KB

                              MD5

                              1dbdc883fe4375e343e574bf085c0148

                              SHA1

                              e2235e18bcb3cececcdc6024426de2437596e8c4

                              SHA256

                              67271bdbe5fbc4f77fb9ec5c206da226e76245e1fbf48753156e9dcb6e5b946f

                              SHA512

                              43242a0697b497a24f2b80533658d4ed9c85f37925bec471aa8b5646bfdefd9d996ab896c2d63f21ff648fc5494b24a35e4f6717041c9c97c09ca585285682a8

                              Download Submit

                            • C:\Program Files\Voice.ai\CefSharp.dll
                              Filesize

                              1.0MB

                              MD5

                              69f79d227400c5c5a17e4fe6b5719009

                              SHA1

                              d7ace396db95eced9b4f98badc4282f359999d28

                              SHA256

                              7be25c5ddbbad217fcb40dbef92ba783bb8a155d3db48cde5a4c32e13761cbf7

                              SHA512

                              49262793c3b64fd454522381856761e456999d36e84ee228a894cefa4e19473302e9d7941d49b3a4d6faed98b136a18d60fb1dfdeaf4119f6fddb4c82da6f24c

                              Download Submit

                            • C:\Program Files\Voice.ai\DriverManager.dll
                              Filesize

                              82KB

                              MD5

                              0ca711f575bca2fae56fd952d9af1276

                              SHA1

                              d53d175ddc924431707b8a6e4e4e834094a5fc6e

                              SHA256

                              a789ea2806ebb04f8f9fb59c2ee0d407b64e5c33042ca7cd68aeee2fed6b0ea0

                              SHA512

                              513de025729d4eb9f9edcbf42b5f5012321ecf1383ce2af0dd6e71b881e72f310d937b59df28cb9e416a79c4294a629da07be68a1c1622f0f1f499c8babbebc1

                              Download Submit

                            • C:\Program Files\Voice.ai\VoiceAI.exe
                              Filesize

                              3.9MB

                              MD5

                              0473d284b2db13ffa1544854870561dd

                              SHA1

                              6aa3dc4437cc084228009c120798ca766fee596e

                              SHA256

                              cd3704d37f1127da9504b6186cdd4a0cd21f3d8445e78c9aad33d080538091d1

                              SHA512

                              3e077ea5487f0eecc587688cc773b77edd78fe5f643b994f854bcc9f7356262199af96996005b02e074ac3eb5613aaf0b38e1e21d2dd4ff49dda058cedfd0783

                              Download Submit

                            • C:\Program Files\Voice.ai\VoiceAIDriver\VoiceAIDriver.inf
                              Filesize

                              14KB

                              MD5

                              fa4ddfa2231dc2c50e26794ae7356e0b

                              SHA1

                              463f4c2ac4f7505f2361c7853505b19fbe08f257

                              SHA256

                              a3554efa382a84130393a4d8656b31f06b20b9387e27fcba978162213fb7be90

                              SHA512

                              be11de31cdea93320a03892b572b17985a66d8b8483d1568afcba9d6cd73cfc8f86c628736d9c8649cb9af0acba17dc26c14fef55b2951520236f650b5a55946

                              Download Submit

                            • C:\Program Files\Voice.ai\meta
                              Filesize

                              23B

                              MD5

                              6997abf8c138e85961f89ee82ae53532

                              SHA1

                              32e7d5b03035f8e6597493168003890c0a3ed29a

                              SHA256

                              0fbae5806b1bc5bf6f68ae6bc0975be1ec56e27edcb4a572792246e2aa8d1ccf

                              SHA512

                              b176783b0c4c6503d8274484b7584acd8d7a9a29b73da63f9a01184f54e7fc7aef330301c6b97a717aa22bc96547aa8156dd432c5b15107e4b23cfa7b23da17a

                              Download Submit

                            • C:\Program Files\Voice.ai\tools\vc2019.exe
                              Filesize

                              24.1MB

                              MD5

                              4a85bfd44f09ef46679fafcb1bab627a

                              SHA1

                              7741a5cad238ce3e4ca7756058f2a67a57fee9d1

                              SHA256

                              37ed59a66699c0e5a7ebeef7352d7c1c2ed5ede7212950a1b0a8ee289af4a95b

                              SHA512

                              600e61332416b23ef518f4252df0000c03612e8b0680eab0bdf589d9c855539b973583dc4ce1faab5828f58653ed85a1f9196eb1c7bbf6d2e3b5ab3e83253f98

                              Download Submit

                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
                              Filesize

                              1KB

                              MD5

                              5857aff0ea0365561d0f06769a04101c

                              SHA1

                              0ac570f0ec93618c5849baf94c0a167e4a706a95

                              SHA256

                              b50c616b5c29bd9611ed360a238b6b6c421d0fe3b85df331e4951aefab526b2e

                              SHA512

                              1863b40407893a4a26beaa7ae4add199676c15b633d59afb4dfd2906328b29497fdddcb0ff01b9ba77ac59c5c55511fa669b0ffd6e02bcfa2d2cc53df62390be

                              Download Submit

                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB
                              Filesize

                              471B

                              MD5

                              99ec3cf37187ff15cdb93c9c934f832b

                              SHA1

                              bfe5f99bbc761c4e98b5a57d4f8f350abe66cff1

                              SHA256

                              2a6eb75d3e6b44ee39adc7120885caa307b2430079356229161106a28da68c57

                              SHA512

                              f7933e3e17f36d33123d6a9d4bf3b25d3483181152a1e8a69d2ee81d2e2eb1ddf6b1af1487a14bda7e2ba970ef29ae58f95c8152e0948f8e89feeb3d65586e40

                              Download Submit

                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E534EE129F27D55460CE17FD628216_1130D9B25898B0DB0D4F04DC5B93F141
                              Filesize

                              727B

                              MD5

                              ecde0b56eff5930eedfbd78ea31f578b

                              SHA1

                              757aa3c2a1d97b23636798c1d188542522553815

                              SHA256

                              dd4f171bc1884238d8052e2dada49274117a379594760aa378c3572e68bf89c6

                              SHA512

                              f782cbb486aa181d2d9ad39b2ae448be6af07e0f31dca60dd1ceb71e90e56bad9776a809e68c6a7084ef9c4bd0ffc0f0262d85bf0e11146dd647299688a66fab

                              Download Submit

                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464
                              Filesize

                              724B

                              MD5

                              8202a1cd02e7d69597995cabbe881a12

                              SHA1

                              8858d9d934b7aa9330ee73de6c476acf19929ff6

                              SHA256

                              58f381c3a0a0ace6321da22e40bd44a597bd98b9c9390ab9258426b5cf75a7a5

                              SHA512

                              97ba9fceab995d4bef706f8deef99e06862999734ebe6a05832c710104479c6337cbf0a76e1c1e0f91566a61334dc100d837dfd049e20da765fe49def684f9c9

                              Download Submit

                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
                              Filesize

                              410B

                              MD5

                              de0c592c2e1df769a794fd488ef64583

                              SHA1

                              f2d4faa3c883b4e917e67a076ebe46118c14f406

                              SHA256

                              94b88137bbc1f330e6f2957bb00c0aa17d44c809a804539cc2980141fee0f987

                              SHA512

                              6091955081f18bd742f514fcf57b78625821d818b3c55b1ae728ba84199c941df17b6042e4bf3f2617f3783215ec28913f51dfe4fea7b82ab1119cc3a2308a89

                              Download Submit

                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB
                              Filesize

                              400B

                              MD5

                              749e7bbd163b6ba9be9f6dba45f4def2

                              SHA1

                              88db7b37e925c9cd9782937bca8abe612691c9e6

                              SHA256

                              11199e4e5e226954d9d236dc8dc3ee866a50a629dec3054cb615b5aba0698096

                              SHA512

                              9f0e18d0766a293d8491301a955aeb891c929ea027f53a7ef0353a73908cf475a528d5535d0aa48069b83aa576bca214c6f67a626420ee3bab30bd68c6f67b75

                              Download Submit

                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E534EE129F27D55460CE17FD628216_1130D9B25898B0DB0D4F04DC5B93F141
                              Filesize

                              412B

                              MD5

                              b971634fabd880535922ead55203c936

                              SHA1

                              fc72280dbba47400c55a7ea2ca15ac268760d841

                              SHA256

                              e6eed99e0161a0f0e0c35bf811951d511538cba1162feb4cd4d20b331f3052e2

                              SHA512

                              97c1a8ba5da26db024216fcdd85c1825b951c010ec2a0da03257a484be864f3fddee4060e9b203937a963411a9ebe7cd2a86291526a9925ce41847ecb2d07dc4

                              Download Submit

                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464
                              Filesize

                              392B

                              MD5

                              7fdbff089829ae4916f275ff11af3804

                              SHA1

                              fb830b1fff8842d19c81b284bfd6b8593c217fbb

                              SHA256

                              dec2d5b2b3d71d68c7bdc398ef8ddf873cdecb0d93c22dea9675d4fb5c6fceff

                              SHA512

                              269cf9f13ce740d877bb305db869a4f513b328e205c003a538e94b2365231644858b67fcb52d1972b404a2a8b8eee0e2e96cb5c582fe1a8b3c1cb95a97ae6372

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\VoiceAI.exe.log
                              Filesize

                              1KB

                              MD5

                              b4e91d2e5f40d5e2586a86cf3bb4df24

                              SHA1

                              31920b3a41aa4400d4a0230a7622848789b38672

                              SHA256

                              5d8af3c7519874ed42a0d74ee559ae30d9cc6930aef213079347e2b47092c210

                              SHA512

                              968751b79a98961f145de48d425ea820fd1875bae79a725adf35fc8f4706c103ee0c7babd4838166d8a0dda9fbce3728c0265a04c4b37f335ec4eaa110a2b319

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                              Filesize

                              152B

                              MD5

                              d0f84c55517d34a91f12cccf1d3af583

                              SHA1

                              52bd01e6ab1037d31106f8bf6e2552617c201cea

                              SHA256

                              9a24c67c3ec89f5cf8810eba1fdefc7775044c71ed78a8eb51c8d2225ad1bc4c

                              SHA512

                              94764fe7f6d8c182beec398fa8c3a1948d706ab63121b8c9f933eef50172c506a1fd015172b7b6bac898ecbfd33e00a4a0758b1c8f2f4534794c39f076cd6171

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                              Filesize

                              152B

                              MD5

                              ade01a8cdbbf61f66497f88012a684d1

                              SHA1

                              9ff2e8985d9a101a77c85b37c4ac9d4df2525a1f

                              SHA256

                              f49e20af78caf0d737f6dbcfc5cc32701a35eb092b3f0ab24cf339604cb049b5

                              SHA512

                              fa024bd58e63402b06503679a396b8b4b1bc67dc041d473785957f56f7d972317ec8560827c8008989d2754b90e23fc984a85ed7496f05cb4edc2d8000ae622b

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                              Filesize

                              336B

                              MD5

                              37a5da8e04454c8181d82d952ac05f4f

                              SHA1

                              08260bc490557ffa5cd21492344d7ef72f4daa87

                              SHA256

                              ae942b6833b81d852530b9241fd46eca9e051eae6f8cb362d950067bbf999eb2

                              SHA512

                              f3cd136ea8e3a254a62f025c084c5fa260632bd34366ba363c55e4b1216495cf739c4ed73cd51fa0f56ef3d11673ea5e6312e3b743e2d4e7b020d32860b6d1cb

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                              Filesize

                              1KB

                              MD5

                              d48ee4924b76180e374db23b4882fbea

                              SHA1

                              9442eb52f0167a48695b7aa75358bf07b48e7b22

                              SHA256

                              134a84e85551eef37cd54c0a8301c8aa780cf3eafdee5d38a19b8c9f576f8829

                              SHA512

                              4df299c9ed9ecda8b2875aa0baf84b5edfc99ed1c8e8e309032d04fa97237d385e350d08ad279ec8e79b5d3a2df7697b5b08355976a211776db42db287a4a91b

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                              Filesize

                              6KB

                              MD5

                              96ea561240d9cf09ee04cebbd94f2455

                              SHA1

                              a45aba9bde36bc092a9b658021e3eb05b4b49163

                              SHA256

                              148b07c538f4defcbf9fa68e5ce5625bb543080e1db219965523a574453b5e62

                              SHA512

                              b3ff07a773c1b9be34c8530adac432f68ef292a5ccb26bb8d11cd54fc234f4cc27ed4bcc88de83b3dc086ceab1510590dc15c8cc06080afa1772a6a6c41d29fb

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                              Filesize

                              5KB

                              MD5

                              a3b71982178b45dc20deede315b14867

                              SHA1

                              dcb43f3d0bca4589e3385bc121ecdbf1b1bd1475

                              SHA256

                              27df61c07cf514350626f5c2868bfe3aa3f6a54fd4e964817d70914d55bce8c2

                              SHA512

                              20e11770c2a69e47b4b432381e29cfadba0f7080c2f6cf055dfc382a9d63770f12dc6adb0fd56b551dd5a9b8c754318f695afce240ff6f360028ae880c095e1c

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                              Filesize

                              11KB

                              MD5

                              1ea9c9af511189d26ae58f93b23e7505

                              SHA1

                              6315db8a514c9a1ac927b4c9e5a92f9530a12cb0

                              SHA256

                              ba695df08f8a01ae30537677efe6ed3639a57600eddd44106e41f64d68dec689

                              SHA512

                              e1dde8998ac811fcaddaa4aacccd766de6653902fb41700b71da9c6330e7cde90af435d93ab78c840b08c1990b72e6e4b4a83694fcf9417cf6efdc2f7cb74e4d

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
                              Filesize

                              264KB

                              MD5

                              f50f89a0a91564d0b8a211f8921aa7de

                              SHA1

                              112403a17dd69d5b9018b8cede023cb3b54eab7d

                              SHA256

                              b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

                              SHA512

                              bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Temp\dd_vcredist_amd64_20240509182107_000_vcRuntimeMinimum_x64.log
                              Filesize

                              2KB

                              MD5

                              70f276a7314aa13b5f2bd7f5450650ea

                              SHA1

                              d97e093eccc64cc4f34e2c92bb1f0a31fd82666e

                              SHA256

                              bedd954e5e63034e77a26b504bdb1a1abc9f46cd9355b3588a16cad0f743d2a0

                              SHA512

                              b9e0c3d469c5e261bab540c6fd0cbb0ec5b21c05af74fae6abb0bf505f967ebbdd7f534ee00176502bd357865cabd6bab050a83f667a486be0467da4f860f825

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Temp\dd_vcredist_amd64_20240509182107_001_vcRuntimeAdditional_x64.log
                              Filesize

                              2KB

                              MD5

                              70685c4178447cc4a50318107fbe6218

                              SHA1

                              9805c48462a62606369e6f2eae67cb176d85f366

                              SHA256

                              a3f3e3f90974ec070eac840551bf8fb924f1ca5f96e6280af2c7730d5e9c33c0

                              SHA512

                              6cda5b570ba5cec02521dde06695b1f386d690567c0b617204b53d47af0ee498641a12b73f3d66e954b3c657c06ca419dfaee4e1a8e1e5dc95dc4d44ba05f6d9

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Temp\nshA441.tmp\nsDialogs.dll
                              Filesize

                              9KB

                              MD5

                              f5b0c649b0cfc103fb113d013d48cacb

                              SHA1

                              f89286966000cb053b7e94100c76ec6d1129af07

                              SHA256

                              a87bd092fa5bc00661525455b9f866b68c14c29224520c4e38f56f47234cfc1e

                              SHA512

                              e184101a03ee1c8896efb0029a02a23e46d422bc0f250ef15349c8214d44156afe2b5f739d8a2339bc2d1c05984fc55651c36c71897cd4b14f41dd37a25cfb01

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Temp\nsq5593.tmp\INetC.dll
                              Filesize

                              21KB

                              MD5

                              2b342079303895c50af8040a91f30f71

                              SHA1

                              b11335e1cb8356d9c337cb89fe81d669a69de17e

                              SHA256

                              2d5d89025911e2e273f90f393624be4819641dbee1606de792362e442e54612f

                              SHA512

                              550452dadc86ecd205f40668894116790a456fe46e9985d68093d36cf32abf00edecb5c56ff0287464a0e819db7b3cc53926037a116de6c651332a7cc8035d47

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Temp\nsq5593.tmp\System.dll
                              Filesize

                              12KB

                              MD5

                              792b6f86e296d3904285b2bf67ccd7e0

                              SHA1

                              966b16f84697552747e0ddd19a4ba8ab5083af31

                              SHA256

                              c7a20bcaa0197aedddc8e4797bbb33fdf70d980f5e83c203d148121c2106d917

                              SHA512

                              97edc3410b88ca31abc0af0324258d2b59127047810947d0fb5e7e12957db34d206ffd70a0456add3a26b0546643ff0234124b08423c2c9ffe9bdec6eb210f2c

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Temp\nsq5593.tmp\nsProcess.dll
                              Filesize

                              4KB

                              MD5

                              05450face243b3a7472407b999b03a72

                              SHA1

                              ffd88af2e338ae606c444390f7eaaf5f4aef2cd9

                              SHA256

                              95fe9d92512ff2318cc2520311ef9145b2cee01209ab0e1b6e45c7ce1d4d0e89

                              SHA512

                              f4cbe30166aff20a226a7150d93a876873ba699d80d7e9f46f32a9b4753fa7966c3113a3124340b39ca67a13205463a413e740e541e742903e3f89af5a53ad3b

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Temp\vai-installer.log
                              Filesize

                              16B

                              MD5

                              7363e85fe9edee6f053a4b319588c086

                              SHA1

                              a15e2127145548437173fc17f3e980e3f3dee2d0

                              SHA256

                              c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

                              SHA512

                              a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Voice.ai\Cache\Local Storage\leveldb\CURRENT
                              Filesize

                              16B

                              MD5

                              46295cac801e5d4857d09837238a6394

                              SHA1

                              44e0fa1b517dbf802b18faf0785eeea6ac51594b

                              SHA256

                              0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                              SHA512

                              8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Voice.ai\Cache\Session Storage\MANIFEST-000001
                              Filesize

                              41B

                              MD5

                              5af87dfd673ba2115e2fcf5cfdb727ab

                              SHA1

                              d5b5bbf396dc291274584ef71f444f420b6056f1

                              SHA256

                              f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                              SHA512

                              de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                              Download Submit

                            • C:\Windows\System32\vcruntime140.dll
                              Filesize

                              95KB

                              MD5

                              7415c1cc63a0c46983e2a32581daefee

                              SHA1

                              5f8534d79c84ac45ad09b5a702c8c5c288eae240

                              SHA256

                              475ab98b7722e965bd38c8fa6ed23502309582ccf294ff1061cb290c7988f0d1

                              SHA512

                              3d4b24061f72c0e957c7b04a0c4098c94c8f1afb4a7e159850b9939c7210d73398be6f27b5ab85073b4e8c999816e7804fef0f6115c39cd061f4aaeb4dcda8cf

                              Download Submit

                            • C:\Windows\Temp\{4759AD7C-A3DE-4D07-A49A-CD8CF03608F3}\.ba\logo.png
                              Filesize

                              1KB

                              MD5

                              d6bd210f227442b3362493d046cea233

                              SHA1

                              ff286ac8370fc655aea0ef35e9cf0bfcb6d698de

                              SHA256

                              335a256d4779ec5dcf283d007fb56fd8211bbcaf47dcd70fe60ded6a112744ef

                              SHA512

                              464aaab9e08de610ad34b97d4076e92dc04c2cdc6669f60bfc50f0f9ce5d71c31b8943bd84cee1a04fb9ab5bbed3442bd41d9cb21a0dd170ea97c463e1ce2b5b

                              Download Submit

                            • C:\Windows\Temp\{4759AD7C-A3DE-4D07-A49A-CD8CF03608F3}\.ba\wixstdba.dll
                              Filesize

                              191KB

                              MD5

                              eab9caf4277829abdf6223ec1efa0edd

                              SHA1

                              74862ecf349a9bedd32699f2a7a4e00b4727543d

                              SHA256

                              a4efbdb2ce55788ffe92a244cb775efd475526ef5b61ad78de2bcdfaddac7041

                              SHA512

                              45b15ade68e0a90ea7300aeb6dca9bc9e347a63dba5ce72a635957564d1bdf0b1584a5e34191916498850fc7b3b7ecfbcbfcb246b39dbf59d47f66bc825c6fd2

                              Download Submit

                            • C:\Windows\Temp\{4759AD7C-A3DE-4D07-A49A-CD8CF03608F3}\cab2C04DDC374BD96EB5C8EB8208F2C7C92
                              Filesize

                              5.4MB

                              MD5

                              6ce5097b19cf57527651840bb438adf3

                              SHA1

                              49d0b725e5819a076562fd007490eca0bbb69003

                              SHA256

                              f24a3bc5df7e7c07c0d13f46348c989eae7f597f428b20cc9044bba47785b7f0

                              SHA512

                              9152301c4f87018d166b624d73919fc2da7e7ef74b2c1ecf8ad01c31c2b2239013cc3bc22237c81940ae96a5fd1b3698d260c3d3e0a9d0318cdc053e28328d83

                              Download Submit

                            • C:\Windows\Temp\{4759AD7C-A3DE-4D07-A49A-CD8CF03608F3}\cab5046A8AB272BF37297BB7928664C9503
                              Filesize

                              879KB

                              MD5

                              8e288dd0b5e0468ed8ae01ee566e77e8

                              SHA1

                              fbd11237ae3300a2202444d339601d1ac6bbf310

                              SHA256

                              c80addc870825e9a1aa9281e105e583973ec2846bbd74f1e97cb60911ba7a2e1

                              SHA512

                              facc72bdcdd5de47c0d18ecb5288962b04d9e4924a9a07ee807a3bf0eaa77eac05f086906b680bcf97c3bad5fab0038b47c0e09cd2bbec1d0709eba015bc1c04

                              Download Submit

                            • C:\Windows\Temp\{4759AD7C-A3DE-4D07-A49A-CD8CF03608F3}\vcRuntimeAdditional_x64
                              Filesize

                              180KB

                              MD5

                              e6df9f55e20905f77b136844a3844dd6

                              SHA1

                              b7c1fb12bda508a62fdd9ffa9e870cae50605aaa

                              SHA256

                              f8745f3523ea73806d591fa4e666e86c30c7e5240a07211a0c11a7633d16c4f0

                              SHA512

                              7c71c2b9a7d3d768d1686cb037362efb9e38c50b652bfaeb22cf86c6c47a85962f9893cbf5e2f86880c9c8fc8bc0278edeb47088813e022ef05d7db15efc0713

                              Download Submit

                            • C:\Windows\Temp\{4759AD7C-A3DE-4D07-A49A-CD8CF03608F3}\vcRuntimeMinimum_x64
                              Filesize

                              180KB

                              MD5

                              143a2b9f1c0ebc3421b52e9adcb4db2e

                              SHA1

                              06e01b8cc855fd9a31f99b430f8c8745e706c677

                              SHA256

                              5d0416e45819d555ad27e5efc1aeeb465cbb8e2937b3221852bea0f7d9c3a954

                              SHA512

                              7e17309cdaa856bd1bf17535e0f65db585226262a1c9ffcaadb19eb0822a578ad9036487870b97fc86b7167848f69d495aa51c380ba9890a71f8f9a94061fa05

                              Download Submit

                            • C:\Windows\Temp\{FFD65D74-5392-4ACF-B989-A8762896044A}\.cr\vc2019.exe
                              Filesize

                              635KB

                              MD5

                              9bd591625766a7330708b2c6380dc1d7

                              SHA1

                              18018a3d12278187a8dc26eae538a799511bbdfc

                              SHA256

                              21503f265452414f3960b33ba000ab2cbe0a335901e3a585b0935ac4806fdd79

                              SHA512

                              58c90b7889d92f31e76d0559258023cb4693982288721c3c7fcd820e40f6c1ee972d9ffd3c95016c2126314a260da5faabdeb1a8528eb23d469a7ecbe391c1a5

                              Download Submit

                            • \??\c:\PROGRA~1\voice.ai\VOICEA~1\voiceaidriver.sys
                              Filesize

                              71KB

                              MD5

                              90e4c7c347839c09c8f7f45de3f4fda1

                              SHA1

                              18c5a6fae8c9292702d62e9ad2da1e24336f72c6

                              SHA256

                              74c4c2f122d48548019314fe15a331b81bfc10408b0d6f471dee94e37fe3c1bc

                              SHA512

                              2cf37738f112026eeb68636423e619be5e34cae7734ab1cab5d8cc799af7509d2ffca09b566cbe46bb47f54981042099e857660acc2ab24558715408c011bd58

                              Download Submit

                            • \??\c:\program files\voice.ai\voiceaidriver\VoiceAIDriver.cat
                              Filesize

                              12KB

                              MD5

                              26f1832c761580eab272ae065f644005

                              SHA1

                              bdd7eb53423659de315d88ad5bb557ffdf5593a5

                              SHA256

                              bae9e5bbff837d0ebb43ca1ff1a275474d8e50832a590a957afc8d3ee1e5f560

                              SHA512

                              a0c5c4fa7dcc9d4347a521863b9ba4fd2f5eda4d49f70498c4e89c54b59b7773835796e0cc83470c191e1231c69885d22efe823a3a96b2b971ccd1473e2630eb

                              Download Submit

                            • memory/1520-498-0x0000000000AE0000-0x0000000000B57000-memory.dmp

                              Filesize

                              476KB

                              Download

                            • memory/2680-461-0x0000000000AE0000-0x0000000000B57000-memory.dmp

                              Filesize

                              476KB

                              Download

                            • memory/2704-672-0x00000212D96A0000-0x00000212D96B0000-memory.dmp

                              Filesize

                              64KB

                              Download

                            • memory/2704-674-0x00000212F49C0000-0x00000212F4B82000-memory.dmp

                              Filesize

                              1.8MB

                              Download

                            • memory/2704-745-0x00000212F5D90000-0x00000212F5E00000-memory.dmp

                              Filesize

                              448KB

                              Download

                            • memory/2704-746-0x00000212F6B20000-0x00000212F7048000-memory.dmp

                              Filesize

                              5.2MB

                              Download

                            • memory/2704-673-0x00000212F2570000-0x00000212F2731000-memory.dmp

                              Filesize

                              1.8MB

                              Download

                            • memory/2704-671-0x00000212D96C0000-0x00000212D96D2000-memory.dmp

                              Filesize

                              72KB

                              Download

                            • memory/2704-670-0x00000212F2150000-0x00000212F21CC000-memory.dmp

                              Filesize

                              496KB

                              Download

                            • memory/2704-669-0x00000212D7E60000-0x00000212D7E6A000-memory.dmp

                              Filesize

                              40KB

                              Download

                            • memory/3012-499-0x0000000000AE0000-0x0000000000B57000-memory.dmp

                              Filesize

                              476KB

                              Download

                            • memory/4072-557-0x00000256F84B0000-0x00000256F85B4000-memory.dmp

                              Filesize

                              1.0MB

                              Download

                            • memory/4072-555-0x00000256F8120000-0x00000256F818C000-memory.dmp

                              Filesize

                              432KB

                              Download

                            • memory/4072-551-0x00000256F5890000-0x00000256F5C7C000-memory.dmp

                              Filesize

                              3.9MB

                              Download

                            • memory/4988-691-0x00000132B9030000-0x00000132B914C000-memory.dmp

                              Filesize

                              1.1MB

                              Download