67f15e7ebaebe62fd6bb54633dc1ae4cac2eca68b635f134d1bcbe29d3cfbafc

Analysis

max time kernel
543s
max time network
512s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
27-05-2024 05:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exe
Size

198.1MB
MD5

7b6a10e4388d3d1c3d636c709d1a7c6d
SHA1

420f12300789b935e85238254eb7b38b166fe5b7
SHA256

67f15e7ebaebe62fd6bb54633dc1ae4cac2eca68b635f134d1bcbe29d3cfbafc
SHA512

c1364a6b1ff427a5fc46c6753b6b3b71af14f61ef869232082b9922defa2dac83a8aaa559cf3b7c648e1c3401cff69ae3548155f5aabef3d0e0d33c2e8e9fb78
SSDEEP

6291456:f/5tAcNIqX4yG6F35L0VyKOwDDh0vAy8z6P1Mwx:57I+fG6FJLxnwDmAylnx

Score

5^/10

discovery

Malware Config

Signatures

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

Processes:

DSS Client.exe

description	ioc	process
Key value queried	\REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\Control Panel\International\Geo\Nation	DSS Client.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012
Executes dropped EXE 4 IoCs

Processes:

DSS Client.exeMDP.exeMSG.exeDSMessageNotify.exe

pid process

1340 DSS Client.exe
3248 MDP.exe
2424 MSG.exe
544 DSMessageNotify.exe

pid	process
1340	DSS Client.exe
3248	MDP.exe
2424	MSG.exe
544	DSMessageNotify.exe

Loads dropped DLL 64 IoCs

Processes:

General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exeDSS Client.exeMSG.exeMDP.exe

pid	process
2612	General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exe
2612	General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exe
2612	General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exe
2612	General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
1340	DSS Client.exe
2424	MSG.exe
3248	MDP.exe
3248	MDP.exe
3248	MDP.exe
3248	MDP.exe
3248	MDP.exe
3248	MDP.exe
3248	MDP.exe
3248	MDP.exe
3248	MDP.exe
3248	MDP.exe
3248	MDP.exe
3248	MDP.exe
1340	DSS Client.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082
Enumerates processes with tasklist 1 TTPs 1 IoCs

Process Discovery
T1057

Processes:

tasklist.exe

pid process

632 tasklist.exe
Suspicious behavior: AddClipboardFormatListener 2 IoCs

Processes:

DSS Client.exeDSMessageNotify.exe

pid process

1340 DSS Client.exe
544 DSMessageNotify.exe

pid	process
632	tasklist.exe

pid	process
1340	DSS Client.exe
544	DSMessageNotify.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes:

General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exepowershell.exeDSS Client.exeMSG.exeMDP.exe

pid	process
2612	General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exe
2612	General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exe
2168	powershell.exe
2168	powershell.exe
2612	General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exe
2612	General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exe
1340	DSS Client.exe
1340	DSS Client.exe
2424	MSG.exe
2424	MSG.exe
3248	MDP.exe
3248	MDP.exe
2424	MSG.exe
2424	MSG.exe
3248	MDP.exe
3248	MDP.exe
2424	MSG.exe
2424	MSG.exe
3248	MDP.exe
3248	MDP.exe
2424	MSG.exe
2424	MSG.exe
3248	MDP.exe
3248	MDP.exe
2424	MSG.exe
2424	MSG.exe
3248	MDP.exe
3248	MDP.exe
2424	MSG.exe
2424	MSG.exe
3248	MDP.exe
3248	MDP.exe
2424	MSG.exe
2424	MSG.exe
3248	MDP.exe
3248	MDP.exe
2424	MSG.exe
2424	MSG.exe
3248	MDP.exe
3248	MDP.exe
2424	MSG.exe
2424	MSG.exe
3248	MDP.exe
3248	MDP.exe
2424	MSG.exe
2424	MSG.exe
3248	MDP.exe
3248	MDP.exe
2424	MSG.exe
2424	MSG.exe
3248	MDP.exe
3248	MDP.exe
2424	MSG.exe
2424	MSG.exe
3248	MDP.exe
3248	MDP.exe
2424	MSG.exe
2424	MSG.exe
3248	MDP.exe
3248	MDP.exe
2424	MSG.exe
2424	MSG.exe
3248	MDP.exe
3248	MDP.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

DSS Client.exe

pid process

1340 DSS Client.exe

pid	process
1340	DSS Client.exe

Suspicious use of AdjustPrivilegeToken 4 IoCs

Processes:

General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exepowershell.exetasklist.exe

description	pid	process
Token: SeDebugPrivilege	2612	General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exe
Token: SeDebugPrivilege	2612	General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exe
Token: SeDebugPrivilege	2168	powershell.exe
Token: SeDebugPrivilege	632	tasklist.exe

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exe

pid process

2612 General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exe
Suspicious use of SetWindowsHookEx 1 IoCs

Processes:

DSS Client.exe

pid process

1340 DSS Client.exe

pid	process
1340	DSS Client.exe

Suspicious use of WriteProcessMemory 13 IoCs

Processes:

General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exeDSS Client.exe

description	pid	process	target process
PID 2612 wrote to memory of 2168	2612	General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exe	powershell.exe
PID 2612 wrote to memory of 2168	2612	General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exe	powershell.exe
PID 2612 wrote to memory of 2168	2612	General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exe	powershell.exe
PID 2612 wrote to memory of 1340	2612	General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exe	DSS Client.exe
PID 2612 wrote to memory of 1340	2612	General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exe	DSS Client.exe
PID 1340 wrote to memory of 3248	1340	DSS Client.exe	MDP.exe
PID 1340 wrote to memory of 3248	1340	DSS Client.exe	MDP.exe
PID 1340 wrote to memory of 2424	1340	DSS Client.exe	MSG.exe
PID 1340 wrote to memory of 2424	1340	DSS Client.exe	MSG.exe
PID 1340 wrote to memory of 632	1340	DSS Client.exe	tasklist.exe
PID 1340 wrote to memory of 632	1340	DSS Client.exe	tasklist.exe
PID 1340 wrote to memory of 544	1340	DSS Client.exe	DSMessageNotify.exe
PID 1340 wrote to memory of 544	1340	DSS Client.exe	DSMessageNotify.exe

C:\Users\Admin\AppData\Local\Temp\General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exe
"C:\Users\Admin\AppData\Local\Temp\General_DSS-Client_Win64_IS_V8.004.0000000.0.R.20240103.exe"
1⤵
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:2612

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -C "gwmi win32_process | format-list processid, path"
2⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:2168

C:\DSS\DSS Client\DSS Client.exe
"C:\DSS\DSS Client\DSS Client.exe"
2⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1340

C:\DSS\DSS Client\MDP.exe
<process><method>StartProcess</method><id>1340</id><name>"DSS Client.exe"</name><ctospipe>\\.\pipe\CtoSPipe241075593</ctospipe><stocpipe>\\.\pipe\StoCPipe241075593</stocpipe><rtspsenable>0</rtspsenable></process>
3⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
PID:3248

C:\DSS\DSS Client\MSG.exe
<process><method>StartProcess</method><id>1340</id><name>"DSS Client.exe"</name><normalpipe>\\.\pipe\NormalPipe2410758751</normalpipe><frequentpipe>\\.\pipe\FrequentPipe2410758751</frequentpipe><tomsgpipe>\\.\pipe\SendtoMSGPipe2410758751</tomsgpipe></process>
3⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
PID:2424

C:\Windows\SYSTEM32\tasklist.exe
tasklist
3⤵
- Enumerates processes with tasklist
- Suspicious use of AdjustPrivilegeToken
PID:632

C:\DSS\DSS Client\DSMessageNotify.exe
"C:\DSS\DSS Client\DSMessageNotify.exe" -Pid 1340 -SN "MessageNotify_DSS Client.exe" -TS "C:/DSS/DSS Client/Language/Language_en/DSMessageNotify_en.qm*+*C:/DSS/DSS Client/Language/Language_en/DSGui_en.qm" -Skin DustyBlue -Lang English -MsgCnt 6
3⤵
- Executes dropped EXE
- Suspicious behavior: AddClipboardFormatListener
PID:544

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Process Discovery

T1057

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\DSS\DSS Client\Common.dll
Filesize
1.3MB

MD5
7f410748434ede42efc7363dc852badb

SHA1
452ca2b87fa6eb678081df859ab8222a30292740

SHA256
39f9bcc98ab98680b9a47ae29838a28c97378b47dec1282bcbfe4e5d5b01626b

SHA512
5a31db9f8a1db89e694e9c74774c4966c55acc2a28dec6ffef6ff98e654f603bae25f7c0fe7b763ddadd82f49b866fb8a3723d8c27df233d8e151fbdc43dcfe4

Download Submit
C:\DSS\DSS Client\CommonData.dll
Filesize
266KB

MD5
02344598f691d26de5586100fc26f760

SHA1
7fc54e2c6b24ab2ed025d914c5183598c4eb93dd

SHA256
e1ef234a2b1b56e63e7b357c0bb5e477866e57e91f2c0977940b41f7f13df18b

SHA512
289e2c34985e2e3582fc40e000580ae7efbf192478a61a9af1d79cf44ac9eaae7ff5dccc73b15cb743bc3a0d015b386fadbc2cfc9d60ad135e567841d09d25c2

Download Submit
C:\DSS\DSS Client\DPSDK.dll
Filesize
16.3MB

MD5
910d006d9ad0173015323ee49a532624

SHA1
f383dbd9d47d9c2ca08f0dc9b3448aba427926f5

SHA256
dbdb44d19dcfb2659822b538de3faf676e1ed603e350dd1e6c31de45beb9438e

SHA512
4034f230dae625fc80fb371bb3610dfc3f4741dc7413cdb26020380b57c7d2f259fffea569f298c4aa8075315e7a303f151cfde6f1aaf8c1ac8323963064c47b

Download Submit
C:\DSS\DSS Client\DSCefView.dll
Filesize
959KB

MD5
aa383cb0535e4308516901293e4f1471

SHA1
bf1164e6d9992a5688fdbf65098f2106506acb01

SHA256
5c7b8d5c1dc370564d5c4e35dadbfc033bdbaf0179a0708318a55e206f1102c2

SHA512
5fc31fd9406750fb33aca487782cc93108f616ef8651ef1f95a10be67a7321794dfa3f9bf2f59c544be9bbf0f5c637af3941ab46415f76eb39ffb2bc2e7314d6

Download Submit
C:\DSS\DSS Client\DSGui.dll
Filesize
3.7MB

MD5
485071d0e439574554f18b6ddbd49c3c

SHA1
a24d13ba89d08655d61df14c850587927a8de9d5

SHA256
c50f7e47434dd3bb3d46a42a77d7d04426e475c564f38bd778551964c537ea93

SHA512
835706271043dad1becf6d63d72e116c8850a1d66d2d0ce51807f0a0e66fce7daca76f6b9385196a7305e90a25fea72239ebb37c217d42104e5e4e7773cd3544

Download Submit
C:\DSS\DSS Client\DSS Client.exe
Filesize
433KB

MD5
0037c936140b2717df19415dfab2a616

SHA1
6fe17469755d623e8fcfb3a90aca8329a06adbe1

SHA256
f05f75a12192bf5da3988d6ead92f5253f03b93cf9058bae11e6d74e145d62cd

SHA512
063a6444de1213f15e2825b8f50d6c317386d6d0106c3ecf3a217a89950c0f027f460151fdef3adb94ec1881973049c00ee658923ab5a7f2eff59226f0d9cd09

Download Submit
C:\DSS\DSS Client\ErrorAnalyser.dll
Filesize
78KB

MD5
1fe21ea64cf599f78660d78dd9c1371a

SHA1
f7112c55a5ea1f647153bb7ab20d1ad199b10e65

SHA256
41887ba1fe0b0d51cb9ee07fa4591e8f914942444a371e8e177bb717f10b8691

SHA512
349b6bbd2ff95f248dee50fbcc82dc8eb8514bdc8568485ab5d7a4b190a5f853a9646bd5845fe7effdba4b8a468fa62749de63561643e1a0c68614a710fe2294

Download Submit
C:\DSS\DSS Client\IvsDrawer.dll
Filesize
758KB

MD5
a264451f0a9c05e44449f018057a3819

SHA1
bfc7361ef6456c429d2cd31b2241ea6a212d69be

SHA256
ff655be248753f1c18ed91b8b63e7e218e8b6d8cfc3b5ffdd5dadb5f8783b425

SHA512
8b238a2d0e3acafc63b505b1350c36525e393bd8ec5dc1490b4b6b1cd6795b8e360588c0422373bfb5cfe372d903340a7f03b782c30b05e5ec28d5147891317e

Download Submit
C:\DSS\DSS Client\Language\Language_de\clientframeplugin_de.qm
Filesize
16B

MD5
bcebcf42735c6849bdecbb77451021dd

SHA1
4884fd9af6890647b7af1aefa57f38cca49ad899

SHA256
9959b510b15d18937848ad13007e30459d2e993c67e564badbfc18f935695c85

SHA512
f951b511ffb1a6b94b1bcae9df26b41b2ff829560583d7c83e70279d1b5304bde299b3679d863cad6bb79d0beda524fc195b7f054ecf11d2090037526b451b78

Download Submit
C:\DSS\DSS Client\P2PDll.dll
Filesize
1.8MB

MD5
08d14cb2a05e97d5e780010d9d6f4124

SHA1
9cd946b9d7faed5b7f3d64feff2c82a294483380

SHA256
998b6badecee75594d1fce5a7878e70e15dc34171d0e7ca8c7c8c1f1f44894e6

SHA512
192bd3c32c8a273be55b1839566ee087fc0c92e2bd940371781ab5505949a942f1c9aeb77601fcf9ea17f66abec2f986f3ab6c1976916db0fd38902f612daca4

Download Submit
C:\DSS\DSS Client\Qt5Core.dll
Filesize
5.9MB

MD5
a5e4e2162bd2ba84b0fa51ad27b7e724

SHA1
9b273cc4c5277fd1fdba5f118e262f438592ad94

SHA256
3ff5ee69e143c84c9f3dd2d8edd6632d34ee84aa0814283f4cbb69355ee93499

SHA512
338d44774fad32b3a53a09b54c2666efec7374fa6e04554ed3eb5af51553b6accd7cc645359a02ed57d43db9455f32634231662b6fc1df8c9c0ae961d3eb829c

Download Submit
C:\DSS\DSS Client\Qt5Gui.dll
Filesize
6.7MB

MD5
2624114bd0e2179f83d5d5c78873e8d1

SHA1
7512118b1b61d52fe0ad560d90866c3d72ee7de3

SHA256
5c57fa59a366a0b4d3ebdfbb33c71576876236f8c57c58496d71a83cabbb5d0f

SHA512
b9416e71280d487698536832400711c40ba4a5cf0b4c2f003e7645bd7a43629765775f98c07012e768acc1a5df68ea8615b5ed7ddb131017f77b56bbbba3d3e3

Download Submit
C:\DSS\DSS Client\Qt5Multimedia.dll
Filesize
738KB

MD5
0c3584de0c92cef3f20a0e5189c22700

SHA1
1c20d6dda542c16440825bf1818b56fe365ab090

SHA256
34af27da92633fa8879b2ade31a0d0a2f7fca50fb1de491ea793cec48e81144f

SHA512
2e1ac3b5d80286b97d3cc5d2589c550ff3b30bd586b905e7ab47200a85271dec14ba06f438a5b3374eaa6d54b6def6d45426ebec61c52cc34dce99dff185f1ad

Download Submit
C:\DSS\DSS Client\Qt5MultimediaWidgets.dll
Filesize
105KB

MD5
42b6202b8a36c4a5dcf3864dcb11bea5

SHA1
7d08db912bce39ed6d46621557151ef74435d8e0

SHA256
d1ffda90850c5c6003d22cec6ed83fb1e2165314be874be8563087929029765a

SHA512
36c94e5119710050e9af80bd6bafa74024b24c4435264a95733860e2da16a562cbaa80e9f98b461be3aafb3d11c99dc364c51cbb2954131ebb90311928f02226

Download Submit
C:\DSS\DSS Client\Qt5Network.dll
Filesize
1.3MB

MD5
b40c306b973dfa8d1f0addb5c05356b7

SHA1
c88d94284a679866a08b42eb9e39d32a45125863

SHA256
da5519cf2acbfc29a49414f09dabea52bef55a9bdae5fe6def7b26971b098eb0

SHA512
09b90f205bda1d1cd043ab116cc826d1573ac78d410f88fc2012146e6d1015ce6c65d15e2ab486b80cda299da0ccc4c76f55260894977a98e0d29c2c93cd8f83

Download Submit
C:\DSS\DSS Client\Qt5Svg.dll
Filesize
331KB

MD5
94a6af3eb30e92621a91442ce170e669

SHA1
1e2c59a80a0aa48b7b82389b5785ae5d40e2ab96

SHA256
b4471e6b9228ef72080aae4c9ce4ac3de52ad8886a04646765e04f02ee710db5

SHA512
f7d64ac88adf7f6743d0effcc1ef3bf23a5dbf82cda80661eea2627ab3e4fd0098f50487519024825d27737c676f33d4beea9f4842114ae2b91fc63b59335db8

Download Submit
C:\DSS\DSS Client\Qt5Widgets.dll
Filesize
5.3MB

MD5
39243cd38e1ec09c3855cc5a05f9b3aa

SHA1
77541993b7ebaf3df5966ff93f64ca061d0fe984

SHA256
96d0fd758bd9438632bc25553ff265bc71a553bb37957b9f6a1fab877d5801ee

SHA512
3f8f70f656cae40caf97d087092a5b7ecfa22096aff3639f2fd3a22b3a1264b0530fa10b6d1441c9f227bc0ab7ab50d3019d972a6c690767b377274a803ff0ff

Download Submit
C:\DSS\DSS Client\Qt5Xml.dll
Filesize
217KB

MD5
061c37066e78384d1c4fd083dd7cb78e

SHA1
1761bbf902b2c1df2aecb4ec4ae22af98bb70ea3

SHA256
ac32e3184bef7c48504ea0a1dc9f783a82e806979283597169ce32ce5099d43e

SHA512
e069370d7099b8420f468fa54561a71dd39c97bfc43a13d10d246f60417f71bbeed61806fe1ee4d2d7c7e6482ce4838d68c1148556538266409a5da1d97d9b5a

Download Submit
C:\DSS\DSS Client\StreamParsermd.dll
Filesize
782KB

MD5
e7b725630d03b37e70a48f3bd9b68b37

SHA1
1a2cca40c293b2021cd67dbe56eae6d095430bcb

SHA256
28764ca6a3369f588f10c12bb51882e1e98f7e9405a8c4dc9c932b50b7ef4074

SHA512
caa0ed95ad73cde2d300f321ebb93dafb6ce33f3677b7303f17d99afdb8065c4a41235879c3788f4431955c2edf0fa564b24c5f38894e0b00ba67644c643d9ba

Download Submit
C:\DSS\DSS Client\UICommonModule.dll
Filesize
9.4MB

MD5
8250efca74c2e854a34af19244f2c078

SHA1
d0ec1d9c66b3af68bcff08f5e901ad4bbc28de45

SHA256
fb0760bd5e35127ca05f51ed46de836a269b0ea47814d480642832a47b68f58d

SHA512
bade5cb6202bb25a6a6bdb90f1fa3266a1931afeabec3dfa96813b2373a0e8a13ee9e8a277a3bfb54396af017920053cfe8d7b017c2854e07a7bfd44bec99090

Download Submit
C:\DSS\DSS Client\VAXPlayer.dll
Filesize
658KB

MD5
49c8ca0fce2741541d05ae2b695f82b4

SHA1
136cb3d7e4cf8f73551135e6729605884e2b09aa

SHA256
6c9d3dfea61aa7003376080853bab301026f121f05a35cccc297847ebfab25e6

SHA512
897a83e0b3c89e8105b49618ee8819c1f0050b054dca48e5b4671eaa3547ab8aa0729cd8604b221b7f639b8628a832632782e8209f2b94a2b1d787c068558308

Download Submit
C:\DSS\DSS Client\configsdk.dll
Filesize
7.2MB

MD5
522627be73b11f6159220757a36e01dd

SHA1
d92aac0faa68865c236883f78fc1fbbdd5c7baf3

SHA256
87be4506af84d15f5fb4286712486da61bf3a40ae0dbd511f069adda01933ad4

SHA512
15584388a729492be88efbaee238dff3aaabbda59345f022ef84acbf62e8644d58ccdd1e6a30d07943cce7bc20e489833d2bacad220cf75f9e9a571cc2e66d7f

Download Submit
C:\DSS\DSS Client\dslalien.dll
Filesize
3.9MB

MD5
ffe473c70bedadc390d021901225623f

SHA1
72a68f4c9816c6bf5db59fc5ba13de8b8cfdb9c0

SHA256
7b71c90e454cb9a762471c9f6e3a4e5267e3cc16240ad6b0aa2fb09d8ab187f8

SHA512
f27b05df66e29d8579e251d54130a618ee56139fefec083cc18776cfc1941bcced8515d850fa28387e6122d4e26d35e95c0a22a659224e53c308f316eb2cea04

Download Submit
C:\DSS\DSS Client\jpeg_rddinfo.dll
Filesize
67KB

MD5
e41f4ff82e896b11468a96dc7cc05e25

SHA1
e657e3e9c8871ffd8f6710def4a3f60dd3f584e5

SHA256
363a9762f98e7ec3174a7db48946c28e38329f727c9751133bc99e79d253e273

SHA512
4a402a494eabbbecde54a58188dfe1822c05b9831a2f248f19d025de56ec520e9789942b4f8f21da47f7b6683d035d6e44eb3c885533b7a43b324a9a24f6299f

Download Submit
C:\DSS\DSS Client\libdsl.dll
Filesize
1.1MB

MD5
43db742f9d2d3df019338ad31796cc63

SHA1
6d268a2a404786155346ab894919e4302804cc96

SHA256
8d884b14193e113e512ad56500a7de76f2e837bf538b1ec33910f5c124cc44e7

SHA512
cd09087db346d7b0f5e2665b9473dbeb0c03b6ff56d35544c0e28dfed6581d4ccab3a8e8bf41a0a1ad8b14825bd7e2397473882ab705f09f648e364d16577b73

Download Submit
C:\DSS\DSS Client\msvcp140.dll
Filesize
618KB

MD5
9ff712c25312821b8aec84c4f8782a34

SHA1
1a7a250d92a59c3af72a9573cffec2fcfa525f33

SHA256
517cd3aac2177a357cca6032f07ad7360ee8ca212a02dd6e1301bf6cfade2094

SHA512
5a65da337e64ea42bcc461b411ae622ce4dec1036638b1e5de4757b366875d7f13c1290f2ee345f358994f648c5941db35aa5d2313f547605508fd2bcc047e33

Download Submit
C:\DSS\DSS Client\msvcp140_1.dll
Filesize
24KB

MD5
9c1447bc98b6633b3e6964c5ba68483a

SHA1
57743afcfd13ece2830b8f44af744bbd10de7263

SHA256
7d52238ff5a7af6f4a5e229b1a7465a20fc17e2b401da5da9215a3073bf238c2

SHA512
a63fe4059ed519c3fd56ce012b08c8a7836a8563b738a19b2ea8a8fc7e48b4637a68d357cae754e0a3d4a3509968bcd67de69365925ec0f67209fe6e4e2555d6

Download Submit
C:\DSS\DSS Client\netsdk.dll
Filesize
26.9MB

MD5
6ec499223d4f7b72526e0d7ded2bc778

SHA1
53e96cb960e5e42951641d9e418630e65366a9d5

SHA256
56b0107ebfd522e88734eb76892a3f9ea5dabe19dcc95d38ea92c8b1b9405db6

SHA512
967278d79a7172263038b950023417540b7841cd7d73723fc9041bf76d590a8cad514614b468100e780c75f4163aac2487434a08fb5005a7540bf7f1bfca1868

Download Submit
C:\DSS\DSS Client\quazip.dll
Filesize
140KB

MD5
890d49c185db98af9a98655fb44e0428

SHA1
7dd10452deccd46781b4754c61dbc74a7f8d8779

SHA256
37fd9de86c7cfc87bfadfc292948b9c22b488e683597fd20094301d3629a4e77

SHA512
49e0e88fbbfd83a79b9690b46ae5fd46b5552fc2baafa81106bdc4caca2f9dd289645bac401dcdb5d6ec61591f51d4617801b66de628d1da49d453d0e55fb7e5

Download Submit
C:\DSS\DSS Client\vcruntime140.dll
Filesize
85KB

MD5
edf9d5c18111d82cf10ec99f6afa6b47

SHA1
d247f5b9d4d3061e3d421e0e623595aa40d9493c

SHA256
d89c7b863fc1ac3a179d45d5fe1b9fd35fb6fbd45171ca68d0d68ab1c1ad04fb

SHA512
bf017aa8275c5b6d064984a606c5d40852aa70047759468395fe520f7f68b5452befc3145efaa7c51f8ec3bf71d9e32dbd5633637f040d58ff9a4b6953bf1cbf

Download Submit
C:\DSS\DSS Client\vcruntime140_1.dll
Filesize
37KB

MD5
75e78e4bf561031d39f86143753400ff

SHA1
324c2a99e39f8992459495182677e91656a05206

SHA256
1758085a61527b427c4380f0c976d29a8bee889f2ac480c356a3f166433bf70e

SHA512
ce4daf46bce44a89d21308c63e2de8b757a23be2630360209c4a25eb13f1f66a04fbb0a124761a33bbf34496f2f2a02b8df159b4b62f1b6241e1dbfb0e5d9756

Download Submit
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_knklryh4.cet.ps1
Filesize
60B

MD5
d17fe0a3f47be24a6453e9ef58c94641

SHA1
6ab83620379fc69f80c0242105ddffd7d98d5d9d

SHA256
96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

SHA512
5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsn688E.tmp\System.dll
Filesize
11KB

MD5
c17103ae9072a06da581dec998343fc1

SHA1
b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

SHA256
dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

SHA512
d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsn688E.tmp\killer.dll
Filesize
6KB

MD5
16205cd992d3b3827573f93ab8923e4e

SHA1
4eece7a206ee619264d686ca1b3021b9f482866b

SHA256
967d66f23cf3d9d3e5a4d6a9c6e366e792a98cc8a293196095b10cd82da9a695

SHA512
257b2047b8e9303457bb050a760b8d2577da55642e4fb02933e6188d0591ff8adfe0c8df2a441577466f23a8e3bff2e94e9cfcfc381c4d255935123996c06d6d

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsn688E.tmp\ui.dll
Filesize
201KB

MD5
ec0c742b6b03162f7c1e0539d67879b9

SHA1
06a2a0783e7e746d5eded8b228310b706fce49fd

SHA256
9ab9243e61ff8475c10e17227f95d5b395b636c84edb7a2f0b66d102593cfff0

SHA512
bfbde81752bc6cd9b9f225422ecdcd9c03259e54a188fed29bea7b1010c0d53aefee2f010a43ed2c3064b3738bb60d1d7c7e90d3461ff48b4f0d1c86d93be4ce

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsn688E.tmp\ui_res\Language\English.ini
Filesize
2KB

MD5
64b3b4ad98e62d9f3e6dc56ee92036ab

SHA1
3f838fa63d658aee29b9c1a0086f7ec444193679

SHA256
88f1e978dc8a8d1b8341f73b257ead659ea3c3fa46e9e523d63996cf4c080ac2

SHA512
bb8ddbba570555e4045f9b31b683f58b164bcd8d9330c480154eb0cd7860b3741e6ba03d65fbe107f429c68839a8ba0b620e28152636113bf7a7ac6659379486

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsn688E.tmp\ui_res\bg1.png
Filesize
125KB

MD5
12b1536758254c4a874cb49fafd6377e

SHA1
1987c7f59629ead66c3a34575a8deb689de37689

SHA256
319b37e08c8f260ab6eeb16927a113a8d89ad51159dae1461571995f92da162d

SHA512
8998ce379aa9809a84bc623d545b22f362f75d554d0973ed88b1deed7014b74c06e7b269c44c48e565afccf49c1b34bc638e1d25c0d96c089c46a3c3daefc9cf

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsn688E.tmp\ui_res\bg3.png
Filesize
45KB

MD5
f7027971103ab3bca155de01a6de7f26

SHA1
884fe4a514f2bab252d754e7757d37e906603f15

SHA256
58bc3cb56c201f3a21094c8920ee0caaf2bf87ef021fea8d795d25ca6294b343

SHA512
ce5e8b1d5981bb70b1587646596e60281e49e736811e0e784a9d3f0f82d67c0a68d61105eb45bb9659cc6b45bb2f2198352ad6225cf98b8191dff3a15f1127bd

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsn688E.tmp\ui_res\bg_installing.png
Filesize
45KB

MD5
2356b5df49f0cb93b0bb1bcadf8e00de

SHA1
32f050f8ebc015d802e8f99f7e092f37403d5926

SHA256
3e894ec18757397a73e691cfc76a7d469909dad1ecdcfbaad3a7eeac95617da5

SHA512
edb7548770127e81117480d985783d7374279d14bc2a280a0678a479d5625622e74e0e209f045ab5939459abe0ebc31fc9665a6350b6ef38f638277d8964074e

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsn688E.tmp\ui_res\cb_1_h.png
Filesize
193B

MD5
8bad377635af76b086fbdab7bdbd4bce

SHA1
02b7c8703f4eb22885b0defebc55881033e42dbe

SHA256
3e4af8f755a8f169ea5dd1a3ac84d487736c70bc56b5710ee52f17c6ba32dfd2

SHA512
86d8a3efd444a06b03c5f335da6a956c6c0e3cd68662ada8e65612c3f81afd270bb60bc2231ef46187f088f22cbeb05e15c540997dfd1361a9e50dd25daa9f58

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsn688E.tmp\ui_res\cb_1_n.png
Filesize
190B

MD5
68bb454ba77153c92c9fec16a06c86e4

SHA1
b7f927f9af1e9ebd0f3e1cd4d7e1b94346cfd1e8

SHA256
842d216e4d75ddae0538a393a0fd31c219cc84cd57eaa243ac5612a8721f0194

SHA512
b3c2aacae67563d179d538719a876efa86f92e12af52388215a84c196d265d5d72e0a44f93c3c03cb4c1866724029b7160330f5347cdc296ac27666a31c50f39

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsn688E.tmp\ui_res\cb_2_h.png
Filesize
322B

MD5
8c36353ae82ce6bf73eab882e61b78fe

SHA1
f9f94d899f0f0772bb9ed2befc4e2fdd71af9b03

SHA256
c921e79721c771135fa8e24dc9031b8dabe893f1200b228c7f69694ac71a8b8b

SHA512
1b08f2e6b68e14abdd8a444dba1185ecf7fd8bcc57bb00ba00323a3568cdf0918f916bc2e3d6e51b88770d69cfff96db79342b7423d19a52e0e58c04ee0e1840

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsn688E.tmp\ui_res\cb_2_n.png
Filesize
345B

MD5
80bc205c9dd051f2c7fd83994312c112

SHA1
0b7e406aacce31157673d424287346f8a97f5688

SHA256
ff800a4d253e2a017fac3f836a7db0032f6b9594bbc88fcd5a9da9517ec88842

SHA512
1ff21202e78ae94d09cc7dc2e8110a1f235fdb490a4970560a20e021bd4f0437b95b0f56de7f1bc3e2f4cd8f4df0dccf1358db6825c5ea097fee433338c33da3

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsn688E.tmp\ui_res\close_d.png
Filesize
292B

MD5
e96b16519e60c6a4aa3a078466bb1a2d

SHA1
44e93a4f20e8534e502baae7641d52c8a84510a0

SHA256
5c6c488015e70be9af10d1d7ff2e62486a1a0f18a1e92fdac9b0d54e7ec3ce24

SHA512
5b90cd880f24bde264905a3973dac5588cf027e8ccc51e81e6914c690542f1e6ae5a8719753631257772746cb70c925d99b357986eefa3eb0db95fecabad95b5

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsn688E.tmp\ui_res\close_n.png
Filesize
291B

MD5
8eccd78ea527db1d4e04025c8ddfe4f8

SHA1
f6e7a590a915fb4035a7d89868d0db11abdd2622

SHA256
5bd6729be0f5573281fdeaedcd14c7ef94e376751b740eb3639a41a37f1969ba

SHA512
da1b93e6cdabd253ca97a6fb0e9cc9fb42d71b190d8f3684b123a2a571ffe2a21d0440ae2708c8c29e2f8946c9b3d88d478664ac31c72a8d3ea307c6a4e9c405

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsn688E.tmp\ui_res\mini_n.png
Filesize
147B

MD5
2d656bb04905327f5a912fd8768be5e4

SHA1
6c76e634ffbd54198a392dd5b4b30713c657ec1f

SHA256
34fa3cb2cd5d0a9f73f241aa648fa052027a12541f1059905f8b2cc19829bf53

SHA512
7d074631c091844b504d89285a2f6196139d130aa0bf61050aeb856012c52acc0455349657c16a56cddd7d615f65459dd63fb0fc096a3f2b4dd1f0cfb55de354

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsn688E.tmp\ui_res\pb_bg.png
Filesize
2KB

MD5
41e084355b961c34f88a575527e618ce

SHA1
4c7f970e3cb158ff996c2c2f7222c93c736083d1

SHA256
eb6aba72a6e2e760b90e63e983b7df55b33374c470964bc59abd375e55987572

SHA512
a42255144ebed8cc0806eb6125186328230a720317d176d42afa06cd4f0135f544e915bfe1551d0e58830580ac3e8763579a4bdbf4988981d8ea265d81ef874d

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsn688E.tmp\ui_res\pb_chunk.png
Filesize
2KB

MD5
fb4f16a3d2c258f53f57662c45af9458

SHA1
b3f480c18277ad0dcaff167cd69e5f802637f10f

SHA256
eaa1815239fc40fd75f2aafd354d291ba2c1a4646224f03bd3f92de9562fa662

SHA512
b6633e3c868b6898a107eb828dfa879d1f7276d06ee5b7617415d4f6ff8c11465c776ee0d17a1b1f098e086ba8ef6c3ec0114fa5d82ca6afad94d66097150300

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsn688E.tmp\utils.dll
Filesize
178KB

MD5
8245b221b5fa70146e9fe5d603867f52

SHA1
36b8ba0d24ebc71dc5174bda9b6619910522b5e1

SHA256
837dfd14ee80dd4b09b81431f0ff96dc9dd492b729525485ab74b05da43c4343

SHA512
c71ba64b0f61b2a0cb41108d985b3d67a3debad91f296691f122e3f28f5a908cdc94d326e6c20c7bb57f31a52bd464e3f737563d92d802ef266f302dd2c1f6f6

Download Submit
memory/544-6609-0x00007FF8E85F0000-0x00007FF8E8B3D000-memory.dmp

Filesize
5.3MB

Download
memory/544-6610-0x00007FF8E8230000-0x00007FF8E85EC000-memory.dmp

Filesize
3.7MB

Download
memory/1340-6508-0x00007FF8E7860000-0x00007FF8E8222000-memory.dmp

Filesize
9.8MB

Download
memory/1340-6493-0x00007FF8E8230000-0x00007FF8E85EC000-memory.dmp

Filesize
3.7MB

Download
memory/1340-6492-0x00007FF8E85F0000-0x00007FF8E8B3D000-memory.dmp

Filesize
5.3MB

Download
memory/1340-6621-0x000001E1C78A0000-0x000001E1C8630000-memory.dmp

Filesize
13.6MB

Download
memory/1340-6619-0x000001E1C6A40000-0x000001E1C77D0000-memory.dmp

Filesize
13.6MB

Download
memory/1340-6618-0x000001E1C65B0000-0x000001E1C69F8000-memory.dmp

Filesize
4.3MB

Download
memory/1340-6614-0x00007FF8DA110000-0x00007FF8DDB5D000-memory.dmp

Filesize
58.3MB

Download
memory/1340-6611-0x000001E1B5C90000-0x000001E1B7E35000-memory.dmp

Filesize
33.6MB

Download
memory/1340-6593-0x000001E1ADE20000-0x000001E1ADF3B000-memory.dmp

Filesize
1.1MB

Download
memory/2168-360-0x0000000073240000-0x00000000739F0000-memory.dmp

Filesize
7.7MB

Download
memory/2168-377-0x00000000066B0000-0x00000000066CA000-memory.dmp

Filesize
104KB

Download
memory/2168-373-0x0000000005C00000-0x0000000005F54000-memory.dmp

Filesize
3.3MB

Download
memory/2168-364-0x0000000005B20000-0x0000000005B86000-memory.dmp

Filesize
408KB

Download
memory/2168-368-0x0000000005B90000-0x0000000005BF6000-memory.dmp

Filesize
408KB

Download
memory/2168-361-0x0000000005410000-0x0000000005432000-memory.dmp

Filesize
136KB

Download
memory/2168-375-0x0000000006270000-0x00000000062BC000-memory.dmp

Filesize
304KB

Download
memory/2168-359-0x0000000073240000-0x00000000739F0000-memory.dmp

Filesize
7.7MB

Download
memory/2168-358-0x00000000054F0000-0x0000000005B18000-memory.dmp

Filesize
6.2MB

Download
memory/2168-376-0x00000000073A0000-0x0000000007436000-memory.dmp

Filesize
600KB

Download
memory/2168-383-0x0000000073240000-0x00000000739F0000-memory.dmp

Filesize
7.7MB

Download
memory/2168-380-0x0000000008620000-0x0000000008C9A000-memory.dmp

Filesize
6.5MB

Download
memory/2168-379-0x00000000079F0000-0x0000000007F94000-memory.dmp

Filesize
5.6MB

Download
memory/2168-378-0x0000000006700000-0x0000000006722000-memory.dmp

Filesize
136KB

Download
memory/2168-357-0x0000000002BE0000-0x0000000002C16000-memory.dmp

Filesize
216KB

Download
memory/2168-356-0x000000007324E000-0x000000007324F000-memory.dmp

Filesize
4KB

Download
memory/2168-374-0x00000000061F0000-0x000000000620E000-memory.dmp

Filesize
120KB

Download
memory/3248-6604-0x00000000010C0000-0x0000000002C43000-memory.dmp

Filesize
27.5MB

Download
memory/3248-6605-0x0000000002C50000-0x0000000002D6B000-memory.dmp

Filesize
1.1MB

Download
memory/3248-6603-0x0000000000980000-0x00000000010B8000-memory.dmp

Filesize
7.2MB

Download
memory/3248-6602-0x0000000000890000-0x0000000000977000-memory.dmp

Filesize
924KB

Download