4994dfbe84212c6890e42163bbe32402ee2ca8e4b21dcbc5cca07a173f63df26

Analysis

max time kernel
150s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
02/06/2024, 08:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
Size

4.5MB
MD5

d7def8333841a0287c519a1122d50ea1
SHA1

ef2fa7fb418bef2298930f07508860d2c25d800b
SHA256

6982e6aa862fa567a953b37009ac38882158a1101b773a4ffeee441d52155143
SHA512

b7b4f3de610c0efdae6826d2880e7c410819a1368abc36509b6e0146b8325cbc753ed234dae88549afaf0552f3a21e6bd7ace4140e2aeeec2f4a36c6409e23a2
SSDEEP

98304:ZhIGlG5kyU4XVMSkSbStZd/oEBgENddjEA+9C4560v7urtAp4Vydmb:ZaqG5k5o2tToEpXlKX1cAp4VyAb

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 2 IoCs

pid	Process
3136	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe

Loads dropped DLL 1 IoCs

pid	Process
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe

Drops file in System32 directory 46 IoCs

description	ioc	Process
File opened for modification	C:\Windows\System32\combase.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\comdlg32.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\SYSTEM32\windows.storage.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\user32.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\SYSTEM32\opengl32.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\SYSTEM32\wsock32.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\SYSTEM32\GLU32.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\SYSTEM32\Dbghelp.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\oleaut32.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\SHLWAPI.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\ws2_32.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\imagehlp.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\SYSTEM32\kernel.appcore.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\MSCTF.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\SYSTEM32\TextShaping.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\KERNEL32.DLL	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\ole32.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\advapi32.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\shcore.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\SYSTEM32\profapi.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\KERNELBASE.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\SYSTEM32\apphelp.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\ucrtbase.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\gdi32full.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\imm32.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\bcryptPrimitives.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\system32\explorerframe.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\system32\shfolder.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\SYSTEM32\ntdll.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\msvcp_win.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\RPCRT4.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\shell32.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\SYSTEM32\winmm.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\win32u.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\msvcrt.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\psapi.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\SYSTEM32\hhctrl.ocx	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\system32\uxtheme.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\SYSTEM32\Wldp.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\GDI32.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\sechost.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\SYSTEM32\version.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\SYSTEM32\wininet.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\SYSTEM32\msimg32.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\System32\clbcatq.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
File opened for modification	C:\Windows\SYSTEM32\PROPSYS.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e\comctl32.dll	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe

Suspicious use of AdjustPrivilegeToken 16 IoCs

description	pid	Process
Token: SeDebugPrivilege	2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
Token: SeTcbPrivilege	2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
Token: SeTcbPrivilege	2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
Token: SeLoadDriverPrivilege	2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
Token: SeCreateGlobalPrivilege	2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
Token: SeLockMemoryPrivilege	2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
Token: 33	2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
Token: SeSecurityPrivilege	2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
Token: SeTakeOwnershipPrivilege	2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
Token: SeManageVolumePrivilege	2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
Token: SeBackupPrivilege	2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
Token: SeCreatePagefilePrivilege	2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
Token: SeShutdownPrivilege	2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
Token: SeRestorePrivilege	2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
Token: 33	2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
Token: SeIncBasePriorityPrivilege	2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2548	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe

Suspicious use of WriteProcessMemory 5 IoCs

description	pid	Process	procid_target
PID 3572 wrote to memory of 3136	3572	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe	82
PID 3572 wrote to memory of 3136	3572	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe	82
PID 3572 wrote to memory of 3136	3572	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe	82
PID 3136 wrote to memory of 2548	3136	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe	83
PID 3136 wrote to memory of 2548	3136	Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe	83

C:\Users\Admin\AppData\Local\Temp\Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
"C:\Users\Admin\AppData\Local\Temp\Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3572
- C:\Users\Admin\AppData\Local\Temp\cetrainers\CET419D.tmp\Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
  "C:\Users\Admin\AppData\Local\Temp\cetrainers\CET419D.tmp\Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe" -ORIGIN:"C:\Users\Admin\AppData\Local\Temp\"
  2⤵
  - Executes dropped EXE
  - Suspicious use of WriteProcessMemory
  PID:3136
- - C:\Users\Admin\AppData\Local\Temp\cetrainers\CET419D.tmp\extracted\Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe
    "C:\Users\Admin\AppData\Local\Temp\cetrainers\CET419D.tmp\extracted\Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe" "C:\Users\Admin\AppData\Local\Temp\cetrainers\CET419D.tmp\extracted\CET_TRAINER.CETRAINER" "-ORIGIN:C:\Users\Admin\AppData\Local\Temp\"
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Drops file in System32 directory
    - Drops file in Windows directory
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of FindShellTrayWindow
    PID:2548

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\cetrainers\CET419D.tmp\CET_Archive.dat

Filesize
4.2MB

MD5
464ce9ac5b52f3e35dda5d6e931e0754

SHA1
2365b92c2494a92cffd2ca9f6d3da4c03903573e

SHA256
00df5a7b3aec3ce208ef6786ad9bb5d7c5a862e12a466e7d22f4ea98d3a524ab

SHA512
fd8efe519d05c0bfd8cb6b67346bbe0fa075fcf17531ebc840ed6f0640554af3bd660201e2565f3de220df890bb684c62cf19ba8d2aa2de570202b413b488d27

Download Submit
C:\Users\Admin\AppData\Local\Temp\cetrainers\CET419D.tmp\Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe

Filesize
193KB

MD5
6852660b8cbb67ee3f1e31bf2f1e0afd

SHA1
c1b790e062f3a13d3e2f90c58e92ded585abbe3b

SHA256
cd86234cf14dfc0e66ae9e575326fd0cf74723a5a60337f7079c0540b6da5c8b

SHA512
5722ebf6bef799721464094c6d6a81931bf8f78bdd1fbe12b153cf7b0e4e9e7307fa7a01e0cc16ce885c20c3a0a3cc95d6a7d86413f0c61cca3450fa565dd6a8

Download Submit
C:\Users\Admin\AppData\Local\Temp\cetrainers\CET419D.tmp\extracted\CET_TRAINER.CETRAINER

Filesize
542KB

MD5
80f4e0b3da00e288ffaaa1fb2559bd3e

SHA1
64285803127c3251f514218eb2d9247a7dc10328

SHA256
792a8c8c6daab9eff838caf387041cad39621eb91f20a79c1766aa1b21dd4dc5

SHA512
83031aaa33664e5d20cb0fc6e5f86c01238ee0ac25fe21bb7aaaec9200be5f9762558cb9d5bedd7fff975e8a5c37df60c07e0bf8d3a08872306e6213284e8f3c

Download Submit
C:\Users\Admin\AppData\Local\Temp\cetrainers\CET419D.tmp\extracted\Dead Rising 4 V3.0.7.2 Windows Store Trainer +10 MrAntiFun.exe

Filesize
10.4MB

MD5
45996e41a50873d5dd6d37901ca3d4c5

SHA1
c851ee71e40ba498d76fb4a94ea514c7889a00ff

SHA256
a2558b4f3bb16ecc13fe69a697b24d72ee2e893f8b692c09e9b38720ddef7301

SHA512
f2fd316593fb08ae22ea1b2c5ca4a8ad58034bb41e613363c8c2cb318a551f858ec9502c45f7f30398bef5e9fcdf48a3b90982dce5c22c0f71cf80b7ccc36ad5

Download Submit
C:\Users\Admin\AppData\Local\Temp\cetrainers\CET419D.tmp\extracted\defines.lua

Filesize
5KB

MD5
1dc41a0a351e745085fcc98a3933d91f

SHA1
bf1e7d333e6d7b3d4bfe5cdcada19af1931dbe15

SHA256
a2e02dd32f0245ff31190288b368b3efbbe7c48a95dd22c321231c2f46597d9b

SHA512
76f171411d028e72613859332f381f8f26e85d1844c143a8888e4937ca72d7b38ffe66ce617eee5e8155ba034dcc559a9417b5def056bb74227b9bae392d1440

Download Submit
C:\Users\Admin\AppData\Local\Temp\cetrainers\CET419D.tmp\extracted\lua53-64.dll

Filesize
500KB

MD5
476cbd8e116ef838a0b161100ff744be

SHA1
72a6b00754ff4a1a6f2bbb75fbce9d2fdd475e81

SHA256
c33f2e8ba61e5517b2598d7920b672326ff117ed5a5bdcddc125c6a5a328886e

SHA512
b12dee6fdc493bdc7e65d446433d942802c79564f6a1f56a1c1a7e2e3f76d270af9e3d162d368fa82d314a37d98fef1569bf90f275b0e059ca0eca49c56086d8

Download Submit
memory/2548-17-0x0000000007FA0000-0x0000000007FA1000-memory.dmp

Filesize
4KB

Download
memory/2548-19-0x0000000007FA0000-0x0000000008FA0000-memory.dmp

Filesize
16.0MB

Download
memory/2548-20-0x0000000007FA0000-0x0000000008FA0000-memory.dmp

Filesize
16.0MB

Download