Overview

overview

6

Static

static

1

4kvideodow...ne.exe

windows7-x64

6

4kvideodow...ne.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    119s
  • max time network
    114s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 07:45

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    4kvideodownloaderplus_1.7.0_x64_online.exe

  • Size

    942KB

  • MD5

    9b17ab76c97b378a03fbfbf29cabee6f

  • SHA1

    faa3ee5621c53bec49892c277149d41c82a12a6c

  • SHA256

    9ff0459fc38b2277c8a482cbd19ec030c56d25cde0d6c6e390ae8be902aea052

  • SHA512

    a3890c6ff63d389626dfe777d3ae8a03b2f570bfe42ecc58256ae377199e5db1fcde5c2424fbd06d00113c9592f2167ec45c3be7a5e2b34c6780250b1a883cc1

  • SSDEEP

    24576:GNsfiTdYSuVzZH9tH1v133W3ZtxEVFx+tBi5:mT2pZ133WpHEVYw

Score
6/10
discoverypersistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Blocklisted process makes network request 4 IoCs
  • Enumerates connected drives 3 TTPs 23 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 16 IoCs
  • Executes dropped EXE 5 IoCs
  • Loads dropped DLL 46 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies data under HKEY_USERS 46 IoCs
  • Modifies registry class 36 IoCs
  • Modifies system certificate store 2 TTPs 2 IoCs
    evasionspywaretrojan
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 5 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of WriteProcessMemory 39 IoCs
  • Uses Volume Shadow Copy service COM API

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware

Processes

  • C:\Users\Admin\AppData\Local\Temp\4kvideodownloaderplus_1.7.0_x64_online.exe
    "C:\Users\Admin\AppData\Local\Temp\4kvideodownloaderplus_1.7.0_x64_online.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:836
    • C:\Windows\Temp\{8EA2BD58-9D66-4D13-B58B-F55260F701BC}\.cr\4kvideodownloaderplus_1.7.0_x64_online.exe
      "C:\Windows\Temp\{8EA2BD58-9D66-4D13-B58B-F55260F701BC}\.cr\4kvideodownloaderplus_1.7.0_x64_online.exe" -burn.clean.room="C:\Users\Admin\AppData\Local\Temp\4kvideodownloaderplus_1.7.0_x64_online.exe" -burn.filehandle.attached=180 -burn.filehandle.self=188
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      PID:2328
  • C:\Windows\Temp\{8EA2BD58-9D66-4D13-B58B-F55260F701BC}\.cr\4kvideodownloaderplus_1.7.0_x64_online.exe
    "C:\Windows\Temp\{8EA2BD58-9D66-4D13-B58B-F55260F701BC}\.cr\4kvideodownloaderplus_1.7.0_x64_online.exe"
    1⤵
    • Executes dropped EXE
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2616
    • C:\Windows\Temp\{96331A59-A2B6-4B49-8DB5-D513429A5150}\.cr\4kvideodownloaderplus_1.7.0_x64_online.exe
      "C:\Windows\Temp\{96331A59-A2B6-4B49-8DB5-D513429A5150}\.cr\4kvideodownloaderplus_1.7.0_x64_online.exe" -burn.clean.room="C:\Windows\Temp\{8EA2BD58-9D66-4D13-B58B-F55260F701BC}\.cr\4kvideodownloaderplus_1.7.0_x64_online.exe" -burn.filehandle.attached=180 -burn.filehandle.self=188
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Modifies system certificate store
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of WriteProcessMemory
      PID:2672
      • C:\Windows\Temp\{BA2901CA-3A2E-4BFA-A6D6-901EB32C19D6}\.be\4kvideodownloaderplus_1.7.0_x64_online.exe
        "C:\Windows\Temp\{BA2901CA-3A2E-4BFA-A6D6-901EB32C19D6}\.be\4kvideodownloaderplus_1.7.0_x64_online.exe" -q -burn.elevated BurnPipe.{9D49DCFD-671C-424F-86F2-D1A2342740A1} {803B8A41-CF0E-4744-A142-82DB78CEE8AF} 2672
        3⤵
        • Adds Run key to start application
        • Drops file in Windows directory
        • Executes dropped EXE
        • Modifies registry class
        • Suspicious use of AdjustPrivilegeToken
        PID:2624
      • C:\Program Files\4KDownload\4kvideodownloaderplus\4kvideodownloaderplus.exe
        "C:\Program Files\4KDownload\4kvideodownloaderplus\4kvideodownloaderplus.exe"
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • Suspicious behavior: AddClipboardFormatListener
        PID:2848
  • C:\Windows\system32\vssvc.exe
    C:\Windows\system32\vssvc.exe
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2220
  • C:\Windows\system32\DrvInst.exe
    DrvInst.exe "1" "200" "STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot19" "" "" "61530dda3" "0000000000000000" "00000000000005B8" "00000000000003A4"
    1⤵
    • Drops file in Windows directory
    • Modifies data under HKEY_USERS
    • Suspicious use of AdjustPrivilegeToken
    PID:1688
  • C:\Windows\system32\msiexec.exe
    C:\Windows\system32\msiexec.exe /V
    1⤵
    • Blocklisted process makes network request
    • Enumerates connected drives
    • Drops file in Program Files directory
    • Drops file in Windows directory
    • Loads dropped DLL
    • Modifies data under HKEY_USERS
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:1904
    • C:\Windows\syswow64\MsiExec.exe
      C:\Windows\syswow64\MsiExec.exe -Embedding 1CDFDE8C20B79F460F15B6FCAD054DE5
      2⤵
      • Loads dropped DLL
      • Suspicious behavior: EnumeratesProcesses
      PID:1124
    • C:\Windows\syswow64\MsiExec.exe
      C:\Windows\syswow64\MsiExec.exe -Embedding 85C042DC31A471C2DB03DC81A35686A7 M Global\MSI0000
      2⤵
      • Loads dropped DLL
      • Suspicious behavior: EnumeratesProcesses
      PID:2940

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Config.Msi\f76d27f.rbs
          Filesize

          124KB

          MD5

          75b256362e8ad365202c63aa75cbd2a5

          SHA1

          a977ea5e86ed845e502a31f7fc222e687828af5f

          SHA256

          51f5b42b30e50de3e2b0898cbc89a9206d40dd2efd72765077270e30cccd8488

          SHA512

          2a885afccb7a50f75265755a2afdd0a80a0179e4327539e3a33f3bf4d84951ff7af419947269bbae20e8f311f00d441a0998a385b40b224fe36e3f1b8732f202

          Download Submit

        • C:\Program Files\4KDownload\4kvideodownloaderplus\eula.rtf
          Filesize

          20KB

          MD5

          98b9690c6be606696ffa742b54eb1324

          SHA1

          f719b07c360e98a3835d645d6b1d4451a97c0e56

          SHA256

          267c58546c73a33c402b2fd80186e6b161fbd27163c77821bc2acfe58e8090e5

          SHA512

          85146bdbbaa0e2fd01b85bcf49c33f71c4e1f93bdc50216e03b811de491a21ac7b688582904535e8e33265de6155b153cce721da297195667eb8b05cff43a11d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          242B

          MD5

          090c095c162df097d3a089638eaf501c

          SHA1

          721d9d0a31471281fb6cf97c7baa62a7e1a14499

          SHA256

          cbc2695385479c4f928aee74f45735447eda075fb67482a51d2a978be1c66e53

          SHA512

          74eb608294ffd3782028e32c895389a1c4d9d3bcdcf749d1a94d31912ba69e16a469b92cd80b92fe6b9b10d6155ec2b422e5fe9e7694c9c14270b40de29655e8

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\4K_Video_Downloader+_20240612074616_001_application_msi.log
          Filesize

          2KB

          MD5

          956fdf41cc1adca06d09918a6be4ec67

          SHA1

          c3183cfb7d5716323199ea19c0be6d4971c9374e

          SHA256

          43881a332cc9398941882c0f9ccd409c5f371eb796585cbc54243b3d2c3c1003

          SHA512

          8e9fecfe44796220d0f2ea2736810ae8dc270bcfe738c0514f31187d254de1611c679641577f2be5447f5f7a92398eb6a79fc08f1a87ac628fa2873729bd46f9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarD6B5.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit

        • C:\Windows\Installer\MSIDAA9.tmp
          Filesize

          211KB

          MD5

          a3ae5d86ecf38db9427359ea37a5f646

          SHA1

          eb4cb5ff520717038adadcc5e1ef8f7c24b27a90

          SHA256

          c8d190d5be1efd2d52f72a72ae9dfa3940ab3faceb626405959349654fe18b74

          SHA512

          96ecb3bc00848eeb2836e289ef7b7b2607d30790ffd1ae0e0acfc2e14f26a991c6e728b8dc67280426e478c70231f9e13f514e52c8ce7d956c1fad0e322d98e0

          Download Submit

        • C:\Windows\Temp\{BB2D7D81-2E12-46B4-8623-AB36516FEEAB}\.ba\logo.png
          Filesize

          4KB

          MD5

          20986fecad1c10339e192993e72bbc4e

          SHA1

          ca627fc0a6e96c2021da63e71d5d05d45b9894b9

          SHA256

          2fab77079c0e9e6bae57c3f783936243a6f43550d08cab690c09b4409d4ea669

          SHA512

          4cbe6c6cfef20a770e6cb9303ceddf1f0b53a5c1a8a26a9c769fe72735a36a9646f6937c6f8af26d42b0bf9860638af80cb201e6551d41fd2c813bbda39d5990

          Download Submit

        • \Program Files\4KDownload\4kvideodownloaderplus\Qt5Core.dll
          Filesize

          7.7MB

          MD5

          9c1ecf03c14af50b445f4a679d90bac4

          SHA1

          bf43f0bf8ec52f7cfdfb441edf0f131862ce8b5d

          SHA256

          0491c25bcbf0dd2a7bc590af925c152eb08a533c8005d5dde32faa3a1439253b

          SHA512

          651ab6286004dd6c5c41cf0e9929779934f025da2f4170c1c5972af7416af1c3afe32114cd60b3bed852fc5bf8a415ae6851f6102bfb5c4720e1698ea0ae013a

          Download Submit

        • \Program Files\4KDownload\4kvideodownloaderplus\Qt5Gui.dll
          Filesize

          6.5MB

          MD5

          4584320c923505da902b8b4622d11c28

          SHA1

          76ece4a164eb375d8204eafe3110338143106ebe

          SHA256

          ee1db564c4b429f35926c9e8f145a62ba4e4aba2dc45a610e93b344e1c30673a

          SHA512

          65b89485aec34eaac89f99d5c4fcf3e8b37fcfa173e5d2c831b6ec3200c21efb03126472c8cc61b648daf2bbe85e2a0083876fdff4e3a133142582e1159e6574

          Download Submit

        • \Program Files\4KDownload\4kvideodownloaderplus\Qt5Network.dll
          Filesize

          1.3MB

          MD5

          58a22c03b1fa2caecbeebe8851d5a641

          SHA1

          39af942dab52259de39aa4d119ca0936c2bf3f79

          SHA256

          88486ce20f3ccdaeb9ef9ab4c7b3046de8fe0bc47cb61ab5f0cf92bf36231043

          SHA512

          463e5c03fb8668285920ed44b1c61b03e603ea5efbad0d4692660ee4320d068f80a97f7e92209610971ceaff7a1853e7bea351b1850e6765083b902e9e9283de

          Download Submit

        • \Program Files\4KDownload\4kvideodownloaderplus\Qt5Qml.dll
          Filesize

          3.4MB

          MD5

          9fbd3a81a04c3f4f729ba98d978693e8

          SHA1

          4091d01dcc8b3056d79e8c797c6edb309d7c8073

          SHA256

          a4ba9451ab04754b73ec77ad0f848373a834467094cb3990cddfa3cb8f8c1f55

          SHA512

          2f9ff1397a5d04e6c5f0f772dbb6daf4bf76a64e26c0d1cb62fea261a0a2c6ef19b1acbdff4c57384a2c5dbf9b5756db2df1459bf95366c898a498c532fee71e

          Download Submit

        • \Program Files\4KDownload\4kvideodownloaderplus\Qt5Quick.dll
          Filesize

          4.0MB

          MD5

          3945d58a350d379b66f44d2ec25b3350

          SHA1

          49485f8cf4bb295b552f197313873a354617c6da

          SHA256

          d0e8e0438158641bb86b37fa5e048c8f802698a872ffe78abd1af2ee27780481

          SHA512

          9bfb42fb98627498ec9f16504d2f25086906c3b962d3d4aed970066745998e18a3694e12374e01edc8ff18379cab683ac517f1235d11715591cd37f8cf7a2853

          Download Submit

        • \Program Files\4KDownload\4kvideodownloaderplus\Qt5WebEngine.dll
          Filesize

          374KB

          MD5

          e1e0d151fd2a4df962fddd896c04638b

          SHA1

          1741d9b6f50bb4f3afc77c54878f542c4e484764

          SHA256

          845e3a40cb30271fcfdae9b75cb5fbfab1805717c26089a3276cd99ab0b55acd

          SHA512

          8c41fa3afa97ef248fe4550762b68a0465bcce09625bd5bdba13b260a28c06cb283ec30e74b38e86e02ac33a3ce213ed4b788d97e59aa054fe3081568ba215e6

          Download Submit

        • \Program Files\4KDownload\4kvideodownloaderplus\Qt5Widgets.dll
          Filesize

          5.3MB

          MD5

          4b936f00b0baaf5d28ac8628fab2eebc

          SHA1

          26e3e064ab94dbf74f9a4089cfe44fe512aaa77e

          SHA256

          04e9ec1d91aac38895e21a5bee7460ab2042ce552b25fa7cbb58f25effdc4728

          SHA512

          73b19d0219ccd72dac156c3ce9f0f593a6b20baeb9d13b2e2a035598d9171c055d9516c8f4355056af17a4d3120786cf7a9a05d0e1e36daa239e7f3a8980e1ac

          Download Submit

        • \Program Files\4KDownload\4kvideodownloaderplus\avcodec-58.dll
          Filesize

          26.1MB

          MD5

          fd477558197aae4b0b45f118fa2e8b10

          SHA1

          d5992a61e6b751d085bbba068c1eb8de6a742aad

          SHA256

          8a9e78c87a9ab87c754a5402449f5bba91153af8495f2e723eb27bab93b2b39d

          SHA512

          51e991fd6b141047e90bd3d1f76d1973b1db5be04c99be0165e61b5372eb364bd1f88403a08b5e5ddc1447c71e67bf5263653b58fa9ada917854c6b44c9b1f2d

          Download Submit

        • \Program Files\4KDownload\4kvideodownloaderplus\avformat-58.dll
          Filesize

          2.2MB

          MD5

          fbc57a71569296384d453a613bc0d268

          SHA1

          600709fb253cc83c05f6d32275e48377bf5df0ca

          SHA256

          8148e18579dfd21038aa341d54996f158f503612de2990a88e95b0f13dba2090

          SHA512

          3af21831fb4194802c3adf60d0bcc54f8f6b496ae8d40077b3aa67b101f687e838c10771d00d5df44be61e25774ce8f93b4567fde49d5d62deacf30a2a64544c

          Download Submit

        • \Program Files\4KDownload\4kvideodownloaderplus\avutil-56.dll
          Filesize

          567KB

          MD5

          a874eafa8258e7fe7e383542a7d2c556

          SHA1

          7d8eae9e672b370cb0d542903a21989c50a7e654

          SHA256

          e8fc9d7c7738f0b46f6b27afe8ea52cb0abff9b436ff61179a592ec07a052644

          SHA512

          502d76fe15375594ae0f17600cc2b7927e0336725e5dd214d11f5c11a08c735d99c95203df603a5a7220bf9833ccbb2fa736f5be80cdca27e4de14be023cfd71

          Download Submit

        • \Program Files\4KDownload\4kvideodownloaderplus\libcrypto-1_1-x64.dll
          Filesize

          3.1MB

          MD5

          6aec069100841113fab40a7497d922c5

          SHA1

          390dda02a663d4beaaea7de2b81076a57791aa2f

          SHA256

          1a8fa8e92808071ad831066c8c889180e9c6933bb3c8bebfe5d4605cb0e6001e

          SHA512

          42c3d19f030ab52b125842c873f2a54150385aa5cc10f4cb1e35039f051ba1a696b0b54448e719141ac5c4065bfb4af3ce2d238d61b096effb906a8077e8478b

          Download Submit

        • \Program Files\4KDownload\4kvideodownloaderplus\libssl-1_1-x64.dll
          Filesize

          645KB

          MD5

          2989d89c2c7c8d9206d8279273702b6e

          SHA1

          5ce76e8a7bb5f27d158b7687dc7b260d44c2b01e

          SHA256

          237f97444b8be89d1a21d456dfad3a2f31e0516fd7775a7d5b8b59811d11b5e7

          SHA512

          de984ac5a03c7ca3acce438b2530f68f6a88aa9423d8509f992aa23f3d7e4048671fdc0978160526b5b1861b2f6fc03671211e13310d4c82eabae9061dcbf574

          Download Submit

        • \Program Files\4KDownload\4kvideodownloaderplus\msvcp140.dll
          Filesize

          568KB

          MD5

          9c5b73e8f95f39eabe363fb9f6c2f5c2

          SHA1

          35e22106f54c62e27554eb56f70ef127f53d91e6

          SHA256

          b0a47d07a5c10babd9f34d3d3e894a43b166f0526cd15b30a26e5d80651d0146

          SHA512

          2d7acd13f7681a88a392ded3b814da13311967737de8c00345fe0a73597c9b64224f78d9c6296244f78bd032989d05a421e16ab1ce474ba5c3cbfc23eea6a85f

          Download Submit

        • \Program Files\4KDownload\4kvideodownloaderplus\msvcp140_1.dll
          Filesize

          44KB

          MD5

          f08be14d9db1c6fa4ea5b65039ad43bb

          SHA1

          0d19482c51705a6ae9b04ebdb7372d62ef2c981e

          SHA256

          d905847bfcf9ca207dbe591db52c603e3b197b243d86ca4d2355fe10eedf4adc

          SHA512

          a224d81c8a6d3b4e767241751caea2c8bd2a70c1fb45e8ac850dff2832f6f89b03420f6a2d4dc778229b3a5300d3774860b134722229d89d3f2874a1d1854f7e

          Download Submit

        • \Program Files\4KDownload\4kvideodownloaderplus\swresample-3.dll
          Filesize

          186KB

          MD5

          dd33dec8e7548c6a30850ddc94354dc3

          SHA1

          33cde479e61a9c59f58de0edb444ba1221405ea8

          SHA256

          6798dbc7a3031a2d2585020366a480ce7be56fc9e3f4c5d2d0571521f12548c0

          SHA512

          ac11e0d7e58664625bc71f162ad3ddc867a3a2e28225d8019d569a676493d81ad69071f9dc84bc5a22c3eab962b66f423ac1559738f449dfa258f8b98f0615d0

          Download Submit

        • \Program Files\4KDownload\4kvideodownloaderplus\vcruntime140.dll
          Filesize

          125KB

          MD5

          15fadc3d1124a8abd466292faac945ac

          SHA1

          aea1703e1ff123394756fbf5bebc08b036593e7b

          SHA256

          6bbf02b1a92a3f2c1a653d5cff0e9989a74ea18c41c7908d74112fbc49cd8de9

          SHA512

          083de2a6f8fe6d1ffc6e1cdad863adabe33cd7c1a46d33a9b9b82d6e352e04e6be1c9d351b20a98cf2840c71600ca946aa767ecf32d76fe71e4d13a4e768dcd2

          Download Submit

        • \Program Files\4KDownload\4kvideodownloaderplus\vcruntime140_1.dll
          Filesize

          57KB

          MD5

          566caf0bbe0c561bd410aecb37ee1583

          SHA1

          8e22dd6a937b2f861250340112f9c2cc682cbfa8

          SHA256

          2c32ef3d33b0c41c279cd2009c28a41b962acaf16be5abccaaa317d6b163f825

          SHA512

          013e55538ce4ed86e0b9f3b5a5fb0a162e58764e851eec6b2fa933a91ddd17664bf5f44efe50f90ac7f03b08c88a7c70c454ed519b9e7b25ccbf5f2bd2d6ca70

          Download Submit

        • \Windows\Temp\{8EA2BD58-9D66-4D13-B58B-F55260F701BC}\.cr\4kvideodownloaderplus_1.7.0_x64_online.exe
          Filesize

          912KB

          MD5

          e83689afc95273f9cf2928424da6820c

          SHA1

          264659a713d78e2f068f7121668bba3479de68b7

          SHA256

          073f475e4e198f72faa0656bd09f0a22b93d1a922232297d8f22989bfebc4e63

          SHA512

          dda83a6ede0278fb15f3c82d59ba38749f2744f291ebe266a8248772642bcfe4e1ad1f242a1b8fbc281dda2bbe7d7e41619ba4c8d4156ab0574a29adb195abaa

          Download Submit

        • \Windows\Temp\{BB2D7D81-2E12-46B4-8623-AB36516FEEAB}\.ba\wixstdba.dll
          Filesize

          184KB

          MD5

          fe7e0bd53f52e6630473c31299a49fdd

          SHA1

          f706f45768bfb95f4c96dfa0be36df57aa863898

          SHA256

          2bea14d70943a42d344e09b7c9de5562fa7e109946e1c615dd584da30d06cc80

          SHA512

          feed48286b1e182996a3664f0facdf42aae3692d3d938ea004350c85764db7a0bea996dfddf7a77149c0d4b8b776fb544e8b1ce5e9944086a5b1ed6a8a239a3c

          Download Submit

        • memory/2848-711-0x000007FEF4660000-0x000007FEF4BAE000-memory.dmp

          Filesize

          5.3MB

          Download

        • memory/2848-730-0x000000013FBD0000-0x0000000140BD0000-memory.dmp

          Filesize

          16.0MB

          Download

        • memory/2848-732-0x0000000001CE0000-0x0000000001CEA000-memory.dmp

          Filesize

          40KB

          Download

        • memory/2848-731-0x0000000001CE0000-0x0000000001CEA000-memory.dmp

          Filesize

          40KB

          Download

        • memory/2848-733-0x0000000001CE0000-0x0000000001CEA000-memory.dmp

          Filesize

          40KB

          Download

        • memory/2848-734-0x0000000001CE0000-0x0000000001CEA000-memory.dmp

          Filesize

          40KB

          Download