d559e996d0eba76fac480a105bc158f4934e66973f2ecd709ad9dada9693a3aa

Analysis

max time kernel
143s
max time network
152s
platform
windows11-21h2_x64
resource
win11-20240419-en
resource tags

arch:x64arch:x86image:win11-20240419-enlocale:en-usos:windows11-21h2-x64system
submitted
18-06-2024 15:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

DYMO.WebApi.Win.Host.exe
Size

178.0MB
MD5

6f8cd189bacc93b108e976ae0dd7778c
SHA1

eebe347b9b902d3e2e9b0bcf32a20a2a522b9d33
SHA256

d559e996d0eba76fac480a105bc158f4934e66973f2ecd709ad9dada9693a3aa
SHA512

78fe96fbe8168bec8ec1fdec09da57b90900d7467b16bdb044eadfb057c61360001e2738264ff0609fed0e88ef31b6a413eabf4881f9bc72a57667376bdeef2c
SSDEEP

1572864:jmRqTKLbQVXK7gq3rYkctmFV1Ga6cbgghbqa9Kbu3bFYF8R0ROt11L9ax8ddBfMM:jPTKLb31EMux1F5AbVKkBdG4uvlwxD

Score

4^/10

Malware Config

Signatures

Loads dropped DLL 64 IoCs

Processes:

DYMO.WebApi.Win.Host.exe

pid	process
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe
2668	DYMO.WebApi.Win.Host.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

DYMO.WebApi.Win.Host.exe

description pid process

Token: SeDebugPrivilege 2668 DYMO.WebApi.Win.Host.exe
Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

DYMO.WebApi.Win.Host.exe

pid process

2668 DYMO.WebApi.Win.Host.exe
Suspicious use of SendNotifyMessage 1 IoCs

Processes:

DYMO.WebApi.Win.Host.exe

pid process

2668 DYMO.WebApi.Win.Host.exe

description	pid	process
Token: SeDebugPrivilege	2668	DYMO.WebApi.Win.Host.exe

C:\Users\Admin\AppData\Local\Temp\DYMO.WebApi.Win.Host.exe
"C:\Users\Admin\AppData\Local\Temp\DYMO.WebApi.Win.Host.exe"
1⤵
- Loads dropped DLL
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2668

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\Accessibility.dll
Filesize
20KB

MD5
143247be8f918416e8ef4514d6a9816d

SHA1
862675fa80ae4741672e36246c617485c8a78edc

SHA256
3f2c30e471cc757ddcb830be54ec10c2ee1a029c4de7727d32ccf2f5e324ee5c

SHA512
9aeef856fac4e7c52f7e3430e5bbc405debfc76923084f0d98f0320b44f6cb0315a06c9ec92da0cbe5904297a2c8889901cf6098fc59547723142bd114881649

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\DYMO.WebApi.Host.Common.dll
Filesize
24KB

MD5
fc0a03de5ba4cf04c15571d2f9e5712a

SHA1
a3bc62d90888c3038a70039fc5c2f4df191ccdee

SHA256
c9ffb3a8dbba0ca8af585a4ed698e786e8e6b3b245188bb362b1cd5c753659f9

SHA512
df852e315a2b98698dd01bad07a3180bcd514ec0f1824d8319b97504074fe7be7b34936ee6008322263555c3843b4487806ba85faf3cc37979016f3b360b926b

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\DYMO.WebApi.Server.dll
Filesize
149KB

MD5
884b5514dbde7394cb0059fdb44e0d7e

SHA1
55fba36dcd9953abaee3531c4eebbbad6db97617

SHA256
baa8fb4784fd8be52c6b7be5dbd21b3164b79c5c8a721f7c1847806ec113f6da

SHA512
85ecfc2dd1535502c1d3f1cb051769fb3a3bdc5722007c62f76fcaa35ca8612217fa5e86dcd9831226697ef7e0adcfd0ed75be976895d22f353644419c257632

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\DYMO.WebApi.Win.Host.dll
Filesize
5.1MB

MD5
e03c51627efb5cf5d7af69c9f5130c85

SHA1
8bc36c007df44e16c2108c4264a2eeb414c4a0b2

SHA256
04ecf76ea82b1daca27747e8fc78cda7742cc3b7527f3257f759f2b6df708761

SHA512
4fd0021470670a7972963cdc0aafb4c23fd23c9ea0c268bbd5f73482ce791b11394ef6bf094f0b95958ac03fd47c110f00c798aecf105e73d16e8f9e0a708637

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\Microsoft.Win32.Primitives.dll
Filesize
21KB

MD5
d5fabaecfd88c96e6a3b26ba4133fd33

SHA1
4c5f9e68ea2a74baa284b4ccb8a5f3ec5d538059

SHA256
af712003c7fd15b2c02008c76ca95f6775d618466ae1fdbbbee0fe550646bf78

SHA512
ce78f65301b798a4adb159879f1a4dd2a9753c0ed73433239bc2de08dfb782e43f7e32b7d5b4d4807ffa0d93a4850840599cb258ad4fb800fe2f3b472be80159

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\Microsoft.Win32.SystemEvents.dll
Filesize
72KB

MD5
a5b8dbc03ad2bf4e602474c8d75fac70

SHA1
c3c618d42dbfbbc03a79adabf2a6dfd7af3ca872

SHA256
f4c9ab466cd24d726d020afc0da4d7b1bf169c544916bcc662b0d95452cb1470

SHA512
d98a2c7156a879a61b169cd28f173db2dfec5aea485e43bbacac1b6dfc4d54be4a42d73afb3dad4c53540369f265073967bf992a7e18dab2a4560c4ac9ab1881

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\Newtonsoft.Json.dll
Filesize
679KB

MD5
916d32b899f1bc23b209648d007b99fd

SHA1
e3673d05d46f29e68241d4536bddf18cdd0a913d

SHA256
72cf291d4bab0edd08a9b07c6173e1e7ad1abb7ab727fd7044bf6305d7515661

SHA512
60bd2693daa42637f8ae6d6460c3013c87f46f28e9b0dbf9d7f6764703b904a7c8c22e30b4ba13f1f23f6cbee7d9640ee3821c48110e67440f237c2bb2ee5eb6

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\PresentationCore.dll
Filesize
7.7MB

MD5
cf2398fb76cc8045d0a98070e5f00561

SHA1
2ab2e7f36e1985b1369832c46e0241d8dbaed4f2

SHA256
a6c7daa0e3c9df26005f6ae4441d7bfa5c99af7e424ac78c9076259849d4f099

SHA512
b1ba57dd5e57d4d50074b26ed31fbb4d0d6c4b656c01427a2902deca5fff13a68be3a8fe23d33e86164c3024422e51384472316c05f276bb41c9626dc298e76e

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\PresentationFramework.dll
Filesize
13.9MB

MD5
377953dd50e9cf8199e356a9dbd8a8a6

SHA1
4bd6626f2a7a9df653cbdc7795b0f5bfb70ae537

SHA256
0555412a2b965d48bc5fd0dabfa2fec09ff3be31f3fe32e3c25259f44b4c143e

SHA512
7b898fc48a09aa9287f664f78296f73acc12c5038a42309d34e0a0077caed11634c8748a3bf7b416e46c6cf85c15f04ff0771d988e91230ed06cfee317c92021

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Buffers.dll
Filesize
14KB

MD5
ee51a763ea8cd7a3115ecb3c99a5544c

SHA1
a8b0bf1ba791f0ad38b92d8893a8d3f6f9656b8e

SHA256
8e4f4a2a7e7a389f86004ee0b0dcff9e99f0375cd4ae8b1e3f751626fc633973

SHA512
f6b6232a453242d4856b420556f5567ed71ce85c8d23f9ad3f4a2cf0d3534721d124caa07d7de6f2efc192aa3b4dcbd7b03cbc23702e5fb823cb59301c8af520

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Collections.Concurrent.dll
Filesize
168KB

MD5
34c497eda61e2f73726dc57562e96b7b

SHA1
0e1d04c8d1609a3d9a8d3aa18fb46779f1806a64

SHA256
86bd69a2f0fc3736d94deb5aa3e695a2b99d692c743f7f2b43e8ddf199ae6eb6

SHA512
dddceb67b4fce4a1b59aa6187d63b80c44587d7a60ebcfd3a08220e7c1ccf98c3a1006b6d42fb2c2f2219020a1c675ddff69e4e5b2fe86abcb1935c4880b6116

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Collections.NonGeneric.dll
Filesize
84KB

MD5
c85e66c8fa64fbeb4ad13267925b61ca

SHA1
bf26f3fbf0dc501b92a16ed37d4f365a1a24238b

SHA256
55bb9dd3094f1d68418dbeeae0ba2b413a2fa6f3d15aec6cdae5759495393a35

SHA512
cd5910c7a048605c0fc68d1b3414c5d47568f4fd0805d9ff1c90c977e0ceacae7cb96131a7aeb371fb6282000782379c6a0d23afbc31acac9a55f7c704a88c08

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Collections.Specialized.dll
Filesize
79KB

MD5
2de2fe6fd25fb4f08a29518c10810066

SHA1
84930431cec1a193feab51ef2dc957f1e7008c05

SHA256
725063e6b57bc7baff8ca612ac1bd852c74df8ac43fe70f8d66fdc7d7eb939aa

SHA512
c51e12885c252c3cb18fd36316da465cadfa0082671384480870550b737d574cdafb460f4899537fa3c39b00d6c153eb13bb06a7ca110dcfbf52b2b9e038103a

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Collections.dll
Filesize
287KB

MD5
9b63ce723dfda91347901c0475e65430

SHA1
6074f7e122ee6ad2f236600e70bccf2997e798d2

SHA256
f1bf608e71fd2b229b7f2f43aca213858b5fadc79a388fbce3dd125bf003a205

SHA512
6597c9a7e25b6ba77950fe01db912a1d270d4b34c3245397265c7edd4eacfa0094b499cc167132253b271e5badb6f0376222dfff6446ba84219559f51ea24410

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.ComponentModel.EventBasedAsync.dll
Filesize
32KB

MD5
5ab52ab7c826d6cb39ed4f06967af3aa

SHA1
2158ebc933adb6e0c07fb8f28f90bc3b0acb9e49

SHA256
b5ddcf6488d9071a113f66a5c0caab1e0e5767c0f47a319b2bccaa2efff7a75f

SHA512
a18f92227c650cbd1821c13245bd507cfd53156def77c58596b584ecd60c9540c81ed7895f4c93f4d8b0b7168783f1f4c36b1103deb4458e60f47d03aa939303

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.ComponentModel.Primitives.dll
Filesize
48KB

MD5
f70bcb4a777e63817ca35963dc964923

SHA1
f60f88e8d388fe5954d9e1b2a1dbcd9f4de4b91c

SHA256
b93edd180187cbc753f429a792c4d08173e9183a206ca9ee358b0a0e9ddfa740

SHA512
95e64404be21ab765f38832e46f47c17d472620131da3259ae5a4df144d8a2e95292a48d17515889b2cfa11ad2078c5d255a2fac088e61898bbbd80b1b6ee5b1

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.ComponentModel.TypeConverter.dll
Filesize
616KB

MD5
c8bd563fdc519ab030eaa559413eb17a

SHA1
22ade117b9a47c3d95b2c13647a8a03ee6fde8ea

SHA256
5516a34a4520a07b69888848713324bbde08a124ea2626e9ae87ea9ccbe53b46

SHA512
556559880a2ae06f822176b6211803c27520310f2bb6683b852557d1120cbe7b75944a80b26f42320060fd3d45620cc658d7e4d0d35345b6ad4863166d97bf5e

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.ComponentModel.dll
Filesize
16KB

MD5
430958fc2f0afa39649fe47a28e92478

SHA1
93ca10f1fb929529fb095afc2714a60b0a0f3f59

SHA256
a85b36ef4a5ab0b119576f565f29691a7eea340cf60a91d856471da878dec01e

SHA512
4c7d51faa191ad5e399b2e53c79f66f2bf8646062ce7578420be3c49839408b1c6b7e051feb68756ff1d592ec53d0f83033c923c4e728933f2db3613fc06e865

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Data.Common.dll
Filesize
2.5MB

MD5
94a3367e78ec07c1621288f9eaf538ef

SHA1
09a5638ae6edd96d5ffac49c6f14785734d828c7

SHA256
5eb9b07f62208f94eab744134184ac7443ea657ada7b32700d37a4879ffe15f2

SHA512
f63c208b0595dacdda8794b70715af811bac3b54ddc4f6629c03b4f608e5c063a1d020e8188a490a9c5d46ad901f94203861c230b78388f17abc703a17dcb50f

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Diagnostics.Debug.dll
Filesize
14KB

MD5
5c4209fc9564a5aedfd35682fbd99ca1

SHA1
27f028d41cf905d0371c71e7e0b09fbf939264d7

SHA256
ff3ce0f75423aae99fe0783ce99ae67508a3ab257ade509a8cdc0770bb97c0fc

SHA512
1f6099afe1d03f0761381d5597120036dae4794789ea60f1cef232cb161d70f73c5614b48205983040b0166e5a05c09447a1c17c893828fe7db5c04974fc98c9

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Diagnostics.TextWriterTraceListener.dll
Filesize
49KB

MD5
d638a282b89c495d9c2b896287a6bfcd

SHA1
e5c92ba20dcb1101db432a5ceb29a3cb51af257d

SHA256
b4dc72c1254a16af4ff47ebea502d03b28d03c72302ceacf5993c05a0bc3ac6e

SHA512
2452a1b4263bc4235c4a2e076cb8c279ded0ed4ed6bacdf8c0d6175cba68414effb2aaa947cf941da1ed42858d209ad33382df3b8136f85e89670fe87b0cc8bf

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Diagnostics.TraceSource.dll
Filesize
105KB

MD5
c88cd34a9ec7d7bfe34133e1cd5a4801

SHA1
3391e707bd482a7caf85ed8a546c1e88d543640c

SHA256
3911650b7663fa60e4f2d4710fded59030bc35834d7c6e70db1d36c12cf71927

SHA512
d21db07f9f0cf2be2d39cef58348f03f5214cb82903d0c96bfa3a8cd7f1eaca04442ad14b5fd1347b9bb80ec9d2462a96553d344124796f31c70d2118daf5934

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Drawing.Common.dll
Filesize
844KB

MD5
5876999b47dc16b1addcb3989626b7a4

SHA1
e72f2c1b5cba36950c06730afed651e2db6d4b3f

SHA256
90077a060a25fcd21ed5a6debffe62c23ffc708bb1490774de2a1270deee36db

SHA512
0d2941c3daf4af7d309472698d2437f374203b25eb535f1c17a745f96188729ead287e30af0cc1f72b118fbc2a46872cca75e09966e1cace8ecdf58cfdafef05

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Drawing.Primitives.dll
Filesize
113KB

MD5
855a259c9be811a2cb30f021fdd2edfa

SHA1
8e66792313a447f49ec8c32f54400647f4c6d305

SHA256
ac4c5bed3f63921147a050c1b7aadc198fd5e148653b15cf9e7de31c28fe7b87

SHA512
ac4ee1b7fdc7468d3bdc5de94d584d6104f1b4773f1dc81e04ab47d2b42a37a62b22a18f1e513b7f746cc64df10429e9e5d48f5a05193086ea0630d2b3ada4c5

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.IO.FileSystem.dll
Filesize
190KB

MD5
c79a41a4324b19811071b0d684d165dd

SHA1
0ba77b567907cdb75d2be3afba0ec70b83248d02

SHA256
d70402ff86068fedd46c93c7ec7abe86b824e99fa8dff629ea578e37699efdb5

SHA512
5c4def73125f3cb491a7842b62bbee97cfea080ec0a590280be699ac7d5edf614317fec401d08b3123247f62b690091d2554da5fa25263730e4d9eb4cfcf6418

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.IO.Packaging.dll
Filesize
237KB

MD5
442f02e9a8833fb52c31f391aac3a89c

SHA1
257ea91874797fc36789a89d924de60cfa12f017

SHA256
234d4dcc8a6fc9e7fa618473b98b1c75c9fafaa21a959487ec861ba4864f7ca4

SHA512
5fb8e59594742075c7383b2359efdae1dd32eb16887296bffe84cc8de39075cd40483f85d37be6ab877fca87ebc983a6c240305b284817bc085027df974f82d2

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Linq.Expressions.dll
Filesize
4.5MB

MD5
43b116230ac0a4b090fa87ef78d5a791

SHA1
ca8979341db11f2c13bba8fd8dd476cdfe7a7fbc

SHA256
ec3db0cdfb45612ecd8ae79cad6b08069729ac074765b8d2b18ae76a633656a1

SHA512
c1637e29db23c2cec12477ef6dee875d0d852c0693e227e7f6223d6130dc375c57c82128e757c231c7db791a323f6d0112a6f5ac77306bc8e9a797714086d2d7

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Linq.dll
Filesize
362KB

MD5
14cc89f6c71e93886b7655f629c96f60

SHA1
268c4f2715c2dff83c6932c1fdd67920238e2801

SHA256
af7b0bffb2187085ef187af211290158ecc5b3653c10935397bb758587b22f24

SHA512
e99a6e1898ec8cf244fc3651090766f81376a74c1a2c4057d0ded9a5d0cbd7234eb14629c67ed061a8541c1ab37226d60862f1f0971c3f1e072c35db517d5cdc

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Memory.dll
Filesize
164KB

MD5
6e439844aab932d1ff439b8c929e3f22

SHA1
a9a3b6f2ab33b0003ece721e02a10acce32ab516

SHA256
dbb7584e06a35b6045eeb156dedb5469ae5056dbb45bd689790355d60ec37eff

SHA512
fd2dded613d2d394eb01c4197fb7fb0a0cb5e5289872f111fabaf3e665aa02c23fa19187a0371d5bc2743826b560e1fbfcf9ecef171ba61c75de2fc12429a49d

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.ObjectModel.dll
Filesize
78KB

MD5
e4d5c9c0cef9e5c86498d5a3912c5ff1

SHA1
ef3083e4ec4cb73c3ecb02518d082bae5d6ff4af

SHA256
520ed9b397523eebf8c059c8cd376c86faf05b021184cdd208a7e0068cd8090c

SHA512
c61e65777cfaeaf24a62f9803d8170331aecc4b6a0333c12fe739646221c8691ca353de2fe9f92af21439fc1833ad1f7add31537f28577cb89dfc8f51dbab8a4

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Private.CoreLib.dll
Filesize
8.3MB

MD5
d7cf959f116b764db8a0d8d556b50925

SHA1
dff30b342248adae4801d17e0310648dba4ea63d

SHA256
9ce4d015b9350831a05fc43ca0230148efac40ad0f3f2e7483c5bf131cc458ce

SHA512
d145561ea7d7312c81d59a56ee4f884fa8fe6ac82b6a2eff76c8ed09021fb16ab73722d800bab9318467798693c926b9a8c05c68e1441fa5c3bae2e1ae60a86c

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Private.Uri.dll
Filesize
225KB

MD5
933b4b3ff0a4ebc4bfd3965dbb14c04b

SHA1
c9d81317e4ecfedba340c4e30a94f5fe3b7e4b15

SHA256
14c68463ab43820e1c3948c47ec18ddaa43d7b92dac676559252e7d4ba820aa2

SHA512
02da3cec351a6c4ad2d45fc3baa1e335c5fdeb3ae36af071e45e410e24c66f23c55a50c4c833cd0d1ab23f35f5b09d56e30a852cd49fe0cb8059fe345c03c7c7

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Private.Xml.dll
Filesize
7.3MB

MD5
b03a412e3d15d504d0f9d8088c7851e1

SHA1
98bd8ef1b7c51902a01dadbdc062e85ee9d5348a

SHA256
897e4dc5672bd7ae606e66dfe0da6a6076085c85a891f6e64a67fa5de80bcff7

SHA512
9c78280525fee9807886077460384b16951598bf2812a3bdca009cd0cb89bb54073a14af5031627dbf7eadc162dc62be16d72dbf92cd01c5d43264ef988a2b77

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Reflection.Emit.ILGeneration.dll
Filesize
14KB

MD5
628bd7e0e3efb7172ccd55b66f615aab

SHA1
9a312cd8062ed4f0c3ec21646c2fefc18c6aba3a

SHA256
fea02e9917a29f1caef5387506583ed8d2c9f2d7c01eb5f7ad7fcd0da01a3804

SHA512
de3c370585ee4e66d1d9ccb77d80d12194d9224fdbc782251e087ad68df66a6f2906da9abfff381fb39d590cc42a288ec6d0dd4224064376f6e64624a9a1b04e

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Reflection.Emit.Lightweight.dll
Filesize
14KB

MD5
447a3f7a38834f4605828b22f7fbac52

SHA1
c724b1dcb513fdf4f8dd91aa1b2967ab05988ee1

SHA256
143b6dd989b9b8b1166a941538d8bebc5404b9af8961791060ce1fe68a01bde5

SHA512
ec276b1ce26dbbd013b1572249d8f803829eedb8e9418e9ae1c5a2e141a350d20f9a34f0125c02c3821fcb4f2d6f18c2621e2312df4d49d45db713182b50291e

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Reflection.Primitives.dll
Filesize
15KB

MD5
f06e221e71bee1cd85a4bab2204edd8b

SHA1
993e991da4b157737570ef35804a21df698ddfed

SHA256
a40b9c13765d8d472b8efc72e7c3c096c4891d6a401d86bc2ae572d5c935ca86

SHA512
6ac740b1e824a87454c0ea2bf9a705f03cefc083a61378671a7b2fb52c87eb36a113a97a214b762d16f09be048d839b737a558246993daf590075a8b50740f0b

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Resources.ResourceManager.dll
Filesize
15KB

MD5
4a6103f73c8d1d09f2cb9e3cdc36e8d3

SHA1
10f1254be423afb56b69e9de283aa580440d5ed6

SHA256
794aeb7db6dc66a2bcc6f4f008fd36fa85b845ee34a17608ae50866e2d8ec475

SHA512
508f0a592b50a2cc95ee2c7a5ee2927dc0eecd1e7366b321ebfca27c428118266e191165ec1c2398e68316f24acc8d7fced69172ea676a5551e28dfd4b0e0402

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Runtime.Extensions.dll
Filesize
188KB

MD5
4ebe62c159d77fe4f61e33f9770d5934

SHA1
74ceb072d4db9160e8e02bbee0a9540a47dd791f

SHA256
f52450c3184f1657de8110428f92930f0ee4acba19c030573bf72fe2f30b8499

SHA512
13404234a035523ca3867681a5cb926b8df3db3030e49d170db816a4fc4919e13d7f42d288d7b6c791c850bea0f562edcf5aebd6be0f8e779fc3f9e966e43e93

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Runtime.InteropServices.dll
Filesize
49KB

MD5
b57f607811243f83f754a6bf8908ea69

SHA1
f1d7286352ae7c3d69aa30ff190a5fde8ffd8b96

SHA256
458fd4466f84acbfa5a84cf9a403ec8ed2dda111fe985523a3d51081a3e63b24

SHA512
cd3b375174940b4e8a13aa7184911789d4d6c67f01f02f7f085c0a27c94309bf7231515784e06bfea21e84c903cf318f42c542c9eb8cbccf3f67f451d47081be

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Runtime.Numerics.dll
Filesize
184KB

MD5
ca25e193dcaf6e2ca0a583f553fb9ee6

SHA1
14a540abe74741d5458572db19ced2af110979aa

SHA256
3a043c2b246cc5806ab9fc907c23063561384884792642e3be8dc7dcec944f6b

SHA512
8ac9c6d3dd7d74255222d2fec0f15eadc949f6a220bec51a3ff60d05aac396cc217a315398e9759d61065ea2a8975b228837566b68bf64dc4f4a76e5df9a919e

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Runtime.Serialization.Formatters.dll
Filesize
278KB

MD5
e593f58dea6a2a5ea87c4a05178e3306

SHA1
a718d75bd070227daf4611c684ed0a4dae60c372

SHA256
cab5210a66f89d054e31a4204467c3f384c1fa2d308dade5344577c7369f9828

SHA512
ac1b4adc0c793b1ca5bfd47d68ee92d77be0c53eade54e25b845846458b376c25b66fc23342e065d019aafc303b388f7bbb7fedfa73645b93ac49477d2331850

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Runtime.Serialization.Primitives.dll
Filesize
24KB

MD5
5c26bd2ef9f0e67b0489ff3054e7e575

SHA1
9e01b41f6163fe2d0e2e6a03412bf1448978efe1

SHA256
9b298e8cf25f011049d4815d3e46836f61768042463ae84eb3de0c4c32f5aa5f

SHA512
ae6595101f6c5a87d080dfc7d253df65bdc0e41083e24e23c3eb57819f3752e2b1d221d1d6ca2c6b19813bb6d1b907c528ec46e28362b3ed8b5de39e944c069f

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Runtime.dll
Filesize
51KB

MD5
64b6db4e5edc35b1f0f4f8661b1bb5e8

SHA1
816f75651ce029b26284796f1436e229e06da9f3

SHA256
9e1b4b18ea91fee6a83957212e2c33ca1b332d56726e45482e00dc28d82e4444

SHA512
219d8163df984415d580737dc23720f1b2d64b4ebb03ee40a5aef94b50e5b6b2ce206cf307d58dd9690ef021ca9df1cdb35380256bfce637212f4695b57032e3

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Security.Claims.dll
Filesize
79KB

MD5
3c0425089f25cdd1f08303814d1a4f38

SHA1
9a5dc242a9e00fb83271a5824f9225061941efdb

SHA256
254b70b9bfbf78bdf3a6c9aca3ebd21785b5b8cfb46f0d45d38c9a820e655ee6

SHA512
95d86ff740a07ca241049086304d313979d79423e8165a2f72f7a7bc780ffc1cee7ceab40ddc4be0789f95e8f77a78b87f1ab5e158a809dab4b814cbaf9a8d9a

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Security.Principal.Windows.dll
Filesize
79KB

MD5
e9f61f68df63cf7ac8353ca16a4dbd26

SHA1
0b94fa28a00c427536cc948e2b0ecd1f6a67a010

SHA256
0add93a25fd4e011db55cac9e7c062b807d98447bc8272cf3a24b06b7437c16c

SHA512
793a139769f93d74b59f7d46846d3023dc46e129c88a6bace865be9d97806832433248e65886c8d080e241201ad4aa04b4b664db42e612ad5408838afa4af89e

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Security.Principal.dll
Filesize
14KB

MD5
ce0388e8f0d85d7c601e246e5985966e

SHA1
bfbc0e729b85ca27e4de3f0903022a1716201689

SHA256
3b6b0520402df1a0543118c78c82435b61bf9111b2824fd31e59a3fe67e69e03

SHA512
730ed920fced564e28404d2733b963b29b9210806fcfde0b73accd06cd4225ece06f9dca2d06d2fe9b8f350db85ec30249964d82c49cddd4e8f3e54451403473

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Threading.Tasks.dll
Filesize
16KB

MD5
0dc41a0a77de30d1838cf6f183133089

SHA1
dc0db3350fce11c3e742117816db053e72a61a23

SHA256
8d2942e975aaf6cf8217f65611b4f64b0dfa15e06fad1eb621d368f3e77fd1b4

SHA512
3ff9968ca53c8e011d2c9a8ddb73d1457923961d16665ec72ebbc725c5aa456605727a74af7716b7ec22cebb06346b765ef0722525d6d66f99c6e7c9f84a8c0e

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Threading.Thread.dll
Filesize
17KB

MD5
520073af46143bc7128f8b3a6de0a2b8

SHA1
a9639dcf892633231b65552ef7c748feb9362435

SHA256
926e642b0b6cadfbc3a4cb11bb81454eed8adf50acbaf19385c2ca40decd40d1

SHA512
aa086ba704a3f75a761af0e265271abcdd10fda6d66076c4462bd74eefc3987ecf42230dac6df05a0d56b79b8bf8664163dccc1ce87e05c5f4e5dd886932353d

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Threading.dll
Filesize
71KB

MD5
14407fd6873558448a79d6937dda51da

SHA1
94f506b0d0109c62fd218b904d9366bbe50d8751

SHA256
7bce0d29f5456cd7455afbd97d71089c1802ed423ff9c9299cebef30978f3c62

SHA512
e0c56f4c35a8500f4515b2250cdab445697ab3f15fc59e33c991b962422569a0bd1bfa563b785d705f4554fdb0f8f32b12733321ee8046f65b95d00b326cc642

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Windows.Forms.dll
Filesize
11.8MB

MD5
29e7bca05ad06acef81ed4c25c489020

SHA1
6a34bd3c75eb19ff25f35f1d89a6a1fd9335ea28

SHA256
878ee3c26121608f5b0ddb13448fdc4c9b78c5ceb54c56f9d0814bd010b702f0

SHA512
e6316ac148115b1774c0935003e211fac55e202f4a39e524f60315dcd23bd57c3b5dce0b0213008706acaa66f936ac0925804da621a4265296c0bc011d99e69d

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Xaml.dll
Filesize
1.2MB

MD5
eaaf5d2e23c3fa26d7e50333a1767543

SHA1
245ca98099e2664a21295d87770f2fc2659124fb

SHA256
2f80af274835f22f0d795cb0b8df92bc9b66ed6496550c112ca3f9e288555fb2

SHA512
486bd3410820f5032b96081de25d3e7116398107c45d5147c95fd7c211851278ed0acbd2b5685f33e2a9eaa72ee6ac593807ce5cb76072cf781188affcb9272f

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\System.Xml.ReaderWriter.dll
Filesize
21KB

MD5
b9e09b548bdb184b83a5588f598bc4aa

SHA1
5aad884ec792fc88fd610663aac11adf3fc7de13

SHA256
e5d1bc0eca4b452c6bf1ac792c9296397d8dc072195147cb66413748c12e3318

SHA512
a8b4cc181d15638c5e82c28b51d23631780395ff5945de6ea25547498a7f43fbcf3c12b0877b5bbbb60d08e42aa3f63306396047919bb9f626eca9df7e6234f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\WindowsBase.dll
Filesize
1.9MB

MD5
004a1fe1c06707781318dbd263e44851

SHA1
64e39223a2ff69d02a888e4f55783220a53e2055

SHA256
9b57badce1b8bdb7cb7b92775c0b320db462ba372642b8fd738e53650a9f5609

SHA512
0e1f024a7b3cfde7089da6eada27a6331bf2f6301b1a84660df2b71b9f7d8466bd19a133871bcea20d5cfd4718149e4782aa6d28a26f8c35e16da5a712f68392

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\clrjit.dll
Filesize
1.1MB

MD5
a873ebf8b135192456bb47edffa641c9

SHA1
533375c44d5f0ed5a194975817972ca5e2e646ab

SHA256
520ef22ad5cdc40025f8964d0cefb39b0c88cec4e0f7d49863f004887adecc95

SHA512
c8a46a050530287451101ebe89b2ee4149d3d3402127c78be5b201d8a66c1b2c3adbdf33f7fc866008e8d4920a24635719baa1c172c84089afeb8019c76c8f17

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\coreclr.dll
Filesize
4.1MB

MD5
fdb0d51a8c7ad31a75001ec87efc2039

SHA1
264a5dd57656841987f6f73d2b15290340049ad5

SHA256
d8877ba978e5ffb733026d15fc6e7b60862c8c43ad04ca3e5b663b6dcc7dd6bc

SHA512
590d8d45c59cd42ba0d0be068baf5d339228f6ff38f7282909679f3a2ea3f25f5110c072276888c986f020bbddeef48b69917900e7c94bcaa22bc3d0d6c978c1

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\hostfxr.dll
Filesize
335KB

MD5
36e668a570def150bc37c64bcc824af5

SHA1
c475d9bbfbf8e71197c06d86515cb84d06be0ff8

SHA256
26ed6778f4d368df211d035b548fa9b3d22976def5055d33c0f2a2d7086ed54a

SHA512
cf728f060688cc2a19186f029ecbe2f11c68dc56ed12e2759af0b21a74ef69d1a6f40d777efed4eb32b581acdee5bd5c668339c928556987dbf1cdb2533143db

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\hostpolicy.dll
Filesize
328KB

MD5
862514252dc75f2275445ca4798eea1f

SHA1
6241c1ef41b521a7766a87732382e0c940c96dee

SHA256
1f81009336fed33b50bf187d70a16929f4d1b4f78b4d1e16bbbf7f6a87ec5bb1

SHA512
b070c5a4d4d649da59df88ef0030f74a7e1096da21f27fccb72d3027e7b9cc87193fde695b32419982249b8e7fce7d5fea679a6c085a4605a09bfdd976a26a7d

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\mscorlib.dll
Filesize
56KB

MD5
9d07d93d2832f15cf661a2f19762be7b

SHA1
5db9f08bab4f051c1630754958c254c0cea6ce08

SHA256
9e2b7ab160e532f35031970ac8bf86b7afa41471e5b3d91e600073d32e69e358

SHA512
3fffea379b1822296bbac23a094e7d7eee6106376f804c3120fa8a9b3b4a204416fb25c80fd926977917283f23a8e60b1292e92b5b2abf76d0995302da1fdc7e

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\aL3F4ko5YrKVkq_PlE10U+G4jYIRscc=\netstandard.dll
Filesize
112KB

MD5
c0133970bce5de69439fc2f37a888932

SHA1
391bfaba939af0dd50d76c38cc94f5a1ebac780a

SHA256
fa4083a86c2f2f10168ec77f97baac9f13059e15d8fea80dbb93a610dd12c612

SHA512
a03a743e4418a93db64db6490e857dc7e507ce8dff57951c7e869c203793ea9f117823722382eee0e65b7a404ffc6a06cec43ef2a7ecdde90dbba57b79a53853

Download Submit
memory/2668-738-0x0000000074A7A000-0x0000000074A7B000-memory.dmp

Filesize
4KB

Download
memory/2668-995-0x0000000074970000-0x0000000074D9F000-memory.dmp

Filesize
4.2MB

Download
memory/2668-1121-0x0000000074A7A000-0x0000000074A7B000-memory.dmp

Filesize
4KB

Download
memory/2668-1122-0x0000000074970000-0x0000000074D9F000-memory.dmp

Filesize
4.2MB

Download