325379ac3d6cb0de1e119d5e05c4fbc8f3a3c35107e0817923d27bd70e344f0d

Analysis

max time kernel
265s
max time network
268s
platform
windows11-21h2_x64
resource
win11-20240508-en
resource tags

arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
submitted
19-06-2024 10:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

IDA Pro 7.5.rar
Size

333.4MB
MD5

1400d149768bc74ac0d1559ba61f2fd0
SHA1

16bd68dbd97847f17a6ced761cf4f4f78ed05b33
SHA256

325379ac3d6cb0de1e119d5e05c4fbc8f3a3c35107e0817923d27bd70e344f0d
SHA512

f84fc596f9a2455358ec4f67286c99f478ec4f96dec485a358ff109c0e7cf6c09f96b88d6e135415a9afc84a80c38db985f10d90d2c9c912f8d3148badcfae77
SSDEEP

6291456:C6wtcHJdHFxgTO6+O/ZNxFHZ4HWdN2T9a2HAgo9PYfQFD84G/+eQsu7ALF/xUx:b8okT+ENxFHqHWdkTngL93SLQP7Ah2x

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
1652	ida64.exe

Loads dropped DLL 64 IoCs

pid	Process
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies registry class 45 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags	ida64.exe
Key created	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\discord-410737797914296320\DefaultIcon	ida64.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\MRUListEx = 00000000ffffffff	ida64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\discord-410737797914296320\ = "URL:Run game 410737797914296320 protocol"	ida64.exe
Key created	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\discord-410737797914296320\shell\open\command	ida64.exe
Key created	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU	ida64.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4"	ida64.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0"	ida64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	ida64.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1"	ida64.exe
Key created	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings	cmd.exe
Key created	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings	ida64.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0 = 6200310000000000d3587757100049444150524f7e312e350000480009000400efbed3587557d35877572e0000003b4f020000000500000000000000000000000000000057b1d1004900440041002000500072006f00200037002e00350000001a000000	ida64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\discord-410737797914296320\URL Protocol	ida64.exe
Key created	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\discord-410737797914296320\shell	ida64.exe
Key created	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	ida64.exe
Key created	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1	ida64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	ida64.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1"	ida64.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16"	ida64.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	ida64.exe
Key created	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\discord-410737797914296320	ida64.exe
Key created	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\discord-410737797914296320\shell\open	ida64.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202	ida64.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	ida64.exe
Key created	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0	ida64.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202	ida64.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\MRUListEx = ffffffff	ida64.exe
Key created	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell	ida64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\SniffedFolderType = "Generic"	ida64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\discord-410737797914296320\DefaultIcon\ = "C:\\Users\\Admin\\Desktop\\IDA Pro 7.5\\ida64.exe"	ida64.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 010000000200000000000000ffffffff	ida64.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 0100000000000000ffffffff	ida64.exe
Key created	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}	ida64.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257"	ida64.exe
Key created	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg	ida64.exe
Key created	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1	ida64.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1 = 14002e803accbfb42cdb4c42b0297fe99a87c6410000	ida64.exe
Key created	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4	ida64.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0"	ida64.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1"	ida64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\discord-410737797914296320\shell\open\command\ = "C:\\Users\\Admin\\Desktop\\IDA Pro 7.5\\ida64.exe"	ida64.exe
Key created	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	ida64.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\NodeSlot = "4"	ida64.exe

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
1652	ida64.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1652	ida64.exe

Suspicious use of AdjustPrivilegeToken 7 IoCs

description	pid	Process
Token: SeRestorePrivilege	2732	7zG.exe
Token: 35	2732	7zG.exe
Token: SeSecurityPrivilege	2732	7zG.exe
Token: SeSecurityPrivilege	2732	7zG.exe
Token: SeDebugPrivilege	1652	ida64.exe
Token: 33	3164	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	3164	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2732	7zG.exe

Suspicious use of SetWindowsHookEx 5 IoCs

pid	Process
4360	OpenWith.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe
1652	ida64.exe

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\IDA Pro 7.5.rar"
1⤵
- Modifies registry class
PID:1548

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:4360

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:780

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\AppData\Local\Temp\IDA Pro 7.5\" -ad -an -ai#7zMap12573:102:7zEvent21925
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:2732

C:\Users\Admin\Desktop\IDA Pro 7.5\ida64.exe
"C:\Users\Admin\Desktop\IDA Pro 7.5\ida64.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Modifies registry class
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:1652

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004D4 0x00000000000004D8
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3164

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\Desktop\IDA Pro 7.5\Qt5Core.dll

Filesize
5.3MB

MD5
770c19c0938faaec8a471291af3b8258

SHA1
18426b403007556702ee1dba703b88dacdf6442a

SHA256
f4bb94194c6cc946f4cc2f9f331a0e4dc08a6180f95250bc404f993c0f082762

SHA512
f0705a4ed45f7dd0a96e1b16a557927d16128d4c3f1bc0e0fe099a4c6fda030276d2c067b7a682cb8a1973ac3267980566898f635ca113335034c666821886c1

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\Qt5Gui.dll

Filesize
6.0MB

MD5
e3ddcbf6454378030fb21616c301418f

SHA1
34c9ef4fcaef11ce2f44d8f1de626e1deccb7617

SHA256
233116a16585ecff6a7e8f500efa52a6e1277601898ffce1d100f828eb29b745

SHA512
414db90adb094320b3f92180b1c68d0f43b5cf98efc2278199f0fe8687e870cc49516ffb931c6faa30384e3b46279df78b8247ac5839a649724d993489925674

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\Qt5PrintSupport.dll

Filesize
316KB

MD5
9202512581c2ecdcbc68101bd609cdb1

SHA1
1a94dd729f345e2d98c555287afda49f7a4ad377

SHA256
8f228458a99aca0f6aa5aa2f366bee096193e2d52baa4cbe88bcd17cce2518e1

SHA512
9fbc4a61bfbb60dd7de68a1c3181e7eefe34d8381ea7ca3699321aa8e990355b9ebd72c1ebd9e49e397a01108c20ff1566b95ce696aedca23b190f3c72db5de9

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\Qt5Widgets.dll

Filesize
5.3MB

MD5
ce299d5dca46de56813e8e5c269c961f

SHA1
96d7b66b1251802108c998b67c6273e26f870c26

SHA256
282475dd2c8148638000ecde4132f6eb29d4e6e56eb1c0f2e3897dba60195541

SHA512
4b53eb780c57c256753fb42be173ffa7eea14c65cebc0263da333e2f22cc40ffe7a2617e7cfe32321112535de99178341f6f9756429fa51d79d0839fc47a5120

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\cfg\idagui.cfg

Filesize
66KB

MD5
57265fcf34e0323df1cfd554bbdef518

SHA1
66822b445182c1e887672b9391a4192cf8dc4206

SHA256
88de5ebaea940f43d608c135d6cc50f6abd0ab9465feea92d012133401a5e292

SHA512
2155abe5e56fd6bea0b071c177934507bcb858972ba448ad02ace05dc13f7c6d1f58563172049c18536dc1c3272920213a23f079e2b03c1b43939db803e22992

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\clp64.dll

Filesize
1.0MB

MD5
4cf33f5396e8d3c92ecedced7d476c60

SHA1
96d72eab40c347d9fd68917c281bce23d53f4c6c

SHA256
f5ff0cc9a31fdd5037ebd4becf6e56e244c9cf2098ce21ae9bc695d98072307c

SHA512
bcf1da90f01e71ebe62ad92c66c3073b8b1f1c703701b6e8292b078e544b30c4053f9616f767fa2583dc82b16cd1425c788d8d942d98bae6fccb220a59295563

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\ida.hlp

Filesize
889KB

MD5
97e53567b7672bdd0a3141ba32536f3e

SHA1
a7bbd8b8a469e5efc2c7a3f6a14f60084daf0c86

SHA256
2b1817bd177e8ffe079f45da640359fd806e12ff5f03682829894a1935199c07

SHA512
3f498445bfb6e7446fa92f7f9a734277b4b6ed05c4d77decdef6439f57f17f3f71a7eb7c6b3272295f9b23a5893626a7fa509572fbd998452fc3d81e8210d6ac

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\ida.key

Filesize
2KB

MD5
132b2afd6c3e34e46eb75e4b14dc8460

SHA1
bbae3128c4b476a1e12098ad5f92a705ee1f26cc

SHA256
5c5cd15de81a575073aab3f7e5a93ca86d8b20666c4d0d1ec8282679f2c64e0c

SHA512
0a08f911265d9bcb2c8b713a3b35657db5bf3cba88b69ee9efc3267705480698ae1d41d7fdfbc0e1e561bb6f1044f5b4abefbb3fa60f6545f0519996d577a8eb

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\ida64.dll

Filesize
3.4MB

MD5
e9b6c058f98fac1d0e689e21feb902fe

SHA1
b5ad80c1ce98d37cfaeec22533551c4f9d464a02

SHA256
4818a72f3a22ecdc4f5e272fc2b41e2561d42c8aa65b723f7a9f945305e7c447

SHA512
67abf1e3aa627fe5ccf2774cf9761c7229543c8456cf0f3b21a5ed1a82d3a7686c0e791100685b8dc3a05519e87282e3c8d96079d3f474de0fd88f97ff84d6b2

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\ida64.exe

Filesize
4.0MB

MD5
49c792b5be71d206e1ee75c06829ca0c

SHA1
8cbea26408f807694e59c7d013f38867ff613f44

SHA256
1d505c8aa64a559be8514a042cb5b14711d3ddc6cc841e327d79f3d7faa7d9e5

SHA512
193caea24d97de2837ab827df29adf77f0f2558c34479a229284ea02a950390c93977b58d258c52397c6930e1e762f0fe7515f2eec36cf4c0ca774158942ff52

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\idc\idc.idc

Filesize
299KB

MD5
bf9ad247fe56790e8b2dab03a55eeed0

SHA1
cef52d9ccdabd68629f0512fadf841e3969cca6c

SHA256
3dd40aa945bfa6658411600e3b99151a4c7c82a951c0a2cd36394edd2d2c1c06

SHA512
8b735cbd688751fa8a905bfa9ffa957ca498739913096cb908251830dd536e2611678dd28520b9504044743c01206dd531ec37da85387473a5297e844fb720bf

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\platforms\qwindows.dll

Filesize
1.1MB

MD5
19b2d175eb0427773beb2f3cf02ed1cc

SHA1
62e1d07e26b89b379a777deb42434fdf023a6594

SHA256
ad1829b51a7be67ab0c4a040ee8ac0024d67e1f0e0b0b5dd819a6166a89235fa

SHA512
3bb4beb9b220999a06cf27ccb2efd0d94b0df014e14ee8ea9ec8ce699d50cd4745faf115d55687fd53f2add2db224038874530d692a1a6dab45300d9ef9a96f3

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\plugins\armlinux_stub64.dll

Filesize
150KB

MD5
44e798847565e8b677c76a27b376fbed

SHA1
f787d209b58aae77899a1340d986395cca71b4bd

SHA256
2bfa5fe3cf64af0e51e08e63362d8d41fe91cd7045385988b3a9210cb799bb28

SHA512
9c7c64878045e99dc04931781b0ca414d692d54215d2124298cf4813a0e283d08c423951ff6d7aaccafc655fff74cecdd016b7ee3509c6d0f0312b07798c62b3

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\plugins\bdescr64.dll

Filesize
22KB

MD5
315e30d73ba54f8a4adea1df690ba7bf

SHA1
1da607873344fdf428bb0aa9340b1e82b4bf6acf

SHA256
5cb0f36a0e25335c779d0055098260f2e354a386981813cfe704791a87c42e85

SHA512
58123b2b747806c3914fd26a024b9f291543385b339589194246a1bec8ee59ca37120b145eb87edabd6150308ef7d4e1ac26dae29a5e595b26f83780e1ec1d00

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\plugins\bochs_user64.dll

Filesize
346KB

MD5
5bce0bc7c330b4aed4ee55be40615b6a

SHA1
b111c104e04b593e0885556f950e92c33d4f6f22

SHA256
37d346ce3f14f4d254e1bb74ddcfcd8a685976b15a63a92dd5e51f3982c63123

SHA512
0eae06341aafbb80523f2090495d1448276dcd69523a307cae1b198d19c1aef507648c76da06960f2ec7c8e20c59bf32ace9b1309d59234ad2e496a3a316b6d5

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\plugins\callee64.dll

Filesize
13KB

MD5
bfa6a9ce69f6f40f27be12eb2501d32e

SHA1
23f804dc434420d17449edc0f3b5993b527b1e60

SHA256
b41e54a25153cc6494c43e65c9c30cee29a5a76ef85a787c1a45f9a7027cacc9

SHA512
081f3a47174b734341beb68f658d0a48417a14b47d32f0530d36177a96600cfb237d0a3f3dd90578e7771623f2af18ebe785b9760f2fa115827814879ec396bf

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\plugins\comhelper64.dll

Filesize
27KB

MD5
36fb887faa1990617350b6e73d0773f2

SHA1
dc584b60e021485537ce8893a5c266b920e42d68

SHA256
611c604a863c3c947bd8660aa458eef4e9e02145d8ed223398e803ec0dce0081

SHA512
14ed4c46ead909a4d8255afd7694610ccc03dab78110ca3b147392c0e99f93cd6520a381c85cdebc4ac842ecb62c8a7d6326545791d5e626ba170d367adcab6b

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\plugins\dalvik_user64.dll

Filesize
369KB

MD5
9db74b45bfa48b55709035d7718d77a1

SHA1
1256dfbd4c815c95a59632189200afd8af7a4d2f

SHA256
3cbf0455e676fe93aa534970e6f5768b89b0a4e6c09e4bce09258ddd11859c6d

SHA512
e45426d28b8beadbdbea9b8f00dc8ef65fda4e7df46fe811a0d89ca05d3884311c14cae54181673d170f5bd9f75444115b68dcf2bb656c9fee8a118424a12cec

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\plugins\dbg64.dll

Filesize
61KB

MD5
e62a21831cdb02982a576f7794f0320b

SHA1
cb6c4d0acccf4fa5a2b6335ebbb9502ca8808531

SHA256
06705c77efa22aa4d648be9f1f201f0e9ca09b387f985aad50cf67d5f9f21f72

SHA512
c05653e0c9075e463e2b0906970842bd41c734b6b340be4dd1e68c41eb7f0f754ab67d5df11b9f40e6c624d722a33d1842183606fa30499c59f0274c4766f6eb

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\plugins\dscu64.dll

Filesize
76KB

MD5
c399d9a5fc271528fe5510e59391732e

SHA1
69eb41fe0d924adb2f566e359f7f065093479dc5

SHA256
64a8d8c5d08aa31b1cb8e979c22589bab033129629b5f066b6070f75437f554f

SHA512
91276e9c526430caf987de72f5f41ff40fcd6499d54d34a54a3acc539d5d35467bf3e8f63dec7fb40c7748b744d80e989642d97fe120416cddd039739b45bb91

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\plugins\dwarf64.dll

Filesize
511KB

MD5
3b17777ec9aab4914d9308de9553cbfb

SHA1
33a9d25b49dd165f4733765dd81a5dcd5a6089f4

SHA256
fd7e4bc4c3f8382c4802f1a787f58f42f18ee448011e25290acc1cca62e083ea

SHA512
b633bc470a33c85b388c71afc25d6126b83e6a5be9e574eff0423057c330ff736f12924fc52687ddf0d43808f76524c5d92f9f51760ed9fc18dc16d9f1442bc4

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\plugins\eh_parse64.dll

Filesize
112KB

MD5
e2b9bc1154c428458b0933c2ba6a8dcc

SHA1
f3641497474642af08c04512d401f5a38353edda

SHA256
acfdbd5fe7bf7a230bb50e758772cca111e39d64e7d4622be4f662b5a77ef826

SHA512
cc7196d13f8affaeec1fbb63e4dba61c57af1471a72e854c6bea1260b64394d86adaa699875049ce3c8d9fdf4e0b623757db9a1059fd73b7fbb372f584b7ef0a

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\plugins\gdb_user64.dll

Filesize
344KB

MD5
095fb07c3dda19e9db7a29fa49f2c0fe

SHA1
980545580a799ae82f2243f1c4842eab578afaea

SHA256
71aea5f15b02ff566cd8f4c131d5af1548e227db6116c85a74188763f5ece288

SHA512
63683e0445ba65a338c8d0415f095242124ed0f189069ff94f606ae6a599ff6d76a837b53ff57292268640a9b5902e9a42e227b1aec4d58e3617ced2b6a0f7a2

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\plugins\hexarm64.dll

Filesize
3.1MB

MD5
9576dd46e09437819ba23ce1e60e448d

SHA1
c8a1d131dd4451e48081a786a134ab054bc211b8

SHA256
b76cd8b7dbb64d90a99b925c34ffe3996bb91e48f9bbf8233b81b4854675d851

SHA512
0195b460a82c70320323d1f86aff1fb06d4a910d1eed77f297f486fdadf2af8d6c90ef3e87335896e449cf7697e03feac7d38ac8df486cd171f27d55d2ab6891

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\plugins\hexppc64.dll

Filesize
3.0MB

MD5
72fa7578090319e0bcdd260adadbb283

SHA1
4e4a68e2a7b3c533fb283c638c4a35347345a57b

SHA256
3aad1ffc3cefe4c318e56d70da49ffd15037bbe30fd335e76c55bfc666437a90

SHA512
77c260299041b3f1cd21bcb5ffa8a4f25be814676ca92bee9e7afee601efe06e71e1da4bc54ea111eb3d400792fa9ed8cb059caa9ec9f1a180a85d43ffdd22bf

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\plugins\hexx64.dll

Filesize
3.1MB

MD5
c2e49a750feffc904fd3b091b215ea65

SHA1
e632e76f6d8df32269ac3b6bafcf6a8d08823115

SHA256
cd69dc3a6807189a3e063bea5d4ddbb7f4e539c33bd028e1d583fbcda604b7e1

SHA512
4278841e60ab020d011132dcd9651936c7898cb223edb50ea9e0b1824f870787bd38d0496d41e6b2221c676bd0cad2be0202e8cbfbce28b0dd19947142ff8b6a

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\plugins\ida-rpc64.dll

Filesize
69KB

MD5
72fe35235e538b161ba527ffd3f11a35

SHA1
0c358b6355f0eb101cd3b066a95d938696b16f9f

SHA256
c7a0db5be756ee6468d41724efa681361a80de731d82390d4090768d02d457b9

SHA512
a34aa4963a490e7de709d56b5b692149896513b5a04d90bf9c28d595f887dbbd9499973ee2cc64f02eac01a4e56533944ef342236c0231b0e60b8eb5643d05f3

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\plugins\idapython3_64.dll

Filesize
112KB

MD5
6962a5502ff886e9bd3e34802518f1ed

SHA1
58fa228daf7f63b759f36f5f2b43f1034a00d5db

SHA256
e4f13c4d24c84d99dfaa422f38d02f974166e29cf037d070e5fbd4edc68e7b35

SHA512
0b09221fef188744ef93d3e1c7683b88f3077780e69c435f0fc28495c429a9315fdc51166492a3f3daf8707beaf66a22a39f5bad87573e5ed8826a845c3b75e5

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\plugins\ios_user64.dll

Filesize
413KB

MD5
ef71aece6534e6eb707f7fdb25ab218b

SHA1
cbed19ef5ea7414e415dc0a51fe8fa315e5950cf

SHA256
d1a45cc241039c3464f04853df60646e62dd3d8cb06be6991b68b22559a4bb79

SHA512
f45c5e251563f2d8ad8a6f6109de80acc12c32528a5072fe889b977883242c39ce4627fc1197df4c09185fcc063418e517d0c209b2099cbb6c1a2eb067129411

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\plugins\linux_stub64.dll

Filesize
150KB

MD5
983f6d3b9de1e929e923ef37d86760f5

SHA1
162810510f3ddeedf29289051e07a5b59b52a81c

SHA256
cc2f401755e92c19ee32d100b2165ef7cd129d4d4211549075b926c0f3efd390

SHA512
fa1230524482aad6e3769d6e2033dd283097f56a729f445936ee98f5f12ad391279df62b7513985898074a5031de50675856f295663c7bb414285780aea00d4b

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\plugins\mac_stub64.dll

Filesize
194KB

MD5
7a64adb9847a36d4ce0da3eb2f1b4e58

SHA1
6325f4f0cc2c62ebf2aa95a00a84cef24d6444f2

SHA256
1be610695c9e151d2f40c1652bc61241cf8000a25252f853e232e814fdeb0d01

SHA512
e04a321a31802b092a0ba96ee4202d16f39e75bea9739e4a960e2040769f4bc82b542395947c2974b6c9e9d84ee2f392c2a879a84998e695e821282cb420bdfd

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\plugins\makeidt64.dll

Filesize
36KB

MD5
f27f923a1aed399f6114e4e8f7252866

SHA1
5c999642134b159261ac01e567401d5374264adc

SHA256
827e747a82ccd29d29f25a68cf360be712efe644335a78db0477f336c49cd35f

SHA512
f8a1bb32d9b366b83fd249f51b290fa6e35011f06560623c39a53a0d91797c1db5357dae6e04e4e144e8efcb16b18f2a2185a7b579a17627851dd3aa7781411d

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\plugins\nextfix64.dll

Filesize
11KB

MD5
6c8318f9b60adc1ea45ca473bdc98923

SHA1
40e6627d063b0cb4ec8760b1ab4f211496010275

SHA256
e5998c0eabb93777abe737aab7ebe0d56319d220a533cba49b5e9619466352fc

SHA512
119363c2fb6e78df67d73c3f4f14a5fedb075987efd3f9bf4ef56fcdfadc439440b722c6d281ecb37f10762dbd03466577e83516e7ddf09a93da21ac16426321

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\python\2\PyQt5\uic\port_v2\__init__.py

Filesize
548B

MD5
8e40717de96792f3f07cc9233be4743c

SHA1
6de35101b0ce8fdb91729d54668006f694cffd25

SHA256
4fb2f6155bfb5efd7b9f5df6f80e11fb3d7997657fc2c8282c0189a3177dfe3c

SHA512
f0072d85733febcd67d10bac289f1f90d1b929fe1aaf1e90a09b5dd1836b47f183dc8e9f671ab599c74625b984c8336ef32be44914c0c532d240c7486b951bb1

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\python\3\PyQt5\python_3.8\sip.pyi

Filesize
2KB

MD5
659c59af4841ab542bc5ae43abe187c9

SHA1
838206246c95a4b673408c78fc6b294246d53913

SHA256
618cdf56d2935c762f32b9c73e5e998ddc471f5f70c4c5a980dc22386e898279

SHA512
e88d5cba70a86aee598d14305eb92baa9f22ba3f0c06ef108334f663413ab54c8a6dd9e57b13a31834a8e80cb86e455a97bfa806a1697ea39a639dca79be4aa6

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\qt.conf

Filesize
207B

MD5
afe6c730b47e00e3ff5f65b0756363f3

SHA1
bcfbc80905b6e9f597de0cc1d987d9200c446c80

SHA256
2518738eb7865283890de96021a55438468625d23e6b11fd09ae21d90265a83d

SHA512
ba82e4ddae268572b36cc1745fa39e0b468754ae2a8670f9f2ae91cecc4ccfffe7ee07b3db783a5f6a14c0e4fb744a5e89f748025872f2be7faea22d459d4407

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\themes\_base\theme.css

Filesize
6KB

MD5
19386b9e51dda226887c2149c84c9814

SHA1
370d5ca188f31ad01cd389483e47b6b59370383e

SHA256
bafad2c7e0e569e2a0dc278f346a61274cb7c95c010a3c8d5381dcae6cac0c96

SHA512
c7bbd21fa4875aa247d9f1326f784da251aaf107f2a1a7128773587ec78e6ae599ed66259e3ecf8286fb8136375cf8eabeb6b0976e87622a33d5771e886ab27d

Download Submit
C:\Users\Admin\Desktop\IDA Pro 7.5\themes\default\theme.css

Filesize
5KB

MD5
edb15b0a58256a6c8cf5763154aff06e

SHA1
10d87040a16e31bb420e761e512778af2d378fdc

SHA256
393c43e96d84514121e8c6098afce5a0f1d07e22165dcbf4e1207839f44fd63a

SHA512
98a7c25e8027a74e5fa41f8f48487f42f3a9476d53838dc425197e9c0638a968e052e63fbac5098c3ca9776fcfd209e9aa06c15d320c8f4e51591f31e00b4b51

Download Submit
memory/1652-2897-0x00007FF612F90000-0x00007FF6133A6000-memory.dmp

Filesize
4.1MB

Download
memory/1652-2895-0x0000000065D90000-0x00000000662EA000-memory.dmp

Filesize
5.4MB

Download
memory/1652-2894-0x00007FF612F90000-0x00007FF6133A6000-memory.dmp

Filesize
4.1MB

Download
memory/1652-2896-0x0000000065D90000-0x00000000662EA000-memory.dmp

Filesize
5.4MB

Download