Resubmissions

20-07-2024 23:34

240720-3kvm7asdlq 8

20-07-2024 23:31

240720-3hzt5azhjh 8

Analysis

  • max time kernel
    159s
  • max time network
    205s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-07-2024 23:31

General

  • Target

    HorionInjector.exe

  • Size

    147KB

  • MD5

    6b5b6e625de774e5c285712b7c4a0da7

  • SHA1

    317099aef530afbe3a0c5d6a2743d51e04805267

  • SHA256

    2d79af8e1ff3465703e1dc73d3ef2182fd269ea2609c8afabdf1b80693405c1d

  • SHA512

    104609adf666588af4e152ec7891cedafd89ad8d427063d03fb42a228babefc59428b0c8b1430cb3fc319a5014d2ee1083ff2b74fa585cab2d86cdad346e8b08

  • SSDEEP

    3072:ckgHqUGSCoEslON/q178+oO3BAE4T/DvueX:cNHqUGSCPBh+7VST/Ke

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Deletes itself 1 IoCs
  • Drops file in Program Files directory 4 IoCs
  • Drops file in Windows directory 10 IoCs
  • Modifies Internet Explorer settings 1 TTPs 4 IoCs
  • Modifies registry class 64 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 2 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\HorionInjector.exe
    "C:\Users\Admin\AppData\Local\Temp\HorionInjector.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of WriteProcessMemory
    PID:3200
    • C:\Windows\explorer.exe
      explorer.exe shell:appsFolder\Microsoft.MinecraftUWP_8wekyb3d8bbwe!App
      2⤵
        PID:4828
    • C:\Windows\explorer.exe
      C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
      1⤵
      • Deletes itself
      • Drops file in Program Files directory
      • Drops file in Windows directory
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious behavior: AddClipboardFormatListener
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      PID:4684

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\PerfLogs

      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    • C:\Users\Admin\AppData\Local\Temp\Horion.dll

      Filesize

      2.8MB

      MD5

      b0a6bca6f734b633a03a078761b3b701

      SHA1

      96c79b4c8fa7f486e03a2a6b1da0b2bb0c6add13

      SHA256

      763912020ad71d68bb6c6edc4fd0f43059901e28ddc71a04ac137a9c5b9e4149

      SHA512

      6554818864713bdc78a6a903c9024756757867bbc8582175a83b85861715801f81a7a3b9538162c3159f96ed36ca3c5a05ac94605ac9b9adac2e2809bf2fe102

    • C:\Users\Admin\Desktop\BlockUpdate.svgz

      Filesize

      270KB

      MD5

      f9308d612fbc9cb193f77118ef4d6f91

      SHA1

      991abfdac4f5acd53d836b0d993385415cfa1f13

      SHA256

      4d3c8644f1975c06212836e8ea2b933db248a0a1b9a3a491d446a2bc82874d70

      SHA512

      50d5efcfc0dcfca27423228b2c5f2fa063b28c38a868a6e2ea42ccdb15355b17b80acf424d08fd77853ece81a470f78514ba65fa737499624d787b32adad2906

    • C:\Users\Admin\Desktop\CheckpointRestart.easmx

      Filesize

      368KB

      MD5

      b7ffef2dfcff85e0edef2b8327a5466c

      SHA1

      6f5f0286810eb698da2b1fd656919d8f1a27a733

      SHA256

      b6033e5e93fb52d759f08cdf3b030e11523fc1bdbf28e0898233b74235615672

      SHA512

      26c57323a59cc7c8874419aaab8eaef0f9d9b22e2e3e828b68c55d44631a57d05cc4700563ebdccc371a00bbae4bde9b105b607733c3d80d482f40a832d93843

    • C:\Users\Admin\Desktop\ConnectLimit.MOD

      Filesize

      204KB

      MD5

      e8bf6b3ad9e2a8d42908ef49bd248d46

      SHA1

      b20065040310e29ae19a4a2ea842041be3b14eb2

      SHA256

      28aaad31c52597732776dbbb93d2805d3387f5248d51c8621f667da684d4f2a2

      SHA512

      0381df64e28d423307450680a4c22b5218df48e43443459e9b72f294b429685c99283240f7cc0c0f9125c43f57f23b3b0f2d2c8cad828622b62b4a3254e7da5c

    • C:\Users\Admin\Desktop\DisableSuspend.bmp

      Filesize

      319KB

      MD5

      dffab10e40815aa6f0b6bab2212b356a

      SHA1

      d9c98062138b49888e8037452240d395c533a61c

      SHA256

      be9b7dd9d29c844428cf05bef95503ce0b5a1225f8906eb3d0d6e4b49ba2422a

      SHA512

      6136ea4ec88f6bc88208565058e6a463ed6d655176251f43ba20a6e56c2decace72652c23c1bdd5d137015be87a57947308d359ac55b2da1c75ea9b3298a73a7

    • C:\Users\Admin\Desktop\EditOpen.xlsm

      Filesize

      417KB

      MD5

      7536ab77f4edd346e6ee481fc40a04d1

      SHA1

      f549bb19af743f6677156d549958469fef196234

      SHA256

      f6da201487bfaa984286aea1881d02f7f401966aad16be3b7cc3b6f7d83ba494

      SHA512

      dfecbfcd0a64348e5e6ffbcc3294e78c6a4d23cd8e13921df9a960d4568ee875e28f3e70a72bf8b233aed929edb2f03df45cec36a29637eed083be0a62e3abde

    • C:\Users\Admin\Desktop\ExpandSubmit.xlsx

      Filesize

      10KB

      MD5

      876e64c900048de25de9739973d8c6f8

      SHA1

      faa1db9d7a22617e47f708858ae8df2ed47f0257

      SHA256

      b5b434c3661d86778a6f85a90f9026f7fdec6943d725137bc6c7c06bd15f5db8

      SHA512

      540e0b89c5863d5f9e63d2409e33af7a17c062c7e5c640e323209eea5c1c2b560a0fc654284d745893fbd2d6eaa9b2054ddf94620f6863880717b04f0ea9a119

    • C:\Users\Admin\Desktop\InitializeFormat.kix

      Filesize

      483KB

      MD5

      1039eac334cdb41fdc2f088df609bd51

      SHA1

      7224cfc303f3c45d8885386f59f6f19b52a62520

      SHA256

      438fccd669f41a72a0233de4b46c2f0c4af779a041e008f4bc0dfc1600dd42c0

      SHA512

      40a744352b66332a5fa60bed65c1e60b92cf7d4ebc35bb921699ee3270b671f84780f5bb8e40d7f653ee7ca3f97447e869e1749ab1d6ba317806a5ef247f774d

    • C:\Users\Admin\Desktop\LockPush.inf

      Filesize

      303KB

      MD5

      9d6ba0307084e31d365876772dfbdebd

      SHA1

      683f1fe82030dbca9b477ec058abd75a9c0c1622

      SHA256

      4be7c53ba207f7c0d53d3ba7d1a8f8a4106a5628984b82615f4053eab3be5442

      SHA512

      f0c50846e8296117fe818f5bf868e2881ad04760e32044826bf70eb96bc606757caf3224ed0c28badd9a51fe4f7f8901d17b6faff5e31dd5ed4695ebe366b2e2

    • C:\Users\Admin\Desktop\Microsoft Edge.lnk

      Filesize

      2KB

      MD5

      8109ffba7b4516dac9a3223cc033dd5b

      SHA1

      705461733327fb6453a8e0b66f0265c0a1a4f4c6

      SHA256

      9f4df7932eb80beb8fb5597f7bfdac4e496a1f04814426a103c9c525d23fbf0b

      SHA512

      ced127536b8414a77cff31c8e8fdb4c93c58f7fb62314da90f69a20618adf4827d99f78158d786ba4a7228d0bc8d16d08828ed7e32928df3b944aa089f32d19a

    • C:\Users\Admin\Desktop\MountSelect.html

      Filesize

      581KB

      MD5

      6071cb1bb6c94c05d763a01791da8ae3

      SHA1

      8382f5aeb27dd34d9822a597fc267cc55f86dc50

      SHA256

      bd2bcfd7d5709157e4e1154f1741dd0c903704ada77907411c8c78227ca477a7

      SHA512

      27bb1c3e542eaf599232a283ecd03a41deaf746aeb6a6e0bdc6cbe751c904585b59ebe6661b5f04d72924633613f6915c7c51ede8b86f8eef8073e8c826eb7ac

    • C:\Users\Admin\Desktop\MovePop.reg

      Filesize

      352KB

      MD5

      69e4b9ccf2a70704180f4e0d50f33ef0

      SHA1

      ee6c45d54774d72a136bbb8b7d8fc534d9e7677f

      SHA256

      40d9c0e96ffdd6e2a2e1d90a15f24dd21c2d888da32a640247dc65c6d6bc98a8

      SHA512

      c7b543ef9cae912aafd70501937b1b4b0661046891d7c276e9b0da95f3b7a498cfc3e12cbf44dcaf9e5f09e494e3d5ff271ea7fd8e92bcdc8c2548730bd54e63

    • C:\Users\Admin\Desktop\MoveSuspend.MOD

      Filesize

      401KB

      MD5

      5c8f2e5ce36238a5c48eba99389d9031

      SHA1

      6d4b33a53c76e15a357419080ba5e247614dc456

      SHA256

      9c8b5dea75ac5aa52758d31a885d498d2d8c05d7d5c989995e82d928f40132be

      SHA512

      91d6c6049020860aa989b08685efe4b9502aa88ed7fedc1d724bd92b9a688fcfec12bf7557ad9cc1013b1484ae698206332472285ae055d824d1739ee03ccff6

    • C:\Users\Admin\Desktop\ReceiveImport.edrwx

      Filesize

      499KB

      MD5

      01ca8db3d6ccbe9918f23f608d8f1cd9

      SHA1

      fc3acabcf3c7f2058ac6fb6eb981aa321d367035

      SHA256

      716d324c1e3fb9153ba1537d3650691cade20109cecd31ef849a5eee46d0a875

      SHA512

      c4ddc5ee41e2eeaa0cf10bdf6f089a0e55eeb03e9ed248e70b9aab676baf5d5f7c196618913ca0e3d7a918eca876e3b0704e16954c0701498e6101d99fe87e8c

    • C:\Users\Admin\Desktop\ReceiveTrace.reg

      Filesize

      221KB

      MD5

      512670abc0250aab44b716131afc2585

      SHA1

      835580226a98b6a54fe363704d265d723c994b55

      SHA256

      df7b3ae2166cc8be7a3079dd5704c42e70de2faf4787f78dc5f342a7d28f1753

      SHA512

      4bd944af68785a98e8fa16d9bce39c5683c40147ce9cd3afd6474015c6fac4085f4833789ddbaca231f1162045dca16c6390c13191f9be8bd1fd9e5225ade702

    • C:\Users\Admin\Desktop\RenameProtect.xlsx

      Filesize

      10KB

      MD5

      1ddb08544fa6680a6ef66c7791f719e2

      SHA1

      eee0d1870044f486b3422c4170be255ef2a1e7a3

      SHA256

      e0742c05ef22ee8e39d184c94a54910cb14b3b8d02db16794ca777941cb2ad4c

      SHA512

      5f310033730aa0fa7eda0760160c9625710c3c2c9a5ce9bb7186399045395485c097664d022947f638afd0a4b74f72d9b442c142ee6bfdcca9507e601f97ff5f

    • C:\Users\Admin\Desktop\RepairConfirm.vdw

      Filesize

      548KB

      MD5

      3db50fefab08c651b63acedafa37cd96

      SHA1

      f2a27ba1c7f4d4d878d4c413c070e0b05c4a536a

      SHA256

      826bae44dc524b63ce662444c06e77f979562a79c3dafc5bbbcaed27b6a90d30

      SHA512

      23ef8c1829f5fbdd4b760148bb3a733287c91ce4398217318a25043fcf02666d3e2cf01a6d1884d6391b3bc2ea1879b1798ad4ee25591bbbe4519e96cca0eec2

    • C:\Users\Admin\Desktop\RepairStop.wma

      Filesize

      450KB

      MD5

      653a7a95d3bf9b05c7e8400523c40dab

      SHA1

      7cdbc82de88f50a8a18d098ba913d755ee863b94

      SHA256

      5f0238714371be1e5c64cc3d680db2600f2fad5ac51b51965e08e092853ef8c3

      SHA512

      effd816ab551ea645e664c50a7daccd8039f5fffb61e866f32a2a0c29cf511b60cc3a53b0e6b32b945ff5292e3337c28d69ba09d4cb0ff381cbe9fb8617ae66d

    • C:\Users\Admin\Desktop\ResizeCheckpoint.mpg

      Filesize

      802KB

      MD5

      e4f9393f28f82203b629bb1ba0255d8d

      SHA1

      da3d10bc1e074a3d46cf2afc3085c13f1c346cfd

      SHA256

      cdece985649016ebd4fe38737fbf238a2eefc731c5f6d14de55663e20cb9ae40

      SHA512

      79d2b12c3e29f4fb92fa0f7984b2e4c998f720c4bbc7f175404c4cdd5aef996d03aa0970a5782efa17aaf15955a96defc60f10edbd1d74dc871dbd33374ded1d

    • C:\Users\Admin\Desktop\RestartDisable.jfif

      Filesize

      335KB

      MD5

      0ab408d68112eb9040bc65f536a87268

      SHA1

      0693963a60cb292ec2df20419e3c489ae6dae25e

      SHA256

      5a7f4958f79cd8df43d56e1718a36e0eb9f99248ac4058fb96e6b4768bdb484c

      SHA512

      535489761fe11bbe608c7568867032af3a875c70069b72d3989fc49caacefa5230bd69b3b8c88298d9f0c846d840e20c7a9cf9e4b58a6bd49f43fc85cafde87e

    • C:\Users\Admin\Desktop\RestoreWatch.bin

      Filesize

      385KB

      MD5

      53c119bd3b7c885ecb574ea8646df58a

      SHA1

      9ac842bfa5b49d4c48277bec95399d4d62cb31aa

      SHA256

      5cfe59ae3bbed0fd474cab6781895081a0e548415703e1f54b45090e8d63e4ed

      SHA512

      3ef456aa44f12f5faf88ea41f327350f66e29cce7e21823bd45a13490c7e5a0de958d5c841091de7a5f674b32ebcdb84186af73a3c25628cf9e8131887bc509b

    • C:\Users\Admin\Desktop\SuspendGroup.docx

      Filesize

      466KB

      MD5

      683732129ceecfd39f85dfcd85aa8fb7

      SHA1

      73e21a7b2342bcfa14bd9521876bdadc440d0af9

      SHA256

      41147c933bb6c9e9758262713a6c817741faadd1f030e6e0b4efeb940c9c5d72

      SHA512

      48d8f637831a113aaa70ab7816fe00098d6be43e01c7f208485c8fbff592ba81c2e62f432859d1f325c0378907ed49770a8c785c7d64dc4064ac5818902fb2cc

    • C:\Users\Admin\Desktop\SwitchDeny.kix

      Filesize

      516KB

      MD5

      f1c37ad2fbe19610809c72390c8b96b5

      SHA1

      d355805f36bc9776ea656a02b223a1f4406803ba

      SHA256

      1b6605322db1acf88491682bcf9357b0903e8f8fd38d4870945e42a2bebda182

      SHA512

      33c9ed1b7bc06d4f87b203acecc2de41d224c152e976b7085106938262a7ed570b0020e363664292d353a038e632c0b6af0ea269a8f39e365753cfb5602aad40

    • C:\Users\Admin\Desktop\SwitchPing.xlsx

      Filesize

      12KB

      MD5

      4331f27f1a5e2fb870a2d94c4f62158d

      SHA1

      b7f7ef73723270fd3acb9eb07d3d257950d3bee0

      SHA256

      6e8e853b9d8c7a6d8c008f6868bdfb184fe678fdeed183e77e84206a2552c9c6

      SHA512

      b3b2ac2f23c5fb6fde933aa8f7a22952c71ce1218f9f8e713d97dbf03ed47959a8d6aef2a4e9b7e4e722e1960dc319b965b13ee067864a4c2e7a45292dc4027c

    • C:\Users\Admin\Desktop\TestConfirm.3gpp

      Filesize

      253KB

      MD5

      7d1a4cc9fe841d5ade883ed83b833c73

      SHA1

      decec4670ac989a25625a1b58fc1a0fcf2414377

      SHA256

      b2e725fca2378136f389f40be85ec86a8aa359ecb3e51ca4ce74d7580a312f1d

      SHA512

      9dc98ef699fcd9de681d4d9bf51a47f909facebe22f75afde0fad706e01b2dcec791df9a1bae1ca6df5b9ee9fe65706c1a7a1c1715dd4827654d4e3808270ab5

    • C:\Users\Admin\Desktop\UndoUpdate.mp4

      Filesize

      565KB

      MD5

      79d7793b0fbb06b88544df11613bf702

      SHA1

      801a2bedad20c2f75a335f008a1f989289e1b2f9

      SHA256

      4533ed895464144de82e97a7822e8ae4f8d5f6aafefb59d8b2732ccfdae217b4

      SHA512

      20202979013275eb1522a3603b1dc179a1f8a5252ec35d7002a7fda0f0da19d455cf6f6b6f76e12d4a64471a381e9197c5e356c0069c4f6edd40c41674613b49

    • C:\Users\Admin\Desktop\UninstallShow.iso

      Filesize

      532KB

      MD5

      67792767cf2b9026153ddd788910f313

      SHA1

      6f916a249309cf7feddfe33181c440fbf62a9aca

      SHA256

      05c4e1e077c515dcc1e550604305fa7af2c59c048fd63e7a628a8d5d13a8ed13

      SHA512

      33111cfcc42e520d3a7327f8c7eff97836dee72e7f6285d517ead59aab3b045af6668c178eaab0d74f4b686e272c702e36bca0fcedc4b6fdaa43ead5272a9e2b

    • C:\Users\Admin\Desktop\UnprotectConfirm.css

      Filesize

      286KB

      MD5

      ae3edd06791cc8a4689fbbd87490e95d

      SHA1

      ea08ceec1d4dd239bff354ccc817fb82f32378b2

      SHA256

      da25f9257208e2d444c20ca906e49e5172eaec754585a1946473e413eac1abd6

      SHA512

      cb3070dd5c35d41e521835f273565789ac0afbc751c2c3d05eb0211f766542f5b36f026701a683a7fcbe33b777057bd9e4d6f0606eff2bed2b654d83a76e81bd

    • C:\Users\Admin\Desktop\UnprotectJoin.fon

      Filesize

      434KB

      MD5

      10866943d654483bf2e431b26be805ab

      SHA1

      c2d9271727791352de70a59def78faf3e6b7da63

      SHA256

      09a0436481cab7a91e8520ec7a577bd719648bce71d52c507e53f9138af08402

      SHA512

      6c88e4fd78d7d809e0ed8329bb951ee7b27c861b1411e385ca76caae5e461fd2d02e21a94abccc696b1b2cf63fd600812e37a110dc4eb821e03a1b76c2928bb7

    • C:\Users\Admin\Desktop\WaitOut.vstm

      Filesize

      237KB

      MD5

      7429cb11e889aa47ad8efebfd25e4c47

      SHA1

      f882bb9b60fb487e4fe34b81a5ff3ffe69e767b3

      SHA256

      c136c3c06366e27dd74a7a0a05e9299c0b1ff9627e74a76f7de08500315d5efd

      SHA512

      6c6c3c1a5143421940c4e189f1168fdcc905cb18be70871189b4ecd0f43836c23ae035e5af29231d3817eaf0f4ef9bb1255b949e2efc57ee1eb39f1b13a3f713

    • C:\Users\Public\Desktop\Acrobat Reader DC.lnk

      Filesize

      2KB

      MD5

      308cfe01d8a606f3addbef6a30d9c160

      SHA1

      e3e059f032ed1dcb1fac2b2d71dd53d57576c4db

      SHA256

      0a130b8471c5dcb8a95e63504e8f7fb985499e0f178cebf87d4ba8fc06cb25ca

      SHA512

      b0742de45a6988d6d32569406a2d412c79d15faf689f4aefa72f3ba1344c0f47f7edd7d54b57ecb78cd26f8f5ee357778d2a704cfcddc140626f12b8930afe67

    • C:\Users\Public\Desktop\Firefox.lnk

      Filesize

      1000B

      MD5

      e97f481650ef46f71da766ac6c17b31c

      SHA1

      e9f094fa36bfcdda84aecc43b6f717ae236d9203

      SHA256

      3618f6e53657faaa7c7b843b0ab2f96dcd42c3f4d767053d0a3f145428237e83

      SHA512

      0b8774adcfe59fd3db61715ec49cb8ad85d0ff642bf9cd6a90fc2318fb9c7ad17fdf9acf63423a591f4099dec905dd5cc85d5799eb9165b43675e9b06ab11613

    • C:\Users\Public\Desktop\Google Chrome.lnk

      Filesize

      2KB

      MD5

      0e03143b5926a8296bbcd0886a4fc009

      SHA1

      834ed0d884347cfd4d8e91aa174de6e1bea9bb3c

      SHA256

      94156952d86cd17f9b79d9746e413659a1befa55db8f6c0c2382cb2500771096

      SHA512

      80aa100c316e72e4a79dad39214686d86db2037f35542a89b1d67129aa1866d7c24f45480fcd5f0df8f0db10078fdf5fc0c689a9edc0e43f36479cf4b625a970

    • C:\Users\Public\Desktop\VLC media player.lnk

      Filesize

      923B

      MD5

      e9e78b7b97cf0233bf283468017a97ce

      SHA1

      5f512ac9c65c7d742a6cde4c3b1bebd4ddec0012

      SHA256

      5037f4f9009f949165fa77f547fed7aa43e3daa61277a534cb5bcc27571053b2

      SHA512

      78155be5708449161ce12a1c703b695c5c82c1f6c3b89e7cfd2c4d08fba859aa220af215f4af1e3d2ce768617b7378507b97871d239a7cadf8f1ae3c53fa157c

    • C:\vcredist2010_x64.log-MSI_vc_red.msi.txt

      Filesize

      379KB

      MD5

      cb95282ec7dfe0983121f2b70b24fcee

      SHA1

      ddb780202933c07e7e0965cc3e5d520f12d79931

      SHA256

      8569c7458dd5b966f4de4b188fcd743e59b0f5d5a6871e14b7dbc8ece94961d9

      SHA512

      b991632cde31d4c5014355e7498e338b6c42122a4c1aaf406b0cf76befb7a9e96e21202f2da7cdcccd680b6f4a9e8f963deaa200f79dd1fad93ffb1373044f75

    • C:\vcredist2010_x86.log-MSI_vc_red.msi.txt

      Filesize

      394KB

      MD5

      d77da0ce5512b5b05b3d7e6d364c0a7a

      SHA1

      5123c81092ebae9a9fb9700f0822fe8a2369873c

      SHA256

      4a311c812c7c30caf64596733da61d98eefa01a5265c551866456ee4b0db700b

      SHA512

      ebbacf2a89101cbff88c1f00f54f64bb68bcb50775b467097fdeca5f8ee94451f0ac87ae9eff3793a7a66b813d5766c42b28a309d0fc115dfec23321715b556e

    • C:\vcredist2010_x86.log.html

      Filesize

      80KB

      MD5

      cc2908354f986a118dc648a135c968a2

      SHA1

      bfe8c4f221fbb40ebaa03aa190409bbf7542586c

      SHA256

      d99d2666c907c5be3b52d3456e15d66e98a3862b51e96d28b432672d6cb22219

      SHA512

      a1716bba8fa16c22258929011ad542b34961ad574880f7bf7f8fb9b80e922d8c2230fa283232e7099a5c73ca8bc71d3878805eef12a37bb79f626f00b13a6c3c

    • C:\vcredist2012_x64_0_vcRuntimeMinimum_x64.log

      Filesize

      168KB

      MD5

      90236c72b5fe975a606de891059cc226

      SHA1

      550ee128d2e1dcd9997c395d1cfa6385bbceca69

      SHA256

      bf536ff7732b36817b6d7ea4a811957bf4051b3a9bc1788635c75f804d4d30da

      SHA512

      a50f9b31a66304996ab47e80f8556d2b1cdd8424d11b7f15f2307dd430d311529e5d1cdea543142e186d53ee11bb7222763185b52f17ed67dff9336fd153eda0

    • C:\vcredist2012_x64_1_vcRuntimeAdditional_x64.log

      Filesize

      195KB

      MD5

      bf0dfeb7be87b51d69626e540055b6c1

      SHA1

      79adca00ab834ec0e755452959443b99a057a9a9

      SHA256

      5e2d4b52f39fe9af99d1b66d45eda8eebb150cfc6fbdd6ec34bb12469d51c9fb

      SHA512

      d3765b02710603290c0705b126a5b3d6c94d197b5909c285216e0b9d64bc6969e0ec0aa362ab2c407497b47f15b7c49b009d8f5e9964b13838d0325e89c9b18e

    • C:\vcredist2012_x86_0_vcRuntimeMinimum_x86.log

      Filesize

      171KB

      MD5

      04373fbe12fa8a1e2bae57e042775ac7

      SHA1

      5f7eb86e726049c854b28448b391120592207ba3

      SHA256

      2075701e2e3fde9690d8df6dc45f6561ad8a63e4208cb102cb1f7e8d37116b09

      SHA512

      5331d8271446b2d3ab4b43aa2ab3dc71d54ac8daba75057e930eb2ac4d638842b742ff444ed179e1fcb3c457c12a77c7baad83ad98f066274e31481c4511b110

    • C:\vcredist2012_x86_1_vcRuntimeAdditional_x86.log

      Filesize

      208KB

      MD5

      1b55e9a188a3406ca0acbd8b913f82b1

      SHA1

      d16559dc4a7a0255bd5f16ca4dd76f6423371286

      SHA256

      943f796bf772b6524f2ed0f40d3c43b4ecc288b33638b9c5502cafb9f831b93d

      SHA512

      3e563738cb39b24aa431d529f33cc9745c63d175d0bb9eecba2e0821a482d8d4e79a49038d1c752c44d74c8733b7dc688915a8c1a236b7e781aab4837a92eb7a

    • C:\vcredist2013_x64_000_vcRuntimeMinimum_x64.log

      Filesize

      170KB

      MD5

      3de638cae886f0f297fa2f1e95698c2b

      SHA1

      8b6543047a9146c3e21f658b8a434a4c3b3479f9

      SHA256

      8ef47348ed3aac72ab0f1c1a6bac47565cbb90d49ba3f293f734bc3102b15951

      SHA512

      97ddf74967dbdc13e0929d97388828ad37c88d2dfb8c9b3faaacbd2fe26e1e37bd078cc6e9ffeee75f276b6ec4a086d7731b1d1bc06d071e7c0406e81470dddd

    • C:\vcredist2013_x64_001_vcRuntimeAdditional_x64.log

      Filesize

      191KB

      MD5

      42a29756e8a2254feaea6de2c7c992e3

      SHA1

      3208da14f025849dacb944e6befdfd3c4d9fbe87

      SHA256

      49c2de33e1f3fe83dee7a670c13db2c7fb394b188b1c3dc81b7c1ce640365b37

      SHA512

      2d7b2d3bf0fad29d0f9e19bb116a1d5622f3f73e804a35ba24a7a270f27b3eedac9f7f9226a433bca65a07fe8c681cab3a6911edfd348b36fa13b78c9cbe4f23

    • C:\vcredist2013_x86_000_vcRuntimeMinimum_x86.log

      Filesize

      170KB

      MD5

      73c3c5a702c760bbe52f69345f9a70a2

      SHA1

      100b2544692f9766316d9bdde5f80c4aa664655a

      SHA256

      114039c45cb4dc23be6a6f26a8b0e4af45f1b53f69fd3062b9555bd47c29c6b6

      SHA512

      2b0e03b1ec37aa7e5ab4e31b8a032e544e7e84eb19e37fc35e90127ac096390e08b3b1b308507427f798d0f6c1ced4963fc250ed5f6324bc9cc3b6687de07007

    • C:\vcredist2013_x86_001_vcRuntimeAdditional_x86.log

      Filesize

      198KB

      MD5

      fd09028ba0e608174fc46003ef0e71e7

      SHA1

      87314de2267f42a5c844a93601ec315a3bc3de88

      SHA256

      992be99e4cee72e554987abd60cfe79eccb61a871b41ac638eeedf1b36ebd1a5

      SHA512

      f9b47d9c47dcd11a2ea2c02d2c152b90e9c30d34910580f59ba953f051ed88b791bf0b19d9c05b4203f0d19f133d7033d1ef92c3d552f61c392ade321ce3ab6f

    • C:\vcredist2022_x64_000_vcRuntimeMinimum_x64.log

      Filesize

      123KB

      MD5

      757d0cbbd4c684a280cb663d59a23cbf

      SHA1

      ac45e16ac91846ed202a4000d486b7e166b17c13

      SHA256

      14bb7089e110efe55fa13669d22b234884395eb818600eb99d0a2bda4a58c652

      SHA512

      eeadb76ad2d9950d12156291cb8c34033f5a55f71d56ec37a62befd8c0b04b516a9dc526b387f0e2caf57aa0b75612c4159c1dadbaab699cc35af653e6562869

    • C:\vcredist2022_x64_001_vcRuntimeAdditional_x64.log

      Filesize

      129KB

      MD5

      a773b308ee9937c9f1427c621a53db06

      SHA1

      dabd85c51e2de78ca35b61976cc96954e5bf11cf

      SHA256

      704090c80249d7fc1e3a83add0de8c27c93c42186875fa84f120b5d0d9d089c9

      SHA512

      16d00cb7d0abafa50dd6a6bce7898dfa5371910412162ff774d36c041e89b382a4b5c1f1632a5699fe9895cb3c312b1b34a7980561727b820d084341e0dcb913

    • C:\vcredist2022_x86_000_vcRuntimeMinimum_x86.log

      Filesize

      123KB

      MD5

      c3d4f158b23a7cc05802a7bbb5855d0e

      SHA1

      d5ab0fc8404892232d8129ecdd40a5122f59ff24

      SHA256

      78aa08d1fd2f6677ce485776018c0ac841eda9a0f0138c7843e448f29df7aed8

      SHA512

      d4f0ea5874fb4337396330f1266cadeb5b938259b1346718cda91ffc050e4c301fc3d9e9166ade6fc808441f533a21229c898042b515c86b2a4bb69756fce362

    • C:\vcredist2022_x86_001_vcRuntimeAdditional_x86.log

      Filesize

      135KB

      MD5

      d3aebe04e8b80da3fdc30e9cc187a022

      SHA1

      241cf6f33ea756b371e40fa7b6f768a4ff2909b0

      SHA256

      3dc190f427396b0a7cdcab690f7b82fefc68407afbf238f342dfddecd04a62a4

      SHA512

      217b0653a9238189c30376b821c53c5d20fb60597d8e2cf6d7b86bbbd139479cdd461540326669f3f47b9c87d18f7b0556386b5da0d4b06d3591732c017d8c5b

    • memory/3200-9-0x000001E76BF20000-0x000001E76BF2E000-memory.dmp

      Filesize

      56KB

    • memory/3200-8-0x000001E76C360000-0x000001E76C398000-memory.dmp

      Filesize

      224KB

    • memory/3200-13-0x00007FFA71650000-0x00007FFA72111000-memory.dmp

      Filesize

      10.8MB

    • memory/3200-18-0x00007FFA71650000-0x00007FFA72111000-memory.dmp

      Filesize

      10.8MB

    • memory/3200-11-0x00007FFA71650000-0x00007FFA72111000-memory.dmp

      Filesize

      10.8MB

    • memory/3200-10-0x00007FFA71653000-0x00007FFA71655000-memory.dmp

      Filesize

      8KB

    • memory/3200-2-0x000001E768250000-0x000001E76830A000-memory.dmp

      Filesize

      744KB

    • memory/3200-12-0x00007FFA71650000-0x00007FFA72111000-memory.dmp

      Filesize

      10.8MB

    • memory/3200-0-0x00007FFA71653000-0x00007FFA71655000-memory.dmp

      Filesize

      8KB

    • memory/3200-7-0x00007FFA71650000-0x00007FFA72111000-memory.dmp

      Filesize

      10.8MB

    • memory/3200-6-0x000001E76BF50000-0x000001E76BF58000-memory.dmp

      Filesize

      32KB

    • memory/3200-3-0x00007FFA71650000-0x00007FFA72111000-memory.dmp

      Filesize

      10.8MB

    • memory/3200-4-0x00007FFA71650000-0x00007FFA72111000-memory.dmp

      Filesize

      10.8MB

    • memory/3200-5-0x00007FFA71650000-0x00007FFA72111000-memory.dmp

      Filesize

      10.8MB

    • memory/3200-1-0x000001E74C370000-0x000001E74C398000-memory.dmp

      Filesize

      160KB