Overview

overview

6

Static

static

1

Device/Har...bf.exe

windows7-x64

1

Device/Har...bf.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    150s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-07-2024 07:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Device/HarddiskVolume3/Users/bennahia/Downloads/Stormshot.PC.V1.0_09dd7712bf.exe

  • Size

    2.8MB

  • MD5

    6aae47cbaa4c56095a1eb0422c1d2ecb

  • SHA1

    34e29d1801d270a2bd7ac02d4ea84c14c553d66f

  • SHA256

    ffd63fe2aeaa91f05bef47b3583290ccdba3f44912ab8b67044f3d58bf817ebf

  • SHA512

    d6b2406922d2618816db55110bf12a8579b69325e0c196d0d2508bafec68a0430acf48482160bf42cca4bd0995d864abfa2425e8e5af794c8d8d1c430fee4cff

  • SSDEEP

    49152:c8ZQVqWu+fqu79LNTRBO1L2VQjJY80KruthaPVu+2zE0y5VCmdAlacRk3Y:vZARtBEqVQq80ThzTzEElask3Y

Score
6/10
discoverypersistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Enumerates connected drives 3 TTPs 3 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Executes dropped EXE 3 IoCs
  • Loads dropped DLL 31 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 3 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Checks processor information in registry 2 TTPs 6 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies registry class 9 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious use of FindShellTrayWindow 6 IoCs
  • Suspicious use of SendNotifyMessage 6 IoCs
  • Suspicious use of WriteProcessMemory 9 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Device\HarddiskVolume3\Users\bennahia\Downloads\Stormshot.PC.V1.0_09dd7712bf.exe
    "C:\Users\Admin\AppData\Local\Temp\Device\HarddiskVolume3\Users\bennahia\Downloads\Stormshot.PC.V1.0_09dd7712bf.exe"
    1⤵
    • Checks processor information in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of WriteProcessMemory
    PID:780
    • C:\Users\Admin\AppData\Local\Temp\st_09dd7712bf.exe
      C:\Users\Admin\AppData\Local\Temp\st_09dd7712bf.exe
      2⤵
      • Enumerates connected drives
      • Executes dropped EXE
      • System Location Discovery: System Language Discovery
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of WriteProcessMemory
      PID:624
      • F:\FunPlus\Stormshot\Launcher.exe
        "F:\FunPlus\Stormshot\Launcher.exe"
        3⤵
        • Executes dropped EXE
        • System Location Discovery: System Language Discovery
        • Modifies registry class
        • Suspicious use of WriteProcessMemory
        PID:5616
        • F:\FunPlus\Stormshot\1.0.0.77\PC-Launcher.exe
          "F:\FunPlus\Stormshot\1.0.0.77\PC-Launcher.exe" --currentPath="F:\FunPlus\Stormshot" --configVersion=1.0.0.77 --launchExe="F:\FunPlus\Stormshot\Launcher.exe"
          4⤵
          • Adds Run key to start application
          • Enumerates connected drives
          • Executes dropped EXE
          • Loads dropped DLL
          • System Location Discovery: System Language Discovery
          • Checks processor information in registry
          • Suspicious behavior: AddClipboardFormatListener
          • Suspicious use of FindShellTrayWindow
          • Suspicious use of SendNotifyMessage
          PID:5708

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\st_09dd7712bf.exe
    Filesize

    38.2MB

    MD5

    022835772d21b81e66e42ce52b8a7292

    SHA1

    85f22e3aa49a458120a0887dba3b1832c2aeb3d8

    SHA256

    daa5a8f3d9941c0aa2c95848d623e75f4fbd9cbe484a3ea7f3249140879482b9

    SHA512

    12c5b5f296563b84e8bd885fca3567d4f20972ad66be4000e6ba77289a174bdfb979458643e646586248e3eeb56243d000d79bfcb9898f27df0537a01feaf191

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\MSVCP140.dll
    Filesize

    425KB

    MD5

    d4e9ae2301232a7599807ae02023187e

    SHA1

    af68af4f51c1affd0a8c29b3e707642636374583

    SHA256

    322af358aad037db8136623586e65fedbba3040b355f76ed34e7aa1763b2dc89

    SHA512

    5fe2cba77f0c285c519142a71cc1e6216b4ad78077aebf1c3f23e84e4b8fcd7f9cb6363668674869e3bd2c56ffd178b2c2d51725ab38e0a2338e5dc15d7d05f8

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\MSVCP140_1.dll
    Filesize

    20KB

    MD5

    ca7c343e1f6ffdacd0818b9e46ad58a5

    SHA1

    9731858d1cc5f1c1ca3bb2253df8feb9a912b8f2

    SHA256

    87428634883461f50ef4dc812273dc8822cf608b32ef6f11bcc61223052c1ae1

    SHA512

    13602dbd97f41dfb32f9c2cb5fcc263fd2663667374372b4414f64f0f56191419a79e74add3286524710d1b75869933cd21c8d8401ff6df6d711dd8efc8800d9

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\PC-Launcher.exe
    Filesize

    8.9MB

    MD5

    4610981b68a8f7532ccd9dbcf2a1c595

    SHA1

    0c83819642a7823c39afb2b6b520dd8a55fe8bc0

    SHA256

    d163b72dafaa6b935cada2f5e0a0f87c9581b747366b1855a285acec2f4b8ab2

    SHA512

    416269b24b2fa28bd88d3c7e392d32a218873a8babdb05e572524e54f16dd1346f46cece89f0398e3022155f266603a43bc4f96e44327c5e973962d1da27c6d6

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\Qt5Core.dll
    Filesize

    5.2MB

    MD5

    ccb1f269d09dae974fe338ac807966f0

    SHA1

    5bbc886073b68ac54c28e5cd2f81392b532e5c55

    SHA256

    1cd06fffc17269a864fec6ec8f47bbf8af3f5d1cfa391f173ae63da4c7a7b498

    SHA512

    2e82eebae0b9c4c7f7168aa89082d51e45c8622ad831c13b1a2219ba22db50dcff9e4846642dbfe8103f18bc8277d35753494be7aaa3791929975d135345f4b8

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\Qt5Gui.dll
    Filesize

    5.7MB

    MD5

    00375b48f58242be0aeb9fea5db47a34

    SHA1

    f5ff390642cf75f562aa43e5041b3ecaeae19e8e

    SHA256

    b5d8b8997a484f342739e15689b4a29389c1cd99e61d8a2ab208bc5644c1d8a8

    SHA512

    3aa570d2395019bea0be84523a1c81f9a8bc8ae984066f478aa7ff967fbc241f150bc23b0d9bd727a960b0799d84e1d36d46a7bd8e5ff95b60b24a4cc92130b0

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\Qt5Network.dll
    Filesize

    1.0MB

    MD5

    6ac9a28a6fbc7f48e7504f34b5480797

    SHA1

    348d596e4566cc99cb7b78ba4e9076ba9d8a1d38

    SHA256

    fc6179c80db2afb79f67b2f0e39ed1739717129ae30b8b81c6155f17ba83c576

    SHA512

    a3a5da0bce62d5ec48563b93e4faf59e89162afa8f5c01ae23198490b9b202251baa550582d84d83e51187b93ca77b7bb7a3c3ec07950b283f49e16beb6f077a

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\Qt5Qml.dll
    Filesize

    2.9MB

    MD5

    2247c7ba00ffd5fb0b8bed697e7e7ab3

    SHA1

    0977e47d8efb192fd2a05c845e5633109858ea0d

    SHA256

    61bc4ed1824d6c1327d298a7a788d7ce3d8a2e64dd9e7955fd08088920890642

    SHA512

    2331e1d1dfb71f1482efd1d5ba4c71e67ca84570e089a020d4cfc9341dc3053bd79a39448ad952b53f9055ca49cbbbd6b0f1d071f96ca5b16a3e3d7fa585949c

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\Qt5QmlModels.dll
    Filesize

    349KB

    MD5

    b79193c4770635dbc6d578d4bc24142a

    SHA1

    83aea1916910f865449a2db90a68e9c1cfd22a1f

    SHA256

    e488c6ae94e9610f8df22a97732c918f3261c32a897c3c357e6fc8995e94810b

    SHA512

    37f362fe14dfebacf32cea643a59a059f6e6116c6986516c98681b0314290894c9cfc7571d7ce04dbeab93aad5a869eb7ff586a88f7b30606e1ce05a6cd94a46

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\Qt5Quick.dll
    Filesize

    3.4MB

    MD5

    474a9e2de31376e21bce06d9cacef668

    SHA1

    c3ee8d3008d1daa6cce23d1261ea3f7bf4ab5308

    SHA256

    82156019afb320612a4b48243b05c7c8477770c83b23af836c7c99563fa26786

    SHA512

    5c894e47ff3853f1d692e3ab8f773ed70161cb05e497b8cc9412a060366dd7ddb4bc01939671d5ad6853d83c4a7641625d0b4f6eacf40d34401e3f12269773df

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\Qt5QuickWidgets.dll
    Filesize

    72KB

    MD5

    a2075c10b993bccd74523823d362a727

    SHA1

    e2f324e0f29bfa2b4016649aacecb71074e7a835

    SHA256

    2f3f0142e9b82e5c6d4f84c04578255a957981ee14ac96d76f5b93f0ca1c6769

    SHA512

    2dfd91deb83fa0ba2115ec8c03cd20515063fcf69a6919e5fa023672251d519664d33e8662670625745f85784445a559133c03a10bc7986859221045bbd07216

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\Qt5Svg.dll
    Filesize

    264KB

    MD5

    37265e6e2e85b59f9cc85c9b8fba9074

    SHA1

    f1db159aeb042fc9aa2d017e67a0a384ee9e5382

    SHA256

    f4453045b5bb77f14ab3ff2e7a05d6aa49681f3120851ccfb8e33660cd2662da

    SHA512

    ef9de075a05defcd6812bff34f4d7cbbeb9d7c39d17c213ab120b93410b43415be8bbfab78a4c911ffd2e4361df9efcc9e4b21fd725e8e67e49a87f6764a7579

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\Qt5WebSockets.dll
    Filesize

    125KB

    MD5

    aaeac5122ab6a42e8b186ea771a72cc7

    SHA1

    26194f8d020d332990f33883294eb51bb8472bea

    SHA256

    41da80ee11c6d9caffa0ec863e61faf665c0ab3fea5add6febf131d2ad45071e

    SHA512

    f38b8c176f03c47bb7ed7942edfbcff7be20b1e796c5fa62a4fec2e3c7b664de06989699cd50be9c1cbae3501a9ac854870030576f5a4a8cc1cabf19bd73cf21

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\Qt5Widgets.dll
    Filesize

    4.3MB

    MD5

    a372a06ef5d5dfaeca77e54597585e03

    SHA1

    035c5bc89dd0fbe93ce411ebcb808c5fb50cc63d

    SHA256

    14230cbb6fcabd799c0269723c0f77dc46d4b89789b3d8eba0920ea217548c5a

    SHA512

    e68a5df0a1a70f0a11127d071dc528dec43a0d7e34ae568b282f3ed888a674b8ae0c80c0714d7f04fdc4a2fe4e820ae4629bf3429be7ab606784d9107b9f8604

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\fpxcore.dll
    Filesize

    6.6MB

    MD5

    8082299bc394324885eaadaa880c37f6

    SHA1

    4512b2441622d56089b12273feeb5ab466391639

    SHA256

    87434863f2a2f89b672adab0d2ba791fc01ba474b7a6ebbf20b85ae761f6a1c1

    SHA512

    91389a1b1fd2dd2743d88fb666e1a9d855ab3b73c75215be044daeb001a7dc744a82f3ced013e8def4d8449cd0612ebddd26cc04b555e1d3343773bdc747a10b

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\iconengines\qsvgicon.dll
    Filesize

    40KB

    MD5

    34732c85bc4f9bb4a4a2297a0aa20aad

    SHA1

    7e8d22f248e8d23b208807df1c86db99435afe49

    SHA256

    79e48711e6bdd497e9efc7c423f34f30d742db0aa04c0febd3b214004526a818

    SHA512

    3cb974eca119d2f521219c9f8037cd484d116a41ab3c8f2886b2219b75ff16c7accf619ba985645d1a8dc2c32c7acb10b03e3169111e786bd90a18fd69267f17

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\imageformats\qgif.dll
    Filesize

    38KB

    MD5

    6f1b578054aadf5e184d9153a0537364

    SHA1

    136c349a97957f406e45a60247fc1d2bd4296294

    SHA256

    c0964a239ba5b0b5262ac6ed36d41ba4b8c466d5e8cfc8577f8a061197e6272d

    SHA512

    28cc8d72e524dfbebc6ae35c150f874c082652cc6bc1d99712d0211219e893d63dfefeed8981dd2ed1097cf217d852c50845355d39691045bf19d53fa171750c

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\imageformats\qicns.dll
    Filesize

    42KB

    MD5

    3e887a30afb41edefc0651eed9478942

    SHA1

    5c132f72c3fb02497d565bfe066d1813e4d1e668

    SHA256

    af8a95934fddaee350425a26206b732567d6f47e52b33853447382e553df1916

    SHA512

    e9319e42349b491c9afb0ca72a1696f8af15e2b4bc9db0667057fecfd8b4fc7166c7ac4a0d764cd036c0784b5731b881a3da58d0914469b6e5495168172f8a48

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\imageformats\qico.dll
    Filesize

    36KB

    MD5

    3f7d35e556b2223286a9c70869192b20

    SHA1

    5e520e616170b4efd7f37f1f083b8c1613eedf8e

    SHA256

    004e88375bdf797c20a1fb83bcc461882155c3ce0bc51ef9f99f89beea11858b

    SHA512

    2158f0851cb08160e57aaba56e7eb7c6cf9d4e2e8104e2a458b23e8f11b468f1ce8950f45b1c85a777aade8c1ab3b53ba80eda4b101bd0689356d736294d8b18

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\imageformats\qjpeg.dll
    Filesize

    385KB

    MD5

    7adbe963467564d0e33335f9208209ab

    SHA1

    9773b6f12728e3e7b388972b5e44bcdbc5eb6d0b

    SHA256

    dfe1df3c8e7dec4a2e754f48012ccc18baa59b1332fa908a4cc34d09f260d010

    SHA512

    38f7e3bb4af8ac34abb779f2fbb64c9f96e9070de6385b2cfb381261ea863705d19ae9cb4a975f14f4b0fa62e9a47e1c3a21dccacd89989edc991f7b04b78d8d

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\imageformats\qpdf.dll
    Filesize

    33KB

    MD5

    6ec14154abfab839695ba85ba1d0d675

    SHA1

    7a6b116c5cb09fc6b2d48c0923395baddd7bbbc5

    SHA256

    7e05e808865b8633ff507482beefee9da290dbe5741bf12f0dae9eaf6faa0fdf

    SHA512

    e4bcc00221d9b3b9f1efb73e2e95c8c3fc906dc386cda4a3b486936cf62d2679ac291a0e754456d46d972ced7d906685f7778a3227f513f8cd8d0cc2308aba26

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\imageformats\qsvg.dll
    Filesize

    32KB

    MD5

    891c2966d58483c0e4b98dceb37d642a

    SHA1

    b1dbb83e021994b3ab8f3a3f5f9a7b5c7dfd9a1d

    SHA256

    236085c82fbbe4cc9a4a96a5744916da729cdfee91e89a8b56b68b0e8b831960

    SHA512

    1948f2bc9fe207ad2d5c2f23366ade8c27271bf6ca090e67c433c9033bde92852b5524d91d71f07a7277b18c1ecec966b0c5d6c6400dfff94c73969e2a7d0200

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\imageformats\qtga.dll
    Filesize

    31KB

    MD5

    015dba45aedc50a3ee5737c6bc7c97b1

    SHA1

    44545cd8ed24081a68f4524848c716f6c00e8281

    SHA256

    0adfc1901455be8fa9cfe420b0529c9f7a1fadcee4140ec0441256a1bb2235da

    SHA512

    66ad7811aba986339a2bd806aca7f5f8b33d2d4140e0cea5619642a3761447a2e8ef260cf06e22daf37df5df573b77b830cec9281065b64778a0bae3b5ac8376

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\imageformats\qtiff.dll
    Filesize

    356KB

    MD5

    6742a1c8b9687561ff37f385ac492c30

    SHA1

    5b9d8f698dc1ec47ab791225707db4af59360efc

    SHA256

    de742e6d940061f32d2dcaedbeaab6006f55b181db16d08faa66fc6eaf1ba8c2

    SHA512

    4eb40d887b6250951cb14f68918d3e6133367b246692b4d4eaf4c970d823d1183998280c1113e8453270dee8e94c52bb2ff36a6aed692b5bded3cefa480d64a6

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\imageformats\qwbmp.dll
    Filesize

    30KB

    MD5

    9228078a9ab4aa393a99c32b1a399e35

    SHA1

    6184f51bcfd52e3e14cdc0b595189fc7f89acdb9

    SHA256

    e45ac8841b5cb23ce1c46c8ca23cee7002ee66c77e6a6c8fde6e3a6a9ced581e

    SHA512

    f78aafbcc43af9ba9928619d55c1cc6ce3d996122cf9a68a31e9583317cbee31a88d62105eaf21053546b2ab5517761adf3f85e21ab444475b385fc9c52d6817

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\imageformats\qwebp.dll
    Filesize

    409KB

    MD5

    1bd1829d0fdd041dec9d50c8c0a77e32

    SHA1

    728afbad0fcf76395f98a46e1da06c500cdf8472

    SHA256

    190da7505ed54ad3ad06a274e73f00f26405a043bcac86fc437549dde8070719

    SHA512

    4dc545b03b9399c57ca01a69cff45d332fbb9da996746d8bf7fd84ec3cefcc45772a35c30a4cdd0f589ecf83910440dcbebd2b05fd7f6361f08004ebbb504eb5

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\platforms\qwindows.dll
    Filesize

    1.2MB

    MD5

    981f9dc4f537012d21aab34071896788

    SHA1

    58e0c4baf55f1908c6abf8f2b81fa5cab6a5c840

    SHA256

    334f317e5afd0b9cf05e85ba1c241e57cc84833658c6db04595c0f1accdfe69c

    SHA512

    d4327a401909fe8b0e9cf561c525a51fbd6e168cf6daf1513653c524b08d0fe12b9b2db588a3398ef1285e993cd3078a9d3770a676a001c61f3f358178266e5d

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\styles\qwindowsvistastyle.dll
    Filesize

    132KB

    MD5

    b65e3ef6042684b489d0cb2574b4d144

    SHA1

    98747aec7f187d03ee2604fca947744efcab0b99

    SHA256

    9fd317f3da3eee0d53dc78687aad61440dfbc30a0d42169be434731e11f423bb

    SHA512

    980a7e9a9265c275beeba3469a0e676bb68f0b18ee760b43c0b9ab9856a11cf23175d10b53532299e1f8c1f5b74aaace61352eef398b4307267812a698f0e008

    Download Submit

  • F:\FunPlus\Stormshot\1.0.0.77\vcruntime140.dll
    Filesize

    76KB

    MD5

    2cec885177f8e329a314f975806d0e3d

    SHA1

    942d6525d23833ac51af1fd0cb6c18f0aacc90fa

    SHA256

    e4989178cb90a65428bcb19b2f1d2c811ab66077b38c0645522d8669b176b99e

    SHA512

    210d12d8912341e1625bbc603060aaf37ded1fec58fe677b0f92dd5bdc89d1629f29b50f7e95985bda6c7f316790f753dee2305d154ae94f5ee7816886e91fb1

    Download Submit

  • F:\FunPlus\Stormshot\InstallSettings.ini
    Filesize

    88B

    MD5

    a3fdaf2faf2fcba6acc0c4b178ef0a8b

    SHA1

    71348996a945850512d3a07e074df0602de2b7bf

    SHA256

    87a3494e4fc9e49cc55a5cdcaa603f871651765d2bd1786c4d19a7ef604870b6

    SHA512

    f8a1989718cf568293c6f82f690d7e9cc0b9f82c869eb09e972e9db4aa6813ef8561969af6f2ab523883a5f7ac21bbd772f37fb216073e0fcac2aebf63f76789

    Download Submit

  • F:\FunPlus\Stormshot\Launcher.exe
    Filesize

    1.1MB

    MD5

    381ec7c34c3a2b3f3e60e5baf4f7a45e

    SHA1

    2cc0d0709e0426fb4037f0045a1477f5f3532535

    SHA256

    34bc81dad31472967339d8c6c97306f71635248f32d6e857f65142b1c737d7c3

    SHA512

    fc99c76a685efb3fb85d39426be84035f7404102730927ccb87ee18d54aa852f7e0e2349e0b0b9d57157198600b59934953eea31c7a43465e3e0f8fd8c1166a8

    Download Submit

  • F:\FunPlus\Stormshot\config\version.ini
    Filesize

    16B

    MD5

    973544deb07f9a9b7e1bbbe2225c8beb

    SHA1

    b04170d262f7430e94c8476f155304f3fe98d626

    SHA256

    37fe61bebb58563bd19268c2f3735c9157358f6918f3d34e006282a01f1b28f5

    SHA512

    4415e7b67d64b1d805f9aa7d24e9b8c8899af5942e43e77e1bb045e6c5719c60b049c762e015952851191cf1eff345d37cd408f832ae5e88c1c9025a90ace14d

    Download Submit

  • F:\FunPlus\Stormshot\prefs\st_global_setting.ini.lock
    Filesize

    64B

    MD5

    0dd89da454d705c79eb3932453a4dba6

    SHA1

    77dd9b76f3361d12e493b7a3a3d679832f300985

    SHA256

    5d30388c497cad7702a4ec614471cd6a10e3931f7b4460cc56e3fd2d7a3c3fe6

    SHA512

    934e73355c15a1949b15245c4b1ceae08ec54696e90758610fd15f4bcaee6e7deff399ff42f53714f26649032c5a09f5a05e0f99f0e4a67b73b63641299de5be

    Download Submit

  • F:\FunPlus\Stormshot\uninstall.exe
    Filesize

    1.6MB

    MD5

    c209993ad5cdd4a60b545dcd705dbe90

    SHA1

    a40493880173786a9e4492ad71bf752502a0d132

    SHA256

    e76e215ac26f7fddb9c09aeb9f0e15659574e8d099366b7e991d55f9634f6115

    SHA512

    5f6c0c735fa28706aac933ebbb092bd57eb378227090d0239a1bb884dd01645cff2c23c9d2cdf322c7b5ab20b2b87d61f5a086c35438f4d8c477ac7346bdaf4b

    Download Submit

  • memory/5708-700-0x0000000006A00000-0x0000000006E40000-memory.dmp

    Filesize

    4.2MB

    Download

  • memory/5708-702-0x0000000006E40000-0x0000000007040000-memory.dmp

    Filesize

    2.0MB

    Download