46b55211fa1efb987ad56441b71a9c4fb2d9c96dbc23ea9b58e3c22314120e7c

Resubmissions

05-08-2024 13:49

240805-q43fxsxglk 9

05-08-2024 13:48

240805-q4lhea1gra 7

Analysis

max time kernel
4s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
05-08-2024 13:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

UTCWebComponents.exe
Size

2.9MB
MD5

3dde23965058db0a131cfeff60aec9e8
SHA1

a40648440ffc40eb173b637f47e5137ca1f89753
SHA256

46b55211fa1efb987ad56441b71a9c4fb2d9c96dbc23ea9b58e3c22314120e7c
SHA512

abf725658aa67ab43541c6bbbc4c96f71fe7822b423451f0d12821609ff080982038c7949b57cbc79fb69e2f48e3de11a140af8dbd2354019cef8b8c60692a33
SSDEEP

49152:l2wQV7hy6LkgY9noahp/JHkngocXekwITf6v+osO+uUiaGgoENwg9k3jAHK75CXs:AwQV7lIgY9noahpBWcXeAT+4uHfECg9O

Score

7^/10

discovery

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
4924	UTCWebComponents.tmp

Loads dropped DLL 14 IoCs

pid	Process
4136	regsvr32.exe
4136	regsvr32.exe
4136	regsvr32.exe
4136	regsvr32.exe
4136	regsvr32.exe
4136	regsvr32.exe
4136	regsvr32.exe
4136	regsvr32.exe
4136	regsvr32.exe
4136	regsvr32.exe
4136	regsvr32.exe
4136	regsvr32.exe
4136	regsvr32.exe
4136	regsvr32.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 14 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\UTC Web Components\unins000.dat	UTCWebComponents.tmp
File created	C:\Program Files (x86)\UTC Web Components\is-AEQSG.tmp	UTCWebComponents.tmp
File created	C:\Program Files (x86)\UTC Web Components\is-4PVNR.tmp	UTCWebComponents.tmp
File created	C:\Program Files (x86)\UTC Web Components\is-70ANN.tmp	UTCWebComponents.tmp
File created	C:\Program Files (x86)\UTC Web Components\is-B4BMH.tmp	UTCWebComponents.tmp
File created	C:\Program Files (x86)\UTC Web Components\is-R9CIA.tmp	UTCWebComponents.tmp
File created	C:\Program Files (x86)\UTC Web Components\is-KRE5M.tmp	UTCWebComponents.tmp
File created	C:\Program Files (x86)\UTC Web Components\is-K1F8V.tmp	UTCWebComponents.tmp
File opened for modification	C:\Program Files (x86)\UTC Web Components\unins000.dat	UTCWebComponents.tmp
File created	C:\Program Files (x86)\UTC Web Components\is-CGUPF.tmp	UTCWebComponents.tmp
File created	C:\Program Files (x86)\UTC Web Components\is-K2VD2.tmp	UTCWebComponents.tmp
File created	C:\Program Files (x86)\UTC Web Components\is-ST9O2.tmp	UTCWebComponents.tmp
File created	C:\Program Files (x86)\UTC Web Components\is-MLIEF.tmp	UTCWebComponents.tmp
File created	C:\Program Files (x86)\UTC Web Components\is-9LBS0.tmp	UTCWebComponents.tmp

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 3 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	regsvr32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	UTCWebComponents.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	UTCWebComponents.tmp

Modifies registry class 64 IoCs

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FB73DB17-348E-40DB-B6A7-FAB893B77DFD}\ = "UTCWebVideoActiveX Control"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FB73DB17-348E-40DB-B6A7-FAB893B77DFD}\Control	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FB73DB17-348E-40DB-B6A7-FAB893B77DFD}\TypeLib	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{17C5DA3B-A1A7-401B-9D52-6EF0C4455F76}\ = "_DWebVideoActiveX"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A45FBFAA-CA68-41CF-A422-CB5B6E7B90DF}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A45FBFAA-CA68-41CF-A422-CB5B6E7B90DF}\TypeLib\ = "{F33DD1EC-CD79-46AA-92AB-22B52BF266A8}"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A45FBFAA-CA68-41CF-A422-CB5B6E7B90DF}\TypeLib\Version = "1.0"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FB73DB17-348E-40DB-B6A7-FAB893B77DFD}\Implemented Categories	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FB73DB17-348E-40DB-B6A7-FAB893B77DFD}\Version\ = "1.0"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FB73DB17-348E-40DB-B6A7-FAB893B77DFD}\InprocServer32\ThreadingModel = "Apartment"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FB73DB17-348E-40DB-B6A7-FAB893B77DFD}\MiscStatus\ = "0"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F33DD1EC-CD79-46AA-92AB-22B52BF266A8}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A45FBFAA-CA68-41CF-A422-CB5B6E7B90DF}	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\UTCWebVideoActiveX.UTCWebVideoActiveXCtrl.1\CLSID\ = "{FB73DB17-348E-40DB-B6A7-FAB893B77DFD}"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FB73DB17-348E-40DB-B6A7-FAB893B77DFD}\ProgID	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FB73DB17-348E-40DB-B6A7-FAB893B77DFD}\ToolboxBitmap32\ = "C:\\PROGRA~2\\UTCWEB~1\\UTCWEB~1.OCX, 1"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F33DD1EC-CD79-46AA-92AB-22B52BF266A8}\1.0\0\win32	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{17C5DA3B-A1A7-401B-9D52-6EF0C4455F76}\ProxyStubClsid32	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{17C5DA3B-A1A7-401B-9D52-6EF0C4455F76}\TypeLib\Version = "1.0"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A45FBFAA-CA68-41CF-A422-CB5B6E7B90DF}	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A45FBFAA-CA68-41CF-A422-CB5B6E7B90DF}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{17C5DA3B-A1A7-401B-9D52-6EF0C4455F76}	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{17C5DA3B-A1A7-401B-9D52-6EF0C4455F76}\TypeLib\ = "{F33DD1EC-CD79-46AA-92AB-22B52BF266A8}"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A45FBFAA-CA68-41CF-A422-CB5B6E7B90DF}\ = "_DWebVideoActiveXEvents"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A45FBFAA-CA68-41CF-A422-CB5B6E7B90DF}\ProxyStubClsid32	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\UTCWebVideoActiveX.UTCWebVideoActiveXCtrl.1\ = "UTCWebVideoActiveX Control"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\UTCWebVideoActiveX.UTCWebVideoActiveXCtrl.1\Insertable	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{17C5DA3B-A1A7-401B-9D52-6EF0C4455F76}\TypeLib\ = "{F33DD1EC-CD79-46AA-92AB-22B52BF266A8}"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A45FBFAA-CA68-41CF-A422-CB5B6E7B90DF}\TypeLib\Version = "1.0"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Component Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\UTCWebVideoActiveX.UTCWebVideoActiveXCtrl.1\CLSID	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FB73DB17-348E-40DB-B6A7-FAB893B77DFD}\TypeLib\ = "{F33DD1EC-CD79-46AA-92AB-22B52BF266A8}"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F33DD1EC-CD79-46AA-92AB-22B52BF266A8}\1.0\0\win32\ = "C:\\Program Files (x86)\\UTC Web Components\\UTCWebVideoActiveX.ocx"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{17C5DA3B-A1A7-401B-9D52-6EF0C4455F76}\TypeLib	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{17C5DA3B-A1A7-401B-9D52-6EF0C4455F76}\ = "_DWebVideoActiveX"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{C6CC35F9-4417-46A3-815D-6FC7322EF293}\InprocServer32	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FB73DB17-348E-40DB-B6A7-FAB893B77DFD}\InprocServer32\ = "C:\\PROGRA~2\\UTCWEB~1\\UTCWEB~1.OCX"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FB73DB17-348E-40DB-B6A7-FAB893B77DFD}\MiscStatus	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\UTCWebVideoActiveX.UTCWebVideoActiveXCtrl.1\Insertable\	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FB73DB17-348E-40DB-B6A7-FAB893B77DFD}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F33DD1EC-CD79-46AA-92AB-22B52BF266A8}\1.0\HELPDIR\ = "C:\\Program Files (x86)\\UTC Web Components"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{17C5DA3B-A1A7-401B-9D52-6EF0C4455F76}\ProxyStubClsid32	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{C6CC35F9-4417-46A3-815D-6FC7322EF293}\ = "UTCWebVideoActiveX Property Page"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Component Categories	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Component Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F33DD1EC-CD79-46AA-92AB-22B52BF266A8}\1.0	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F33DD1EC-CD79-46AA-92AB-22B52BF266A8}\1.0\HELPDIR	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{17C5DA3B-A1A7-401B-9D52-6EF0C4455F76}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F33DD1EC-CD79-46AA-92AB-22B52BF266A8}\1.0\FLAGS	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F33DD1EC-CD79-46AA-92AB-22B52BF266A8}\1.0\FLAGS\ = "2"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A45FBFAA-CA68-41CF-A422-CB5B6E7B90DF}\ProxyStubClsid32	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FB73DB17-348E-40DB-B6A7-FAB893B77DFD}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F33DD1EC-CD79-46AA-92AB-22B52BF266A8}\1.0\0	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{C6CC35F9-4417-46A3-815D-6FC7322EF293}\InprocServer32\ = "C:\\PROGRA~2\\UTCWEB~1\\UTCWEB~1.OCX"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FB73DB17-348E-40DB-B6A7-FAB893B77DFD}\Control\	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FB73DB17-348E-40DB-B6A7-FAB893B77DFD}\Version	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FB73DB17-348E-40DB-B6A7-FAB893B77DFD}\Insertable	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{17C5DA3B-A1A7-401B-9D52-6EF0C4455F76}\TypeLib	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A45FBFAA-CA68-41CF-A422-CB5B6E7B90DF}\TypeLib	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FB73DB17-348E-40DB-B6A7-FAB893B77DFD}\ToolboxBitmap32	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FB73DB17-348E-40DB-B6A7-FAB893B77DFD}\MiscStatus\1	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FB73DB17-348E-40DB-B6A7-FAB893B77DFD}\MiscStatus\1\ = "131473"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FB73DB17-348E-40DB-B6A7-FAB893B77DFD}\Insertable\	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A45FBFAA-CA68-41CF-A422-CB5B6E7B90DF}\TypeLib\ = "{F33DD1EC-CD79-46AA-92AB-22B52BF266A8}"	regsvr32.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
4924	UTCWebComponents.tmp

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 1460 wrote to memory of 4924	1460	UTCWebComponents.exe	73
PID 1460 wrote to memory of 4924	1460	UTCWebComponents.exe	73
PID 1460 wrote to memory of 4924	1460	UTCWebComponents.exe	73
PID 4924 wrote to memory of 4136	4924	UTCWebComponents.tmp	74
PID 4924 wrote to memory of 4136	4924	UTCWebComponents.tmp	74
PID 4924 wrote to memory of 4136	4924	UTCWebComponents.tmp	74

C:\Users\Admin\AppData\Local\Temp\UTCWebComponents.exe
"C:\Users\Admin\AppData\Local\Temp\UTCWebComponents.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:1460
- C:\Users\Admin\AppData\Local\Temp\is-3EDUT.tmp\UTCWebComponents.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-3EDUT.tmp\UTCWebComponents.tmp" /SL5="$80110,2726915,53760,C:\Users\Admin\AppData\Local\Temp\UTCWebComponents.exe"
  2⤵
  - Executes dropped EXE
  - Drops file in Program Files directory
  - System Location Discovery: System Language Discovery
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:4924
- - C:\Windows\SysWOW64\regsvr32.exe
    "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\UTC Web Components\UTCWebVideoActiveX.ocx"
    3⤵
    - Loads dropped DLL
    - System Location Discovery: System Language Discovery
    - Modifies registry class
    PID:4136

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\UTC Web Components\AudioIntercom.dll

Filesize
354KB

MD5
1e6ea5d69451c7165e4481001e484d3d

SHA1
deb97c00703021247ea08573360bc539c3e695fc

SHA256
4d6a7800c6fae1754d43070087bab71ed70b3e9051dcb756b85b7398ec03a28d

SHA512
5ac3dacdd989a00ffcb3549f8cd8d5b2c293c600a5638d191c07188a111620572eb89afbf83acdecd07635009892027ac4890509a0f8768307409fa9209818ec

Download Submit
C:\Program Files (x86)\UTC Web Components\NetStream.dll

Filesize
1.2MB

MD5
f7583a78a988f24966e09fd9cae71d58

SHA1
459f6e7167faea7e94079ea67b738cd16c56df01

SHA256
c88f2cfc9e91cb9618f98480ec4375de2d332ccab613112337c0ada2c9d7e975

SHA512
1d073b5c12699e9cf7f016cb6aded5c990590b0e09842d8e4f62959ca9a13ace6f2a9b08455cb0021ef418edb0e69ae5cffda1affe19329c6a2c22837acca51c

Download Submit
C:\Program Files (x86)\UTC Web Components\PlayCtrl.dll

Filesize
3.5MB

MD5
57808c7fc5c4877dc97fd1fadb661f70

SHA1
8c3092d0a5d04a02c6808140576105063cb96d87

SHA256
6caf3e51f5e6715d52404d9891d8c3a88875dde7da7e502281dd8a26b219df21

SHA512
89104ee9cc6cc483c0bc359068d3f37bcc46ba5077a7ea0a74b0814d77374c6ae50dad7cb633934131e01fa9984b8df64c623ace177c1d140d6cb0c9eed3c382

Download Submit
C:\Program Files (x86)\UTC Web Components\StreamTransClient.dll

Filesize
256KB

MD5
653c99f74f00ac7d6bdb8b997908693a

SHA1
f71590b81fe9846060e460395ef6812de8493d1c

SHA256
d4c1daf83ddee781834cf6c9de40141c11736b1fcf250974a34206970ac65cef

SHA512
dff628ab593133991b2323239723c0b8eb2d4e9e67ef46d868a72f865ad8da4fcc24ad82d335bb41d88f269b96bd57fa872a5135ac50d59565b0aacf69d0ed1e

Download Submit
C:\Program Files (x86)\UTC Web Components\SuperRender.dll

Filesize
326KB

MD5
3f7e90cb0c6f6a420701ec3a88d54db3

SHA1
0a83ab45ebb3997a2b0e6452d730ecc874930ade

SHA256
804c577d54a35e81c8eac74bf00f00adb7fe0c8760368aedde3fb285a5d565bf

SHA512
d552ec2cf828e1aed89d390c39d26ff5ebb980fac3c7e75ca37ff87730579f633d1361c19eb10c6594bc13edadf448b5ceb0f0556fdab51280c26d0edbc65ba0

Download Submit
C:\Program Files (x86)\UTC Web Components\UTCWebVideoActiveX.ocx

Filesize
346KB

MD5
1a51297ffee085d6d9c0a8259fa2675c

SHA1
6bb948a2b3a4c97fa2fa1d69148d9e093769346e

SHA256
78f4900fa7816990472666d27d70ddd090d6fa173c1809c060f72f6badea3485

SHA512
c6a3a7e4928dd1772ea80a9a4362ffe05ce7c031fa7111777a3e01c7e143011d1ed773334f84c479eb93cf9fdb01856f025b8969cbd09591f20e34b854c16292

Download Submit
C:\Program Files (x86)\UTC Web Components\d3dx9_43.dll

Filesize
1.9MB

MD5
86e39e9161c3d930d93822f1563c280d

SHA1
f5944df4142983714a6d9955e6e393d9876c1e11

SHA256
0b28546be22c71834501f7d7185ede5d79742457331c7ee09efc14490dd64f5f

SHA512
0a3e311c4fd5c2194a8807469e47156af35502e10aeb8a3f64a01ff802cd8669c7e668cc87b593b182fd830a126d002b5d5d7b6c77991158bffdb0b5b997f6b3

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-3EDUT.tmp\UTCWebComponents.tmp

Filesize
680KB

MD5
14924c1b767c6e6a24be1235b250eb86

SHA1
6a11e672b51d597db871ede8dde868ef3cdea0a7

SHA256
8148e8e6916f0df121f26fa5465021ce192546eea4c0a363859ef5ea39e65386

SHA512
1200e08f1f0167cee1443ac4ec57cacdb468061295d8708d831a7947f4baf056027734ca73cdb2031af3ca1e1dd72c1f63563d309325aa0be7ebc0df14895e06

Download Submit
\Program Files (x86)\UTC Web Components\AudioRender.dll

Filesize
80KB

MD5
dc44c208f60e7451fad7a28455a8aee1

SHA1
9fba99f7f584f49005bd665b08ec21c382e2e307

SHA256
cebbdd04b47d619b02fced2ca28aa19796f80ade141457ad391a5f1bff75ea51

SHA512
e967eec6f8faa42876c95d6c9d3ecf6d4b9397622c8ab81cc2937148362d06dca69d56e25a218ffe69c625f542417b29b5d7b0d23ece8dbbcedca04625907788

Download Submit
\Program Files (x86)\UTC Web Components\OpenAL32.dll

Filesize
417KB

MD5
52c83a72943b529b7f495b0606c117b6

SHA1
dcc74f5109a09c4cec8274f2968159c80016002d

SHA256
b21ae0059a8182a51d1645a44f403429e60e26453353c0d708d7f501557ca01c

SHA512
17179685e6e65c9130ccaea16c8953be818e4c6502595cb2e6dabebbc05f904e98b1797173e880ddfb64276cb0b53d48d8caae28457d1531160810af90eb6706

Download Submit
memory/1460-2-0x0000000000401000-0x000000000040B000-memory.dmp

Filesize
40KB

Download
memory/1460-79-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/1460-0-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/4136-56-0x0000000005EF0000-0x00000000062B4000-memory.dmp

Filesize
3.8MB

Download
memory/4136-51-0x0000000005400000-0x000000000554E000-memory.dmp

Filesize
1.3MB

Download
memory/4136-70-0x0000000006350000-0x00000000063B2000-memory.dmp

Filesize
392KB

Download
memory/4136-63-0x00000000062C0000-0x0000000006342000-memory.dmp

Filesize
520KB

Download
memory/4136-46-0x0000000005030000-0x0000000005268000-memory.dmp

Filesize
2.2MB

Download
memory/4924-78-0x0000000000400000-0x00000000004BA000-memory.dmp

Filesize
744KB

Download
memory/4924-10-0x0000000000400000-0x00000000004BA000-memory.dmp

Filesize
744KB

Download