Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

URLScan

urlscan

1

https://getintopc.co...

windows10-2004-x64

8

Resubmissions

09/08/2024, 14:22

240809-rpv9qsvhnd 8

09/08/2024, 13:58

240809-q9zl8a1erk 8

Analysis

  • max time kernel
    470s
  • max time network
    474s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/08/2024, 14:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://getintopc.com/softwares/multimedia/magix-vegas-pro-2022-free-download-1213161/

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Signatures

  • Downloads MZ/PE file
  • Event Triggered Execution: Image File Execution Options Injection 1 TTPs 2 IoCs
    persistence
  • Checks computer location settings 2 TTPs 2 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Event Triggered Execution: Component Object Model Hijacking 1 TTPs

    Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    persistenceprivilege_escalation
  • Executes dropped EXE 25 IoCs
  • Loads dropped DLL 64 IoCs
  • Adds Run key to start application 2 TTPs 2 IoCs
    persistence
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Enumerates connected drives 3 TTPs 46 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Checks system information in the registry 2 TTPs 10 IoCs

    System information is often read in order to detect sandboxing environments.

  • Drops file in System32 directory 64 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 64 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 64 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 3 IoCs

    Adversaries may check for Internet connectivity on compromised systems.

    discovery
  • Checks SCSI registry key(s) 3 TTPs 5 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies Control Panel 7 IoCs
    evasion
  • Modifies data under HKEY_USERS 64 IoCs
  • Modifies registry class 64 IoCs
  • Modifies system certificate store 2 TTPs 3 IoCs
    evasionspywaretrojan
  • NTFS ADS 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 40 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 24 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 26 IoCs
  • Suspicious use of SetWindowsHookEx 27 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

    persistence
  • Uses Volume Shadow Copy WMI provider

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware
  • Uses Volume Shadow Copy service COM API

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://getintopc.com/softwares/multimedia/magix-vegas-pro-2022-free-download-1213161/
    1⤵
    • Enumerates system info in registry
    • NTFS ADS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:888
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9b8ed46f8,0x7ff9b8ed4708,0x7ff9b8ed4718
      2⤵
        PID:4376
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2
        2⤵
          PID:2064
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:1136
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2556 /prefetch:8
          2⤵
            PID:3888
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
            2⤵
              PID:2680
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
              2⤵
                PID:1816
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5024 /prefetch:1
                2⤵
                  PID:3972
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5476 /prefetch:8
                  2⤵
                    PID:384
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5476 /prefetch:8
                    2⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:1280
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5616 /prefetch:1
                    2⤵
                      PID:2900
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5916 /prefetch:1
                      2⤵
                        PID:3688
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1
                        2⤵
                          PID:2564
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6252 /prefetch:1
                          2⤵
                            PID:4772
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6056 /prefetch:1
                            2⤵
                              PID:3980
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6484 /prefetch:8
                              2⤵
                                PID:1796
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6072 /prefetch:1
                                2⤵
                                  PID:1780
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6920 /prefetch:1
                                  2⤵
                                    PID:5172
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6864 /prefetch:1
                                    2⤵
                                      PID:5180
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6648 /prefetch:1
                                      2⤵
                                        PID:5340
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6284 /prefetch:1
                                        2⤵
                                          PID:5348
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7148 /prefetch:1
                                          2⤵
                                            PID:5848
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7212 /prefetch:1
                                            2⤵
                                              PID:6092
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6860 /prefetch:8
                                              2⤵
                                                PID:5236
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=7200 /prefetch:8
                                                2⤵
                                                • Suspicious behavior: EnumeratesProcesses
                                                PID:5248
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7272 /prefetch:1
                                                2⤵
                                                  PID:1476
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6584 /prefetch:1
                                                  2⤵
                                                    PID:2768
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4940 /prefetch:1
                                                    2⤵
                                                      PID:5820
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7396 /prefetch:1
                                                      2⤵
                                                        PID:6016
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6640 /prefetch:8
                                                        2⤵
                                                          PID:6124
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7476 /prefetch:8
                                                          2⤵
                                                          • Suspicious behavior: EnumeratesProcesses
                                                          PID:3108
                                                        • C:\Users\Admin\Downloads\7z2407.exe
                                                          "C:\Users\Admin\Downloads\7z2407.exe"
                                                          2⤵
                                                          • Executes dropped EXE
                                                          • System Location Discovery: System Language Discovery
                                                          • Suspicious use of SetWindowsHookEx
                                                          PID:5664
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6864 /prefetch:1
                                                          2⤵
                                                            PID:5388
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4536 /prefetch:1
                                                            2⤵
                                                              PID:536
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6996 /prefetch:1
                                                              2⤵
                                                                PID:4816
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7720 /prefetch:1
                                                                2⤵
                                                                  PID:4008
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7712 /prefetch:2
                                                                  2⤵
                                                                  • Suspicious behavior: EnumeratesProcesses
                                                                  PID:5508
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7416 /prefetch:1
                                                                  2⤵
                                                                    PID:5024
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2156,13638408265270989557,5359932642114728462,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7292 /prefetch:8
                                                                    2⤵
                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                    PID:6068
                                                                • C:\Windows\System32\CompPkgSrv.exe
                                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                  1⤵
                                                                    PID:3120
                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                    1⤵
                                                                      PID:3384
                                                                    • C:\Windows\System32\rundll32.exe
                                                                      C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                      1⤵
                                                                        PID:5036
                                                                      • C:\Program Files\7-Zip\7zFM.exe
                                                                        "C:\Program Files\7-Zip\7zFM.exe"
                                                                        1⤵
                                                                        • Suspicious behavior: GetForegroundWindowSpam
                                                                        • Suspicious use of AdjustPrivilegeToken
                                                                        PID:2632
                                                                      • C:\Users\Admin\Desktop\MAGIX_VEGAS_Pro_20.0.0.13\VEGAS_Pro_20.0.0.139_DE-EN-FR-ES.exe
                                                                        "C:\Users\Admin\Desktop\MAGIX_VEGAS_Pro_20.0.0.13\VEGAS_Pro_20.0.0.139_DE-EN-FR-ES.exe"
                                                                        1⤵
                                                                        • Checks computer location settings
                                                                        • Executes dropped EXE
                                                                        • System Location Discovery: System Language Discovery
                                                                        • Suspicious use of SetWindowsHookEx
                                                                        PID:1920
                                                                        • C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\product\VEGAS_Pro_20_setup.exe
                                                                          "C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\product\VEGAS_Pro_20_setup.exe" -m C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\SetupValues.dat
                                                                          2⤵
                                                                          • Executes dropped EXE
                                                                          • Enumerates connected drives
                                                                          • System Location Discovery: System Language Discovery
                                                                          • Modifies system certificate store
                                                                          • Suspicious use of AdjustPrivilegeToken
                                                                          • Suspicious use of SetWindowsHookEx
                                                                          PID:2968
                                                                          • C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\addon\vcredist2013_12.0.40664\vcredist_x86.exe
                                                                            "C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\addon\vcredist2013_12.0.40664\vcredist_x86.exe" /quiet /norestart /l "C:\Users\Admin\AppData\Local\Temp\MxMsiLogs\VEGAS_Pro_20_20240809_143054\001#Install#vcredist2013_12_0_40664_x86.txt"
                                                                            3⤵
                                                                            • Executes dropped EXE
                                                                            • Adds Run key to start application
                                                                            • System Location Discovery: System Language Discovery
                                                                            • Suspicious use of AdjustPrivilegeToken
                                                                            • Suspicious use of SetWindowsHookEx
                                                                            PID:3952
                                                                            • C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\addon\vcredist2013_12.0.40664\vcredist_x86.exe
                                                                              "C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\addon\vcredist2013_12.0.40664\vcredist_x86.exe" /quiet /norestart /l "C:\Users\Admin\AppData\Local\Temp\MxMsiLogs\VEGAS_Pro_20_20240809_143054\001#Install#vcredist2013_12_0_40664_x86.txt" -burn.unelevated BurnPipe.{CE22DE04-16D5-4D22-A96A-08835DAA5931} {E85CB684-2CC8-4AE7-BF74-7032792DDACE} 3952
                                                                              4⤵
                                                                              • Executes dropped EXE
                                                                              • Loads dropped DLL
                                                                              • System Location Discovery: System Language Discovery
                                                                              • Suspicious use of SetWindowsHookEx
                                                                              PID:3040
                                                                            • C:\ProgramData\Package Cache\{61087a79-ac85-455c-934d-1fa22cc64f36}\vcredist_x86.exe
                                                                              "C:\ProgramData\Package Cache\{61087a79-ac85-455c-934d-1fa22cc64f36}\vcredist_x86.exe" -uninstall -quiet -burn.related.upgrade -burn.ancestors={9dff3540-fc85-4ed5-ac84-9e3c7fd8bece} -burn.embedded BurnPipe.{FCA63D69-FDD4-4651-ADB1-A5D26CFCFFDC} {8333014B-099E-4283-8D62-79A2A83D9CE2} 3952
                                                                              4⤵
                                                                              • System Location Discovery: System Language Discovery
                                                                              • Suspicious use of SetWindowsHookEx
                                                                              PID:5576
                                                                              • C:\ProgramData\Package Cache\{61087a79-ac85-455c-934d-1fa22cc64f36}\vcredist_x86.exe
                                                                                "C:\ProgramData\Package Cache\{61087a79-ac85-455c-934d-1fa22cc64f36}\vcredist_x86.exe" -uninstall -quiet -burn.related.upgrade -burn.ancestors={9dff3540-fc85-4ed5-ac84-9e3c7fd8bece} -burn.embedded BurnPipe.{FCA63D69-FDD4-4651-ADB1-A5D26CFCFFDC} {8333014B-099E-4283-8D62-79A2A83D9CE2} 3952 -burn.unelevated BurnPipe.{C524DED2-9A63-44EB-801D-D4183B4F3BF8} {A627379D-E3FD-4D82-B3AA-0F315B60CF16} 5576
                                                                                5⤵
                                                                                • Loads dropped DLL
                                                                                • System Location Discovery: System Language Discovery
                                                                                • Suspicious use of SetWindowsHookEx
                                                                                PID:1460
                                                                          • C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\addon\vcredist2013_12.0.40664\vcredist_x64.exe
                                                                            "C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\addon\vcredist2013_12.0.40664\vcredist_x64.exe" /quiet /norestart /l "C:\Users\Admin\AppData\Local\Temp\MxMsiLogs\VEGAS_Pro_20_20240809_143054\002#Install#vcredist2013_12_0_40664_x64.txt"
                                                                            3⤵
                                                                            • Executes dropped EXE
                                                                            • Adds Run key to start application
                                                                            • System Location Discovery: System Language Discovery
                                                                            • Suspicious use of SetWindowsHookEx
                                                                            PID:5712
                                                                            • C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\addon\vcredist2013_12.0.40664\vcredist_x64.exe
                                                                              "C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\addon\vcredist2013_12.0.40664\vcredist_x64.exe" /quiet /norestart /l "C:\Users\Admin\AppData\Local\Temp\MxMsiLogs\VEGAS_Pro_20_20240809_143054\002#Install#vcredist2013_12_0_40664_x64.txt" -burn.unelevated BurnPipe.{278B6169-24B7-437C-B72C-83A296BFFE23} {A58E3929-E766-4F84-AF3B-1468D707AC46} 5712
                                                                              4⤵
                                                                              • Executes dropped EXE
                                                                              • Loads dropped DLL
                                                                              • System Location Discovery: System Language Discovery
                                                                              • Suspicious use of SetWindowsHookEx
                                                                              PID:5900
                                                                            • C:\ProgramData\Package Cache\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}\vcredist_x64.exe
                                                                              "C:\ProgramData\Package Cache\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}\vcredist_x64.exe" -uninstall -quiet -burn.related.upgrade -burn.ancestors={042d26ef-3dbe-4c25-95d3-4c1b11b235a7} -burn.embedded BurnPipe.{0F06C499-19A4-43F7-B7FF-946F8474714B} {07827730-6496-4F3E-A8DF-CED881489509} 5712
                                                                              4⤵
                                                                              • System Location Discovery: System Language Discovery
                                                                              • Modifies registry class
                                                                              • Suspicious use of SetWindowsHookEx
                                                                              PID:3284
                                                                              • C:\ProgramData\Package Cache\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}\vcredist_x64.exe
                                                                                "C:\ProgramData\Package Cache\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}\vcredist_x64.exe" -uninstall -quiet -burn.related.upgrade -burn.ancestors={042d26ef-3dbe-4c25-95d3-4c1b11b235a7} -burn.embedded BurnPipe.{0F06C499-19A4-43F7-B7FF-946F8474714B} {07827730-6496-4F3E-A8DF-CED881489509} 5712 -burn.unelevated BurnPipe.{72FE0C34-F2C8-49C8-8F03-8177B37CA7B9} {48135A2B-FDBF-4743-93EF-6F67E9C69AFE} 3284
                                                                                5⤵
                                                                                • Loads dropped DLL
                                                                                • System Location Discovery: System Language Discovery
                                                                                • Suspicious use of SetWindowsHookEx
                                                                                PID:4320
                                                                          • C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\addon\WebView2\MicrosoftEdgeWebView2RuntimeInstallerX64.exe
                                                                            "C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\addon\WebView2\MicrosoftEdgeWebView2RuntimeInstallerX64.exe" /silent /install
                                                                            3⤵
                                                                            • Executes dropped EXE
                                                                            • Drops file in Program Files directory
                                                                            • System Location Discovery: System Language Discovery
                                                                            • Suspicious use of SetWindowsHookEx
                                                                            PID:5908
                                                                            • C:\Program Files (x86)\Microsoft\Temp\EU56ED.tmp\MicrosoftEdgeUpdate.exe
                                                                              "C:\Program Files (x86)\Microsoft\Temp\EU56ED.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20WebView2%20Runtime&needsadmin=Prefers"
                                                                              4⤵
                                                                              • Event Triggered Execution: Image File Execution Options Injection
                                                                              • Checks computer location settings
                                                                              • Executes dropped EXE
                                                                              • Loads dropped DLL
                                                                              • Checks system information in the registry
                                                                              • System Location Discovery: System Language Discovery
                                                                              • Suspicious behavior: EnumeratesProcesses
                                                                              • Suspicious use of SetWindowsHookEx
                                                                              PID:3716
                                                                              • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                                "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
                                                                                5⤵
                                                                                • Executes dropped EXE
                                                                                • Loads dropped DLL
                                                                                • Modifies registry class
                                                                                • Suspicious use of SetWindowsHookEx
                                                                                PID:1660
                                                                              • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                                "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
                                                                                5⤵
                                                                                • Executes dropped EXE
                                                                                • Loads dropped DLL
                                                                                • System Location Discovery: System Language Discovery
                                                                                • Modifies registry class
                                                                                • Suspicious use of SetWindowsHookEx
                                                                                PID:5972
                                                                                • C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.155.77\MicrosoftEdgeUpdateComRegisterShell64.exe
                                                                                  "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.155.77\MicrosoftEdgeUpdateComRegisterShell64.exe"
                                                                                  6⤵
                                                                                  • Executes dropped EXE
                                                                                  • Loads dropped DLL
                                                                                  • Modifies registry class
                                                                                  PID:5484
                                                                                • C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.155.77\MicrosoftEdgeUpdateComRegisterShell64.exe
                                                                                  "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.155.77\MicrosoftEdgeUpdateComRegisterShell64.exe"
                                                                                  6⤵
                                                                                  • Executes dropped EXE
                                                                                  • Loads dropped DLL
                                                                                  • Modifies registry class
                                                                                  PID:3956
                                                                                • C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.155.77\MicrosoftEdgeUpdateComRegisterShell64.exe
                                                                                  "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.155.77\MicrosoftEdgeUpdateComRegisterShell64.exe"
                                                                                  6⤵
                                                                                  • Executes dropped EXE
                                                                                  • Loads dropped DLL
                                                                                  • Modifies registry class
                                                                                  PID:4576
                                                                              • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                                "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNTUuNzciIHNoZWxsX3ZlcnNpb249IjEuMy4xNTUuNzciIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NDRGRDBBRUMtQjQ0Ny00RDQ4LThBODYtOUI1OEREODkxMkQ5fSIgdXNlcmlkPSJ7MEJENEE5NTQtNUFFNi00ODA1LUEwNzEtRTUwNjRCRkIxRTkwfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntBOEM4NTVFMy03MUQxLTQzM0ItODkxQy1BNDY2MkNENjk0MDR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNDcuMzciIG5leHR2ZXJzaW9uPSIxLjMuMTU1Ljc3IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBpbnN0YWxsX3RpbWVfbXM9IjUyNSIvPjwvYXBwPjwvcmVxdWVzdD4
                                                                                5⤵
                                                                                • Executes dropped EXE
                                                                                • Loads dropped DLL
                                                                                • Checks system information in the registry
                                                                                • System Location Discovery: System Language Discovery
                                                                                • System Network Configuration Discovery: Internet Connection Discovery
                                                                                • Suspicious use of SetWindowsHookEx
                                                                                PID:6056
                                                                              • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                                "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20WebView2%20Runtime&needsadmin=Prefers" /installsource offline /sessionid "{44FD0AEC-B447-4D48-8A86-9B58DD8912D9}" /silent /offlinedir "{C6CF0793-FFFF-4D2E-92E4-5AF26D62A30F}"
                                                                                5⤵
                                                                                • Executes dropped EXE
                                                                                • Loads dropped DLL
                                                                                • System Location Discovery: System Language Discovery
                                                                                • Suspicious use of SetWindowsHookEx
                                                                                PID:2880
                                                                      • C:\Windows\system32\msiexec.exe
                                                                        C:\Windows\system32\msiexec.exe /V
                                                                        1⤵
                                                                        • Enumerates connected drives
                                                                        • Drops file in System32 directory
                                                                        • Drops file in Program Files directory
                                                                        • Drops file in Windows directory
                                                                        • Modifies data under HKEY_USERS
                                                                        • Modifies registry class
                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                        • Suspicious use of AdjustPrivilegeToken
                                                                        PID:4364
                                                                        • C:\Windows\syswow64\MsiExec.exe
                                                                          C:\Windows\syswow64\MsiExec.exe -Embedding D46A673C255AEFB87A6828296E253389
                                                                          2⤵
                                                                          • Loads dropped DLL
                                                                          • System Location Discovery: System Language Discovery
                                                                          PID:4568
                                                                        • C:\Windows\syswow64\MsiExec.exe
                                                                          C:\Windows\syswow64\MsiExec.exe -Embedding D0DD1A85ED05D8764A38DB9621FDDDD6 E Global\MSI0000
                                                                          2⤵
                                                                          • Loads dropped DLL
                                                                          • System Location Discovery: System Language Discovery
                                                                          PID:6112
                                                                          • C:\Program Files\VEGAS\VEGAS Pro 20.0\vegas200.exe
                                                                            "C:\Program Files\VEGAS\VEGAS Pro 20.0\vegas200.exe" /register /user 1085
                                                                            3⤵
                                                                            • Executes dropped EXE
                                                                            • Drops file in System32 directory
                                                                            • Modifies data under HKEY_USERS
                                                                            • Modifies registry class
                                                                            • Suspicious use of SetWindowsHookEx
                                                                            PID:4808
                                                                          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
                                                                            C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe install "C:\Program Files\VEGAS\VEGAS Pro 20.0\bdmux\BdmuxServer.exe"
                                                                            3⤵
                                                                            • Drops file in Windows directory
                                                                            • System Location Discovery: System Language Discovery
                                                                            PID:6108
                                                                            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 20c -InterruptEvent 0 -NGENProcess 1f8 -Pipe 208 -Comment "NGen Worker Process"
                                                                              4⤵
                                                                              • System Location Discovery: System Language Discovery
                                                                              PID:3968
                                                                            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2b0 -InterruptEvent 0 -NGENProcess 2a0 -Pipe 2b4 -Comment "NGen Worker Process"
                                                                              4⤵
                                                                              • System Location Discovery: System Language Discovery
                                                                              PID:3672
                                                                            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2c8 -InterruptEvent 0 -NGENProcess 2bc -Pipe 2c4 -Comment "NGen Worker Process"
                                                                              4⤵
                                                                              • System Location Discovery: System Language Discovery
                                                                              PID:4572
                                                                            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2b8 -InterruptEvent 0 -NGENProcess 2f4 -Pipe 2f8 -Comment "NGen Worker Process"
                                                                              4⤵
                                                                                PID:3664
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2fc -InterruptEvent 0 -NGENProcess 2e0 -Pipe 2bc -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:5392
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2fc -InterruptEvent 0 -NGENProcess 2c0 -Pipe 304 -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • Drops file in Windows directory
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:5264
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2fc -InterruptEvent 0 -NGENProcess 2e0 -Pipe 308 -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:5176
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2f0 -InterruptEvent 0 -NGENProcess 308 -Pipe 30c -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • Drops file in Windows directory
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:5896
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 318 -InterruptEvent 0 -NGENProcess 2f4 -Pipe 310 -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:4916
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 32c -InterruptEvent 0 -NGENProcess 31c -Pipe 330 -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • Drops file in Windows directory
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:5904
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 324 -InterruptEvent 0 -NGENProcess 320 -Pipe 32c -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:1124
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2d0 -InterruptEvent 0 -NGENProcess 300 -Pipe 334 -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:3660
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 328 -InterruptEvent 0 -NGENProcess 300 -Pipe 338 -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • Drops file in Windows directory
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:1436
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2d0 -InterruptEvent 0 -NGENProcess 324 -Pipe 338 -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • Drops file in Windows directory
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:184
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 318 -InterruptEvent 0 -NGENProcess 348 -Pipe 2e0 -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:3708
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 318 -InterruptEvent 0 -NGENProcess 34c -Pipe 350 -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • Drops file in Windows directory
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:5916
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 364 -InterruptEvent 0 -NGENProcess 348 -Pipe 354 -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • Drops file in Windows directory
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:5200
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 36c -InterruptEvent 0 -NGENProcess 374 -Pipe 35c -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • Drops file in Windows directory
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:1964
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 374 -InterruptEvent 0 -NGENProcess 348 -Pipe 36c -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:5616
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 318 -InterruptEvent 0 -NGENProcess 358 -Pipe 340 -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • Drops file in Windows directory
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:2560
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 340 -InterruptEvent 0 -NGENProcess 368 -Pipe 36c -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:4200
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 318 -InterruptEvent 0 -NGENProcess 2d0 -Pipe 358 -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:6120
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 348 -InterruptEvent 0 -NGENProcess 374 -Pipe 37c -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:3696
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2f4 -InterruptEvent 0 -NGENProcess 308 -Pipe 348 -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:2904
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 318 -InterruptEvent 0 -NGENProcess 388 -Pipe 34c -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:4816
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 318 -InterruptEvent 0 -NGENProcess 398 -Pipe 380 -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • Drops file in Windows directory
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:800
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 318 -InterruptEvent 0 -NGENProcess 394 -Pipe 38c -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • Drops file in Windows directory
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:5624
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 390 -InterruptEvent 0 -NGENProcess 394 -Pipe 398 -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:2248
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 394 -InterruptEvent 0 -NGENProcess 2d0 -Pipe 390 -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • Drops file in Windows directory
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:5692
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 3a0 -InterruptEvent 0 -NGENProcess 2d0 -Pipe 384 -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:2804
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 394 -InterruptEvent 0 -NGENProcess 308 -Pipe 3a0 -Comment "NGen Worker Process"
                                                                                4⤵
                                                                                  PID:2536
                                                                                • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 318 -InterruptEvent 0 -NGENProcess 3a4 -Pipe 3ac -Comment "NGen Worker Process"
                                                                                  4⤵
                                                                                  • Drops file in Windows directory
                                                                                  • System Location Discovery: System Language Discovery
                                                                                  PID:4912
                                                                                • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2f4 -InterruptEvent 0 -NGENProcess 3b0 -Pipe 3a8 -Comment "NGen Worker Process"
                                                                                  4⤵
                                                                                  • System Location Discovery: System Language Discovery
                                                                                  PID:5852
                                                                                • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 3a4 -InterruptEvent 0 -NGENProcess 3b8 -Pipe 39c -Comment "NGen Worker Process"
                                                                                  4⤵
                                                                                  • System Location Discovery: System Language Discovery
                                                                                  PID:5176
                                                                                • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 3b4 -InterruptEvent 0 -NGENProcess 388 -Pipe 3bc -Comment "NGen Worker Process"
                                                                                  4⤵
                                                                                  • System Location Discovery: System Language Discovery
                                                                                  PID:5288
                                                                                • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 3a4 -InterruptEvent 0 -NGENProcess 318 -Pipe 3b0 -Comment "NGen Worker Process"
                                                                                  4⤵
                                                                                  • Drops file in Windows directory
                                                                                  PID:2696
                                                                                • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 370 -InterruptEvent 0 -NGENProcess 3a4 -Pipe 308 -Comment "NGen Worker Process"
                                                                                  4⤵
                                                                                  • Drops file in Windows directory
                                                                                  PID:6048
                                                                                • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 3b4 -InterruptEvent 0 -NGENProcess 370 -Pipe 388 -Comment "NGen Worker Process"
                                                                                  4⤵
                                                                                  • Drops file in Windows directory
                                                                                  • System Location Discovery: System Language Discovery
                                                                                  PID:2204
                                                                                • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2f4 -InterruptEvent 0 -NGENProcess 3c4 -Pipe 3cc -Comment "NGen Worker Process"
                                                                                  4⤵
                                                                                  • Drops file in Windows directory
                                                                                  • System Location Discovery: System Language Discovery
                                                                                  PID:5192
                                                                                • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 388 -InterruptEvent 0 -NGENProcess 3cc -Pipe 318 -Comment "NGen Worker Process"
                                                                                  4⤵
                                                                                  • Drops file in Windows directory
                                                                                  • System Location Discovery: System Language Discovery
                                                                                  PID:1728
                                                                                • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 3c8 -InterruptEvent 0 -NGENProcess 3d4 -Pipe 378 -Comment "NGen Worker Process"
                                                                                  4⤵
                                                                                  • System Location Discovery: System Language Discovery
                                                                                  PID:3020
                                                                                • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 3cc -InterruptEvent 0 -NGENProcess 3c8 -Pipe 324 -Comment "NGen Worker Process"
                                                                                  4⤵
                                                                                  • System Location Discovery: System Language Discovery
                                                                                  PID:4040
                                                                                • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 3c8 -InterruptEvent 0 -NGENProcess 3dc -Pipe 3cc -Comment "NGen Worker Process"
                                                                                  4⤵
                                                                                  • Drops file in Windows directory
                                                                                  • System Location Discovery: System Language Discovery
                                                                                  PID:5900
                                                                                • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                                                                                  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 3e8 -InterruptEvent 0 -NGENProcess 3dc -Pipe 344 -Comment "NGen Worker Process"
                                                                                  4⤵
                                                                                  • Drops file in Windows directory
                                                                                  • System Location Discovery: System Language Discovery
                                                                                  PID:5348
                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
                                                                                C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe update /queue
                                                                                3⤵
                                                                                • Drops file in Windows directory
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:4936
                                                                            • C:\Windows\System32\MsiExec.exe
                                                                              "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files\VEGAS\VEGAS Pro 20.0\sfvstwrap.dll"
                                                                              2⤵
                                                                              • Loads dropped DLL
                                                                              PID:5256
                                                                            • C:\Windows\System32\MsiExec.exe
                                                                              "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files (x86)\VEGAS\Shared Plug-Ins\Audio_x64\mchammer_x64.dll"
                                                                              2⤵
                                                                              • Loads dropped DLL
                                                                              • Modifies registry class
                                                                              PID:1836
                                                                            • C:\Windows\System32\MsiExec.exe
                                                                              "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files (x86)\VEGAS\Shared Plug-Ins\Audio_x64\sffrgpnv_x64.dll"
                                                                              2⤵
                                                                              • Loads dropped DLL
                                                                              • Modifies registry class
                                                                              PID:4080
                                                                            • C:\Windows\System32\MsiExec.exe
                                                                              "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files (x86)\VEGAS\Shared Plug-Ins\Audio_x64\sfppack1_x64.dll"
                                                                              2⤵
                                                                              • Modifies registry class
                                                                              PID:5636
                                                                            • C:\Windows\System32\MsiExec.exe
                                                                              "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files (x86)\VEGAS\Shared Plug-Ins\Audio_x64\sfppack2_x64.dll"
                                                                              2⤵
                                                                              • Modifies registry class
                                                                              PID:5796
                                                                            • C:\Windows\System32\MsiExec.exe
                                                                              "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files (x86)\VEGAS\Shared Plug-Ins\Audio_x64\sfppack3_x64.dll"
                                                                              2⤵
                                                                              • Modifies registry class
                                                                              PID:2636
                                                                            • C:\Windows\System32\MsiExec.exe
                                                                              "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files (x86)\VEGAS\Shared Plug-Ins\Audio_x64\sfresfilter_x64.dll"
                                                                              2⤵
                                                                              • Modifies registry class
                                                                              PID:1832
                                                                            • C:\Windows\System32\MsiExec.exe
                                                                              "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files (x86)\VEGAS\Shared Plug-Ins\Audio_x64\sftrkfx1_x64.dll"
                                                                              2⤵
                                                                              • Modifies registry class
                                                                              PID:2988
                                                                            • C:\Windows\System32\MsiExec.exe
                                                                              "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files (x86)\VEGAS\Shared Plug-Ins\Audio_x64\sfxpfx1_x64.dll"
                                                                              2⤵
                                                                              • Modifies registry class
                                                                              PID:4304
                                                                            • C:\Windows\System32\MsiExec.exe
                                                                              "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files (x86)\VEGAS\Shared Plug-Ins\Audio_x64\sfxpfx2_x64.dll"
                                                                              2⤵
                                                                              • Modifies registry class
                                                                              PID:5008
                                                                            • C:\Windows\System32\MsiExec.exe
                                                                              "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files (x86)\VEGAS\Shared Plug-Ins\Audio_x64\sfxpfx3_x64.dll"
                                                                              2⤵
                                                                              • Modifies registry class
                                                                              PID:5640
                                                                            • C:\Windows\System32\MsiExec.exe
                                                                              "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files (x86)\VEGAS\Shared Plug-Ins\Audio_x64\xpvinyl_x64.dll"
                                                                              2⤵
                                                                                PID:5904
                                                                            • C:\Windows\system32\vssvc.exe
                                                                              C:\Windows\system32\vssvc.exe
                                                                              1⤵
                                                                              • Checks SCSI registry key(s)
                                                                              • Suspicious use of AdjustPrivilegeToken
                                                                              PID:5208
                                                                            • C:\Windows\system32\srtasks.exe
                                                                              C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:2
                                                                              1⤵
                                                                                PID:5404
                                                                              • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                                "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
                                                                                1⤵
                                                                                • Executes dropped EXE
                                                                                • Loads dropped DLL
                                                                                • Checks system information in the registry
                                                                                • System Location Discovery: System Language Discovery
                                                                                • Modifies data under HKEY_USERS
                                                                                PID:5632
                                                                                • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                                  "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNTUuNzciIHNoZWxsX3ZlcnNpb249IjEuMy4xNTUuNzciIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NDRGRDBBRUMtQjQ0Ny00RDQ4LThBODYtOUI1OEREODkxMkQ5fSIgdXNlcmlkPSJ7MEJENEE5NTQtNUFFNi00ODA1LUEwNzEtRTUwNjRCRkIxRTkwfSIgaW5zdGFsbHNvdXJjZT0ib2ZmbGluZSIgcmVxdWVzdGlkPSJ7NTFCRDgxREQtMEQ5RC00NUFELTk5NjctRDRFNUUzMDIzRDJDfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9Ins4QTY5RDM0NS1ENTY0LTQ2M2MtQUZGMS1BNjlEOUU1MzBGOTZ9IiB2ZXJzaW9uPSIxMjMuMC42MzEyLjEyMyIgbmV4dHZlcnNpb249IjEyMy4wLjYzMTIuMTIzIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSI3IiBpbnN0YWxsZGF0ZT0iLTQiIGluc3RhbGxkYXRldGltZT0iMTcyMjYwMjc2MyI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiLz48L2FwcD48L3JlcXVlc3Q-
                                                                                  2⤵
                                                                                  • Executes dropped EXE
                                                                                  • Loads dropped DLL
                                                                                  • Checks system information in the registry
                                                                                  • System Location Discovery: System Language Discovery
                                                                                  • System Network Configuration Discovery: Internet Connection Discovery
                                                                                  PID:1780
                                                                                • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{90034B36-B54B-481D-A9D5-30AEBFB7C9FD}\MicrosoftEdgeWebview_X64_98.0.1108.43.exe
                                                                                  "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{90034B36-B54B-481D-A9D5-30AEBFB7C9FD}\MicrosoftEdgeWebview_X64_98.0.1108.43.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
                                                                                  2⤵
                                                                                  • Executes dropped EXE
                                                                                  PID:6072
                                                                                  • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{90034B36-B54B-481D-A9D5-30AEBFB7C9FD}\EDGEMITMP_2898C.tmp\setup.exe
                                                                                    "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{90034B36-B54B-481D-A9D5-30AEBFB7C9FD}\EDGEMITMP_2898C.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{90034B36-B54B-481D-A9D5-30AEBFB7C9FD}\EDGEMITMP_2898C.tmp\MSEDGE.PACKED.7Z" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
                                                                                    3⤵
                                                                                    • Executes dropped EXE
                                                                                    • Drops file in Program Files directory
                                                                                    PID:2732
                                                                                • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                                  "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNTUuNzciIHNoZWxsX3ZlcnNpb249IjEuMy4xNTUuNzciIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NDRGRDBBRUMtQjQ0Ny00RDQ4LThBODYtOUI1OEREODkxMkQ5fSIgdXNlcmlkPSJ7MEJENEE5NTQtNUFFNi00ODA1LUEwNzEtRTUwNjRCRkIxRTkwfSIgaW5zdGFsbHNvdXJjZT0ib2ZmbGluZSIgcmVxdWVzdGlkPSJ7NEVDRDg2MjktQUI0OC00N0ZELTk1NjEtNTA0QzFGQzVEOEY2fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSI5OC4wLjExMDguNDMiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY2MDgiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZWQ9IjExNzI3ODExMiIgdG90YWw9IjExNzI3ODExMiIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjEiIGluc3RhbGxfdGltZV9tcz0iODc1MiIvPjwvYXBwPjwvcmVxdWVzdD4
                                                                                  2⤵
                                                                                  • Executes dropped EXE
                                                                                  • Loads dropped DLL
                                                                                  • Checks system information in the registry
                                                                                  • System Network Configuration Discovery: Internet Connection Discovery
                                                                                  PID:184
                                                                              • C:\Program Files\VEGAS\VEGAS Pro 20.0\Patch.exe
                                                                                "C:\Program Files\VEGAS\VEGAS Pro 20.0\Patch.exe"
                                                                                1⤵
                                                                                • Executes dropped EXE
                                                                                • System Location Discovery: System Language Discovery
                                                                                PID:4316
                                                                                • C:\Windows\SysWOW64\cmd.exe
                                                                                  C:\Windows\system32\cmd.exe /c "C:\Program Files\VEGAS\VEGAS Pro 20.0\error.bat"
                                                                                  2⤵
                                                                                  • System Location Discovery: System Language Discovery
                                                                                  PID:5880
                                                                              • C:\Program Files\VEGAS\VEGAS Pro 20.0\vegas200.exe
                                                                                "C:\Program Files\VEGAS\VEGAS Pro 20.0\vegas200.exe"
                                                                                1⤵
                                                                                • Executes dropped EXE
                                                                                • Modifies Control Panel
                                                                                PID:2360
                                                                                • C:\Program Files\VEGAS\VEGAS Pro 20.0\x86\FileIOSurrogate.exe
                                                                                  "C:\Program Files\VEGAS\VEGAS Pro 20.0\x86\FileIOSurrogate.exe" 1033
                                                                                  2⤵
                                                                                  • Executes dropped EXE
                                                                                  PID:4744

                                                                              Network

                                                                              MITRE ATT&CK Enterprise v15

                                                                              Reconnaissance

                                                                              Resource Development

                                                                              Initial Access

                                                                              Execution

                                                                              Persistence

                                                                              Boot or Logon Autostart Execution

                                                                              1
                                                                              T1547

                                                                              Registry Run Keys / Startup Folder

                                                                              1
                                                                              T1547.001

                                                                              Event Triggered Execution

                                                                              2
                                                                              T1546

                                                                              Component Object Model Hijacking

                                                                              1
                                                                              T1546.015

                                                                              Image File Execution Options Injection

                                                                              1
                                                                              T1546.012

                                                                              Privilege Escalation

                                                                              Boot or Logon Autostart Execution

                                                                              1
                                                                              T1547

                                                                              Registry Run Keys / Startup Folder

                                                                              1
                                                                              T1547.001

                                                                              Event Triggered Execution

                                                                              2
                                                                              T1546

                                                                              Component Object Model Hijacking

                                                                              1
                                                                              T1546.015

                                                                              Image File Execution Options Injection

                                                                              1
                                                                              T1546.012

                                                                              Defense Evasion

                                                                              Modify Registry

                                                                              2
                                                                              T1112

                                                                              Subvert Trust Controls

                                                                              1
                                                                              T1553

                                                                              Install Root Certificate

                                                                              1
                                                                              T1553.004

                                                                              Credential Access

                                                                              Discovery

                                                                              Browser Information Discovery

                                                                              1
                                                                              T1217

                                                                              Peripheral Device Discovery

                                                                              2
                                                                              T1120

                                                                              Query Registry

                                                                              7
                                                                              T1012

                                                                              System Information Discovery

                                                                              6
                                                                              T1082

                                                                              System Location Discovery

                                                                              1
                                                                              T1614

                                                                              System Language Discovery

                                                                              1
                                                                              T1614.001

                                                                              System Network Configuration Discovery

                                                                              1
                                                                              T1016

                                                                              Internet Connection Discovery

                                                                              1
                                                                              T1016.001

                                                                              Lateral Movement

                                                                              Collection

                                                                              Command and Control

                                                                              Exfiltration

                                                                              Impact

                                                                              Replay Monitor

                                                                              Loading Replay Monitor...

                                                                              Downloads

                                                                              • C:\Config.Msi\e5d290a.rbs
                                                                                Filesize

                                                                                17KB

                                                                                MD5

                                                                                c0228e9acc2d3ce9c8c21c3608a9131f

                                                                                SHA1

                                                                                7ab3d6239402611c3dca304e89dab6384329584c

                                                                                SHA256

                                                                                45bc758f699b25f6df81b4c6e9ea562a9196a4ae1456815e69ac83467506e6e6

                                                                                SHA512

                                                                                093c047481908aa2cbc1524107b997c3a8169c13a9529e3505562854c98d1396ac96800de399418bba01704390bba3a1dff61acb68750abfb959d93c58ef0fd2

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2913.rbs
                                                                                Filesize

                                                                                13KB

                                                                                MD5

                                                                                11f74d2f8dde0f57a87dec9e6d4a1a6f

                                                                                SHA1

                                                                                df71a4625b07dce848cfbc910a94cc543ad126af

                                                                                SHA256

                                                                                a344f3eac5d48a21dc9f4344a7055f0a57c0ec8e4b492b66cdaff9b709d876e6

                                                                                SHA512

                                                                                2f7dedc84b75bde55ad846fb711ba9c0a3d6bc124ef27b6ad4dd9e6808f4046fea06267e7da32c84dac4941bb916ba366e67c37306630c5d7db093f32a859828

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2914.rbf
                                                                                Filesize

                                                                                444KB

                                                                                MD5

                                                                                a883c95684eff25e71c3b644912c73a5

                                                                                SHA1

                                                                                3f541023690680d002a22f64153ea4e000e5561b

                                                                                SHA256

                                                                                d672fb07a05fb53cc821da0fde823fdfd46071854fe8c6c5ea83d7450b978ecb

                                                                                SHA512

                                                                                5a47c138d50690828303b1a01b28e6ef67cfe48215d16ed8a70f2bc8dbb4a73a42c37d02ccae416dc5bd12b7ed14ff692369bc294259b46dbf02dc1073f0cb52

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2915.rbf
                                                                                Filesize

                                                                                948KB

                                                                                MD5

                                                                                2fb20c782c237f8b23df112326048479

                                                                                SHA1

                                                                                b2d5a8b5c0fd735038267914b5080aab57b78243

                                                                                SHA256

                                                                                e0305aa54823e6f39d847f8b651b7bd08c085f1dbbcb5c3c1ce1942c0fa1e9fa

                                                                                SHA512

                                                                                4c1a67da2a56bc910436f9e339203d939f0bf854b589e26d3f4086277f2bec3dfce8b1f60193418c2544ef0c55713c90f6997df2bfb43f1429f3d00ba46b39b0

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2916.rbf
                                                                                Filesize

                                                                                331KB

                                                                                MD5

                                                                                69004e08c1eb19fcf709908103c002fd

                                                                                SHA1

                                                                                d59459f9a18b2e9a06e5af2b88f4fecb0ce690d5

                                                                                SHA256

                                                                                c1b61dd24dc2dd5efd5cd548c0cd74fac112358e9e580df4d780d2c125474dad

                                                                                SHA512

                                                                                3fc67a5fccb252a67285e19d62057fb4e3c63e702f4be91e552f93d9827cc746b8fb43b4a3b24b7fd5c48832d18a1dae26c1bd237f40b7b88618d402fdac1a76

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2917.rbf
                                                                                Filesize

                                                                                242KB

                                                                                MD5

                                                                                c7739dd4212d084d299df68f0a0debc3

                                                                                SHA1

                                                                                cba81d847d91bfea5c03279c0ca03fb1aacd4ae9

                                                                                SHA256

                                                                                1d67a8464991a03fc190d87b43591764f231d7a7a71a72ffc51d982b26691153

                                                                                SHA512

                                                                                5b8e98e6764460f9afbfa6dd34c12ad59284003eea99997c9e1db9b4a85ba30ac8b6a699b2888388dc424c547918137d42984bf040ac3d292e612bc433368fb3

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2918.rbf
                                                                                Filesize

                                                                                117KB

                                                                                MD5

                                                                                90419039c035404fb1dc38c3fb406f65

                                                                                SHA1

                                                                                67884b612d143aa08a307110cee7069bddb989a0

                                                                                SHA256

                                                                                62287589fc0b577398005f7ac07256d9fe671cdd3e5369faf74b9f64cb572317

                                                                                SHA512

                                                                                e632c78c941861e61fbec68e333e6549cd4bec683593db92c2522e162176bd64160dba37d4226c1599cfe1d77b36d5d4c452dd2f453c291a15310dfb607f3414

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2919.rbf
                                                                                Filesize

                                                                                3B

                                                                                MD5

                                                                                21438ef4b9ad4fc266b6129a2f60de29

                                                                                SHA1

                                                                                5eb8e2242eeb4f5432beeec8b873f1ab0a6b71fd

                                                                                SHA256

                                                                                13bf7b3039c63bf5a50491fa3cfd8eb4e699d1ba1436315aef9cbe5711530354

                                                                                SHA512

                                                                                37436ced85e5cd638973e716d6713257d692f9dd2e1975d5511ae3856a7b3b9f0d9e497315a058b516ab31d652ea9950938c77c1ad435ea8d4b49d73427d1237

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d291d.rbs
                                                                                Filesize

                                                                                26KB

                                                                                MD5

                                                                                fbf6ae12c7031085d3005ebd5adf9549

                                                                                SHA1

                                                                                7d971ddb99bd31b0080e98d61b68409185fa055b

                                                                                SHA256

                                                                                f1c30aa71c5a86b562df00c1cafee3235cbd4f473bde41209e50d98629a6eb6d

                                                                                SHA512

                                                                                c007d6d3aaddcfe33756de707f5e1d32f45e03267282fbbeb5e9aaf5ec6534b6329de050b6fe605c56c767e683fbd5b43c6eeeeb4ecbdb51d8a089fe43e00a9c

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d292f.rbs
                                                                                Filesize

                                                                                22KB

                                                                                MD5

                                                                                cfda62c343a26d08517aa0f688b030b9

                                                                                SHA1

                                                                                933b4a4f97af4b4cefd6c141579b688a7eaedcae

                                                                                SHA256

                                                                                6bb996953dcb8d2370a210f4e5823360be12c22a1343c28527cdb9a3287c2045

                                                                                SHA512

                                                                                f252bb2990e0929960545a9a4a829c82eaeb83cc89fc8e7663409f029044b86d5ee318ae327a50809418d7ef86a7d7940185aa003d4064a8ed330c4d85cc2f25

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2930.rbf
                                                                                Filesize

                                                                                45KB

                                                                                MD5

                                                                                2f7c88c43a8966882ca89ce4981e3cde

                                                                                SHA1

                                                                                588bdeae6eab1f447771bd6963b5b3329196e686

                                                                                SHA256

                                                                                5e7331a6adeb9d4252531ade800d47b8ddf020b97cfedc58de85386b3ae64e76

                                                                                SHA512

                                                                                3f2eca126fc821e36aaf4430a0f41af1a060396f52cfb2efd1c3be2ab9d69cfac870121c646776c8b15e8561938ac30367bc5687bb9a79f0c19156c3b56249a7

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2931.rbf
                                                                                Filesize

                                                                                45KB

                                                                                MD5

                                                                                70bbafa7c8b0aeba0e25e27c440a6038

                                                                                SHA1

                                                                                44a5e06229ae4f6ce6d3b2b57cb3b6050667def2

                                                                                SHA256

                                                                                9eec79bd4af04bba1e11fc24c64d94f30c22985c8ebbce3e0b411a61a1edbabe

                                                                                SHA512

                                                                                2e9b8696c1b4ab8e721fa07b6c81fe30613f0d188250991c573af95263688b7db6e25ebc4c030825724248c9713d9c5b772f199369785ac615ad2d2fdf527f8a

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2932.rbf
                                                                                Filesize

                                                                                73KB

                                                                                MD5

                                                                                09936f1f2ad5ae9d0663b6e8709527c7

                                                                                SHA1

                                                                                f0e5945663e65405d94c394db83880f713295104

                                                                                SHA256

                                                                                550f6c9f16fe85a8338b04f1bec43de3babeac60ff257197625f2802907007b8

                                                                                SHA512

                                                                                3e95e1e3f2043e1f0a4baf1267e82f912bcd5830ae6c5abc750a38a0666b1a6b9e1169dadb58bc2eafae00a2e11bcf574ea805f3a1f07f77d5450d1265e8e7f6

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2933.rbf
                                                                                Filesize

                                                                                63KB

                                                                                MD5

                                                                                9becefa155c8c9f5ef5bf9d537c0a258

                                                                                SHA1

                                                                                4f33f6d08685d50ce799df6369cb5efc51673e12

                                                                                SHA256

                                                                                d1dbc7677010f9af7b680ea2efa28c964154997bddbf6c8d9d65ea225a5ec613

                                                                                SHA512

                                                                                5e9972cfe26c0fc6a0ea38643c644b5ac33e4ddfc1cff5b25017c81f3121ec7732565554f43c1916e9f8e2b1d84226aacd2cc4d6805425c2f1f1e7683e506ff4

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2934.rbf
                                                                                Filesize

                                                                                72KB

                                                                                MD5

                                                                                30281f2891b6deae8c0deb122b5906c7

                                                                                SHA1

                                                                                43ed0c7bf45839ba07501c1013ba74c97b4d0beb

                                                                                SHA256

                                                                                87e5c496e038c337ca1acee52c145d8f4bdb3e74261b13e1feb740c4e2124e0a

                                                                                SHA512

                                                                                cb0e3f3cf89af55e4b849b3f4f883d8348fc8f806690db4fff238ee54bc5f80a34e53c7e8a22dd9d1dc57c1a60c69d3e25ad9cc52ac66628613cdf358e7aa537

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2935.rbf
                                                                                Filesize

                                                                                73KB

                                                                                MD5

                                                                                b41aa9a167ac3d6c11b5c2e1e183c11b

                                                                                SHA1

                                                                                ac8efa5f7b8211e4dc0d0d0e6bc7717f88d2c0ac

                                                                                SHA256

                                                                                b098ed9a5f44052b9ab5ceee82ab4cea5c6d9a14a61816882ef996a0599838b2

                                                                                SHA512

                                                                                de667f1fe0bcb0ddf8f59054a2d5c516ec47ab59f7e78e29ec8a2cc756c72aae65bb73ea03701c67c978166649d69278fb0269e9588d968f630165bcfa6f40f8

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2936.rbf
                                                                                Filesize

                                                                                71KB

                                                                                MD5

                                                                                2bcf9a28e5fe7a3fefd16a9c03d35dbb

                                                                                SHA1

                                                                                7c1446d8ca4d2c6890d62c02308daccb8be5475f

                                                                                SHA256

                                                                                271abe43d14cbd8c80b85ec804787272522bc06c45b7f93244b718ab0c08a289

                                                                                SHA512

                                                                                445ef027eeecda4361834334706079053ce9a735cbeeadaec37f28c4f9a485b07ba156178c2cdb1f012d1760d0495d041deceb6372921eb94d18241eb304eafa

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2937.rbf
                                                                                Filesize

                                                                                52KB

                                                                                MD5

                                                                                34b5ae129703de4a4bb5f52f4306fdf6

                                                                                SHA1

                                                                                601ba6cc73cbbe6d7014519a885fde2c9e9c2fba

                                                                                SHA256

                                                                                43cd9fdf714b7dfca4b2a8f54bc25ceeddc7a6212ba59233d89a03c650053407

                                                                                SHA512

                                                                                016dae93356e42a19f4fb4d34efa04e93f802e5de3157c29ce940d9637d697d2b7a4f61b705b5b5df271b97d942cb81265d0fe7c9561c0ef3c46c249b8b7fb9c

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2938.rbf
                                                                                Filesize

                                                                                52KB

                                                                                MD5

                                                                                f89147c034de186e3ab79326523888b8

                                                                                SHA1

                                                                                d3e6c00363a429eae066953f7c187e33c687ec6b

                                                                                SHA256

                                                                                32dfe0f26b5024ec900a31f0dde736ca62769dc5de48238b485f4322cd367e7d

                                                                                SHA512

                                                                                d7842681f67b46f67233ad0f7c57c7155f152dc25ef546a08fb91914ee54984b87f9ccbd8da3e40d012b251fffade838f2d779681afa84c383ea7982f0ad1cfe

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2939.rbf
                                                                                Filesize

                                                                                69KB

                                                                                MD5

                                                                                d7f2e87512d19d01328840187fc7cb04

                                                                                SHA1

                                                                                7a312b677b76d7303e01da6064f1a5e0fb26c604

                                                                                SHA256

                                                                                1154c537bd700ebbda599a5c2923e73d098c3eaa930fd0f4d415583ff90eea67

                                                                                SHA512

                                                                                8a00cae2dc0d59e530cd43bf84f33301f53ccdd96477787805b487ffdf6869223621414cf180a1aafb6b8910ba19684c02c60226a651d051eacc4cac1fbd8c2b

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d293a.rbf
                                                                                Filesize

                                                                                4.2MB

                                                                                MD5

                                                                                293002e4332f01c74c2a843b5c638a90

                                                                                SHA1

                                                                                2e412f945ac4353b4908c87e31b847415b3ec19b

                                                                                SHA256

                                                                                6130ad7d21a492cd3f3924bed43d954f80b6b6920374934b9eed057f27130e15

                                                                                SHA512

                                                                                49eaf5633debad535ffc6584c8383e21c99f7a3a81a0b3496943af0e79853399649706ceda9da9990c259d605ab163c22c08f641b91e80c8a14d519837a595ce

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d293b.rbf
                                                                                Filesize

                                                                                4.2MB

                                                                                MD5

                                                                                e1629a36f15824346bb54a9ebe9b622f

                                                                                SHA1

                                                                                ee5d55315ffb351e24b7c918c82e6ce4ec17a645

                                                                                SHA256

                                                                                68df186e26151313a0df2adb0ef5f3a45ebba3cb02229bd8723a29dee60e278d

                                                                                SHA512

                                                                                0301ed7ad473015478f32afd3e41dafd045eab26ad42080bad6030324564a7ed09a7516b8d362b5cb2201d087eb25f2bb7ac5fc809a387f49f893ac3df8814bb

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d293c.rbf
                                                                                Filesize

                                                                                81KB

                                                                                MD5

                                                                                36ca9bc41425660ad80f23933e6e9f1f

                                                                                SHA1

                                                                                3206186f932cd5948062a837b5fc2094ddb1c8b7

                                                                                SHA256

                                                                                8c82f149507c3415250e52bf4c7fe937946a60d51f07492a1e36ab3e14482187

                                                                                SHA512

                                                                                a58eee2824bad90ea0790bdf55c5b58a6eec5f3e87bebf5a941a6dbcb8106c6d96b7eee0a022c4a16f35d80e38501fed54d88127f30de0e9fdd22e4df8fa2ea5

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d293d.rbf
                                                                                Filesize

                                                                                81KB

                                                                                MD5

                                                                                9b73043d5646be7b544e3ac3d49b7744

                                                                                SHA1

                                                                                a3eecb1a85c244d5428a012041eee947462e7a09

                                                                                SHA256

                                                                                d6d2ba4ac1606e825216a25ab401d26d77c4300299e957cfadab3b0b945d065a

                                                                                SHA512

                                                                                8f339c23f8d1e8eed1bd055a31c027e5da03d916769468394ba1befe7b4f2586e67e8dcf29326ff40abb0d879a45f886398d5d733c988c507860d1ece16ed83a

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2942.rbs
                                                                                Filesize

                                                                                18KB

                                                                                MD5

                                                                                fedda4cf0058960172748615d3b7f1b1

                                                                                SHA1

                                                                                2d2bbadeffc44917befb752eb796f86a1cd8fc7d

                                                                                SHA256

                                                                                39756371feaa6792147f0e5829cd5fdda80e91332e046f7a2755f8366832513c

                                                                                SHA512

                                                                                a44cd81763c30728e1947d79c0f2c0728d81c4dd29c36fe5106af247ce86416b0a5835c1609a9072a4ae1201e3c0a4824c4b4e867371b04ea6b80ccece20232e

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d294b.rbs
                                                                                Filesize

                                                                                14KB

                                                                                MD5

                                                                                0b61d78cf8984fa4e508af79ad9517b1

                                                                                SHA1

                                                                                ec6681fd1a8cddafae2f34bc85d00243e206ff35

                                                                                SHA256

                                                                                06370406a6e2b882d02362c97f417c641390a4cb777489e80a28f145010b1872

                                                                                SHA512

                                                                                87eefd261519ef2fd97264db097b1746161643dd9270b7a646fb3a19e95913790bf6fcc763a47ca2acc1921f7ff3ce121d33719f212c6c7373ddc88404cf7548

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d294c.rbf
                                                                                Filesize

                                                                                644KB

                                                                                MD5

                                                                                edef53778eaafe476ee523be5c2ab67f

                                                                                SHA1

                                                                                58c416508913045f99cdf559f31e71f88626f6de

                                                                                SHA256

                                                                                92faedd18a29e1bd2dd27a1d805ea5aa3e73b954a625af45a74f49d49506d20f

                                                                                SHA512

                                                                                7fc931c69aca6a09924c84f57a4a2bcf506859ab02f622d858e9e13d5917c5d3bdd475ba88f7a7e537bdae84ca3df9c3a7c56b2b0ca3c2d463bd7e9b905e2ef8

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d294d.rbf
                                                                                Filesize

                                                                                940KB

                                                                                MD5

                                                                                aeb29ccc27e16c4fd223a00189b44524

                                                                                SHA1

                                                                                45a6671c64f353c79c0060bdafea0ceb5ad889be

                                                                                SHA256

                                                                                d28c7ab34842b6149609bd4e6b566ddab8b891f0d5062480a253ef20a6a2caaa

                                                                                SHA512

                                                                                2ec4d768a07cfa19d7a30cbd1a94d97ba4f296194b9c725cef8e50a2078e9e593a460e4296e033a05b191dc863acf6879d50c2242e82fe00054ca1952628e006

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d294e.rbf
                                                                                Filesize

                                                                                470KB

                                                                                MD5

                                                                                f0ec8a3ddf8e0534983a05a52bce8924

                                                                                SHA1

                                                                                5f6d0265273f00ffe8e30cf507f0d05d330ff296

                                                                                SHA256

                                                                                88a5ed51a7be4ff7ebded0c107fafda6ace3801877216c0bb6cbb458ae054a7b

                                                                                SHA512

                                                                                d7b084d7f20de29ff16341df2756861bb7ac22eab0711869b3e77a84d841fb76a898d7459ca1be62eed522caa1f022c891a7d30c94bf0fff1bb4d016be8aa9bb

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d294f.rbf
                                                                                Filesize

                                                                                348KB

                                                                                MD5

                                                                                ea1e99dec990691d41f938085f68bcc7

                                                                                SHA1

                                                                                5fdcbcd777e10e765d593994dc66f930c1377b0e

                                                                                SHA256

                                                                                1b296bd172332d3b2253bdcb6ecac46afef883f75c13c361632ff40fec743fcc

                                                                                SHA512

                                                                                e90a40bd8e20bbca3c6188a78ad75578e51d88aa638e0bbfed4f6f6efdd0917e92b08ef4b0ccc2dee08774f08658b189e25234270e8ce1ca60a7e0ec8e3fbcf8

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2950.rbf
                                                                                Filesize

                                                                                134KB

                                                                                MD5

                                                                                d7dbc7c92177837431ae2fd7fb569e2c

                                                                                SHA1

                                                                                c26140204a6db421842ad36599326a5369fd1b5d

                                                                                SHA256

                                                                                22d14e004ba4b78a9143257399dc40ef4d0e8f2cdb9127e1ba2638f54cce5c70

                                                                                SHA512

                                                                                4f2b197ea912b5ea1a82ac84e1c15ca8e3787460cd79a32733ea920dcf3b1db5cf0507ad7c94f4e4ccab9dfc6773a9d05a8eeaa7bd7c61b63d780b69ed7ae0d8

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2955.rbs
                                                                                Filesize

                                                                                27KB

                                                                                MD5

                                                                                e9e6dd7ff46e9cfd0438bd8c1ca44e87

                                                                                SHA1

                                                                                64e88de1d09197b017d761edc34969cae3457e25

                                                                                SHA256

                                                                                6d51af7d30f16f329304b4fa45380a08361ff2e5b878a4ed15f4fb63496e178a

                                                                                SHA512

                                                                                4d2307b64b39030cc7f9ddfd85b09db592aecb9ea4996b0352e80a68e665cda72e878ba23d39405a1ff7b699faed76c8d93a3d1a806e64e2ecae2ad0d36684df

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2967.rbs
                                                                                Filesize

                                                                                22KB

                                                                                MD5

                                                                                a9e4fb52365b959316df1c53f357ad77

                                                                                SHA1

                                                                                ade2a7adb6d022cb51a1ac503d8a5cd322dcc4d8

                                                                                SHA256

                                                                                5b138823523c2e0a965c004ecf84054cfb10a00c082c65b28801440b9db50171

                                                                                SHA512

                                                                                b56238e3f152aabbfcad4bb97edea78fa8f1cef63d5d3e7be837d28446dad90b710759ab63bab2fe9494097d22d1a691002ac4ef659e50d6556fffb8198f499e

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2968.rbf
                                                                                Filesize

                                                                                45KB

                                                                                MD5

                                                                                f96a9a88487a27de7b3e15c733cf1fe1

                                                                                SHA1

                                                                                0a4157f064349b0370b8ee3f244f44debd04b4c0

                                                                                SHA256

                                                                                cb531679be2881677a93d11067c71274ec30b30aadf1cdcf1543dddd6b1d7b61

                                                                                SHA512

                                                                                df5390b235157e65efa3a9385a7ffd6d5f4f2471306625f01370ed463c65b81c4274370f93b5b0d04d44175c57322d2f2fb1cdd2bcbc123997f4ae4ae9557f0b

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2969.rbf
                                                                                Filesize

                                                                                45KB

                                                                                MD5

                                                                                6a5e17d5a4b24e5c2b947a343a182949

                                                                                SHA1

                                                                                ddf5ed505953e073f09b17e8e2bdecf2766c6a4b

                                                                                SHA256

                                                                                0301c5dc6e762788891356987e9c8cd0d40b262df06e8384bf5796b1f20f083e

                                                                                SHA512

                                                                                8a383192f9f6e6c4fab24645cf7c30fa927881451f0e65175b724717151cca6fcc49ed3394cc689407f19a7b1afd6b462688bccb898912762b804eeeb7cd8d97

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d296a.rbf
                                                                                Filesize

                                                                                73KB

                                                                                MD5

                                                                                bfc853c578252e29698ff6b770794e6a

                                                                                SHA1

                                                                                1091dced7b18bdd7eda2be4d095ac43cfd342b7d

                                                                                SHA256

                                                                                80e0f29ff6b7ada892f23927f17021783575ad80f9f6c8a268a6c2a7ce35e5d6

                                                                                SHA512

                                                                                306445384614b48d3182a91c8adf8d8206c36efd88abf23753800566f9650518af382164ca1a17ed000888e6a99c175478ad621d0a0d46c9bc7d5359113e05fb

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d296b.rbf
                                                                                Filesize

                                                                                63KB

                                                                                MD5

                                                                                19b7b852ac2dec695e6a52801e59c421

                                                                                SHA1

                                                                                cd72265e1a6a64c761984980895d92cb93bc61b7

                                                                                SHA256

                                                                                e463f38fa6b6157398ad224a462538bd8e36b75031fa711e567c5505a9092df6

                                                                                SHA512

                                                                                d0fd9f75820d3dbdc4001ed6262a940f062655ebb5f31f3d45d984e38b1bae2e5a958665b79b5b4aeb899e39348ba987c82148bfd85477e69249d3a59a076017

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d296c.rbf
                                                                                Filesize

                                                                                72KB

                                                                                MD5

                                                                                9ef2dc352d20b615a556be53b449b17c

                                                                                SHA1

                                                                                933b2a39f3d730c6b5d437558d0db68c5d2c22b7

                                                                                SHA256

                                                                                db4fc3652d24224d5375d1a5696144ac8881332cc20f5992ed1488236e64c120

                                                                                SHA512

                                                                                8031a4d0e44beb290c48292a0987108ed6d6f56950dfb17ee4671e692407fcbb8dc652d82907d8f98db2f841689f9480aee6fbce60cf2bfa1d0d6294c3f6da91

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d296d.rbf
                                                                                Filesize

                                                                                73KB

                                                                                MD5

                                                                                06473191b67c8b3d1a26b76474c5daeb

                                                                                SHA1

                                                                                94c72bb597c365cb77f621e6e2cf3920954df2d7

                                                                                SHA256

                                                                                e7cb6c2818ca27c864bda635d5b5d9f7bdb308f4b5d4bbc206ee1e135b7dbbf7

                                                                                SHA512

                                                                                237c144cd3cd78c4a4eeb5c6a22043a8e604bdbd7182b89bacb81135b1e3de08780061dfa3664508cfbdc01e918fa2610e317f9441b10c4df8def1ca444de4eb

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d296e.rbf
                                                                                Filesize

                                                                                71KB

                                                                                MD5

                                                                                713e30e13c1998e035cf4ace66b03230

                                                                                SHA1

                                                                                2d244e01c2bd9f3f17dfa0b74c19ce6bc512e1b5

                                                                                SHA256

                                                                                9cfc5985440df4e70b57869b32c8ee69eb6fc570a98cc94a53141a0dc7535e10

                                                                                SHA512

                                                                                8a2581aaa125eb45543e679e58be7040d151cfcfe0625f6e62dccc3fcf87872d3504b30082036d5219dc4c8493600838d31b2ddfde3ba0bc1b2b6ef97078e29a

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d296f.rbf
                                                                                Filesize

                                                                                52KB

                                                                                MD5

                                                                                689b5f0061a67ac95f59a64744702186

                                                                                SHA1

                                                                                52227dd2c8a66c0528bff28475846faf7036340f

                                                                                SHA256

                                                                                83fb72fd2142d54bff6280e7c4d4ff22d43c3a81fa4ff8881003abbe5e21ec3b

                                                                                SHA512

                                                                                30b4e01d20c6c3ac1b799dd4d23fda3ca988eadb59356f84aff0a0760572b5c4119ef21467494e47a7d74dd6b136633a6ae40f45ec051d5cacbe44b5d6255d42

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2970.rbf
                                                                                Filesize

                                                                                52KB

                                                                                MD5

                                                                                7d03ffc6a8fb686abd660efdc3aaf223

                                                                                SHA1

                                                                                3d04c53971a525cc3255ff1eab05ff0cbad75bb7

                                                                                SHA256

                                                                                b2c7fc2c95b13bac36316d298c94d842dd2574f78e9c22e4d4e4af1c3fcc0fd9

                                                                                SHA512

                                                                                b5d41294630e342f2242a91c9dcf9085cddbd2389860e14c741147cb695425971cf79339b523d28fd3189589e5f948115359b89f59a03186e3c6a103f854f4e1

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2971.rbf
                                                                                Filesize

                                                                                69KB

                                                                                MD5

                                                                                a99ad214ccd1e7bc1f609b972467b0ca

                                                                                SHA1

                                                                                9ee79954fdb2338026c3c81da00ab6e7e6c2e1ff

                                                                                SHA256

                                                                                3238676035d9c1595248ef65ef5b044384b473ab9bdfe8d1077e10e4fe7bc983

                                                                                SHA512

                                                                                da1f8a4dd82559635ea53dfeac1817a9ced1d247a170a8153a54c05c371fc80aa2fa958bc5c515c026815c505f70fb374178f8ccf94836b66c4a7e23dab1c083

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2972.rbf
                                                                                Filesize

                                                                                5.4MB

                                                                                MD5

                                                                                ee4af4ceb4b7fded7cdda37faef69704

                                                                                SHA1

                                                                                5ab8f2ace2f4a1892ea4a2a26df5ee7e9cd497b2

                                                                                SHA256

                                                                                75497de4aec4b5f0f258164672db2eb55eef5138c028317860e05f11030f7b7c

                                                                                SHA512

                                                                                4f807157e6bd57ac37bd1d8a52ffdc38e330e517101a1ea603096d8728b04c9c2ae96e510b961c87536e957587ce169fdece6bc3ed5e5025aa87c0f276da0ece

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2973.rbf
                                                                                Filesize

                                                                                5.3MB

                                                                                MD5

                                                                                a6d08e8e290c80822842015cd877d405

                                                                                SHA1

                                                                                2ee9d28e20a73facff20be87092e482b562dad41

                                                                                SHA256

                                                                                950ff7746d747de51cc09c1aaaf88fbc2fc97c59865f574cc3fb10243ae7b906

                                                                                SHA512

                                                                                b6dfc3d0ef4f57c116d44b201fae187c9427d4fe7cad969f50f9408af40071d811e88698134491f479923b259a47d0b528e7ea23790248314e902ee24d0b93a2

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2974.rbf
                                                                                Filesize

                                                                                89KB

                                                                                MD5

                                                                                43aae7bfb0c911e7e98003e2b45667e6

                                                                                SHA1

                                                                                0c6c7d96cd0eca734e425b1ddef178c3ab6c31ce

                                                                                SHA256

                                                                                a78e7988c9f99bcbe02d29441b0dcbdebafa616d2a4652aad867b81f554a0476

                                                                                SHA512

                                                                                33d1293a7905ee9ec58b9a7744981006d6dadafb75ef64769723de02ba273f344a20e20d206d64d2453746549fe471328a035e2b5cc8e485e7cfd2c2fbc7c6a9

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d2975.rbf
                                                                                Filesize

                                                                                89KB

                                                                                MD5

                                                                                0d5451a0050f7acc970ca02459c63d9a

                                                                                SHA1

                                                                                2de9febca0b1d48014081907e835237c832c65b0

                                                                                SHA256

                                                                                864958960b8dd2890d47f2774ba836954f2c4f5ad6e4d529b13138caefcce73e

                                                                                SHA512

                                                                                4d0b3d3d494c1774ae4575eb945f3c0742b723d6583d98dd36cc51a1d099b8f1a090d4b18c54897d1d58a67381b800604724cb609447860105bc2e0e8d5094a8

                                                                                Download Submit

                                                                              • C:\Config.Msi\e5d297b.rbs
                                                                                Filesize

                                                                                15.5MB

                                                                                MD5

                                                                                ec990d45dc131e4472248c47d3702380

                                                                                SHA1

                                                                                11a3c801396f2de4c7e00aa212ea1b23ef94a79f

                                                                                SHA256

                                                                                a38978852e3f5f05f993feceb8c4eb9f8cae564105221efd238e1eae223083fe

                                                                                SHA512

                                                                                4fc35168bc620b0d21721b709e7313521131e569798ab392af97ae47f72f28149e59464605851a01597a9d8caf4d62c852cc2c318a89468e25b2e54d54504c98

                                                                                Download Submit

                                                                              • C:\Program Files (x86)\Microsoft\EdgeCore\98.0.1108.43\Installer\setup.exe
                                                                                Filesize

                                                                                3.0MB

                                                                                MD5

                                                                                c0af69fc8e601eb1d3123889fc3bc613

                                                                                SHA1

                                                                                57a863ac53499034e287c0697a8a35b828e724b2

                                                                                SHA256

                                                                                93da62653499196cb002fc418d93944cd2ee9468532a43775337b502b7d78c80

                                                                                SHA512

                                                                                2b68d697980260eceff105ab41f6a10d35df2c3f7ded7e0dd9bd3aabe9237715dd3688b3495a2f1c3b629b7d2fb8692e0002ba558df952282169d74f683e1d54

                                                                                Download Submit

                                                                              • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                                Filesize

                                                                                209KB

                                                                                MD5

                                                                                0032498af2ebc50357cb31f1024c87fb

                                                                                SHA1

                                                                                9818522c47ec379ff7bddf92ea72cd831691d094

                                                                                SHA256

                                                                                c6bdf041b02561700c71c6275df4704a52d1fed4ba6a1bec98a602c6c325d6e7

                                                                                SHA512

                                                                                f83fc43ca54e87a67d949666ca8c30721f372312042be978b01dcdccd530ce5db4d3d9d6ddc934a92c079825b91fd988f362cd481dd87fa09ddf2cfac85c05c3

                                                                                Download Submit

                                                                              • C:\Program Files\VEGAS\VEGAS Pro 20.0\Language\local_de_DE.cfg
                                                                                Filesize

                                                                                364B

                                                                                MD5

                                                                                aa8b1aaf407515ff2fe454995bfc5daa

                                                                                SHA1

                                                                                3b729362d3fe731e3e52d429c14d7fe43b9d0f40

                                                                                SHA256

                                                                                37ea38acf57d5dabaf18d89496e13b78d60ceabc322d52bb523d698330d7c387

                                                                                SHA512

                                                                                dcadf529760d6ecad030a35f029e9b3936d909e6a55c4e5f192443f8718a75a34650aea8639525d423ca49c8d6f9a8361c9279bde19656274bda641d6a86a610

                                                                                Download Submit

                                                                              • C:\Program Files\VEGAS\VEGAS Pro 20.0\Language\local_en_US.cfg
                                                                                Filesize

                                                                                4KB

                                                                                MD5

                                                                                5633d0f24fe622b3c2a343d55e0ce6a1

                                                                                SHA1

                                                                                33a651e4fa1a0baec44c644aa340083435a64188

                                                                                SHA256

                                                                                24f317e999cf23b9a2fee265b2d23fc8ea9337df5590113da4205260a35041be

                                                                                SHA512

                                                                                93151600d30464bc45229b3d2e3e20e70c60e82a3a70a84a309ffc575debcda95d1eee24d8ca32a914c1f5ffbda626dd1166096303ed361f85d5c6cb960178a0

                                                                                Download Submit

                                                                              • C:\Program Files\VEGAS\VEGAS Pro 20.0\Language\local_es_ES.cfg
                                                                                Filesize

                                                                                2KB

                                                                                MD5

                                                                                d6ec7a20c3516d4c67257ac5a07a5bfb

                                                                                SHA1

                                                                                7f815e8dee26f797998be621a4e7d72a9ea52d28

                                                                                SHA256

                                                                                91864a10531d2151fa672733693445212a44a7bfc7dfbca75f0ac3490b4bd904

                                                                                SHA512

                                                                                6948400641286d34ceebda231a190a8d45e2a827e9f4d26960cf248423ce032b1dedbc6eb9746981c8d64bbb85feddd76f32a90f31d1f3165d3eb62d4cc3e96c

                                                                                Download Submit

                                                                              • C:\Program Files\VEGAS\VEGAS Pro 20.0\Language\local_es_ES.cfg
                                                                                Filesize

                                                                                4KB

                                                                                MD5

                                                                                f855183b9027a34bfcb654ae86d70275

                                                                                SHA1

                                                                                3b1720dfb0594d0d2584861f1914dff7f3c1bd27

                                                                                SHA256

                                                                                61be1ef5e49ffa966fd3a0f5b9f49cc4929985496fe0bba7d76de74b48413451

                                                                                SHA512

                                                                                eeeec48300c50897eda325fcc087e0695aded8ac7e08eec3703efe70003bef02e7c7020fc29bc42ac571cc65e5c6cff3f8581555a1568df5ca7e90015373f809

                                                                                Download Submit

                                                                              • C:\Program Files\VEGAS\VEGAS Pro 20.0\Language\local_fr_FR.cfg
                                                                                Filesize

                                                                                1KB

                                                                                MD5

                                                                                f772485d6a08e941c8b13c45281debd8

                                                                                SHA1

                                                                                8cd72fbc29f60e9026819cf5da50f56c0a8c4496

                                                                                SHA256

                                                                                c3a017a794e36802cc6fce387fe26a675871dc0c1a0264018cc007e4dbda5d86

                                                                                SHA512

                                                                                40419083dcc597fd31905747e383452deac2dead9c7788f8a1a9dfa52e6b8c0d56ea78ac69c9c00831e071846c554a904e24e6d492819370e4b331708e534cc5

                                                                                Download Submit

                                                                              • C:\Program Files\VEGAS\VEGAS Pro 20.0\Language\local_fr_FR.cfg
                                                                                Filesize

                                                                                3KB

                                                                                MD5

                                                                                1ede04aa1fdcdd2ea6758dfce819188b

                                                                                SHA1

                                                                                883ba66abba4bf1e4ceaa385ca9e4ef1cba3d834

                                                                                SHA256

                                                                                4ce5f170b3ed14d6e864c0c066c8f49bf72fd0dbea47919e16c483d2b8a70dc1

                                                                                SHA512

                                                                                9c1004cdcf45ee2ec9e38c90847710c285ea22d103ba8091507c1be6f80f6dfc123505fe132f459e006c0587853f6e9a3ddb49337c9849455aee373985529610

                                                                                Download Submit

                                                                              • C:\Program Files\VEGAS\VEGAS Pro 20.0\Language\local_fr_FR.cfg
                                                                                Filesize

                                                                                4KB

                                                                                MD5

                                                                                355a4587490466dcd1e5f7c05f1a3549

                                                                                SHA1

                                                                                1012a7198548fbc98c99734456e4e1cf719eb8c5

                                                                                SHA256

                                                                                90cecf48894ebb617ea3e55ace9d905793fe410333fb5e0d919693cfc72f4b03

                                                                                SHA512

                                                                                581af5bf6a24ce3fdcc6826f164563c0e46a9c481a969c82fcfceccf596a427254004e576e77c37b0acdc169b05414b62af88e33ae6df2beb4d7ab7e544d3068

                                                                                Download Submit

                                                                              • C:\Program Files\VEGAS\VEGAS Pro 20.0\OFX Video Plug-Ins\TitlesAndText.ofx.bundle\Contents\Presets\PresetPackage.ko-KR.xml
                                                                                Filesize

                                                                                122KB

                                                                                MD5

                                                                                069da82f697d7f0fcfb418bef6906dab

                                                                                SHA1

                                                                                77612368f47efcdd9f9b556f16051cba8c6f049f

                                                                                SHA256

                                                                                37c850d079ca1b28e773812cf7d022a40e32a2c5f9ca629060183d984cce5542

                                                                                SHA512

                                                                                5f04f9f69f6f3ddba5410df6720954b5fa148a8befa2c926dafe701dfc31ba9d9342d5f4bc8b4ee8984bf18fcf6742fad85171ea6d6341103a95afb51c157beb

                                                                                Download Submit

                                                                              • C:\Program Files\VEGAS\VEGAS Pro 20.0\Protein\Forms\UnlockFormServiceCenter_nb_NO.rtf
                                                                                Filesize

                                                                                2KB

                                                                                MD5

                                                                                fa703609338cc05f182d4d0d7d07fb1c

                                                                                SHA1

                                                                                cc34fc7d8282a2fc2bc4610ac671dce0b82661f7

                                                                                SHA256

                                                                                5a31feaa4bdbc96da11a4f68a7fcb36bb791dc073b41e109f7d085dd008790bc

                                                                                SHA512

                                                                                05e30eed8c0d921e721d3382dc26bbbef047ce77564c5926c122477500f28ae11e63522e93dd119436717878fa065d4d83e02f33d2c4e71c2c9eb1ca73412e08

                                                                                Download Submit

                                                                              • C:\Program Files\VEGAS\VEGAS Pro 20.0\install.cfg
                                                                                Filesize

                                                                                2B

                                                                                MD5

                                                                                f3b25701fe362ec84616a93a45ce9998

                                                                                SHA1

                                                                                d62636d8caec13f04e28442a0a6fa1afeb024bbb

                                                                                SHA256

                                                                                b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

                                                                                SHA512

                                                                                98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

                                                                                Download Submit

                                                                              • C:\Program Files\VEGAS\VEGAS Pro 20.0\install.cfg
                                                                                Filesize

                                                                                218B

                                                                                MD5

                                                                                6442392fd24fe949531717a3d4af52e1

                                                                                SHA1

                                                                                791c02ebc00eb16e856e15af06dc119584bb1268

                                                                                SHA256

                                                                                0d97c6dfa2f6e339bc58b7d24218c7fabf61cb3876826d5e174b7a757a0df655

                                                                                SHA512

                                                                                190dd180c1c38acc80f9f5a2885e39521325ff9c72f55925adccb4f0b7c8d1ec8a8874491257381d50b7d9a4e6fcf42c0c4a335e2f95ebb0c57ca5967990131e

                                                                                Download Submit

                                                                              • C:\Program Files\VEGAS\VEGAS Pro 20.0\install.cfg
                                                                                Filesize

                                                                                1KB

                                                                                MD5

                                                                                f47aa9746fed2eacbdf0bad3206b526e

                                                                                SHA1

                                                                                2786131fe4da952dc8f4131e2d82777ae1fb5a52

                                                                                SHA256

                                                                                315b53a586fa8882ae2909bd687e1269f9988ec3b961d3c66833a2dd8e874021

                                                                                SHA512

                                                                                1a5add1e643c6b89952bcefa844eb8c1b8fcc6890e1834470e3cf259fbf43c3fc3a6b2e0cc425d94da2100fcda75b24f9f73dd4bff54752859fb3700cc2c08ba

                                                                                Download Submit

                                                                              • C:\Program Files\VEGAS\VEGAS Pro 20.0\install.cfg
                                                                                Filesize

                                                                                1KB

                                                                                MD5

                                                                                dcee176d240f95a24a2a794b155c4a20

                                                                                SHA1

                                                                                613cad9251cffcd3c76a73ae4cc49f3307c1b552

                                                                                SHA256

                                                                                f8fa4155cbc814665edac509f05a624a62ca9e97d18dde0412af918584f602f5

                                                                                SHA512

                                                                                14e8d0d78a53061fe3913c23efa478e6115f2a42b639219533e4e875b7a7ad40c9ee116e92b9c12e5716dbf7de70f7a48f4f83f9187b23b474f8aa87650e3ffb

                                                                                Download Submit

                                                                              • C:\Program Files\VEGAS\VEGAS Pro 20.0\install.cfg
                                                                                Filesize

                                                                                1KB

                                                                                MD5

                                                                                6e4f484f8aa5e2535c9b17dc93d69627

                                                                                SHA1

                                                                                d8fcd3fc06e493160e6509f66e99e6130e06461e

                                                                                SHA256

                                                                                0dbccefa0eb86e22e866c8dfd4c323e630ba94b82f8aa226202009d5030d8001

                                                                                SHA512

                                                                                bd3f0ed0f0be03ddb9932f0a8e0b2428d9b643b8cd2ab103b0d8e0c7e387605cb0650485ff4368fd53de4c3e5d4bedc5593f4986cadeffb4b31a3d8ce13025d4

                                                                                Download Submit

                                                                              • C:\Program Files\VEGAS\VEGAS Pro 20.0\install.cfg
                                                                                Filesize

                                                                                2KB

                                                                                MD5

                                                                                977ea52f7dbad82458aa03e89c18c366

                                                                                SHA1

                                                                                5ef30d5ef8d1427eee420d92dda112f0f6afd510

                                                                                SHA256

                                                                                c1b113802b4df6040fea2535f662cf2eff441e656ff9c5b1ac08f310ff860ca3

                                                                                SHA512

                                                                                f2af7052149d71538152444c3000ad214c6d65e3b93c4a9dd1133180bb5921b294c8cac3c8cf0a5372457b14980df18b211aa90f46dfeca48ffcf4867db2041c

                                                                                Download Submit

                                                                              • C:\Program Files\VEGAS\VEGAS Pro 20.0\readme\Vegas_readme.htm
                                                                                Filesize

                                                                                24KB

                                                                                MD5

                                                                                bc8b639e7a2cdde356451fe6a64a12fa

                                                                                SHA1

                                                                                9e1f11ca216bfc94cc1f306a7b5a722b6df0d4ce

                                                                                SHA256

                                                                                fd7815888f37930050c439788ea2a5a20d1804734f0f852a1f10aae8257658d2

                                                                                SHA512

                                                                                5e159ac4a947389aff462b6ae719918e156a313419bd38597d7726d7940428ddd60ec15015ad5990a3a1ebe3d588aeb76dae8597ad7dfe9803ddc2aaeae41251

                                                                                Download Submit

                                                                              • C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
                                                                                Filesize

                                                                                61KB

                                                                                MD5

                                                                                75e2c2906eda2a4be1c20fd392d7d13d

                                                                                SHA1

                                                                                e72f00d540a5b7850fbc9cb9ff5c555b57c41db7

                                                                                SHA256

                                                                                dc503966bea6df78f2599d803b30bc9de966c75decde9a614528560229b98b36

                                                                                SHA512

                                                                                480418ee5a1d829e446aa4875a0cf7b39e51f2f3cc92f5492f54bdebe8d81c7445a30ae16b083437708af05a856fafd4f6bdf3d21cc809b6854dc9c2b66f668c

                                                                                Download Submit

                                                                              • C:\ProgramData\VEGAS\VEGAS_Pro_20\installation.ini
                                                                                Filesize

                                                                                402B

                                                                                MD5

                                                                                355bb8ff68a4a5d6c4c2692b55dde9d7

                                                                                SHA1

                                                                                455c92404269e74c44c24dfc620b7dbef5173135

                                                                                SHA256

                                                                                3a9ecb09f9cb6be4a6132121d52832afcbb2fd2da03c9d84257d33a8e5ac3ec3

                                                                                SHA512

                                                                                a57300d288109ff347f979be985f8965145787e18de9f36d03cbd7e8eb8e1cd39491847de86b37138bcb86207f9ea2f753b70c2715e05b3fd5756548e3e14050

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\133add1b-4a46-46d1-9c10-f30c58a57fd5.tmp
                                                                                Filesize

                                                                                12KB

                                                                                MD5

                                                                                62aee45f8dea59bd167e7a1c76cae032

                                                                                SHA1

                                                                                1927720659de475d1d54c05fb8629207e63aa0ab

                                                                                SHA256

                                                                                fde4b9ff8e51f8916ca7ab5edf667b1d2628a2ed7f953ba7fa36e6a1a6010654

                                                                                SHA512

                                                                                589a3cd8abf51715ab57ca5bee7c50401be8e30614919ca2393d9ff6c0265c71a3d17589ed6d122f154796c4174ace9a63c079a2c5814bacae30e5d1801e4a4a

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                Filesize

                                                                                152B

                                                                                MD5

                                                                                53bc70ecb115bdbabe67620c416fe9b3

                                                                                SHA1

                                                                                af66ec51a13a59639eaf54d62ff3b4f092bb2fc1

                                                                                SHA256

                                                                                b36cad5c1f7bc7d07c7eaa2f3cad2959ddb5447d4d3adcb46eb6a99808e22771

                                                                                SHA512

                                                                                cad44933b94e17908c0eb8ac5feeb53d03a7720d97e7ccc8724a1ed3021a5bece09e1f9f3cec56ce0739176ebbbeb20729e650f8bca04e5060c986b75d8e4921

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                Filesize

                                                                                152B

                                                                                MD5

                                                                                e765f3d75e6b0e4a7119c8b14d47d8da

                                                                                SHA1

                                                                                cc9f7c7826c2e1a129e7d98884926076c3714fc0

                                                                                SHA256

                                                                                986443556d3878258b710d9d9efbf4f25f0d764c3f83dc54217f2b12a6eccd89

                                                                                SHA512

                                                                                a1872a849f27da78ebe9adb9beb260cb49ed5f4ca2d403f23379112bdfcd2482446a6708188100496e45db1517cdb43aba8bb93a75e605713c3f97cd716b1079

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028
                                                                                Filesize

                                                                                20KB

                                                                                MD5

                                                                                631c4ff7d6e4024e5bdf8eb9fc2a2bcb

                                                                                SHA1

                                                                                c59d67b2bb027b438d05bd7c3ad9214393ef51c6

                                                                                SHA256

                                                                                27ccc7fad443790d6f9dc6fbb217fc2bc6e12f6a88e010e76d58cc33e1e99c82

                                                                                SHA512

                                                                                12517b3522fcc96cfafc031903de605609f91232a965d92473be5c1e7fc9ad4b1a46fa38c554e0613f0b1cfb02fd0a14122eaf77a0bbf3a06bd5868d31d0160e

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a
                                                                                Filesize

                                                                                20KB

                                                                                MD5

                                                                                8c34c7b82f4668c975defa63ea3c9911

                                                                                SHA1

                                                                                01aee6e4857efb1898934c58dfbaab60a9bafb75

                                                                                SHA256

                                                                                6fddf44c880fa4ab45d21e764fb4371c8820b7b1c49502ece0fb5e1eab95ab3e

                                                                                SHA512

                                                                                7b8db2103dedf6b36759771c5b0451d6e2feb8ba889a07f1dbb869c229739e4343636ab5fe0bae8ff7ae5798d533caf3e408e34b71be72d0bfdd076da5a6104f

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                Filesize

                                                                                2KB

                                                                                MD5

                                                                                1a4dfe946634a2b095f9783667598ccc

                                                                                SHA1

                                                                                b9135ac299dc04824ca58ed5c2ebdab31ebfc98b

                                                                                SHA256

                                                                                42c28b8ea0302132c9c272dd6c8d99081f03d5c8e67d2092baaf9044819542b4

                                                                                SHA512

                                                                                e1974c206c62b36e5c3478a6213e997cf507686d592399135fee7e69475084c81fcaaa0065272fe41a4e97dd5a817cafc785056b862ad4ebf9c6be403cc7c5bc

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                Filesize

                                                                                1KB

                                                                                MD5

                                                                                ab7b5aeb4fc80ec25a0fff8b67b17dfd

                                                                                SHA1

                                                                                e11a8d63e87258cc1ef10ed5f21fdb1289331c81

                                                                                SHA256

                                                                                f1b296e3ae9a2d6ddaeb600442b84ffbfade13498cc06c8881533411513e5769

                                                                                SHA512

                                                                                e97036b8a360eec85b89a23c5974bf4dd3794c71405f9f62cead9cee023930a241b513f5aaa752a6b8b0958399d1e358075e86be52f44a6b732a73b8007ab053

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                Filesize

                                                                                4KB

                                                                                MD5

                                                                                8abbf0107c8b87e53be78af6b5b02666

                                                                                SHA1

                                                                                f0cb8fe236ed48888da5ba8268abcaefc379b2cc

                                                                                SHA256

                                                                                ee0b2c70dce6343cbd70a582b246275157782eaaa65971dc71d1befbb6f547f6

                                                                                SHA512

                                                                                f61ece64a766c98237310367a5a7b41e4e725305d08c50801ddbc4e94605610c3b0090ca8e4f49c09d9b073c7137f15d16066482a2e436e521b4eabac0746b47

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                Filesize

                                                                                8KB

                                                                                MD5

                                                                                c9cda1686fd75543f590d3791fee2d97

                                                                                SHA1

                                                                                86b77d55855d10018fc6ad42133f7f8d5f98f4f4

                                                                                SHA256

                                                                                2cde0a05307938b62abcfd6e1d717a58dd532b69fdb41e81200d1e0ac9a58bdb

                                                                                SHA512

                                                                                569e683cfee3266ae37cac04231ff6b0c303fb08957fc3a26aa270cd65adea7a61c4ff77e629a870a349a751e9d492bbc8c9b90666c96238ebe3312bc86d885a

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                Filesize

                                                                                6KB

                                                                                MD5

                                                                                6e53b847e26e959ef8e12b49397443b2

                                                                                SHA1

                                                                                bd8632f5e766ed149fea3fea66d519933a64c430

                                                                                SHA256

                                                                                53c9d321c7ea069ed6d0b29814b58c10595b0209c5d386acaa145228dd15f480

                                                                                SHA512

                                                                                3e8d24233a15220e030b2bcd3e3f83113119985ca8f528c54cc2506bc878897cc9e1f01aaf1010669e203b3a2140e971f406fcaeef90ca107ee6ab4cf972ae13

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                Filesize

                                                                                9KB

                                                                                MD5

                                                                                24a867564925db639512becff28028e4

                                                                                SHA1

                                                                                a311cc734374e8e30631a8c8f86bc84402c361e0

                                                                                SHA256

                                                                                5ea94354d00b101c1557b1558a8abf7e76e7746dbfce30b953e2f382a2c94ece

                                                                                SHA512

                                                                                52bb59b56180e9f49dcbeaeaab70314b1aacf7011e7c5d03d51b8f2a98e592607e7abcea42e9406231645b55f43c772bcd334e4227a7491773a04f363d7080e1

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                Filesize

                                                                                8KB

                                                                                MD5

                                                                                8c14b4897b1156a00427ae4473a8d399

                                                                                SHA1

                                                                                a254ac00545ac828d3d2762327c90d83ec5a0342

                                                                                SHA256

                                                                                fdae5fe5513430a766ebb346bd75f62b9fe6effc5a629e493734abe15c92736e

                                                                                SHA512

                                                                                2afaaa03169f57ef187521eb68fe6f57c718e955f5c6ebce5857ffb250488fd861149602fac25dc28a6bc23e393b9f2bad7f6cb55bca034972439b29d5786407

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                Filesize

                                                                                9KB

                                                                                MD5

                                                                                b2d60eb3713a0816328d8c7c38c458a0

                                                                                SHA1

                                                                                f1b8ac10cb75e2f1f79a89371e69162b8db5867e

                                                                                SHA256

                                                                                e1886e63d53e65b313edb1183465921ea15235f4112a3d14985ced014e325a21

                                                                                SHA512

                                                                                298c62f09fba4cf4581d52e77a719f19cf427972c3786081204852f2cf3698a41416b2d0cc512be5ccb07842456176eaa44cdc241b76d7cd336043e911c251c9

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                Filesize

                                                                                9KB

                                                                                MD5

                                                                                4f4f5939e14a8531c2598f72115b64e7

                                                                                SHA1

                                                                                41510ca961b7d71f03929ee628e6864b269ba586

                                                                                SHA256

                                                                                1879ba9b6639190d029eb98cb361e833cbe738a2f7d3beec45a585c3d89980ff

                                                                                SHA512

                                                                                f12822cc79cea0d6e967ac846d264e0980f7a9301ab4230b0e5b858104d85e857db864fa6a4ad504a5a0688a81adc181b2324adf28e117bb50b0607eba369af1

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                Filesize

                                                                                1KB

                                                                                MD5

                                                                                1f463b9dc3af16a906e580f2f2e76307

                                                                                SHA1

                                                                                da101a70239299730ff44b18eb0d539bfc9fc7fc

                                                                                SHA256

                                                                                2aea2825a0189afae04827ca6d62039accb4497d729295927362127babbf6205

                                                                                SHA512

                                                                                5cd052d17f8e4081beeaf7e41735e52a094cecd9dd72ae65529b342ecd66d6a241e71eb81ee4229258eec74711e00f2a9ed0ef5eaab415e12255c262b96366fc

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                Filesize

                                                                                1KB

                                                                                MD5

                                                                                aea30f81feb2c21cbb5ec3723c43c96d

                                                                                SHA1

                                                                                0f51af2f92079f686d7bd8ae0d986cd4cd894d45

                                                                                SHA256

                                                                                3a45eb2079fe1f375d4bba69c26f178e9c02f38c5516eec99caf1aaaa750c87e

                                                                                SHA512

                                                                                2ccdf46718e91fa6daa504994c1262740802c66cd7b3736e1df23c2338d4ccff1e4bf83fd756a6ad175cfdf2dbd1c12561320bc62c53e296fad06a0388e42fb6

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581057.TMP
                                                                                Filesize

                                                                                1KB

                                                                                MD5

                                                                                5fc1022a0bab8b02043693db3477bae9

                                                                                SHA1

                                                                                28cf550ba80c6e9d76019bd46dad67705c03d228

                                                                                SHA256

                                                                                1ad0a4a26a6d25418575512b43597325f17941cfefef619c80c20a6a886bff5d

                                                                                SHA512

                                                                                93c4cbe49718d83e8152351b3557b4583277c5c3c935ffceb780e598b9bf4e3becee5f3ebcd6f68749d8db35574917432262b1945bee4e947d87b846b450441a

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                Filesize

                                                                                16B

                                                                                MD5

                                                                                6752a1d65b201c13b62ea44016eb221f

                                                                                SHA1

                                                                                58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                SHA256

                                                                                0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                SHA512

                                                                                9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                Filesize

                                                                                12KB

                                                                                MD5

                                                                                734df61346381faabad25e9438275156

                                                                                SHA1

                                                                                145bf13506fac9b20bc677150b75cdda0746fcc1

                                                                                SHA256

                                                                                d88fe54c51dfa49a3761a8d24d1319e8d6c0455bd2aebb2eafd027e663aa4b64

                                                                                SHA512

                                                                                7f7dec7ad5f93decd760d4e81af471cc72d02beec6c67ddea9ee4c5f01681b1071de6bacd80b8726059924e7b3e706ee56c180355c86744a9e968dbeea235fbb

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                Filesize

                                                                                11KB

                                                                                MD5

                                                                                5f79b23197a06b2aebaacb28b6c35d10

                                                                                SHA1

                                                                                2480bbc9795f72c4a0710901290125207c07beb6

                                                                                SHA256

                                                                                1965f99440e47cb49971ae312475addeb698974f01142662550eafdfb788f264

                                                                                SHA512

                                                                                06d8831579fff914a94e68363ff5d9f3d6faaff4b1d27b90eac71d7e680fe72b68c3c0d629959513461145bcd5932dba5de428f6e61a7fb971cb89b94875ddb0

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                Filesize

                                                                                11KB

                                                                                MD5

                                                                                e8e314f9edcf640580106d8136740926

                                                                                SHA1

                                                                                d8745da8a3e13185ff2320b689d0fdf6d9b5e83d

                                                                                SHA256

                                                                                77caf3d2e3c9911694f2a48a8eb6941045014099ad0cf1f913c6b028789967a6

                                                                                SHA512

                                                                                4f510187fa628369b7abc74e7e1d7e230f58b8d03a46f59094502d44f220fb70d23b5f44912695b0271ef653d0ec82f658f4978cfac965b2c31a1d056933f772

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                Filesize

                                                                                12KB

                                                                                MD5

                                                                                6a6384f024b8ca678fa30a740284a072

                                                                                SHA1

                                                                                290fe4c9c8dbe825799fd5079ebc2aa0863bcd61

                                                                                SHA256

                                                                                6644e7e7bf25720751f2a03b91a75f2dd07b23e3a7ff3e4c9fefead991eb4d57

                                                                                SHA512

                                                                                f1b2e7d4910f1b956fe84c6eae4afe91b8b038d1a5d308dea49e3b143d415aa047987f53df5347dfca48a686fdb368e53a4f0368bccada9ffedd8fdfa3167578

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\MxMsiLogs\VEGAS_Pro_20_20240809_143054\001#Install#vcredist2013_12_0_40664_x86_000_vcRuntimeMinimum_x86.txt
                                                                                Filesize

                                                                                2KB

                                                                                MD5

                                                                                6dc0086f0931ae52f463e804b3a32a6d

                                                                                SHA1

                                                                                360d1f5482b2e59d20d36acd203eeac62c98264a

                                                                                SHA256

                                                                                10129f873ff21abe591f3102e13b5d39219023538b673775b1b73051abb62eb2

                                                                                SHA512

                                                                                cd151511d93c9e41864d4ac6d6b0ec1a1d1e7bbf1c30c2a3e74983349e76bbb307e2ccf1f95ede040f4ccd20ee845dc8fd3ec73c1bfda7632c75474d7851486f

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\MxMsiLogs\VEGAS_Pro_20_20240809_143054\001#Install#vcredist2013_12_0_40664_x86_001_vcRuntimeAdditional_x86.txt
                                                                                Filesize

                                                                                2KB

                                                                                MD5

                                                                                132efa66ddc2f828a206293be78c7bcd

                                                                                SHA1

                                                                                4a8125ba28df648e34d49508f1089a3b0d452183

                                                                                SHA256

                                                                                cc06176e03c7c73fd631a5335e8a166a7c02ed056b7e6dab1a9e9456ee0c3eed

                                                                                SHA512

                                                                                b8e573049a6f5d23dbf26c2606a4571da15c7fe554c3efba2cf0915e7af2781cf2d10d31c376c5a4561fe38848b5517308477a1fe033eca76f26c592174a47d3

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\addon\vcredist2013_12.0.40664\vcredist_x64.exe
                                                                                Filesize

                                                                                6.9MB

                                                                                MD5

                                                                                49b1164f8e95ec6409ea83cdb352d8da

                                                                                SHA1

                                                                                1194e6bf4153fa88f20b2a70ac15bc359ada4ee2

                                                                                SHA256

                                                                                a4bba7701e355ae29c403431f871a537897c363e215cafe706615e270984f17c

                                                                                SHA512

                                                                                29b65e45ce5233f5ad480673752529026f59a760466a1026bb92fc78d1ccc82396ecb8f07b0e49c9b2315dbef976cb417273c77f4209475036775fe687dd2d60

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\addon\vcredist2013_12.0.40664\vcredist_x86.exe
                                                                                Filesize

                                                                                6.2MB

                                                                                MD5

                                                                                38a1b890ce847167d16567cf7b7a5642

                                                                                SHA1

                                                                                0f5d66bcaf120f2d3f340e448a268fe4bbf7709d

                                                                                SHA256

                                                                                53b605d1100ab0a88b867447bbf9274b5938125024ba01f5105a9e178a3dcdbd

                                                                                SHA512

                                                                                907a9aac75f4f241a85ecb94690f74f5818eea0b2241d9ef6d4bf171f17da0f4bc702e2bb90c04f194592fcc61df5c250508d16b886ed837a74b9f45da9627cd

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\product\VEGAS_Pro_20_SetupInfo.ini
                                                                                Filesize

                                                                                1KB

                                                                                MD5

                                                                                0f9b272995d5a4006119977e95fb2686

                                                                                SHA1

                                                                                b7f626600d693c1cf05cdf8cc00cc6fd5c412098

                                                                                SHA256

                                                                                b500fa16098cba0b9a60340834185c5d1c3b60528d1ef86b262785e37d727e11

                                                                                SHA512

                                                                                e4fdfac2f0c5ce1e90167bea82931590c99a73974bf6cfba6bfea4d56b919e2a47be158b458d90686c7a6badffbd2777b43c7492b092b71729551d6bbca664b0

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\product\VEGAS_Pro_20_SetupRes.mxres
                                                                                Filesize

                                                                                2.3MB

                                                                                MD5

                                                                                106dc03b6e83113c84709cbd7fef4f2c

                                                                                SHA1

                                                                                1e4d1d835f82557ca17f1f5016eb525f42429514

                                                                                SHA256

                                                                                eb1e26006d02c6ee5f49b8f321f84bb9aaf167169a298f4b306539bbd85a3254

                                                                                SHA512

                                                                                55c135e7f22d479d383a592154125e217631a377e64426bd1c119b86f2bd3f9034723daa19af0012eaefff1b9369725a73ba932399057663672eca59080662a7

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\product\VEGAS_Pro_20_en-US.mst
                                                                                Filesize

                                                                                48KB

                                                                                MD5

                                                                                a39462cb32fabbed15189cc0275cbf00

                                                                                SHA1

                                                                                ef209f952e0653b4a1a65827becffa9dd45b1b1a

                                                                                SHA256

                                                                                5e6e353911f45d829ca31b70f1d763730f1e8216785aa87e1ac57f9c9c23f2cd

                                                                                SHA512

                                                                                f8ac2f8556f3ea0d97f6bdd4c80c3c04d9474c0e36e80ec00b416ea688e253a1b206749d4ad58f6b584313388b9a5c9631e4015fb0feb4fda8c51e62524f33d8

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\product\VEGAS_Pro_20_es-ES.mst
                                                                                Filesize

                                                                                48KB

                                                                                MD5

                                                                                928f2477cfdfb7a531de1f77d0a97fdb

                                                                                SHA1

                                                                                ad386e5cc50f63b407a9f847f00c3b813abec37c

                                                                                SHA256

                                                                                8f6efacb230ac2587524b13b4ce1e95d7de51800a495dbbfa7d846057678a632

                                                                                SHA512

                                                                                2f87f6e53a65181f5405df3cecaf20de9f7f19f9fe67a8c90118406ffc791e74636f6154a69ec222154c4482932174b976ec7a20cdb3cd6d49bf5d0732449fa8

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\product\VEGAS_Pro_20_fr-FR.mst
                                                                                Filesize

                                                                                52KB

                                                                                MD5

                                                                                3ce3f886f3a7716fb901b2d24f89ea60

                                                                                SHA1

                                                                                c0cce042c925a4d687e44d709f042ee998bab4f2

                                                                                SHA256

                                                                                0d7eeb6a2ae87a64cc7c1f1c09bff69a7f53f8bf758d7fcbe56b0139975dcdd0

                                                                                SHA512

                                                                                05e299f91e75db24239bee5bd00d66425792100feeb714dfc9b4f14a1f826cd44b006e462b9b07b7b8bd876425f979618cd9157825e4711e07e787600fbe3987

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\product\VEGAS_Pro_20_setup.exe
                                                                                Filesize

                                                                                4.6MB

                                                                                MD5

                                                                                917717e087557e261275260f84a3b276

                                                                                SHA1

                                                                                d087843ed032c2ebf87cd82cc76b3b8ccaba2d57

                                                                                SHA256

                                                                                6a562ea680d7300a582d8ddf204342a6bf332a2cf883f43668ce0bd4a3315346

                                                                                SHA512

                                                                                ddacad901355a3f3acefd1c4cf28de7799500d1cd512f5f9f1ef087e20d17c2b83d27926ed346a7607bafc55e7f81890e73ee7e502f1bdc38e1f44016fd9a2b6

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\product\VEGAS_Pro_20_setup.xml
                                                                                Filesize

                                                                                5KB

                                                                                MD5

                                                                                165d5e68beedc583873611ecf592c4bd

                                                                                SHA1

                                                                                fa8dcd59626bdde8f0304ce6ec09567057f18ef3

                                                                                SHA256

                                                                                9c017fab68cdcaf3dfa8e27bc4d330a40e5e90d9faf8bdb26762adec0075b485

                                                                                SHA512

                                                                                11b8017a7d98a9c94dcb67c23ad3b7930995744029209cf976be043780c60eee4e1c1ff756a67bc16c634e62b1609ba774a436638d36c5896d10c957c5389e2a

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\product\VEGAS_Pro_20_setup_x64.ms_
                                                                                Filesize

                                                                                2.8MB

                                                                                MD5

                                                                                b8c935669d29c9471636f2abdefc2b29

                                                                                SHA1

                                                                                49b85eabed1bda1e2d45633d674c30109d6f798a

                                                                                SHA256

                                                                                6a6f786ce2d44bce9ffc0622855e45f024a745ba194c08190dbbe5ed8427eb1b

                                                                                SHA512

                                                                                5657599417a38d635b6b5f55ad2f11ddaaeb7ff9deb6e66029b2a825471de0fbf1c529c2bac75e35200d750250a58f246cff09a6ec63bc56a2215a9db9cd48a3

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\mgx1wc5nxlt\product\_abzdx6t.cab
                                                                                Filesize

                                                                                36B

                                                                                MD5

                                                                                8708699d2c73bed30a0a08d80f96d6d7

                                                                                SHA1

                                                                                684cb9d317146553e8c5269c8afb1539565f4f78

                                                                                SHA256

                                                                                a32e0a83001d2c5d41649063217923dac167809cab50ec5784078e41c9ec0f0f

                                                                                SHA512

                                                                                38ece3e441cc5d8e97781801d5b19bdede6065a0a50f7f87337039edeeb4a22ad0348e9f5b5542b26236037dd35d0563f62d7f4c4f991c51020552cfae03b264

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}\.ba1\license.rtf
                                                                                Filesize

                                                                                6KB

                                                                                MD5

                                                                                1e47ee7b71b22488068343df4ce30534

                                                                                SHA1

                                                                                deaee13f21ab70b57f44f0aa3128ec7ad9e3816a

                                                                                SHA256

                                                                                8518f0420972c1dbe8a323ffc6f57863af0b80c6a3b27fd0c6fc9bdabb7e2d13

                                                                                SHA512

                                                                                c4c653bfd1fc493b0efd8f9c75495287818179dc35969d1fb1927faac3ff9189fde1131c5abbcc3963f707412a7f8ad05a9e6855b7d47d6df1f80d25d67be9ed

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}\.ba1\thm.wxl
                                                                                Filesize

                                                                                2KB

                                                                                MD5

                                                                                fbfcbc4dacc566a3c426f43ce10907b6

                                                                                SHA1

                                                                                63c45f9a771161740e100faf710f30eed017d723

                                                                                SHA256

                                                                                70400f181d00e1769774ff36bcd8b1ab5fbc431418067d31b876d18cc04ef4ce

                                                                                SHA512

                                                                                063fb6685ee8d2fa57863a74d66a83c819fe848ba3072b6e7d1b4fe397a9b24a1037183bb2fda776033c0936be83888a6456aae947e240521e2ab75d984ee35e

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}\.ba1\thm.xml
                                                                                Filesize

                                                                                5KB

                                                                                MD5

                                                                                0056f10a42638ea8b4befc614741ddd6

                                                                                SHA1

                                                                                61d488cfbea063e028a947cb1610ee372d873c9f

                                                                                SHA256

                                                                                6b1ba0dea830e556a58c883290faa5d49c064e546cbfcd0451596a10cc693f87

                                                                                SHA512

                                                                                5764ec92f65acc4ebe4de1e2b58b8817e81e0a6bc2f6e451317347e28d66e1e6a3773d7f18be067bbb2cb52ef1fa267754ad2bf2529286cf53730a03409d398e

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}\.ba1\logo.png
                                                                                Filesize

                                                                                1KB

                                                                                MD5

                                                                                d6bd210f227442b3362493d046cea233

                                                                                SHA1

                                                                                ff286ac8370fc655aea0ef35e9cf0bfcb6d698de

                                                                                SHA256

                                                                                335a256d4779ec5dcf283d007fb56fd8211bbcaf47dcd70fe60ded6a112744ef

                                                                                SHA512

                                                                                464aaab9e08de610ad34b97d4076e92dc04c2cdc6669f60bfc50f0f9ce5d71c31b8943bd84cee1a04fb9ab5bbed3442bd41d9cb21a0dd170ea97c463e1ce2b5b

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}\.ba1\wixstdba.dll
                                                                                Filesize

                                                                                117KB

                                                                                MD5

                                                                                a52e5220efb60813b31a82d101a97dcb

                                                                                SHA1

                                                                                56e16e4df0944cb07e73a01301886644f062d79b

                                                                                SHA256

                                                                                e7c8e7edd9112137895820e789baaaeca41626b01fb99fede82968ddb66d02cf

                                                                                SHA512

                                                                                d6565ba18b5b9795d6bde3ef94d8f7cd77bf8bb69ba3fe7adefb80fc7c5d888cdfdc79238d86a0839846aea4a1e51fc0caed3d62f7054885e8b15fad9f6c654e

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}\.be\vcredist_x86.exe
                                                                                Filesize

                                                                                455KB

                                                                                MD5

                                                                                0ce624d3a5a586c2bdda26b748da78d7

                                                                                SHA1

                                                                                b9ed0a86eae645ba19ed08327888a4474c95e34a

                                                                                SHA256

                                                                                fd597b58a578cfa46e1818b3b4b795ca6d25225dc11ee86cd491f3d55d7b235d

                                                                                SHA512

                                                                                e5bc577bd319eb3ac70c527acfb313fac817e63f5184e6581f6d813491ca0f1a0f80583c14c2b9f2b8fa1df5938c2ae3318a91bda41171c63cd1670c55a85b7f

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}\cab54A5CABBE7274D8A22EB58060AAB7623
                                                                                Filesize

                                                                                973KB

                                                                                MD5

                                                                                258b65eb9fed187051d5fcec7ce65dc5

                                                                                SHA1

                                                                                b9afc5fcd8c6ca2ee3dfe9507e9adabdd9ded039

                                                                                SHA256

                                                                                80a29d5ce27c6794b9a38e5d5b98d535f877ac3363f450ee7ac0be9394426e49

                                                                                SHA512

                                                                                8d5b4c14deb07cc1bf70abfd6e04573822eff3b3937fb3867f5300d97c46f900f2446f923334d1cf5b51b17eeef063d6d59e8540456f310edecd98d223125bb1

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}\cabB3E1576D1FEFBB979E13B1A5379E0B16
                                                                                Filesize

                                                                                4.7MB

                                                                                MD5

                                                                                7fe64755ed8427ee4512760b69cfaee1

                                                                                SHA1

                                                                                30b8c69a5eb83a1804975f04fd0e701e2e9d98cc

                                                                                SHA256

                                                                                e12efc1bc0c61a7b9ba10a07502ef6833297d028368760da26e63218b744da79

                                                                                SHA512

                                                                                dc6c9dc1cb0502be87281ad5bae3ed54c5cfc7cbc4434880f1ba7a33599fc5503d8192ce6afbcf8ffcc142955f593e9830e49e72c0d5c9a7aac5f91024eac38f

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}\vcRuntimeAdditional_x86
                                                                                Filesize

                                                                                140KB

                                                                                MD5

                                                                                b547a22dcdcf3d035a56f52f1b16c2b5

                                                                                SHA1

                                                                                ec9e2fbee0a5c43c021365a35d1d6d04eea335b3

                                                                                SHA256

                                                                                7cef0419f52c47f41b9546065e6788f20de07a7f1e647589ab52d88f6c7e50a5

                                                                                SHA512

                                                                                6d49cd8266575f3a9cac205425f1fc11b70a58b0a657ba3e4ebafab43cc37ccaf54f551cbf367c8c08b2a6710f82a18ccffb3870683a9b922c91cff19ea7b65a

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\Temp\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}\vcRuntimeMinimum_x86
                                                                                Filesize

                                                                                140KB

                                                                                MD5

                                                                                89d36fccb34b319b60d1850863e0560b

                                                                                SHA1

                                                                                f356410e3946063b85750f54998582510b9672c8

                                                                                SHA256

                                                                                60714fcdac0a7cbfc45e6ed9bc6d4b7f8536947f630016e5faca5cce1745adcf

                                                                                SHA512

                                                                                24e167d0305811409e433c8d78716e9b3af4bce4b3f372276f4730ae7c802b8be8f193a70ac0d44ad6e083a35f03fcfdb2faaae4a9975c9e2ef1254285b0309f

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Local\VEGAS Pro\20.0\FFCache_x64_1033.ini
                                                                                Filesize

                                                                                23KB

                                                                                MD5

                                                                                8c9a233796c7a98c56e33e3816be6015

                                                                                SHA1

                                                                                eb216efa84eeda1f3b518be133934f21803c28c5

                                                                                SHA256

                                                                                556603c375a6a6e3ebe28ca18088e011c9b3574279a3d62faa58dc035dbb7740

                                                                                SHA512

                                                                                eb86f324c82c44ee68ac52e8e1fc13446874f321b5ee5ef053c63c2e851799439fc40b0da916b57549a3e16676d21cfcccf47b81ebd53d947c20a858f10ac414

                                                                                Download Submit

                                                                              • C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-523280732-2327480845-3730041215-1000\0f5007522459c86e95ffcc62f32308f1_a5c5e2ae-85e3-447c-9e0b-c9a7b966d823
                                                                                Filesize

                                                                                1KB

                                                                                MD5

                                                                                bc5a1acab1fd601e9924f778482d8deb

                                                                                SHA1

                                                                                4bb2126c223bb7963e553be26222eb86161c1704

                                                                                SHA256

                                                                                f5a12e46267e4c683cf62cdf3340143a259398ff3143ec31018b72281d4c906e

                                                                                SHA512

                                                                                6706bc830f8ff24554feb256b2dfefaa43ee6742b2b50c14b92b5c26a5998f273f63fefe61e58e2372cd415c2357134caf03ec2312c85d059c7cc184c9a98b2e

                                                                                Download Submit

                                                                              • C:\Users\Admin\Downloads\Unconfirmed 182516.crdownload
                                                                                Filesize

                                                                                1.3MB

                                                                                MD5

                                                                                3f6d2cef65fe49a38190781a0cb46707

                                                                                SHA1

                                                                                6132b1cbb8b81a587d3eda3c9ac3a1c434fb13b0

                                                                                SHA256

                                                                                151261d221ba0f6120c7f16700ab0724b92ff3230f05a89ef15dbcd8198678bb

                                                                                SHA512

                                                                                731b8fe2c578444ce859bf2061c342b13716e49647d99517358b69740e2f6e49d751474c241f25381b0e194defc2af9fe0f434aedd3bd96aa39cbd19dd457a58

                                                                                Download Submit

                                                                              • C:\Windows\Installer\MSI1281.tmp
                                                                                Filesize

                                                                                109KB

                                                                                MD5

                                                                                fa69e5cf4218af3928b2fd555d68dd49

                                                                                SHA1

                                                                                9aaaa287cd9ba0ab05e8a5f0b60b61f302091f02

                                                                                SHA256

                                                                                275fde668dbf6b346c8eab30755fc0514e6a1fc361d2e266931f904c2a0ae354

                                                                                SHA512

                                                                                dd7c9ad37bbf602021795079319b62c2d709c6ac077f2d087f1084dd040206975bd32d00a602d7fe7a98b1bf40d259390ae8edd2a56ebf51cfa6603cb5d46bea

                                                                                Download Submit

                                                                              • C:\Windows\Installer\MSIA595.tmp
                                                                                Filesize

                                                                                1.7MB

                                                                                MD5

                                                                                7cb17fb61194fa5f2fd93f49a035b75a

                                                                                SHA1

                                                                                f0dbeff9a5e8f138586f7e8b6b4a7c431f2ff0f4

                                                                                SHA256

                                                                                8a78c9053c8b3645b0aa8423893f653997b9f40aa5a54c1fc4c947ddeefb5e3e

                                                                                SHA512

                                                                                d0acbec1d67c9442be82f57b2529783f1d06be9dbac11646a8ec22591ef8d6ac848aa546448be05fd0e14394d0e5adcefa4b49ff24b0234fd745d4ae0cb14da4

                                                                                Download Submit

                                                                              • C:\Windows\Installer\MSICFAA.tmp
                                                                                Filesize

                                                                                181KB

                                                                                MD5

                                                                                785ee78478d43f00870e91fa96b94646

                                                                                SHA1

                                                                                97e3f06230bb97333db9574e56a187c2b5dfce50

                                                                                SHA256

                                                                                b8665993cd5f7224e35c122a5c1965f8c4f2b4d9d41f75160b515e66f9affc53

                                                                                SHA512

                                                                                d34cd716d1925c2286a0d75a4e31d8a3deaaf381322cbd1931d3e26a51addd1d37f6c72f6511f6e7058c8ad1f016f4fa26e9594b02bb7bbba874c1b2406ac3ed

                                                                                Download Submit

                                                                              • C:\Windows\Installer\{A9855401-2159-448A-9AF2-CC0AA49E473B}\ProgramIcon.exe
                                                                                Filesize

                                                                                352KB

                                                                                MD5

                                                                                3e9a039fdd1a8b125b1409bf76cdb9b0

                                                                                SHA1

                                                                                8b99aec15c9a2482d5c9bef3ee7eaa4b8809881c

                                                                                SHA256

                                                                                b36f8918846b210e2863d606d9dd536a708ecdb0310d5d151631f0981edc25b5

                                                                                SHA512

                                                                                7e8e1e57fcc617d6625cc53af7c893edfb2538f985ca3c91a8be46bcabe7a11aabb6f2bc0b12474602519f171d6c267510601a6760f8aea44836a2323e9d0b13

                                                                                Download Submit

                                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.log
                                                                                Filesize

                                                                                148KB

                                                                                MD5

                                                                                991acf535b1c6126704d47dcfbc2a03a

                                                                                SHA1

                                                                                a9ca427c64b6df441663f574ccedc92e18492bcb

                                                                                SHA256

                                                                                541199e0103329de50377c8476bf9b233e91424a44cd96e955d361a545902334

                                                                                SHA512

                                                                                2af36cf378ad56844ced501dc6050aca3231af0011a20242b9f994a121aa5958ca8b0cebbfc70dc59a7d6f952c1b88836414bb6d6295aed727582d14ed2d53f7

                                                                                Download Submit

                                                                              • C:\Windows\SysWOW64\DLLDEV32i.dll
                                                                                Filesize

                                                                                117KB

                                                                                MD5

                                                                                c1a43f0b58be9892362b11f0008d3b1f

                                                                                SHA1

                                                                                608f5bd3cbd729f6475a611c1347143c91b2323d

                                                                                SHA256

                                                                                810a77a90aa2ce17cb328a7d36792c0c815a752bcde0751554031c9867adf228

                                                                                SHA512

                                                                                99881ecb643464a4e6170b64c5474c84bc128edc78909db4c4e9f26af0cc48edfba291fc76cd157dedce8c488688f03d6611f1b3a32dcab16dca39dd12d80712

                                                                                Download Submit

                                                                              • memory/184-5146-0x0000000007690000-0x00000000076B1000-memory.dmp

                                                                                Filesize

                                                                                132KB

                                                                                Download

                                                                              • memory/1460-1342-0x00000000003B0000-0x0000000000415000-memory.dmp

                                                                                Filesize

                                                                                404KB

                                                                                Download

                                                                              • memory/1832-4824-0x000001E348490000-0x000001E3484A6000-memory.dmp

                                                                                Filesize

                                                                                88KB

                                                                                Download

                                                                              • memory/1836-4814-0x000001E1EFC80000-0x000001E1EFC96000-memory.dmp

                                                                                Filesize

                                                                                88KB

                                                                                Download

                                                                              • memory/2636-4822-0x0000029E02EE0000-0x0000029E02EF6000-memory.dmp

                                                                                Filesize

                                                                                88KB

                                                                                Download

                                                                              • memory/2988-4826-0x000001FCC0400000-0x000001FCC0416000-memory.dmp

                                                                                Filesize

                                                                                88KB

                                                                                Download

                                                                              • memory/3284-1714-0x0000000000AD0000-0x0000000000B35000-memory.dmp

                                                                                Filesize

                                                                                404KB

                                                                                Download

                                                                              • memory/3664-4976-0x0000000010030000-0x0000000010083000-memory.dmp

                                                                                Filesize

                                                                                332KB

                                                                                Download

                                                                              • memory/3672-4946-0x0000000030000000-0x0000000030006000-memory.dmp

                                                                                Filesize

                                                                                24KB

                                                                                Download

                                                                              • memory/3716-1870-0x0000000000C10000-0x0000000000C47000-memory.dmp

                                                                                Filesize

                                                                                220KB

                                                                                Download

                                                                              • memory/3716-1854-0x0000000000C10000-0x0000000000C47000-memory.dmp

                                                                                Filesize

                                                                                220KB

                                                                                Download

                                                                              • memory/3716-1855-0x0000000071AC0000-0x0000000071D38000-memory.dmp

                                                                                Filesize

                                                                                2.5MB

                                                                                Download

                                                                              • memory/3968-4911-0x0000000006300000-0x0000000006322000-memory.dmp

                                                                                Filesize

                                                                                136KB

                                                                                Download

                                                                              • memory/3968-4918-0x0000000006630000-0x0000000006652000-memory.dmp

                                                                                Filesize

                                                                                136KB

                                                                                Download

                                                                              • memory/3968-4887-0x0000000005170000-0x0000000005178000-memory.dmp

                                                                                Filesize

                                                                                32KB

                                                                                Download

                                                                              • memory/3968-4888-0x0000000005180000-0x00000000051A5000-memory.dmp

                                                                                Filesize

                                                                                148KB

                                                                                Download

                                                                              • memory/3968-4890-0x00000000051C0000-0x00000000051D0000-memory.dmp

                                                                                Filesize

                                                                                64KB

                                                                                Download

                                                                              • memory/3968-4889-0x0000000005210000-0x0000000005266000-memory.dmp

                                                                                Filesize

                                                                                344KB

                                                                                Download

                                                                              • memory/3968-4891-0x0000000005820000-0x0000000005DC4000-memory.dmp

                                                                                Filesize

                                                                                5.6MB

                                                                                Download

                                                                              • memory/3968-4892-0x0000000005320000-0x0000000005368000-memory.dmp

                                                                                Filesize

                                                                                288KB

                                                                                Download

                                                                              • memory/3968-4893-0x00000000051F0000-0x00000000051F8000-memory.dmp

                                                                                Filesize

                                                                                32KB

                                                                                Download

                                                                              • memory/3968-4898-0x00000000055D0000-0x000000000564A000-memory.dmp

                                                                                Filesize

                                                                                488KB

                                                                                Download

                                                                              • memory/3968-4899-0x0000000005380000-0x000000000538A000-memory.dmp

                                                                                Filesize

                                                                                40KB

                                                                                Download

                                                                              • memory/3968-4897-0x00000000054E0000-0x000000000554C000-memory.dmp

                                                                                Filesize

                                                                                432KB

                                                                                Download

                                                                              • memory/3968-4896-0x0000000005420000-0x000000000546F000-memory.dmp

                                                                                Filesize

                                                                                316KB

                                                                                Download

                                                                              • memory/3968-4900-0x0000000005DD0000-0x0000000006124000-memory.dmp

                                                                                Filesize

                                                                                3.3MB

                                                                                Download

                                                                              • memory/3968-4895-0x00000000053B0000-0x00000000053CC000-memory.dmp

                                                                                Filesize

                                                                                112KB

                                                                                Download

                                                                              • memory/3968-4894-0x0000000005390000-0x00000000053A2000-memory.dmp

                                                                                Filesize

                                                                                72KB

                                                                                Download

                                                                              • memory/3968-4902-0x00000000054B0000-0x00000000054B8000-memory.dmp

                                                                                Filesize

                                                                                32KB

                                                                                Download

                                                                              • memory/3968-4903-0x0000000006130000-0x000000000617C000-memory.dmp

                                                                                Filesize

                                                                                304KB

                                                                                Download

                                                                              • memory/3968-4904-0x00000000061B0000-0x00000000061D2000-memory.dmp

                                                                                Filesize

                                                                                136KB

                                                                                Download

                                                                              • memory/3968-4905-0x0000000005800000-0x000000000581E000-memory.dmp

                                                                                Filesize

                                                                                120KB

                                                                                Download

                                                                              • memory/3968-4906-0x0000000006220000-0x000000000625C000-memory.dmp

                                                                                Filesize

                                                                                240KB

                                                                                Download

                                                                              • memory/3968-4907-0x00000000062B0000-0x0000000006300000-memory.dmp

                                                                                Filesize

                                                                                320KB

                                                                                Download

                                                                              • memory/3968-4908-0x00000000063C0000-0x0000000006472000-memory.dmp

                                                                                Filesize

                                                                                712KB

                                                                                Download

                                                                              • memory/3968-4909-0x0000000006480000-0x00000000064E6000-memory.dmp

                                                                                Filesize

                                                                                408KB

                                                                                Download

                                                                              • memory/3968-4910-0x0000000006A20000-0x0000000006F4C000-memory.dmp

                                                                                Filesize

                                                                                5.2MB

                                                                                Download

                                                                              • memory/3968-4912-0x0000000006590000-0x0000000006622000-memory.dmp

                                                                                Filesize

                                                                                584KB

                                                                                Download

                                                                              • memory/3968-4913-0x0000000006330000-0x000000000634C000-memory.dmp

                                                                                Filesize

                                                                                112KB

                                                                                Download

                                                                              • memory/3968-4914-0x0000000007420000-0x00000000078EC000-memory.dmp

                                                                                Filesize

                                                                                4.8MB

                                                                                Download

                                                                              • memory/3968-4915-0x00000000063A0000-0x00000000063B2000-memory.dmp

                                                                                Filesize

                                                                                72KB

                                                                                Download

                                                                              • memory/3968-4916-0x00000000064F0000-0x0000000006510000-memory.dmp

                                                                                Filesize

                                                                                128KB

                                                                                Download

                                                                              • memory/3968-4917-0x0000000006550000-0x0000000006582000-memory.dmp

                                                                                Filesize

                                                                                200KB

                                                                                Download

                                                                              • memory/3968-4886-0x0000000005160000-0x0000000005168000-memory.dmp

                                                                                Filesize

                                                                                32KB

                                                                                Download

                                                                              • memory/3968-4920-0x00000000066B0000-0x00000000066F4000-memory.dmp

                                                                                Filesize

                                                                                272KB

                                                                                Download

                                                                              • memory/3968-4921-0x0000000006660000-0x000000000667A000-memory.dmp

                                                                                Filesize

                                                                                104KB

                                                                                Download

                                                                              • memory/3968-4919-0x0000000006730000-0x00000000067FE000-memory.dmp

                                                                                Filesize

                                                                                824KB

                                                                                Download

                                                                              • memory/3968-4922-0x0000000006F50000-0x0000000007072000-memory.dmp

                                                                                Filesize

                                                                                1.1MB

                                                                                Download

                                                                              • memory/3968-4924-0x0000000006680000-0x000000000668A000-memory.dmp

                                                                                Filesize

                                                                                40KB

                                                                                Download

                                                                              • memory/3968-4925-0x0000000006700000-0x0000000006720000-memory.dmp

                                                                                Filesize

                                                                                128KB

                                                                                Download

                                                                              • memory/3968-4923-0x0000000006800000-0x000000000687D000-memory.dmp

                                                                                Filesize

                                                                                500KB

                                                                                Download

                                                                              • memory/3968-4926-0x0000000007080000-0x0000000007206000-memory.dmp

                                                                                Filesize

                                                                                1.5MB

                                                                                Download

                                                                              • memory/3968-4927-0x00000000069E0000-0x00000000069FA000-memory.dmp

                                                                                Filesize

                                                                                104KB

                                                                                Download

                                                                              • memory/3968-4928-0x0000000007250000-0x000000000728C000-memory.dmp

                                                                                Filesize

                                                                                240KB

                                                                                Download

                                                                              • memory/3968-4929-0x0000000006A00000-0x0000000006A12000-memory.dmp

                                                                                Filesize

                                                                                72KB

                                                                                Download

                                                                              • memory/4080-4816-0x000002C225A30000-0x000002C225A46000-memory.dmp

                                                                                Filesize

                                                                                88KB

                                                                                Download

                                                                              • memory/4304-4828-0x000002C3713D0000-0x000002C3713E6000-memory.dmp

                                                                                Filesize

                                                                                88KB

                                                                                Download

                                                                              • memory/4316-5621-0x0000000073610000-0x0000000074DB9000-memory.dmp

                                                                                Filesize

                                                                                23.7MB

                                                                                Download

                                                                              • memory/4320-1713-0x0000000000AD0000-0x0000000000B35000-memory.dmp

                                                                                Filesize

                                                                                404KB

                                                                                Download

                                                                              • memory/4572-4933-0x0000000010000000-0x0000000010005000-memory.dmp

                                                                                Filesize

                                                                                20KB

                                                                                Download

                                                                              • memory/4808-4844-0x00007FF72B6F0000-0x00007FF72E231000-memory.dmp

                                                                                Filesize

                                                                                43.3MB

                                                                                Download

                                                                              • memory/5008-4830-0x000001C210830000-0x000001C210846000-memory.dmp

                                                                                Filesize

                                                                                88KB

                                                                                Download

                                                                              • memory/5176-4992-0x00000000628D0000-0x0000000062B5E000-memory.dmp

                                                                                Filesize

                                                                                2.6MB

                                                                                Download

                                                                              • memory/5200-5145-0x0000000007020000-0x000000000709D000-memory.dmp

                                                                                Filesize

                                                                                500KB

                                                                                Download

                                                                              • memory/5256-4812-0x0000015CA7B10000-0x0000015CA7B11000-memory.dmp

                                                                                Filesize

                                                                                4KB

                                                                                Download

                                                                              • memory/5264-5037-0x0000000007060000-0x0000000007081000-memory.dmp

                                                                                Filesize

                                                                                132KB

                                                                                Download

                                                                              • memory/5392-4962-0x0000000011000000-0x0000000011025000-memory.dmp

                                                                                Filesize

                                                                                148KB

                                                                                Download

                                                                              • memory/5576-1343-0x00000000003B0000-0x0000000000415000-memory.dmp

                                                                                Filesize

                                                                                404KB

                                                                                Download

                                                                              • memory/5636-4818-0x000001E8BCB00000-0x000001E8BCB16000-memory.dmp

                                                                                Filesize

                                                                                88KB

                                                                                Download

                                                                              • memory/5640-4832-0x000002214E010000-0x000002214E026000-memory.dmp

                                                                                Filesize

                                                                                88KB

                                                                                Download

                                                                              • memory/5796-4820-0x000002195C090000-0x000002195C0A6000-memory.dmp

                                                                                Filesize

                                                                                88KB

                                                                                Download

                                                                              • memory/5904-4834-0x000001D635E50000-0x000001D635E66000-memory.dmp

                                                                                Filesize

                                                                                88KB

                                                                                Download

                                                                              • memory/6120-5222-0x00000000051F0000-0x000000000526D000-memory.dmp

                                                                                Filesize

                                                                                500KB

                                                                                Download