Overview

overview

8

Static

static

3

magix-vega...ws.zip

windows11-21h2-x64

1

MAGIX Vega...t).zip

windows11-21h2-x64

1

MAGIX Vega...ck.txt

windows11-21h2-x64

3

MAGIX Vega...58.exe

windows11-21h2-x64

8

Vegas Pro ...er.jpg

windows11-21h2-x64

3

__ia_thumb.jpg

windows11-21h2-x64

3

magix-vega...orrent

windows11-21h2-x64

3

magix-vega...es.xml

windows11-21h2-x64

1

magix-vega...sqlite

windows11-21h2-x64

3

magix-vega...ta.xml

windows11-21h2-x64

1

magix-vega...ws.xml

windows11-21h2-x64

1

Resubmissions

29/08/2024, 09:25

240829-ldk2qstgph 8

29/08/2024, 09:14

240829-k7qzeawcrm 8

Analysis

  • max time kernel
    517s
  • max time network
    478s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    29/08/2024, 09:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MAGIX Vegas Pro 19.0 Build 458 RePack by KpoJIuK (64Bit)/MAGIX.Vegas.Pro.v19.0.458.exe

  • Size

    273.1MB

  • MD5

    1bedeef92eebf22ff8877d4863896b5e

  • SHA1

    53ee359f5e5413ba9eeba280af54815998ef1726

  • SHA256

    b140c2036b2e57e71b72cdcf4cdd6df64d4b41180150b6b953db0c71fdf3f756

  • SHA512

    0525c618c345d4cccb56b6f832c1a1bda13e31f52aced903b687ae218c7c72c5b49be2d2e5c1aefcc4c1137525fc103892e9ecae9db67b0a2d60822fe94cf9de

  • SSDEEP

    6291456:gf+Vv7lueNfC3LOBF8JVfRC+oXGHrlJk4mjQsmL9sBGr3z30:LVv7ceJGOIVZaXGBJkisG7z30

Score
8/10
discoveryevasionexecutionpersistenceprivilege_escalation

Malware Config

Signatures

  • Command and Scripting Interpreter: PowerShell 1 TTPs 6 IoCs

    Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    execution
  • Downloads MZ/PE file
  • Modifies Windows Firewall 2 TTPs 1 IoCs
    evasion
  • Event Triggered Execution: Component Object Model Hijacking 1 TTPs

    Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    persistenceprivilege_escalation
  • Executes dropped EXE 24 IoCs
  • Loads dropped DLL 64 IoCs
  • Enumerates connected drives 3 TTPs 23 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Drops file in System32 directory 11 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 64 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Event Triggered Execution: Netsh Helper DLL 1 TTPs 3 IoCs

    Netsh.exe (also referred to as Netshell) is a command-line scripting utility used to interact with the network configuration of a system.

    persistenceprivilege_escalation
  • System Location Discovery: System Language Discovery 1 TTPs 64 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Checks SCSI registry key(s) 3 TTPs 5 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Modifies Control Panel 7 IoCs
    evasion
  • Modifies data under HKEY_USERS 3 IoCs
  • Modifies registry class 64 IoCs
  • Modifies system certificate store 2 TTPs 3 IoCs
    evasionspywaretrojan
  • Suspicious behavior: EnumeratesProcesses 22 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

    persistence
  • Uses Volume Shadow Copy WMI provider

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware
  • Uses Volume Shadow Copy service COM API

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware

Processes

  • C:\Users\Admin\AppData\Local\Temp\MAGIX Vegas Pro 19.0 Build 458 RePack by KpoJIuK (64Bit)\MAGIX.Vegas.Pro.v19.0.458.exe
    "C:\Users\Admin\AppData\Local\Temp\MAGIX Vegas Pro 19.0 Build 458 RePack by KpoJIuK (64Bit)\MAGIX.Vegas.Pro.v19.0.458.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2088
    • C:\Windows\SysWOW64\netsh.exe
      netsh.exe advfirewall firewall delete rule name="all" remoteip=95.141.193.133
      2⤵
      • Modifies Windows Firewall
      • Event Triggered Execution: Netsh Helper DLL
      • System Location Discovery: System Language Discovery
      PID:4944
    • C:\Windows\SysWOW64\route.exe
      route.exe delete 95.141.193.133
      2⤵
      • System Location Discovery: System Language Discovery
      PID:1200
    • C:\Windows\SysWOW64\msiexec.exe
      msiexec.exe /x {FB6AD140-FA63-11EB-982B-00155DEA5CED} /qn
      2⤵
      • System Location Discovery: System Language Discovery
      • Suspicious use of AdjustPrivilegeToken
      PID:4332
    • C:\Windows\SysWOW64\msiexec.exe
      msiexec.exe /I "C:\Users\Admin\AppData\Local\Temp\MVP19\vegas190.msi" /qb SF_INSTALL_DESKTOP_SHORTCUTS=1 APPDIR="C:\Program Files\VEGAS\Vegas Pro 19\"
      2⤵
      • System Location Discovery: System Language Discovery
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      PID:904
    • C:\Windows\SysWOW64\cmd.exe
      cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\PACK.EXE" -p123
      2⤵
        PID:4580
        • C:\Users\Admin\AppData\Local\Temp\PACK.EXE
          C:\Users\Admin\AppData\Local\Temp\PACK.EXE -p123
          3⤵
          • Executes dropped EXE
          • System Location Discovery: System Language Discovery
          PID:3680
          • C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
            "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -nologo -noninteractive -windowStyle hidden -noprofile -command "Add-MpPreference -ThreatIDDefaultAction_Ids 2147781989 -ThreatIDDefaultAction_Actions Allow -Force"
            4⤵
            • Command and Scripting Interpreter: PowerShell
            • System Location Discovery: System Language Discovery
            • Suspicious behavior: EnumeratesProcesses
            PID:5868
          • C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
            "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -nologo -noninteractive -windowStyle hidden -noprofile -command "Add-MpPreference -ThreatIDDefaultAction_Ids 2147735505 -ThreatIDDefaultAction_Actions Allow -Force"
            4⤵
            • Command and Scripting Interpreter: PowerShell
            • System Location Discovery: System Language Discovery
            • Suspicious behavior: EnumeratesProcesses
            PID:6080
          • C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
            "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -nologo -noninteractive -windowStyle hidden -noprofile -command "Add-MpPreference -ThreatIDDefaultAction_Ids 2147814523 -ThreatIDDefaultAction_Actions Allow -Force"
            4⤵
            • Command and Scripting Interpreter: PowerShell
            • System Location Discovery: System Language Discovery
            • Suspicious behavior: EnumeratesProcesses
            PID:5472
          • C:\Users\Admin\AppData\Local\Temp\RarSFX0\ya.exe
            "C:\Users\Admin\AppData\Local\Temp\RarSFX0\ya.exe"
            4⤵
            • Executes dropped EXE
            • System Location Discovery: System Language Discovery
            • Suspicious use of SetWindowsHookEx
            PID:2876
    • C:\Windows\system32\msiexec.exe
      C:\Windows\system32\msiexec.exe /V
      1⤵
      • Enumerates connected drives
      • Drops file in System32 directory
      • Drops file in Program Files directory
      • Drops file in Windows directory
      • Modifies data under HKEY_USERS
      • Modifies registry class
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of WriteProcessMemory
      PID:3824
      • C:\Windows\system32\srtasks.exe
        C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:2
        2⤵
          PID:4528
        • C:\Windows\syswow64\MsiExec.exe
          C:\Windows\syswow64\MsiExec.exe -Embedding 6EF10572D475BEB8CF3058423390029B
          2⤵
          • Loads dropped DLL
          • System Location Discovery: System Language Discovery
          PID:3228
        • C:\Windows\System32\MsiExec.exe
          C:\Windows\System32\MsiExec.exe -Embedding 3FE0FBCB8DEDBB2B917F9F531D98C35F
          2⤵
          • Loads dropped DLL
          • Suspicious use of WriteProcessMemory
          PID:3688
          • C:\Windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
            "C:\Windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe" Install "C:\Program Files\VEGAS\Vegas Pro 19\bdmux\BdMuxServer.exe"
            3⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            • Suspicious use of WriteProcessMemory
            PID:760
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 238 -InterruptEvent 0 -NGENProcess 228 -Pipe 234 -Comment "NGen Worker Process"
              4⤵
              • Loads dropped DLL
              • System Location Discovery: System Language Discovery
              PID:4744
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 314 -InterruptEvent 0 -NGENProcess 300 -Pipe 310 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:4932
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 328 -InterruptEvent 0 -NGENProcess 318 -Pipe 320 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:1844
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 304 -InterruptEvent 0 -NGENProcess 330 -Pipe 31c -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:1232
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 228 -InterruptEvent 0 -NGENProcess 328 -Pipe 230 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:3804
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 238 -InterruptEvent 0 -NGENProcess 2d0 -Pipe 2d8 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:3108
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2e8 -InterruptEvent 0 -NGENProcess 250 -Pipe 2e0 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:3524
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2c8 -InterruptEvent 0 -NGENProcess 364 -Pipe 344 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:4916
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 238 -InterruptEvent 0 -NGENProcess 364 -Pipe 2d4 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:380
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2e8 -InterruptEvent 0 -NGENProcess 340 -Pipe 37c -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:5128
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2e8 -InterruptEvent 0 -NGENProcess 2c8 -Pipe 360 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:5240
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 354 -InterruptEvent 0 -NGENProcess 2e8 -Pipe 2c8 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:5440
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 380 -InterruptEvent 0 -NGENProcess 368 -Pipe 38c -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:4572
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 368 -InterruptEvent 0 -NGENProcess 324 -Pipe 384 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:244
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 324 -InterruptEvent 0 -NGENProcess 250 -Pipe 368 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:5688
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 370 -InterruptEvent 0 -NGENProcess 39c -Pipe 36c -Comment "NGen Worker Process"
              4⤵
              • System Location Discovery: System Language Discovery
              PID:5560
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 250 -InterruptEvent 0 -NGENProcess 328 -Pipe 358 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:908
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 324 -InterruptEvent 0 -NGENProcess 398 -Pipe 364 -Comment "NGen Worker Process"
              4⤵
              • System Location Discovery: System Language Discovery
              PID:5824
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 370 -InterruptEvent 0 -NGENProcess 2e8 -Pipe 378 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:5908
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 328 -InterruptEvent 0 -NGENProcess 2e4 -Pipe 380 -Comment "NGen Worker Process"
              4⤵
              • System Location Discovery: System Language Discovery
              PID:5984
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 330 -InterruptEvent 0 -NGENProcess 348 -Pipe 2d0 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:6100
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 388 -InterruptEvent 0 -NGENProcess 324 -Pipe 348 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              PID:2120
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 250 -InterruptEvent 0 -NGENProcess 388 -Pipe 370 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:2776
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 33c -InterruptEvent 0 -NGENProcess 330 -Pipe 398 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:756
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 33c -InterruptEvent 0 -NGENProcess 354 -Pipe 304 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:1140
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 35c -InterruptEvent 0 -NGENProcess 324 -Pipe 328 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:3100
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 340 -InterruptEvent 0 -NGENProcess 3a0 -Pipe 330 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:684
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 3b0 -InterruptEvent 0 -NGENProcess 2e8 -Pipe 3a8 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:4692
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 324 -InterruptEvent 0 -NGENProcess 228 -Pipe 3ac -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:3700
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 228 -InterruptEvent 0 -NGENProcess 2e8 -Pipe 324 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:3504
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 3b4 -InterruptEvent 0 -NGENProcess 2e4 -Pipe 3a0 -Comment "NGen Worker Process"
              4⤵
              • Drops file in Windows directory
              • System Location Discovery: System Language Discovery
              PID:2980
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
              C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 3c4 -InterruptEvent 0 -NGENProcess 3a4 -Pipe 35c -Comment "NGen Worker Process"
              4⤵
                PID:1020
              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 3a4 -InterruptEvent 0 -NGENProcess 3c0 -Pipe 3c4 -Comment "NGen Worker Process"
                4⤵
                • System Location Discovery: System Language Discovery
                PID:5184
              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 340 -InterruptEvent 0 -NGENProcess 3d4 -Pipe 3b8 -Comment "NGen Worker Process"
                4⤵
                • Drops file in Windows directory
                • System Location Discovery: System Language Discovery
                PID:5352
              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2e4 -InterruptEvent 0 -NGENProcess 3b0 -Pipe 228 -Comment "NGen Worker Process"
                4⤵
                • Drops file in Windows directory
                • System Location Discovery: System Language Discovery
                PID:4672
              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 374 -InterruptEvent 0 -NGENProcess 39c -Pipe 390 -Comment "NGen Worker Process"
                4⤵
                • Drops file in Windows directory
                • System Location Discovery: System Language Discovery
                PID:1932
              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 354 -InterruptEvent 0 -NGENProcess 3b0 -Pipe 3b4 -Comment "NGen Worker Process"
                4⤵
                • Drops file in Windows directory
                • System Location Discovery: System Language Discovery
                PID:5504
              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2e4 -InterruptEvent 0 -NGENProcess 238 -Pipe 354 -Comment "NGen Worker Process"
                4⤵
                • Drops file in Windows directory
                • System Location Discovery: System Language Discovery
                PID:1576
              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 39c -InterruptEvent 0 -NGENProcess 33c -Pipe 3c8 -Comment "NGen Worker Process"
                4⤵
                • Drops file in Windows directory
                • System Location Discovery: System Language Discovery
                PID:5876
              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 388 -InterruptEvent 0 -NGENProcess 340 -Pipe 238 -Comment "NGen Worker Process"
                4⤵
                • Drops file in Windows directory
                • System Location Discovery: System Language Discovery
                PID:2920
              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 340 -InterruptEvent 0 -NGENProcess 250 -Pipe 388 -Comment "NGen Worker Process"
                4⤵
                • System Location Discovery: System Language Discovery
                PID:4040
              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 3d8 -InterruptEvent 0 -NGENProcess 39c -Pipe 33c -Comment "NGen Worker Process"
                4⤵
                • Drops file in Windows directory
                • System Location Discovery: System Language Discovery
                PID:4528
              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 3f0 -InterruptEvent 0 -NGENProcess 394 -Pipe 3d4 -Comment "NGen Worker Process"
                4⤵
                • Drops file in Windows directory
                • System Location Discovery: System Language Discovery
                PID:6068
              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2e4 -InterruptEvent 0 -NGENProcess 340 -Pipe 3bc -Comment "NGen Worker Process"
                4⤵
                • Drops file in Windows directory
                • System Location Discovery: System Language Discovery
                PID:6040
          • C:\Windows\System32\MsiExec.exe
            "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files (x86)\VEGAS\Shared Plug-Ins\Audio_x64\mchammer_x64.dll"
            2⤵
            • Loads dropped DLL
            • Modifies registry class
            PID:5788
          • C:\Windows\System32\MsiExec.exe
            "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files (x86)\VEGAS\Shared Plug-Ins\Audio_x64\sffrgpnv_x64.dll"
            2⤵
            • Loads dropped DLL
            PID:5796
          • C:\Windows\System32\MsiExec.exe
            "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files (x86)\VEGAS\Shared Plug-Ins\Audio_x64\sfppack1_x64.dll"
            2⤵
            • Loads dropped DLL
            • Modifies registry class
            PID:5824
          • C:\Windows\System32\MsiExec.exe
            "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files (x86)\VEGAS\Shared Plug-Ins\Audio_x64\sfppack2_x64.dll"
            2⤵
            • Loads dropped DLL
            • Modifies registry class
            PID:5852
          • C:\Windows\System32\MsiExec.exe
            "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files (x86)\VEGAS\Shared Plug-Ins\Audio_x64\sfppack3_x64.dll"
            2⤵
            • Loads dropped DLL
            • Modifies registry class
            PID:5892
          • C:\Windows\System32\MsiExec.exe
            "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files (x86)\VEGAS\Shared Plug-Ins\Audio_x64\sfresfilter_x64.dll"
            2⤵
            • Loads dropped DLL
            PID:5924
          • C:\Windows\System32\MsiExec.exe
            "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files (x86)\VEGAS\Shared Plug-Ins\Audio_x64\sftrkfx1_x64.dll"
            2⤵
            • Loads dropped DLL
            • Modifies registry class
            PID:5952
          • C:\Windows\System32\MsiExec.exe
            "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files (x86)\VEGAS\Shared Plug-Ins\Audio_x64\sfxpfx1_x64.dll"
            2⤵
            • Loads dropped DLL
            • Modifies registry class
            PID:5984
          • C:\Windows\System32\MsiExec.exe
            "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files (x86)\VEGAS\Shared Plug-Ins\Audio_x64\sfxpfx2_x64.dll"
            2⤵
            • Loads dropped DLL
            • Modifies registry class
            PID:6012
          • C:\Windows\System32\MsiExec.exe
            "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files (x86)\VEGAS\Shared Plug-Ins\Audio_x64\sfxpfx3_x64.dll"
            2⤵
            • Loads dropped DLL
            • Modifies registry class
            PID:6040
          • C:\Windows\System32\MsiExec.exe
            "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files (x86)\VEGAS\Shared Plug-Ins\Audio_x64\xpvinyl_x64.dll"
            2⤵
            • Loads dropped DLL
            • Modifies registry class
            PID:6072
          • C:\Windows\syswow64\MsiExec.exe
            "C:\Windows\syswow64\MsiExec.exe" /Y "C:\Windows\SysWOW64\CDDBControl.dll"
            2⤵
            • Loads dropped DLL
            • System Location Discovery: System Language Discovery
            • Modifies registry class
            PID:6100
          • C:\Windows\syswow64\MsiExec.exe
            "C:\Windows\syswow64\MsiExec.exe" /Y "C:\Windows\SysWOW64\CDDBUI.dll"
            2⤵
            • Loads dropped DLL
            • System Location Discovery: System Language Discovery
            • Modifies registry class
            PID:6140
          • C:\Windows\syswow64\MsiExec.exe
            "C:\Windows\syswow64\MsiExec.exe" /Y "C:\Program Files\VEGAS\Vegas Pro 19\x86\sfvstproxystubx86.dll"
            2⤵
            • Loads dropped DLL
            • System Location Discovery: System Language Discovery
            PID:3988
          • C:\Windows\System32\MsiExec.exe
            "C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files\VEGAS\Vegas Pro 19\sfvstwrap.dll"
            2⤵
            • Loads dropped DLL
            PID:2256
          • C:\Windows\System32\MsiExec.exe
            C:\Windows\System32\MsiExec.exe -Embedding 85EC52855783ECF27E0D03BBF6C91E88 E Global\MSI0000
            2⤵
            • Loads dropped DLL
            PID:4556
          • C:\Program Files\VEGAS\Vegas Pro 19\vegas190.exe
            "C:\Program Files\VEGAS\Vegas Pro 19\vegas190.exe" /register /user 1085
            2⤵
            • Executes dropped EXE
            • Loads dropped DLL
            • Suspicious use of SetWindowsHookEx
            • Suspicious use of WriteProcessMemory
            PID:920
            • C:\Program Files\VEGAS\Vegas Pro 19\ErrorReportLauncher.exe
              "C:\Program Files\VEGAS\Vegas Pro 19\ErrorReportLauncher.exe"
              3⤵
              • Executes dropped EXE
              PID:4504
        • C:\Windows\system32\vssvc.exe
          C:\Windows\system32\vssvc.exe
          1⤵
          • Checks SCSI registry key(s)
          PID:3292
        • C:\Program Files\VEGAS\Vegas Pro 19\vegas190.exe
          "C:\Program Files\VEGAS\Vegas Pro 19\vegas190.exe"
          1⤵
          • Executes dropped EXE
          • Modifies Control Panel
          • Modifies system certificate store
          • Suspicious use of SetWindowsHookEx
          PID:2300
          • C:\Program Files\VEGAS\Vegas Pro 19\ErrorReportLauncher.exe
            "C:\Program Files\VEGAS\Vegas Pro 19\ErrorReportLauncher.exe"
            2⤵
            • Executes dropped EXE
            PID:3604
          • C:\Program Files\VEGAS\Vegas Pro 19\x86\FileIOSurrogate.exe
            "C:\Program Files\VEGAS\Vegas Pro 19\x86\FileIOSurrogate.exe" 1033
            2⤵
            • Executes dropped EXE
            • System Location Discovery: System Language Discovery
            • Suspicious behavior: EnumeratesProcesses
            PID:1844
          • C:\Program Files\VEGAS\Vegas Pro 19\So4HardwareDetection.exe
            "C:\Program Files\VEGAS\Vegas Pro 19\So4HardwareDetection.exe" -F C:\Users\Admin\AppData\Local\MAGIX\FileIO\1.0\So4HardwareDetectionOutput.xml -H INTEL|AMD|NVIDIA
            2⤵
            • Executes dropped EXE
            PID:4944
          • C:\Program Files\VEGAS\Vegas Pro 19\x86\sfvstserver.exe
            "C:\Program Files\VEGAS\Vegas Pro 19\x86\sfvstserver.exe" -Event MxVstServerEvent_2300 -Vendor "MAGIX" -Product "VEGAS Pro 19.0"
            2⤵
            • Executes dropped EXE
            • System Location Discovery: System Language Discovery
            • Suspicious behavior: EnumeratesProcesses
            PID:4244
        • C:\Program Files\VEGAS\Vegas Pro 19\vegas190.exe
          "C:\Program Files\VEGAS\Vegas Pro 19\vegas190.exe"
          1⤵
          • Executes dropped EXE
          • Suspicious use of SetWindowsHookEx
          PID:1568
          • C:\Program Files\VEGAS\Vegas Pro 19\ErrorReportLauncher.exe
            "C:\Program Files\VEGAS\Vegas Pro 19\ErrorReportLauncher.exe"
            2⤵
            • Executes dropped EXE
            PID:5236
          • C:\Program Files\VEGAS\Vegas Pro 19\x86\sfvstserver.exe
            "C:\Program Files\VEGAS\Vegas Pro 19\x86\sfvstserver.exe" -Event MxVstServerEvent_1568 -Vendor "MAGIX" -Product "VEGAS Pro 19.0"
            2⤵
            • Executes dropped EXE
            • System Location Discovery: System Language Discovery
            • Suspicious behavior: EnumeratesProcesses
            PID:2740
        • C:\Windows\system32\svchost.exe
          C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
          1⤵
            PID:5504
          • C:\Program Files\VEGAS\Vegas Pro 19\vegas190.exe
            "C:\Program Files\VEGAS\Vegas Pro 19\vegas190.exe"
            1⤵
            • Executes dropped EXE
            • Suspicious use of SetWindowsHookEx
            PID:5964
            • C:\Program Files\VEGAS\Vegas Pro 19\ErrorReportLauncher.exe
              "C:\Program Files\VEGAS\Vegas Pro 19\ErrorReportLauncher.exe"
              2⤵
              • Executes dropped EXE
              PID:5996
            • C:\Program Files\VEGAS\Vegas Pro 19\x86\sfvstserver.exe
              "C:\Program Files\VEGAS\Vegas Pro 19\x86\sfvstserver.exe" -Event MxVstServerEvent_5964 -Vendor "MAGIX" -Product "VEGAS Pro 19.0"
              2⤵
              • Executes dropped EXE
              • System Location Discovery: System Language Discovery
              • Suspicious behavior: EnumeratesProcesses
              PID:6012
          • C:\Program Files\VEGAS\Vegas Pro 19\vegas190.exe
            "C:\Program Files\VEGAS\Vegas Pro 19\vegas190.exe"
            1⤵
            • Executes dropped EXE
            • Suspicious use of SetWindowsHookEx
            PID:6024
            • C:\Program Files\VEGAS\Vegas Pro 19\ErrorReportLauncher.exe
              "C:\Program Files\VEGAS\Vegas Pro 19\ErrorReportLauncher.exe"
              2⤵
              • Executes dropped EXE
              PID:6068
            • C:\Program Files\VEGAS\Vegas Pro 19\x86\sfvstserver.exe
              "C:\Program Files\VEGAS\Vegas Pro 19\x86\sfvstserver.exe" -Event MxVstServerEvent_6024 -Vendor "MAGIX" -Product "VEGAS Pro 19.0"
              2⤵
              • Executes dropped EXE
              • System Location Discovery: System Language Discovery
              • Suspicious behavior: EnumeratesProcesses
              PID:5528
          • C:\Program Files\VEGAS\Vegas Pro 19\vegas190.exe
            "C:\Program Files\VEGAS\Vegas Pro 19\vegas190.exe"
            1⤵
            • Executes dropped EXE
            • Suspicious use of SetWindowsHookEx
            PID:2224
            • C:\Program Files\VEGAS\Vegas Pro 19\ErrorReportLauncher.exe
              "C:\Program Files\VEGAS\Vegas Pro 19\ErrorReportLauncher.exe"
              2⤵
              • Executes dropped EXE
              PID:2716
            • C:\Program Files\VEGAS\Vegas Pro 19\x86\sfvstserver.exe
              "C:\Program Files\VEGAS\Vegas Pro 19\x86\sfvstserver.exe" -Event MxVstServerEvent_2224 -Vendor "MAGIX" -Product "VEGAS Pro 19.0"
              2⤵
              • Executes dropped EXE
              • System Location Discovery: System Language Discovery
              • Suspicious behavior: EnumeratesProcesses
              PID:3668
          • C:\Program Files\VEGAS\Vegas Pro 19\vegas190.exe
            "C:\Program Files\VEGAS\Vegas Pro 19\vegas190.exe"
            1⤵
            • Executes dropped EXE
            • Suspicious use of SetWindowsHookEx
            PID:5376
            • C:\Program Files\VEGAS\Vegas Pro 19\ErrorReportLauncher.exe
              "C:\Program Files\VEGAS\Vegas Pro 19\ErrorReportLauncher.exe"
              2⤵
              • Executes dropped EXE
              PID:5128
            • C:\Program Files\VEGAS\Vegas Pro 19\x86\sfvstserver.exe
              "C:\Program Files\VEGAS\Vegas Pro 19\x86\sfvstserver.exe" -Event MxVstServerEvent_5376 -Vendor "MAGIX" -Product "VEGAS Pro 19.0"
              2⤵
              • Executes dropped EXE
              • System Location Discovery: System Language Discovery
              • Suspicious behavior: EnumeratesProcesses
              PID:4384
          • C:\Windows\System32\rundll32.exe
            C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
            1⤵
              PID:5564

            Network

            MITRE ATT&CK Enterprise v15

            Reconnaissance

            Resource Development

            Initial Access

            Execution

            Command and Scripting Interpreter

            1
            T1059

            PowerShell

            1
            T1059.001

            Persistence

            Create or Modify System Process

            1
            T1543

            Windows Service

            1
            T1543.003

            Event Triggered Execution

            2
            T1546

            Component Object Model Hijacking

            1
            T1546.015

            Netsh Helper DLL

            1
            T1546.007

            Privilege Escalation

            Create or Modify System Process

            1
            T1543

            Windows Service

            1
            T1543.003

            Event Triggered Execution

            2
            T1546

            Component Object Model Hijacking

            1
            T1546.015

            Netsh Helper DLL

            1
            T1546.007

            Defense Evasion

            Impair Defenses

            1
            T1562

            Disable or Modify System Firewall

            1
            T1562.004

            Modify Registry

            1
            T1112

            Subvert Trust Controls

            1
            T1553

            Install Root Certificate

            1
            T1553.004

            Credential Access

            Discovery

            Peripheral Device Discovery

            2
            T1120

            Query Registry

            3
            T1012

            System Information Discovery

            3
            T1082

            System Location Discovery

            1
            T1614

            System Language Discovery

            1
            T1614.001

            Lateral Movement

            Collection

            Command and Control

            Web Service

            1
            T1102

            Exfiltration

            Impact

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • C:\Config.Msi\e5be85c.rbs
              Filesize

              490KB

              MD5

              2ef0610e9b7431184f531b5c651613a4

              SHA1

              d7426206e78e24feab889db3f76fa272577f4fb9

              SHA256

              0f6217c5c3ea38b42dc83aa1768c47abf4d8ae42f106ef80764ca88107ec62b8

              SHA512

              2f1e7a4f240cdb6aee1ac9f8030837b7cb518fc91bcedef4ed3f67c87f0b51ff6324fd8620be3cb7fe3e3846f680cc0cef1f431eb93ef97571fec3947632a1eb

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\FileIO Plug-Ins\compoundplug\mc_dec_mp2v.dll
              Filesize

              559KB

              MD5

              6f0f01a779c9c98c2ee93f00938c1b0f

              SHA1

              4696d49c9ffc567b5561531755311bdd42e9fee9

              SHA256

              2bb7734a16e30da5a6e70dd4a646cd9dfc7164a314d051e9470bceac7fffd2a7

              SHA512

              c56c71c67142e24e65df11dbde2dcbb6940ac18ab9ce4a4de6d1eae5a6ff7639ec3df53477f0fe201c5ec91941f081069aaaa86f860d6304ae2c4f0645391a2a

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\FileIO Plug-Ins\compoundplug\mc_demux_mp4.dll
              Filesize

              833KB

              MD5

              3d5137c0af9fc365c5925e346a191eaa

              SHA1

              1752a35e4bfa23a2e7eaffbf99e832e85a67e5b5

              SHA256

              6f46e8258679bf5bdbc194f2310e490fadf6bf3a83257a27e25a261b8aeea57e

              SHA512

              5f553590c55c3dcbabad24b16423174ac0a661aea786621c683dff926185173f9974dbf33b22676db1f41a5d4da7b5f8efbe8a6df74db66126372825e81eafe9

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\FileIO Plug-Ins\compoundplug\mc_enc_mp2v.dll
              Filesize

              956KB

              MD5

              c33e32e26efe7cc986eef53d2e3d9e71

              SHA1

              8c13a1b028cb4ce1792edbd2caea1e3429505388

              SHA256

              9b8fbc98d0906f99039503f25737fc4c9aacfde1cb597b477af3a09f53064002

              SHA512

              924f24ba7296fc74ad8c05f11c49630488be966a002c15a87bc69385b7a743cafaeb5eaac3e93447534d6fa181c94ca787dbe7475bae9bce078722cdfd678d40

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\FileIO Plug-Ins\compoundplug\mc_mfimport.dll
              Filesize

              1.0MB

              MD5

              87ef9b25f0fd80bf7d96d4dba31057f9

              SHA1

              96b7ff6f6f71659c687abb5d07fd5b3f4241e34e

              SHA256

              8a3f18a4dffa3c5bae8b8f20de122d9ecbbdfe319f3b88a1602c91104d9ab4b5

              SHA512

              3decad40beeade189d64c27aa8609b6f9728137897d3959a8fd0127d1650b958ce77041236a955995bec365f302bd8fe342fbc493726b605c4051b88312fd50d

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\FileIO Plug-Ins\mp4plug3\mc_cpu\mc_enc_aac.dll
              Filesize

              320KB

              MD5

              5ba2c65c96662433fe83f0090b818cb7

              SHA1

              ef5c67eae2cec05c3e57de73100dd5bf0e44f9ac

              SHA256

              d4b813eacdb5d548b3c3f26c348f47037a39117db313036ac814462a7c95e4e6

              SHA512

              8b745afb9f2521a4a392d942a9b1be9f0341001833a2f234a38c93c16fef2eb112f6526f3e749bdd3568bbceb45fca554bd5b4a9513f601134479f594fd99a64

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\FileIO Plug-Ins\mxfplug3\SMDK-VC110-x64-4_0_0_scs.dll
              Filesize

              4.3MB

              MD5

              25654b68cb97cc3a38a178bc22931a57

              SHA1

              370050ffb4ab143dd693ed5ea5ae84b73ccfdac9

              SHA256

              d179d7fb863d8e44e04c353696b75bc21938f6eb93ed2e9721ac37f3a1c4f716

              SHA512

              99fdfa40058d5a9b3997e7b243259ce65a61375e9352b3e98645f1a4f497b44bda3553edc84d8ce8cb84dec14678a96f6b05ab2935640d98faa367e264811bc4

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\FileIO Plug-Ins\mxfxavc\mc_dec_avc.dll
              Filesize

              7.0MB

              MD5

              fedaa0b67a8e5004151542889fc49129

              SHA1

              c77273af5ae7e339b5248569159f5ac41df7cf57

              SHA256

              d34d1e581a07301be3070454a1f29bd3b9d2de2683ea3b782649560511c08ae7

              SHA512

              8c474dd7987771a217ba5df5b6982130e6a89f22b5f65c5b3bfd0a297a2a80091b9f6fb2d4e74c0e98b48de556d76d1897b2ead818cef14f25832bac6ae71d03

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\FileIO Plug-Ins\mxfxavc\mc_enc_avc.dll
              Filesize

              6.1MB

              MD5

              3664280a8e488dcb10e5c899b4b83c43

              SHA1

              46ff56b2e9a651479ec268cf0ac1c3521ad4d591

              SHA256

              48ce6e8072e8c064030bc3dd3f9330d9c661bbbecefe4b8d9df6426a23581340

              SHA512

              befe3245e9e1487c24cae50a3de4ec1b532f27e63b72abe28c5178ba54ef123299dbdcf7277a995d4eeb0104ba70b38846a20b9817eb47b0b8f75d7c7eafc482

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\FileIO Plug-Ins\mxfxavc\mc_licensefile.bin
              Filesize

              128B

              MD5

              238a743f0e97323ea57188d64dd03d69

              SHA1

              6c2efc48071d5749e84709f252306f9afe18dfd8

              SHA256

              e7c29e324195c06eca9a2cc6300759985129169a25a082e7b45374f0250fead1

              SHA512

              030022ac2d73bd5aa91d7c478bee565692e0b84a94de8e44332ff61ef31f2e03bfd866bad6bf5a246042b127ab7e4eb0859cabf00420499dded1a1f3a2caccc1

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\FileIO Plug-Ins\so4compoundplug\mc_dec_mp4v.dll
              Filesize

              1.3MB

              MD5

              343c6a76a79ccb652d5c2397eff52168

              SHA1

              ecb7e4c4ed3f43330470acbbdaea28b3ea67cb18

              SHA256

              d608894292a4b8cec3fb8d5c1b43f1be71d8e3f3d58dd375a45b50afedb2d202

              SHA512

              5e7c410aabce0963c1ea27961c3c60f4ed0a6f01ed76b695f259398f55e6648d8ae1295d00d181e0bf0c671a0a05962423f85b3c96ce3382124af2f69cee86b0

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\Language\local_de_DE.cfg
              Filesize

              13KB

              MD5

              2fb37ed278c98164d5dec6ccc639843e

              SHA1

              87d4ba46dcac7a928d7ec348b503f24345c94daa

              SHA256

              89b6670db049baf2d2d9445c82491a15bd0a54afa114dc43251197724335544c

              SHA512

              fdb6c74f8e2e0c18149213097995b0353173b2d7a025f4f2ad0067743aa29beb03e68362b86d971e3eb9e8c0d3e0fdf54b39d46d31460d1570d4e7f2739680b0

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\Language\local_en_US.cfg
              Filesize

              168B

              MD5

              4615f0ef82e5d7f3bbb977e2e6a0f90f

              SHA1

              933311a90aa098a9e9fdbd101fe61117098caaf1

              SHA256

              bed5a7faf3ba04e172066ac91ec5c918a62710818f663b976f9aac48ff16e11d

              SHA512

              eaaf5976be5727540a21d0ad2aa8460a39c958f51bc0225187ae6c2708b2e2f73ac4ccbcaa984864ad689a687443abda4b615c66443187ee717eaf0d41a6e7b6

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\Language\local_en_US.cfg
              Filesize

              13KB

              MD5

              312f6f0aa15479c72a82975412e08ee7

              SHA1

              73f9cbf2cf325f8b50dcfdd65d458db6d886802c

              SHA256

              3f7bfe821771d24de69118ba25d6dfc462bdfa44a6ddc2e6d778c9f1f5d0ff03

              SHA512

              1a3d9ecb3ce6cdd30d95b315c90ff0b6663e3a00534803e9b0598109053690ed72e5d0c3c9e28a879fcffe6365e596240bc94439a46b46c7eb7e61166ada991c

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\Language\local_es_ES.cfg
              Filesize

              13KB

              MD5

              b4d957c18570bbbc36520cacb29bdd80

              SHA1

              85a4e7badd56c44495068d73e4b35648934fe0d4

              SHA256

              272a686fede3b89802c998b8b67b2185dd85086ad880c9ca32fc3137ba9a8bc8

              SHA512

              34cd23b0459137d93db47464a799492199c8411328bc38b8d0c498a0e95fab149a8e9e6a87b6ab711f2b9860ed8d1fbec7b6ddeb6621b444b64487a27bef953e

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\Language\local_fr_FR.cfg
              Filesize

              13KB

              MD5

              116952760bd739db0f3d412a8d34fd06

              SHA1

              d0a254761976c812b942cdd05efd8cd1d0101c78

              SHA256

              4385b687e745a4d5e40f2aa1ab140e5b48749309af95c91d601d6cb9cf0aeceb

              SHA512

              02787e939a1873821565dfce4486e86cb1481fa0adc1e21ae087bb406dd5df0dcb7a076df062df09811ae67a341515b8670b99f9b1de786f1b8c0372f3c72ed7

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\Language\local_ja_JP.cfg
              Filesize

              13KB

              MD5

              71b2fdccf02d3acb1b431ea711b38961

              SHA1

              8d77fe95d2092535e8d21953ab5c97d0424afe87

              SHA256

              77d4a3c8a9453c4f9e4649fe238110e158b6d96a45bbb17798847f10a7fb0de2

              SHA512

              4dde4417d1de97b0a9abb86b71259b06b445c8d7e06799479bff359fc2191fda8ccb4e63cfe13504ef4258ccba8797461e981bad8206bc7ce81f2e98cbef821e

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\Language\local_ko_KR.cfg
              Filesize

              13KB

              MD5

              edb531da2ce10d386b266e4fc0a00d26

              SHA1

              103879c023ca0336a5344cde0c4332d349289293

              SHA256

              85679e57a82c79f7dd6de73d9fe27ab0bbbf339c5e047b7fa99d17d7cb70a46c

              SHA512

              9bbc126045ee89d934b450715c677cb68615b1106e47641779770c5ae089e8513de4c938aa51387d229eea162319246cc8b19dc17d63d649066835d2ade8ebe3

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\Language\local_pt_BR.cfg
              Filesize

              852B

              MD5

              690a4f43b703eaa77185b04a34b7046c

              SHA1

              2c75548f8a4b1e9da6fe512d7b2d76b7f4bae8fe

              SHA256

              f4644e880807f77e96788068e929b124886f103c1bfc80a5eaf11a803a8cbaa1

              SHA512

              f3ce37fc9bbedc2ccc5fdb5005b533b9c207c6387d35dd3311b4bd673a5388003a14bbdae5c3ad2589161c7976bf80b3df03f114212caeced9c7271532c109a4

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\Language\local_pt_BR.cfg
              Filesize

              4KB

              MD5

              a75bb752b8501aa225ae4532cd6edae2

              SHA1

              b92b9bf7f03b4e5df905e271a557e4060ca92215

              SHA256

              3e2d8bf3ca52f9458ac3c328723375d3be52e904a70cac000b9139d77f2e2198

              SHA512

              ec1181422b902015f3854ff5a84da332174dbc0a0ebdacab30c68ccb415969561babaea602d5ef45af263b07d2f2170c5cd2d6b1a1f5c2b8f58c839a6024af74

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\Language\local_zh_CN.cfg
              Filesize

              13KB

              MD5

              6ff1e8b81dd7766f58fe957127844e0c

              SHA1

              34fc27cc9ec4c7b673f45ed65f8c2be47ae7e11a

              SHA256

              8085ee1789cdcfe8022c1972bb06307f81571e70e9599dcc0bc04ec150dfd325

              SHA512

              d1f48a7c21c81665f7d1fdec3f2ab7718cbc69247b0e2eb1e38822f2b79af6bd5f2d521ae54d6814cfc08d83ff10b48d00339f8f7e13dba54e5a9de8a0723bf0

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\MAGIX Plugins\essentialFX\Help\EN\36.css
              Filesize

              55B

              MD5

              afa7ee18ebf29250e6c1d58d117b0a8f

              SHA1

              82848e876d0559e24d95cdc27f4d81a20f96acd1

              SHA256

              ba77806fa2c2ffe1f2c896b4340eb169fe0cd0f7ad0706e1b4d6cfe8dfbc03f6

              SHA512

              054d13d69d68f8c3af0b9eed577d325877bc987699b29f622534f216a07c66f081edf16e6aa2c01635a0b9236191033abc7a904633fa918eefde87cb6baa61af

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\MAGIX Plugins\essentialFX\Presets\Compressor\[Sys] TBX160.efx
              Filesize

              728B

              MD5

              fc86d688081c4bf09dba3a066433c1ff

              SHA1

              879d015def134b14f9ac001207493a8bd1cee4d1

              SHA256

              330a6f77d0ef56f14345f860df9f5fd8d4f41d5de4c61e147f87ffc3aa5756e4

              SHA512

              c0c858fdfbc041419d51e2061aeae8de20cef583f0c50c44a3d1e4ac2d5bf18524ae2a0920b097aad99c00690b3e386a74362eaaa2ff6095131ee30729acdea4

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\OFX Video Plug-Ins\MagixAiFx.ofx.bundle\Contents\Presets\PresetPackage.ru-RU.xml
              Filesize

              10KB

              MD5

              efdcffe1d1f4bcce6cb47086d854e04d

              SHA1

              0ae2e73fffd9a12fdf98b6d5fccf4831601d5960

              SHA256

              403d94bf4af8c645b1782a2b06964fa8a4472836f46074dab8b36817083ff4f0

              SHA512

              fb1205972e8323085a3c5d14e07694b778faf898461a37f90a42b4aaf2ede46864762feb9b31698c1f41ef63dcb8f4021fa9e72bb1203621c08fa5ad605384ff

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\OpenColorIO\configs\aces_1.2\luts\linear_to_rec2020.spi1d
              Filesize

              76KB

              MD5

              67f295e9f8be3d15aa161031f3761b7c

              SHA1

              89fc2e9845ed297e16c05823b655520755a234fc

              SHA256

              4aa8c8265b737c5dd8604408899ff7ee9f70780f8b0d49ead183b48699a19b5d

              SHA512

              2dd2f2da4559a9f3e4f6363f5b96d3d94655026985f051889bb05fd6628d0051dc06632fff322e9057db9e2c71281d29ba1ee5a2ccab46813db26c558a7db3c6

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\VEGAS Pro 19 -- ShuttlePRO v2.pref
              Filesize

              11KB

              MD5

              f380d12cc48bb1b80f341d4893056766

              SHA1

              7c5b0f8bcb0d93162f90d9a70198574b2351350b

              SHA256

              193812e7299e9f56a362ec98f943986d3a216fd15748ea6c563baf9a673001b4

              SHA512

              a787ffd59a3ccedcde0bc394c6ce1967ec745939a063036f8e26fb84afb6cadf2a26d45598151e5f4e53c8b4d54584b5012722bf44eb8338fccc71f25e66158b

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\WidgetLibrary.dll
              Filesize

              710KB

              MD5

              564341060fac0944843969b57c96cf17

              SHA1

              7ec68b81695cd01dbc65bfcc55307cb884a489bf

              SHA256

              9f62c97466e0977d3f8e97526e3314d14e8d50d0a40770cb563b030ff73c4f9a

              SHA512

              54f5dc52832cc8358d9cb13767ed974881be65587234f2c330a9f048fbec831dfaebdc680726f608eb973caa928ef41dee9cad9f89404801de0549a2118a91b5

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\fonts\MarkMyWords.otf
              Filesize

              104KB

              MD5

              7c63423376c2f45b7d76537c933a95cc

              SHA1

              58561511026f8761d1a90a6bee79d4a152b420f0

              SHA256

              57c478c62fb66a6dcc1281e1f92f741fedeb2e60ad42b4a06825336f1f3506eb

              SHA512

              e15d075df3574bd7fc9191506cb113ed17767d1a50cc918ea1d7c75b22c5165a7b5ad33ddb453c5c7d4efa6ad182f90f2a1a1857c614acbbada34202e6c79a81

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\install.cfg
              Filesize

              176B

              MD5

              9cd00d095db8072516819f851b1e74d4

              SHA1

              40e71576e831a6b9db9297f9e841e9c6b4c1a1df

              SHA256

              4cbf03024d77f25184bb60122653abe85dc7d50b4f8aae9c8bb6dd6b9ca52d16

              SHA512

              1a6253945a97dc99bef658db862c851d108f34f9c77a5ddcbf38f07c17559a87ceabb5d615a1e0ce56cd8307ac33d57657e930cc37f4f13767d946882eb0f1b3

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\install.cfg
              Filesize

              1KB

              MD5

              d6f844a71d79a4dc78514640f62488f9

              SHA1

              c8ebdd90066384d5a2d769fe0dcb4648833162c9

              SHA256

              1ca8e9ee357ef585f70b14966a5ff35972ba6a8ef01154429866afce32b503d9

              SHA512

              4a7d931580894f951422bb8ce367f9b3820e0bb9f78637b192c7fd871d4a22ca2cbf8bd3c68762210af2225230ea991a513593f7ce5f39377577788e90917f4c

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\readme\HTML_ASSETS\release-banner.jpg
              Filesize

              3KB

              MD5

              6d5dc46f9bb6ca3b4991954c6ef4117c

              SHA1

              20a06a4ac4b1732ec0e676c507fc4a2860bea698

              SHA256

              2519a81c7d217824efe2c734c940d6a29e752df20e134b64b777a1506f306d79

              SHA512

              2abfb6431f3d42a785baff5dcf60b9798f0d9627ae47788cc31970a5c6c046412e47bd332d7b42b6e6bc5074eb22e17938a68921c1beb48a10c0d1365e01368d

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\vegas190.exe
              Filesize

              44.1MB

              MD5

              9c724aac54c433fc73f6b99a6b6a8d1a

              SHA1

              c713866296d1ef70ac959f07a30082c9ef08e912

              SHA256

              ffbf807e569d3c2bcea776d4bed677d18b38bf31f47d5e7182e0997e9e6b00b5

              SHA512

              fa869ea538a6cacfaf14fd3fdb424484dcc9b45ce8f1ac7b4431911937b1a9f6b679d1061d88041291cd53b3a5b135835497c7078b8cbea821c1c4c7a61737c4

              Download Submit

            • C:\Program Files\VEGAS\Vegas Pro 19\vegas190.udat
              Filesize

              604KB

              MD5

              e34227582523dd5d6450d2a48e742d79

              SHA1

              0e7ad3795405d5eb2122fde5f0fc66ce74e1c855

              SHA256

              883986d00df7669a1d573a76317f036521232b0ad80a1b5f9cefbbda788f8932

              SHA512

              cf1ae9fa909655e7a639e382006cefd35ed29805cfdc92d48beec484794f79933313f6c7b13070bb9300e5c7829a63266048b5fdeaf84cf27ea27640f673531c

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\Shared Plug-Ins\Help Files\mchammer_x64_esp.chm
              Filesize

              11KB

              MD5

              174a41bafb43045e170b4419c3f518cb

              SHA1

              69150c318384d2109b286f5c195abee5212a7830

              SHA256

              b3fa12b21aa606ad6b8fe57141a081c675acf9ff078349859eb7eaf20cea7792

              SHA512

              e3f1db1bcd21c2aadf0fc805ab63223a296e77d076b72d32764f154c15cd67744b5194be096d8701199ea0b12ccf8edd1e72b358cc93538297227a8c4a560acb

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\aifplug\aifplug_deu.chm
              Filesize

              42KB

              MD5

              bc7c77b1d2be14eea6a21cc561575117

              SHA1

              feaa3909504867216508886eebdd15ef375c7592

              SHA256

              1edb33ef5b285c2b064249c14256b83157f00c732b2f508fb23bd352a4aa1389

              SHA512

              f6436c7d2ec14e28beda5d7bb87a6e0f37700626f1e0a7cc81ea0ea6291cf572b1917b6601fe33381c58a13991e2b74707626f00bb1ea6006a75f0f61fe49454

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\aifplug\aifplug_esp.chm
              Filesize

              42KB

              MD5

              3465d53eaadb5281a6e4d365d8fc6840

              SHA1

              a6d42c4a7e5decbc335c29a1e2dc0c5b26855d25

              SHA256

              d1328fec9b03bd7789437e11cb084c67c9a3a31247809db8dae3c4f07508b704

              SHA512

              6e6bb9c5d98c2f722dd282074495a0a712e6bb524e2d8c6f426c8567b1bcb80a7fb51bc70649e7668f40f38b1783ea80510f04fd844e0178a0587e827d468c2e

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\aifplug\aifplug_fra.chm
              Filesize

              42KB

              MD5

              11e03a790ddfd1112587d020165d989a

              SHA1

              95fcdb8e9568d0d049aaf2da7b5b5ccb59a1cbe4

              SHA256

              56f4882144e4d787c643208fa372496dea696065f96971edbf1220f7e1648228

              SHA512

              05ce55290d203100f05d2aa293cc16fedab642e0cd13cc363fdd46bac49b21f7dcddab3df2c174c60e0a0b722fbf0567efdf0e45b8f385675fd94ca0bd56487f

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\aviplug\aviplug_deu.chm
              Filesize

              17KB

              MD5

              ccdcc9883fc82857d0f902ace6e7e595

              SHA1

              4d1fa7883f5a0ad659a25e60f4ae708e906677e1

              SHA256

              0ca8100d78722bff734d4d7356339cab4f1c2431442897ff3443777771c15d9e

              SHA512

              cdad2f29a64fe17675d23dc808b50dbca6003807cb715e54e8181e0daed904e0bf12f0b3be2c465047a7c9270de283334faa133e643b3a45df737914313e49e8

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\aviplug\aviplug_esp.chm
              Filesize

              17KB

              MD5

              02358730ab66f7ab02a864b7d8ae8a99

              SHA1

              661f1f5967f716c80848457d09314e37534866f9

              SHA256

              ea974ba5ad3b22530d2836e6e9241d48e6e77aaa13fba35846412b77ce4eb021

              SHA512

              42aaf5adbe0cb05c7d3ffff14548fa2366b6e5ff8afdffec74baa55bdeff78b389f7c6c3cae8dd62cac104a6e70284fd8b8884773d874aa6fc2f640ef403df62

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\aviplug\aviplug_fra.chm
              Filesize

              17KB

              MD5

              cd54957b73ec2737f42c9d7457ee7d69

              SHA1

              cb8e837242c46563382c2efe421601c1d895eff7

              SHA256

              4ebb2ee7cf1687df37d3ffcdf7fc31ca964f17e5b7dc41bca900c06a15c28d95

              SHA512

              e34854bf1052637856e8e69dde6552cc2e1edba695b0652874a8d5c3912beae3190f2b52c687580c4f9a7d8bec467f931b556fd93437ebabc337c7645bc4c7ff

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\flacplug\flacplug_deu.chm
              Filesize

              42KB

              MD5

              3b08e58784a7f356e449e07d5b9d4526

              SHA1

              c9903483a16e6a2f6a5fa988bd366aaa4497ca56

              SHA256

              3661aaad61fed831f4f58da250a293b6ae0c33a1538e946a77e3ab8da7c76ac0

              SHA512

              5e2415b000cae2b43c76bed64d278af48f4550c164eeb4c12d35e17edda5c15c7783487c1fcbbe7d3635e8e2b7d1e5d264bd745103d1e76342aed921912c29f2

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\mp3plug2\mp3plug2_deu.chm
              Filesize

              44KB

              MD5

              7b5bb057fa4b3da5ef30248ab58a6563

              SHA1

              f5360bed393f2bbfefed4dbe603c749480145d11

              SHA256

              70f20bd3e28ee8769e043cffd4dc2ce02ccc879a96ae526d24be4d77d1c188a8

              SHA512

              4f7df546cb939f93b5151d8cf7103bd1c9d828f7ab0ffe2767a475d2edc2f4392fae9b034bd55b0dd40fcf918da36881c962f3dd70e5f9248c927caa0189bf09

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\mp3plug2\mp3plug2_esp.chm
              Filesize

              44KB

              MD5

              1267f047f1f88203af4fbb62253378a4

              SHA1

              d2877f7f674485a0c587a24f8ababecb1519db94

              SHA256

              fc4c1d39ca62132f8d6ae83f71362fafa112717adaef7fc1282b7464df9eb1fd

              SHA512

              e34a10e96aab66b0432f96ad8fcaeceb6b021aa11d1d9cc02945de1485aa66b195f62c3a2354485fd1d5c15c2a8b71e7d39a4dc667ad146a867478e3815c5076

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\mp3plug2\mp3plug2_fra.chm
              Filesize

              44KB

              MD5

              0c6b3760d750733d5362542841d2782b

              SHA1

              a7c10048e95af67ccd60db932465d09a549948b0

              SHA256

              1bbbac23997364c5c652873dcb988cd806790a670ab71c3d01dcc7862bdecd41

              SHA512

              27e08199dbe7d80023a22c278b0ab30141c2e5ea1e8cf8790f1e10da35e3c708168140f9eb130ec84e0940098001178d238a6434944474775b60da85784ea338

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\mxavcaacplug\mxavcaacplug.chm
              Filesize

              43KB

              MD5

              0f1fb541827cc6bcc3dbb777c00ca3ed

              SHA1

              18e68b072c1f24eadb0fe10353ca2725eb1e6869

              SHA256

              7c770fdb34b37cb6140c8adf3482613aa72dc51f989b9915ff7c45f882a1a81a

              SHA512

              d26a6d94cafb33880c4bfaa67a687e3a3d68a3851ebacead9a590d611b23e8c1194bb99296f4ac540c0e39790716a80deda52686fb335a2b1611f6abc8c7f8f5

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\mxavcaacplug\mxavcaacplug_deu.chm
              Filesize

              16KB

              MD5

              b28fb870f7ac1fc58835cd538f0b3827

              SHA1

              6535d439db0938e9ca0779e07c6751a111c00183

              SHA256

              a21893c188660edbfc3700f646316d496bcf7ded8603ef6c9f7852d02ed437ef

              SHA512

              88fe27c5ee62293ea08f54d0e30d96e37123590ce80dc8b77dc4bb338e03e11c363dce7c75a41824596ea2e55e290bf4d69b9e48e66e870d6bb4e10323d2a78d

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\mxavcaacplug\mxavcaacplug_esp.chm
              Filesize

              16KB

              MD5

              d403b68f94df24047f1f5c06ceb438ff

              SHA1

              fd41dd09cab1c9b522826715876fc050d3b444ae

              SHA256

              48a9e9e9a1e5acb2d9afc5622b7decee6b9842a7c639b596247e3dee294b4421

              SHA512

              45e080281977fad0ce4e2bd268824309d1edca0ff97720ba0aa10d11cab2c0699fbf8746fe68ffc97657787b4bd051a006f48cc28ceb7bd4a2b882eb19e498bc

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\mxavcaacplug\mxavcaacplug_fra.chm
              Filesize

              16KB

              MD5

              24bacd15fc74bb26c48bc6d5b8ce4c98

              SHA1

              d1f1366025fd2bf0dd5d0a0b3508bc352e77a940

              SHA256

              c0ca2de16679f5b6f62359cd22bdf69bd5b92dbea96909d6d5537d08c426fc4f

              SHA512

              fa714f4e227c4e0ab6bf055bf8df7c60f59e3c3dc9f36120c770894cba67eb258269d2a3a285f730b1cbd2544811f504aff64c318fd32fba0fbe562317193f0c

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\sctplug\sctplug_deu.chm
              Filesize

              42KB

              MD5

              1e929ca85e3dc765a526b49539670127

              SHA1

              8aab29d49ea869f7121a6be329031ad0890be872

              SHA256

              c29b8613590632c21f70bb6d32400ae1cf1760ca526e0a1d48c2096e460e56f0

              SHA512

              58891066e771e101678de580d33a093f394b663e2c2eedb9f42a25d82d8efb28e96092a8c5938bd56cc213dedeca2c9807e527b71ca3615582668671965fbfbf

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\sctplug\sctplug_esp.chm
              Filesize

              42KB

              MD5

              10a4b20af8e1388942588a25ba56acdf

              SHA1

              f80e54c89645100d2b35b2ed6bcc5f7964b24edb

              SHA256

              204fb8c34fba776ae2b29485cc6d98710ba8d7735f72605db510fe4ff03cc09a

              SHA512

              02bf89b48a56d720f1d923bb7645b0e90eee56cdbd5feb389e173b5e4f0df9dbb71de44b62aa243e1ec0ed3faf4e0ffcc88c433292ab89e8f5492366c2051042

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\sctplug\sctplug_fra.chm
              Filesize

              42KB

              MD5

              20f80f3fe237e1fa4063b87219fbed25

              SHA1

              975aecb67ec38aa0dc3b75ad34572b184dc69386

              SHA256

              4e38e5884cd64b2513e4cee4aad50afaee117faedf94833554248bdeff4a0bb9

              SHA512

              386d7688a3d366117c010bf4d6130e2b2a3cc13cbce3be38c547a8b7b93b3591a7b591702ca4ddbc82f8a17a29b3cf3f6419f0a1c6bb3eb540c0a6d12645cb84

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\sfpaplug\sfpaplug_deu.chm
              Filesize

              41KB

              MD5

              13e437907b6aa18d1bd14794fe5ac324

              SHA1

              7a85ae87f42eb8d584fa8021243940e836029c2a

              SHA256

              8c6b12b2f7d2f8d0abee8a15ee2034171cc64dbe1b160b446134cbb1208b5ded

              SHA512

              1d1af9fcbf6d1b5a360ad99da13ba33d649dfe3740e0c45a78cbcd0bdc440ec03bcd71a997968de73c7b9f20e8e51eb63c58671ac88c617f0fd6ce6dd29c8085

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\sfpaplug\sfpaplug_esp.chm
              Filesize

              41KB

              MD5

              be6375ac3be1544bee327e52a7a99c96

              SHA1

              afca1a02d159572db83d39c2f13c44d93c33633d

              SHA256

              40124498cb959e786d6f176a6659f50725b60060e3df721c2801fd377d988fa1

              SHA512

              b0c2a10d1456a4d131cbfb6ce9e486df0604a746c59506f7e20efcf765c1040c4c61e967a7e820172172d1bdff10888a1d6d3f3291614a8f5e89fba0ba0bfeb4

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\sfpaplug\sfpaplug_fra.chm
              Filesize

              41KB

              MD5

              b4d48e7b424b2d0308474a188d953e75

              SHA1

              91eba39f0a46a0f84b9146f7bac454594fb67612

              SHA256

              8e55be195707753cce43cedf0fc7f88c27ab65a756af913876ffee4f4747ffa5

              SHA512

              f655ab2e2a5a0507562ad33ed9355bca1689778a617455e40de8cb0eeca4c3abcdadb5442d74978688ca839f6a83007e6767a0a21b8d954064649e2d6b1c740a

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\wavplug\wavplug_deu.chm
              Filesize

              42KB

              MD5

              87da71108d725919b520f260785a1305

              SHA1

              dd1235b503cab6f4eaede92770ebfb3904c1400b

              SHA256

              a5e07081117ffdde589620992d02ac499f87a2e188f8d93c864968e48de43b4e

              SHA512

              3d1d02e130c31442295e87f4d01d11627080c7b320a953888a41ccc87c959a5293293ae436b50d7952507601949848010549872263d3f5cc7d7d276647380b09

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\wavplug\wavplug_esp.chm
              Filesize

              42KB

              MD5

              360ac4a520088ce72feb7c8aa4446894

              SHA1

              019b4edfb32a5b0baad3ca0a997132cc077ecd66

              SHA256

              3f488cd71c5f84701f40f1ad88b264cd681c26f4334a706b9bb91dd10a488340

              SHA512

              a9fa31d56728b1d3d88d52b64e1a614565b600421a9c044b4a459cb01090b61a8bcfac5bd175a743a7a420a1ccec44dd9d91f79ca63c8ebce40476370d7d21b8

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\FileIO Plug-Ins\wavplug\wavplug_fra.chm
              Filesize

              42KB

              MD5

              55f546c178257400f935e4a1baf84849

              SHA1

              04c07d1219fd1863bcd089d332bba781b9f164eb

              SHA256

              45e114995bca7f4d9a0ba5a8ba6c57a8eda516f2d1e53367e88513f230477af0

              SHA512

              6c4a2cbdd67018743ee4f49b42d692fbbd7f55dd936eab5da8e1cc6f6f7cddf37a7106bc8fb181bd8274d5fcd622f4ff39d9535c827b9f3e473863482487dbaf

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\Language\local_en_US.cfg
              Filesize

              2B

              MD5

              f3b25701fe362ec84616a93a45ce9998

              SHA1

              d62636d8caec13f04e28442a0a6fa1afeb024bbb

              SHA256

              b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

              SHA512

              98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\OFX Video Plug-Ins\TitlesAndText.ofx.bundle\Contents\Presets\PresetPackage.fr-FR.xml
              Filesize

              123KB

              MD5

              97ea2689962ab8cf98f33493ea3f5452

              SHA1

              ab98a4327552f8ec5f7f735e406355e714454a33

              SHA256

              783bd330fb73ea7bbc07e5d68cb4ddb7f7e72baea0f2b03b33123b8acacd06fc

              SHA512

              f0ba296ec3ed0c2637c7ed640f50f460d5ac9d7b17c704a2598ae977deb36fcbd623a135bd870f96c6c4a231f5c37b30fb1ceaa8bb9cc200698df801a8456a59

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\Program Files\VEGAS\VEGAS Pro 19.0\readme\Vegas_readme_esp.htm
              Filesize

              39KB

              MD5

              75a99f02cd8a8dc0f8fb3268a4672075

              SHA1

              21401407916078b446b7fa3d4356b759e847abb6

              SHA256

              aed2122e1e206089e01d726eb48327b4572c4d026883130e7e915a1cffb034cc

              SHA512

              93c050c575d59a8dbdc3f4e9699d80dee36c4a28afb4e50a33c3cd90cf13b5a5684c9e34d83757c2f52351522a4fb539b408f18d3557355d40f254b8dde1689b

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\MVP19\vegas190.msi
              Filesize

              3.2MB

              MD5

              9edd67a98c8551561d8aa6332230390c

              SHA1

              266f20fbdd8c73c7c96c6a475a3a3f8a3c5054fe

              SHA256

              039b83902e328c7a6ec9c47fcffeba591cee9cb80e027c502334db26b34762b4

              SHA512

              e18c83636eedaa8f68278b11f2fc20c1e074c174fa6a62202f4db781ee949338ef300b8ee32322d047d3ba0567410d3acf98918ea41bded07a315515e22d313b

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\RarSFX0\ya.exe
              Filesize

              170KB

              MD5

              0ee0cdbebe67f6b6578d67512cbb1920

              SHA1

              c2b02ca87e379b28a109a132cc7d3ddfd71a2e22

              SHA256

              21bc12b90edac883c6aacc927b5bded74344773f75fb644177fe7e2763d56493

              SHA512

              df706b36091bd21d029b9af05500907dee2b16ff1d2057b588b245f80d3810ddf62a946ff49c305bd0904352c9402773bfafbba834602a745168ebca533144dd

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_12wnzoso.tpo.ps1
              Filesize

              60B

              MD5

              d17fe0a3f47be24a6453e9ef58c94641

              SHA1

              6ab83620379fc69f80c0242105ddffd7d98d5d9d

              SHA256

              96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

              SHA512

              5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\nsvAD0A.tmp\LangDLL.dll
              Filesize

              5KB

              MD5

              109b201717ab5ef9b5628a9f3efef36f

              SHA1

              98db1f0cc5f110438a02015b722778af84d50ea7

              SHA256

              20e642707ef82852bcf153254cb94b629b93ee89a8e8a03f838eef6cbb493319

              SHA512

              174e241863294c12d0705c9d2de92f177eb8f3d91125b183d8d4899c89b9a202a4c7a81e0a541029a4e52513eee98029196a4c3b8663b479e69116347e5de5b4

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\nsvAD0A.tmp\System.dll
              Filesize

              12KB

              MD5

              8cf2ac271d7679b1d68eefc1ae0c5618

              SHA1

              7cc1caaa747ee16dc894a600a4256f64fa65a9b8

              SHA256

              6950991102462d84fdc0e3b0ae30c95af8c192f77ce3d78e8d54e6b22f7c09ba

              SHA512

              ce828fb9ecd7655cc4c974f78f209d3326ba71ced60171a45a437fc3fff3bd0d69a0997adaca29265c7b5419bdea2b17f8cc8ceae1b8ce6b22b7ed9120bb5ad3

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\nsvAD0A.tmp\inetc.dll
              Filesize

              24KB

              MD5

              640bff73a5f8e37b202d911e4749b2e9

              SHA1

              9588dd7561ab7de3bca392b084bec91f3521c879

              SHA256

              c1e568e25ec111184deb1b87cfda4bfec529b1abeab39b66539d998012f33502

              SHA512

              39c6c358e2b480c8cbebcc1da683924c8092fb2947f2da4a8df1b0dc1fdda61003d91d12232a436ec88ff4e0995b7f6ee8c6efbdca935eaa984001f7a72fea0a

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\nsvAD0A.tmp\nsDialogs.dll
              Filesize

              9KB

              MD5

              ec9640b70e07141febbe2cd4cc42510f

              SHA1

              64a5e4b90e5fe62aa40e7ac9e16342ed066f0306

              SHA256

              c5ba017732597a82f695b084d1aa7fe3b356168cc66105b9392a9c5b06be5188

              SHA512

              47605b217313c7fe6ce3e9a65da156a2fba8d91e4ed23731d3c5e432dd048ff5c8f9ae8bb85a6a39e1eac4e1b6a22862aa72d3b1b1c8255858997cdd4db5d1fe

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\nsvAD0A.tmp\nsExec.dll
              Filesize

              7KB

              MD5

              f27689c513e7d12c7c974d5f8ef710d6

              SHA1

              e305f2a2898d765a64c82c449dfb528665b4a892

              SHA256

              1f18f4126124b0551f3dbcd0fec7f34026f930ca509f04435657cedc32ae8c47

              SHA512

              734e9f3989ee47a86bee16838df7a09353c7fe085a09d77e70d281b21c5477b0b061616e72e8ac8fcb3dda1df0d5152f54dcc4c5a77f90fbf0f857557bf02fbc

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\nsvAD0A.tmp\nsis7z.dll
              Filesize

              424KB

              MD5

              80e44ce4895304c6a3a831310fbf8cd0

              SHA1

              36bd49ae21c460be5753a904b4501f1abca53508

              SHA256

              b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592

              SHA512

              c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\nsyF76.tmp\System.dll
              Filesize

              12KB

              MD5

              192639861e3dc2dc5c08bb8f8c7260d5

              SHA1

              58d30e460609e22fa0098bc27d928b689ef9af78

              SHA256

              23d618a0293c78ce00f7c6e6dd8b8923621da7dd1f63a070163ef4c0ec3033d6

              SHA512

              6e573d8b2ef6ed719e271fd0b2fd9cd451f61fc9a9459330108d6d7a65a0f64016303318cad787aa1d5334ba670d8f1c7c13074e1be550b4a316963ecc465cdc

              Download Submit

            • C:\Users\Admin\AppData\Local\VEGAS Pro\19.0\FFCache_x64_1033.ini
              Filesize

              2KB

              MD5

              a4810068cc314ab5cee9472aefcfe257

              SHA1

              abd188fa21519b4aba39d9d38522a36fc8ab0269

              SHA256

              feedb551623d96c18f47e55d7eab69689945863bd28dbb15daf6d0d499558437

              SHA512

              03d388d1184a9131e5d8f4bc297097f8bca5a53fe5744dd051a64e55228f452a62a5fa2d8e79646f503a30c93bd26561b9cdd9450feb473aee7ee42531307174

              Download Submit

            • C:\Users\Admin\AppData\Local\VEGAS Pro\19.0\FFCache_x64_1033.ini
              Filesize

              14KB

              MD5

              92c33b5ed2b865fd5d1d505ff3452216

              SHA1

              1edb1ff802ab618b530bf8529567df5e53a3ce11

              SHA256

              77202945b4c520111c92ece5de6f58ed5ce0943ec4cd579d32b1df1ac59f79f0

              SHA512

              1cd31eee2f07c83e0a1ea0e730d9b60ccde69aca9397a5fab02f53611bd51f236170583c44df2235aa7374b3b2ac559d4cca06f35a17029e248cbe4465847798

              Download Submit

            • C:\Users\Admin\AppData\Local\VEGAS Pro\19.0\svfx_plugin_cache.bin
              Filesize

              34KB

              MD5

              23216946ae74bcf7187514748bdb046f

              SHA1

              f25b9559a3c439162f492a0fe27442238524ac92

              SHA256

              a6f5f5c5258a4c707dfa3c17e6e090b2762e8488404126f6cfb16bf8bafb12ce

              SHA512

              949de661118e78a87b17297a52f2021e0801753cbe11bf3bd6654360a3fc54278323f0b1ccbd262b95be4fed1285bc4996348411485caa0d842e2106a9e9fc88

              Download Submit

            • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms
              Filesize

              6KB

              MD5

              7293cd6b53219c62c34cafb2e8b3f918

              SHA1

              20e5c4fa4223dcc52e86382e62e95159b557334d

              SHA256

              0e466b4e95cfbf55d96641b2ec3f35c554744a88d6988dc80e1e4c72d9fb1c08

              SHA512

              bbfa2bc1c1063688877284e1d9e93d725b50d32fa969d5e6c3a11d7c0936cfee76708ea96db94a18d6a695986ebe49767233e3a3212ee41bcf2039cf31c48a81

              Download Submit

            • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms
              Filesize

              6KB

              MD5

              39491fdead2a3bdeb9fdaca7ef19376f

              SHA1

              530b0202a537844069f7de37939d38401b2a1758

              SHA256

              da87106b9a0069beed3c69124ca8afa89fdba07c7398f28427027b8d3ca2ffab

              SHA512

              87f3dec3c245d3568ee7d7a82df9bde49a884bb104470e8cab5257d6b6318843e0d8b0634ee401ab95c1500976a788aaef0587f8416b6b3e682a0ff32c97a759

              Download Submit

            • C:\Windows\Installer\MSI3342.tmp
              Filesize

              123KB

              MD5

              5cb7ec6843aa69694096d98e467bc5e7

              SHA1

              ade3a650ccfff23264c3e95819126c4be6eb57cb

              SHA256

              c03b47bcbe6c28cfa612950814ca383dddd0d4a527cc17f1750b8385d4917aad

              SHA512

              540e905256195ab904d1313b72811ca73f9dcbdb419c28cbbb83232e9fee966c3d80ca322f3701a0468e9bb545e4ca08e1106ae6254f59e100e703c139e40ce9

              Download Submit

            • C:\Windows\Installer\MSIE914.tmp
              Filesize

              1.7MB

              MD5

              beac8693a2cc003c2609b2b69579d82f

              SHA1

              6e81ae73fc05a372e282794d9b47a0f98b18894a

              SHA256

              e1c19ffc7d4c2521c385ed22955152b49d78cd19bbeccee36b3886a2262c5b14

              SHA512

              9f66748a506ea4bd2ad3d72a924f5471d0c9b039cfffc9c38e5c52b7741cbb7661047259bf984984a4c6e2bb6460469f1c83d555f07db7d347bb3fcd6a0a591e

              Download Submit

            • C:\Windows\Microsoft.NET\Framework\v2.0.50727\ngen.log
              Filesize

              46KB

              MD5

              c9646b21a4c009296c96a20c4134749f

              SHA1

              70e92c14708bb41caf0306b74d83fe1557600812

              SHA256

              b2165c38ffa47c7824a251fb73ca3a3ff8da618aadaa47fc3c6ef84b96e9b185

              SHA512

              8a75671a25c2b523ba5493d8256fc9fdddcdbe6940029485483b2a0240524b3b54bb443489507c668089380676bff3b1f8f9e993c2780b217ccbf300c71560af

              Download Submit

            • memory/244-6221-0x0000000007A00000-0x0000000007A21000-memory.dmp

              Filesize

              132KB

              Download

            • memory/908-6220-0x00000000072E0000-0x000000000735D000-memory.dmp

              Filesize

              500KB

              Download

            • memory/920-5939-0x00007FF6AF5F0000-0x00007FF6B247C000-memory.dmp

              Filesize

              46.5MB

              Download

            • memory/1232-6049-0x0000000010030000-0x0000000010083000-memory.dmp

              Filesize

              332KB

              Download

            • memory/1844-6693-0x00000000728B0000-0x00000000728B2000-memory.dmp

              Filesize

              8KB

              Download

            • memory/1844-6005-0x0000000010000000-0x0000000010005000-memory.dmp

              Filesize

              20KB

              Download

            • memory/2120-6297-0x0000000005150000-0x00000000051CD000-memory.dmp

              Filesize

              500KB

              Download

            • memory/2256-5933-0x0000023765720000-0x0000023765721000-memory.dmp

              Filesize

              4KB

              Download

            • memory/2300-7703-0x0000000015A90000-0x0000000015C18000-memory.dmp

              Filesize

              1.5MB

              Download

            • memory/2300-7690-0x0000000015840000-0x00000000158F2000-memory.dmp

              Filesize

              712KB

              Download

            • memory/2300-7704-0x0000000014F20000-0x0000000014F42000-memory.dmp

              Filesize

              136KB

              Download

            • memory/2300-7689-0x00000000092F0000-0x0000000009340000-memory.dmp

              Filesize

              320KB

              Download

            • memory/2300-7694-0x00000000156E0000-0x0000000015742000-memory.dmp

              Filesize

              392KB

              Download

            • memory/2300-7688-0x0000000014E90000-0x0000000014F14000-memory.dmp

              Filesize

              528KB

              Download

            • memory/2300-7693-0x0000000009340000-0x0000000009358000-memory.dmp

              Filesize

              96KB

              Download

            • memory/2300-7692-0x00000000092C0000-0x00000000092DE000-memory.dmp

              Filesize

              120KB

              Download

            • memory/2300-7691-0x000000000C960000-0x000000000C982000-memory.dmp

              Filesize

              136KB

              Download

            • memory/3108-6066-0x0000000006C50000-0x0000000006C9C000-memory.dmp

              Filesize

              304KB

              Download

            • memory/3108-6111-0x0000000007090000-0x00000000070B1000-memory.dmp

              Filesize

              132KB

              Download

            • memory/3524-6067-0x00000000628D0000-0x0000000062B5E000-memory.dmp

              Filesize

              2.6MB

              Download

            • memory/3804-6034-0x0000000006470000-0x00000000067C7000-memory.dmp

              Filesize

              3.3MB

              Download

            • memory/3804-6036-0x0000000011000000-0x0000000011025000-memory.dmp

              Filesize

              148KB

              Download

            • memory/4744-5971-0x00000000060B0000-0x000000000612A000-memory.dmp

              Filesize

              488KB

              Download

            • memory/4744-5986-0x0000000006E40000-0x0000000006E5C000-memory.dmp

              Filesize

              112KB

              Download

            • memory/4744-5977-0x0000000006C90000-0x0000000006CB2000-memory.dmp

              Filesize

              136KB

              Download

            • memory/4744-5979-0x0000000006D00000-0x0000000006D3C000-memory.dmp

              Filesize

              240KB

              Download

            • memory/4744-5980-0x0000000006D90000-0x0000000006DE0000-memory.dmp

              Filesize

              320KB

              Download

            • memory/4744-5981-0x0000000006EA0000-0x0000000006F52000-memory.dmp

              Filesize

              712KB

              Download

            • memory/4744-5982-0x0000000006F60000-0x0000000006FC6000-memory.dmp

              Filesize

              408KB

              Download

            • memory/4744-5978-0x0000000006C60000-0x0000000006C7E000-memory.dmp

              Filesize

              120KB

              Download

            • memory/4744-5984-0x0000000006E10000-0x0000000006E32000-memory.dmp

              Filesize

              136KB

              Download

            • memory/4744-5959-0x0000000005C40000-0x0000000005C48000-memory.dmp

              Filesize

              32KB

              Download

            • memory/4744-5985-0x0000000007070000-0x0000000007102000-memory.dmp

              Filesize

              584KB

              Download

            • memory/4744-5983-0x0000000007500000-0x0000000007A2C000-memory.dmp

              Filesize

              5.2MB

              Download

            • memory/4744-5987-0x0000000007F00000-0x00000000083CC000-memory.dmp

              Filesize

              4.8MB

              Download

            • memory/4744-5989-0x0000000006FF0000-0x0000000007010000-memory.dmp

              Filesize

              128KB

              Download

            • memory/4744-5991-0x0000000007040000-0x0000000007062000-memory.dmp

              Filesize

              136KB

              Download

            • memory/4744-5993-0x00000000071A0000-0x00000000071E4000-memory.dmp

              Filesize

              272KB

              Download

            • memory/4744-5995-0x0000000007B60000-0x0000000007C82000-memory.dmp

              Filesize

              1.1MB

              Download

            • memory/4744-5997-0x0000000007170000-0x000000000717A000-memory.dmp

              Filesize

              40KB

              Download

            • memory/4744-5999-0x00000000083D0000-0x0000000008558000-memory.dmp

              Filesize

              1.5MB

              Download

            • memory/4744-6002-0x00000000074B0000-0x00000000074C2000-memory.dmp

              Filesize

              72KB

              Download

            • memory/4744-6001-0x0000000007A30000-0x0000000007A6C000-memory.dmp

              Filesize

              240KB

              Download

            • memory/4744-6000-0x0000000007490000-0x00000000074AA000-memory.dmp

              Filesize

              104KB

              Download

            • memory/4744-5966-0x0000000005CD0000-0x0000000005CD8000-memory.dmp

              Filesize

              32KB

              Download

            • memory/4744-5967-0x0000000005E70000-0x0000000005E82000-memory.dmp

              Filesize

              72KB

              Download

            • memory/4744-5998-0x00000000071F0000-0x0000000007210000-memory.dmp

              Filesize

              128KB

              Download

            • memory/4744-5996-0x00000000073F0000-0x000000000746D000-memory.dmp

              Filesize

              500KB

              Download

            • memory/4744-5994-0x0000000007150000-0x000000000716A000-memory.dmp

              Filesize

              104KB

              Download

            • memory/4744-5992-0x0000000007220000-0x00000000072EE000-memory.dmp

              Filesize

              824KB

              Download

            • memory/4744-5990-0x0000000007110000-0x0000000007142000-memory.dmp

              Filesize

              200KB

              Download

            • memory/4744-5988-0x0000000006FD0000-0x0000000006FE2000-memory.dmp

              Filesize

              72KB

              Download

            • memory/4744-5968-0x0000000005E90000-0x0000000005EAC000-memory.dmp

              Filesize

              112KB

              Download

            • memory/4744-5969-0x0000000005F00000-0x0000000005F4F000-memory.dmp

              Filesize

              316KB

              Download

            • memory/4744-5970-0x0000000005FC0000-0x000000000602C000-memory.dmp

              Filesize

              432KB

              Download

            • memory/4744-5973-0x00000000068B0000-0x0000000006C07000-memory.dmp

              Filesize

              3.3MB

              Download

            • memory/4744-5975-0x0000000005F90000-0x0000000005F98000-memory.dmp

              Filesize

              32KB

              Download

            • memory/4744-5972-0x0000000005E60000-0x0000000005E6A000-memory.dmp

              Filesize

              40KB

              Download

            • memory/4744-5976-0x0000000006C10000-0x0000000006C5C000-memory.dmp

              Filesize

              304KB

              Download

            • memory/4744-5960-0x0000000005C50000-0x0000000005C58000-memory.dmp

              Filesize

              32KB

              Download

            • memory/4744-5965-0x0000000005E00000-0x0000000005E48000-memory.dmp

              Filesize

              288KB

              Download

            • memory/4744-5961-0x0000000005C60000-0x0000000005C85000-memory.dmp

              Filesize

              148KB

              Download

            • memory/4744-5962-0x0000000005CF0000-0x0000000005D46000-memory.dmp

              Filesize

              344KB

              Download

            • memory/4744-5963-0x0000000005CA0000-0x0000000005CB0000-memory.dmp

              Filesize

              64KB

              Download

            • memory/4744-5964-0x0000000006300000-0x00000000068A6000-memory.dmp

              Filesize

              5.6MB

              Download

            • memory/4916-6082-0x0000000064D10000-0x0000000064DE8000-memory.dmp

              Filesize

              864KB

              Download

            • memory/4932-6018-0x0000000030000000-0x0000000030006000-memory.dmp

              Filesize

              24KB

              Download

            • memory/5788-5908-0x000001DE9B1E0000-0x000001DE9B1F6000-memory.dmp

              Filesize

              88KB

              Download

            • memory/5796-5910-0x0000026192E10000-0x0000026192E26000-memory.dmp

              Filesize

              88KB

              Download

            • memory/5824-5912-0x0000028077270000-0x0000028077286000-memory.dmp

              Filesize

              88KB

              Download

            • memory/5852-5914-0x000001A78E9D0000-0x000001A78E9E6000-memory.dmp

              Filesize

              88KB

              Download

            • memory/5868-7564-0x00000000070D0000-0x000000000774A000-memory.dmp

              Filesize

              6.5MB

              Download

            • memory/5868-7554-0x0000000006960000-0x0000000006A04000-memory.dmp

              Filesize

              656KB

              Download

            • memory/5868-7609-0x0000000006D00000-0x0000000006D96000-memory.dmp

              Filesize

              600KB

              Download

            • memory/5868-7625-0x0000000006C80000-0x0000000006C91000-memory.dmp

              Filesize

              68KB

              Download

            • memory/5868-7647-0x0000000006CB0000-0x0000000006CBE000-memory.dmp

              Filesize

              56KB

              Download

            • memory/5868-7648-0x0000000006CD0000-0x0000000006CE5000-memory.dmp

              Filesize

              84KB

              Download

            • memory/5868-7649-0x0000000006DC0000-0x0000000006DDA000-memory.dmp

              Filesize

              104KB

              Download

            • memory/5868-6719-0x00000000057C0000-0x00000000057DE000-memory.dmp

              Filesize

              120KB

              Download

            • memory/5868-7650-0x0000000006DB0000-0x0000000006DB8000-memory.dmp

              Filesize

              32KB

              Download

            • memory/5868-7587-0x0000000006AF0000-0x0000000006AFA000-memory.dmp

              Filesize

              40KB

              Download

            • memory/5868-7553-0x0000000005D30000-0x0000000005D4E000-memory.dmp

              Filesize

              120KB

              Download

            • memory/5868-6704-0x0000000002880000-0x00000000028B6000-memory.dmp

              Filesize

              216KB

              Download

            • memory/5868-7544-0x0000000005D50000-0x0000000005D84000-memory.dmp

              Filesize

              208KB

              Download

            • memory/5868-6705-0x0000000005010000-0x000000000563A000-memory.dmp

              Filesize

              6.2MB

              Download

            • memory/5868-6708-0x0000000004EB0000-0x0000000004F16000-memory.dmp

              Filesize

              408KB

              Download

            • memory/5892-5916-0x0000022659320000-0x0000022659336000-memory.dmp

              Filesize

              88KB

              Download

            • memory/5924-5918-0x000001C94D230000-0x000001C94D246000-memory.dmp

              Filesize

              88KB

              Download

            • memory/5952-5920-0x0000021ED10B0000-0x0000021ED10C6000-memory.dmp

              Filesize

              88KB

              Download

            • memory/5984-5922-0x0000021F78E60000-0x0000021F78E76000-memory.dmp

              Filesize

              88KB

              Download

            • memory/6012-5924-0x0000026EDD440000-0x0000026EDD456000-memory.dmp

              Filesize

              88KB

              Download

            • memory/6040-5926-0x0000026D59D30000-0x0000026D59D46000-memory.dmp

              Filesize

              88KB

              Download

            • memory/6072-5928-0x0000021EC6FC0000-0x0000021EC6FD6000-memory.dmp

              Filesize

              88KB

              Download

            • memory/6080-7680-0x0000000007360000-0x0000000007375000-memory.dmp

              Filesize

              84KB

              Download

            • memory/6080-7679-0x0000000007300000-0x0000000007311000-memory.dmp

              Filesize

              68KB

              Download