Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Total War ...un.exe

windows7-x64

7

Total War ...un.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    12/09/2024, 12:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Total War Attila V1.00 Build 4514 Trainer +17 MrAntiFun.exe

  • Size

    4.1MB

  • MD5

    9d0c5936d9ceeec933ffd2c1db6c9f01

  • SHA1

    45d4b313aa04723b0ec1dd430345e526ce6b53e9

  • SHA256

    bc7427f7b53f7a399f6215537fe97cacc1b76eefb6817faf0954a4d4352facc9

  • SHA512

    ecd887b9fdeb42c4f6c09fd6affc34f8c68d891de91b8e75cefd18e82aac61ad68d132ce89abd07ac1f82771fab840fe78b85168a1f88bfad7a217d49caa7df4

  • SSDEEP

    98304:00wy+TFo2/dmj89hjQ1DLNZuvUpayPFrQ5qTaSLYgQV:7kTFXdRhkNNZuv2dFPaOLQV

Score
7/10
discovery

Malware Config

Signatures

  • Executes dropped EXE 2 IoCs
  • Loads dropped DLL 4 IoCs
  • Drops file in System32 directory 45 IoCs
  • Drops file in Windows directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 5 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 49 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 13 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 20 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Total War Attila V1.00 Build 4514 Trainer +17 MrAntiFun.exe
    "C:\Users\Admin\AppData\Local\Temp\Total War Attila V1.00 Build 4514 Trainer +17 MrAntiFun.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:1900
    • C:\Users\Admin\AppData\Local\Temp\cetrainers\CET55AE.tmp\Total War Attila V1.00 Build 4514 Trainer +17 MrAntiFun.exe
      "C:\Users\Admin\AppData\Local\Temp\cetrainers\CET55AE.tmp\Total War Attila V1.00 Build 4514 Trainer +17 MrAntiFun.exe" -ORIGIN:"C:\Users\Admin\AppData\Local\Temp\"
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • System Location Discovery: System Language Discovery
      • Suspicious use of WriteProcessMemory
      PID:2676
      • C:\Users\Admin\AppData\Local\Temp\cetrainers\CET55AE.tmp\extracted\Total War Attila V1.00 Build 4514 Trainer +17 MrAntiFun.exe
        "C:\Users\Admin\AppData\Local\Temp\cetrainers\CET55AE.tmp\extracted\Total War Attila V1.00 Build 4514 Trainer +17 MrAntiFun.exe" "C:\Users\Admin\AppData\Local\Temp\cetrainers\CET55AE.tmp\extracted\CET_TRAINER.CETRAINER" "-ORIGIN:C:\Users\Admin\AppData\Local\Temp\"
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • Drops file in System32 directory
        • Drops file in Windows directory
        • System Location Discovery: System Language Discovery
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of WriteProcessMemory
        PID:2684
        • C:\Windows\SysWOW64\cmd.exe
          C:\Windows\system32\cmd.exe /c start http://mrantifun.net
          4⤵
          • System Location Discovery: System Language Discovery
          • Suspicious use of WriteProcessMemory
          PID:2908
          • C:\Program Files\Internet Explorer\iexplore.exe
            "C:\Program Files\Internet Explorer\iexplore.exe" http://mrantifun.net/
            5⤵
            • Modifies Internet Explorer settings
            • Suspicious use of FindShellTrayWindow
            • Suspicious use of SetWindowsHookEx
            • Suspicious use of WriteProcessMemory
            PID:1816
            • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
              "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1816 CREDAT:275457 /prefetch:2
              6⤵
              • System Location Discovery: System Language Discovery
              • Modifies Internet Explorer settings
              • Suspicious use of SetWindowsHookEx
              PID:2052

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    7488ce714b0b3f2b5b4131a8b53d4d73

    SHA1

    0fa5edea39c0315391bf1855341cd73c7f5f5c8f

    SHA256

    3ac161d3680fad38d50a6d26969576849b734ba8bca523a249eeaa83f67bfcd0

    SHA512

    094260f305fe0f2b35da243b460069b0622a0460079ac00eec770fa5151e46cb929ad4e6e15134216d7e0993998d9344009e7363ecc74fa6b0bb07e957065d11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ac580baa689fe8646924b811689f1cc0

    SHA1

    56b7418b2143a8b18e0be156d49a4758e06da9c0

    SHA256

    3247ae24f8582256a3ad77804192f6b83da2e58449b3c7b6fcd2ec6e9e77a8b7

    SHA512

    9c3441d8ad7af505abd583698aee62d2beaf016ab1dee720e643ebcbfdaa199510deb8d03eac820f00c64eca6f4ca0e22c97391050b8b9bd822fb218b1510ed3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    29a70f2e86bfdf995d6c27175c3d524c

    SHA1

    bb20ce31aa1797da42d70712c688ee9fd45507f6

    SHA256

    f15a7c59ff4235aeef360d398cdfb822e851c65acf16760e21714ec2ddb44823

    SHA512

    c134a20884ac8c690ba8de6b22235866dc2607992d683985d52f8577d4e494b8ec0f75ddc6a3f0e25919a47453b8259823dcfb86c4cae8cd73ecea1c948a1edf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    275b6c719e9ac5ff95f2667e7c0bd641

    SHA1

    2c6ef1f1344c3686ae5f43dd6392dcc761119ebd

    SHA256

    0de57c917807b8544228b9dc595b9e2457b930efc22f188366c656a28480b99f

    SHA512

    aec33abc25a02e3b8f5bceae5b806c002c864c875c9f7702fd594dada3f8a20b04a4ddacbac045fa2d906b1bd650099ac823f04a4c4cb94ce9a0fcf189e7566d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    edeb2c66043cee452a005f390ddbb9f0

    SHA1

    b81f5e3a9f92d4f354b7d1e6d5f88f18c46d8210

    SHA256

    1593e9e3eb169aa1737671ae721d873447eae859238809262e2367b0e813c3ce

    SHA512

    2640802bace2d10440a992b00af203e4781bbffd69c009130fe395ce6dc1994ba3680a1f2564d3c50b83154745aebcac4d358528a120288a80d5d8981d4c204d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e7772d80cb7ca1c96dc1f8b6d5844d4

    SHA1

    d0aea4779566321b3b7d87cca3dc8b6159871a3f

    SHA256

    8393f9921ad474b95b86415a24a561a326a4449c9562928af896b21f02c26cde

    SHA512

    a53d7a16c85e4dca5f8d4900aab443e492876e406554763d74fe81d5f1d254a3443bae967511af583f9832c3f29f4c5fd7264e2b0cecc85f4d2be1e07cedafa6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b976992008bcd3437b0c1a4a40919db

    SHA1

    c430840c13606bd99f98d8dbade0f1e1aadb1211

    SHA256

    fa9eec3876aa717c274ff5f1aac33a47b4e4902b127f8054695685260fb554e7

    SHA512

    0eee7e48c8cac9a1496827666230e8c84136a521da173a4073052e245f7a3f055996da4adc39128240627ed2dec068e1592f25303069eecb21fa4405e710388a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be14efcf0cc4a2c93133afcc06b11c4b

    SHA1

    1a7eb030e4fae08559fea5fdd5c434b6d228fc40

    SHA256

    48fa3bc4d24975e019e9932d7638d997866dba72c784cf45ccd74c6c416e0bcc

    SHA512

    4df26da09ad36fbe1e437acf74ea8b6de08a78ea6f5fa12e46e08a03e54695b24731bcc8b011d0a28e0c30d411565da6d5fed83474013e75b713fef34dce60fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b15d52e619edfa9a5d135bef43041355

    SHA1

    175560b63019c61beaccf1f668b6acbbdbbf9fb9

    SHA256

    e9dcee5e3ac74323b1d72de04e6e0c78b48b47e7192c5bb2b1003f6e0eefbd29

    SHA512

    8d57c5e6504247bc0fde9870755407056a96bd23a2d299d0312c3d361ffd9bcf1016d1774cbafdb6fe7ccdbd954fc96ae55afe4e5586b3b96b7b1843c4ea39fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a3a62f5567ec5a7e33d5cba003a50b58

    SHA1

    66785052e440e867953c36c3dcb1a16b9899c4f1

    SHA256

    c4c12332cd06f891876211a177d26d05ceb19ee5c95ac0bfdb29e902732d51a3

    SHA512

    2d8e763cc50eb8b8d745c260c8dfc7882c048c9323a5ecf55d9c79bd65c6c13587d7975a7a24667df3d93f66b4eba8e52247055f1a0cb06701f153668a069630

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    22a3f8a8ad37f63fe1f209627d80fa4c

    SHA1

    101d8adf1969ce68cb928b07e6365ba737c0d0c2

    SHA256

    2f251a04636119e573e835a2d8fd09e4f5a3443489a4fe2526a82b16d79ed192

    SHA512

    a6fce6835f9a7711e409129d9d37a30f8e690b0d3c3a5b01acba6b72170879bdc7ee72b37fdabb64673b68d5b3a97f62d48307069e9057793f7f701719585a24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4263e94fea8988fbef22f1d0d539facf

    SHA1

    c34f83ce030461d00a59aece396eed5fb583e4bc

    SHA256

    25a88fabb2cc5abbc9d454fa1c25480a60ad7fc9081938ddba0c80e4d32b58ac

    SHA512

    d15266f45a466a440759acd47d9c5b7b4d1de3682f1458139e98c3765c38de4c2a38ad82ba73bb07b15c227ad03d327642d8aaece6cfc91999ce440b73a64b79

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5c2945cda3a9f583ea2a4e9cefa6a973

    SHA1

    88880273de44fb42ad69a16b350b1c125a081167

    SHA256

    7a28e25b1bcd205eb8e1e679836bef55be4e264970061bd424f1c0f091769bb5

    SHA512

    01d3cc298a1d2a6cd22d34dcce08123dc92da8c06a9514b0103e37603306330189aeca24457b9ffcbf2f524f861ee2c932ef195f1f77ea0dead09099713d5b57

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01abdaf9ba0326fb748f56338b2cb5a4

    SHA1

    9bd73a01c0a2a764eedbafc7efa0bca57af92faa

    SHA256

    22d14abda1f2b885b340198593db890dc140bb9aaf86b7cf5add215e6e36a3b5

    SHA512

    90f5dc2a4f61d3ac22a84101c2aa71e3777377983b9e0f24598fad0c492e6ec8c521fcc049adf044dfbbe64fec724b8189ba37a373196dcb7b641fb3295d0d8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bc43421218c62ae972d26b2981036eb3

    SHA1

    d571427a370a7907430d7d0f4fb8a85d0333f514

    SHA256

    28501bf985abb2a24d2e63334ae0642a1bea81f9e5f019cfdec28ecc5f291291

    SHA512

    933efdd489bcf0f4a52d519f61e793bff5fc065aeeb9838dca8a0302fbdef6b6a847e29ddde353f6327c5045b1317373e2c74b202e0aa72c4e35c2acd153e8eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a9d4439134b2e1124c77db68f9e7adc

    SHA1

    595723d91fd2480da13635a3f06f4c0f030c0483

    SHA256

    26ba9ad76b0c566fa1683e259209871527e9960e11d8f87b1bf38e3cf5ea3e7b

    SHA512

    1e6f6b9a7e923b876114ea89aa40e60f4e2e61b10cca22bc07572a170d59b0802ab2c178364aa4189ef6650408cb71abf2fa209281ca9206f522e437d68e1aab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9314e5386422b115162f02c682114bfd

    SHA1

    7ef640452c9f3e92616b9f6fe06a4982e81f9f03

    SHA256

    1ae05071082fee4b8af198678968ca32190cb710f5ffb4005c67ffc2cc0c0390

    SHA512

    c8197a0afb18a7553dcd800f7d821b781a5cfa0785b008bc19cc6bd3a345db79500ec609aa9f53223cf682256c10402d234b5907c00857927440a9a3626a5f83

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bacd29a2f4c884e18eb77ac0069f92c6

    SHA1

    1e610b75d6956fd145519195adcc3119f3e757b6

    SHA256

    a0811ac5a4bf58cfb8db2e9b001ebfaeb13a45d303a91e692fa6d5454ea849e6

    SHA512

    0c09154e306976b098c6356be183577cc7f28b36f20ee373745d53cb1ee09dfc42b8d78c0876c0280fdf5017edb4219d54ef548556e5cea415cdece230356433

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    153f6cfaf474600509caf05dc176a3fd

    SHA1

    c0eddece49b2560a2382d3d2e370b5cdb7bdeb8b

    SHA256

    4576ca6f045f2f29c75b1ae685397476cb4e8a9beb532a9f660c8f75c3783c33

    SHA512

    0cd45b3a4cda1e6ff659522cf0b8cabcf4474dc03bd42b1c1b5b0405ca94d82fc8a6394ee7135f0923285a0f5c1147f0234c1422b88b2118789235b1264f495f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f4b6bdd5a55a28be98ccf9e3fd0d6bf5

    SHA1

    dca2e98cb44d73bb2b9700b707551d27748b187e

    SHA256

    89fe096a069b8cf7072bd1189149800d9aff6aafc17326df919197f49bf444b1

    SHA512

    9c2ac235d9d051105de47bf5d8db6dd1b79b871784e0b761d52407cb40c8d05c93c8641f69a6da2e0f6f434e6353a728109ac8d019c29f882d39d198fa12b484

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8359fce23129df76c51b2075a1e77cf8

    SHA1

    55ebddb7c9a51ec862c0cb30f44fb82e25ceeacd

    SHA256

    e477a86491c002cb9c909a3a75103c20cb88262dac1fa266af33792dcc892617

    SHA512

    dec8f79c59303e174987a27683ee346c992e57ddc21d61338ae13ac2afa979f246ab8c1ca47c65f5ee68b71e23073f9c2b463e7ad9c6693310d946c8650f39b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    70dcff4f4d76d3778701484fa657e63f

    SHA1

    34c2ea6d1f5522861d30ef99c29325fa1ab026b7

    SHA256

    d6116e6e7ae289336066f4db748180274795735942e3a215be522d2f099d4649

    SHA512

    c9f14de84fccf8d99d534635601dbb9acb17f42887161962e081d91b97f908ba274734dd4819a2bd57ad9639315a802a761fbd4a8c1e49e0b7101bc7e9ad4743

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\F5GJXXIQ\mrantifun[1].xml
    Filesize

    684B

    MD5

    a39e77842dfffd777e4b71ce211fe7b9

    SHA1

    6aea6241a1294c90d00f0fb9342b4524911d6b02

    SHA256

    fd11172983067f122c100d7f8bfc11317184a5f4d6bfacc3d24514645eca2c00

    SHA512

    1acfeaa056b8159809cfb9926820716f5c3e97fe79f581f365a1dd5f92cde01536b6cb78524694aef32fecff4cf4b2f0284be2fb345a3eb59339f55bf3967e02

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\pzrzu69\imagestore.dat
    Filesize

    31KB

    MD5

    fc2dc10107f7e0fe548f7a5d8d418d5b

    SHA1

    c3efbe6a8abba120bcc0c64c98efb3d8d0a7a3fa

    SHA256

    912f3c2288d99b9b0886eabd170d7ccacdb825d44dff9aff432cdbda76c3c769

    SHA512

    edcca506d038886badaaf053c5794f3b7c8401ebcbcdad37845475eb7185e3301974a0cf2619b9d403a637f247c75a715d15d2efa32c51e02522a49181da1340

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BDDDRHWK\favicon[1].ico
    Filesize

    31KB

    MD5

    1573660a090deb4af54285c33ebc7a6b

    SHA1

    7a351add27ef63f60c1ddef847a98da7adfec814

    SHA256

    10cd50f890ec0b3061d2df458ab5714cf3f6b454ccd751ad801e1de51d9589d7

    SHA512

    97d7c0b82e08b3c4f59d28b6724b8b3ecf97daa9391aa7b2ad990537216b77657db5c111beb91e070d4268fe88872a9b71e4edc34e6ea5d09bd538f778db0666

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7928.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7969.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\cetrainers\CET55AE.tmp\CET_Archive.dat
    Filesize

    3.7MB

    MD5

    60a8a76dcf2a4230673551dc5d4a5009

    SHA1

    2b1fdc2db4c1a22be2612611d612d62418466356

    SHA256

    5dc4a95dd0eb3c59e5f1d2eed14b5639a4bc5e86b4328146e993800496909469

    SHA512

    e60c49af76d6e94f263df55923fc23345b2dc795a215439e9094963704c17c171deedce20200f411b0fdce0bcd94adc97a178e796444cfdf0e163a0cc1967496

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\cetrainers\CET55AE.tmp\extracted\CET_TRAINER.CETRAINER
    Filesize

    161KB

    MD5

    7f17312b57648f1c4957d8d80acca7d1

    SHA1

    9d940fd8f7bee1c23bcaaf709661e90649541132

    SHA256

    442dc3b8b56efee2a952ce8cd31eb75ad21b0626115858541db4712d7a1da7d0

    SHA512

    d5f10048b91b05715056600460b3a294ac29abd7da2c41d32a147d111e71f949ec21093302c0f312a78abde91947cbe1b982229dba7c8b2adb11cdda7d3e31bb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\cetrainers\CET55AE.tmp\extracted\Total War Attila V1.00 Build 4514 Trainer +17 MrAntiFun.exe
    Filesize

    7.4MB

    MD5

    7be0f90c526a7dcbe40c2b6d5db884cc

    SHA1

    afaf6106f912f9ca8703fe8be2114c1d47121fdb

    SHA256

    c53cd508cdf0c218876e6ff23ffa496d51bd7a231e5a64f86ca3af46b0402fbb

    SHA512

    698011935a3e5a83dd69689c48b0414e85625d4b1e502517854d435e3af81e84aca1112232a0943c123e7a81d0d141781ce30612f64ec90ffc7d93c75d6f93e9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\cetrainers\CET55AE.tmp\extracted\defines.lua
    Filesize

    5KB

    MD5

    d8f9b4a10a48ebd8936255f6215c8a43

    SHA1

    7d8ff0012fa9d9dcf189c6df963f1c627f2ccb76

    SHA256

    d4347332b232622283e7dd3781f64966bd1097d06cca7052b467cf99e62898f2

    SHA512

    67db5dc65fef66fe3a1920c5f406091d17eeae27266039af392a166d63686b8fc61b94684f2b97762995aefa42d2d15148213ecef64cc0df04de19320abba97a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\cetrainers\CET55AE.tmp\extracted\win32\dbghelp.dll
    Filesize

    1.2MB

    MD5

    9139604740814e53298a5e8428ba29d7

    SHA1

    c7bf8947e9276a311c4807ea4a57b504f95703c9

    SHA256

    150782fca5e188762a41603e2d5c7aad6b6419926bcadf350ebf84328e50948f

    SHA512

    0b99259e9c0ee566d55cc53c4a7eabf025ed95973edc80ded594023a33f8273cd5d3f3053993f771f9db8a9d234e988cba73845c19ddc6e629e15a243c54cd5d

    Download Submit

  • \Users\Admin\AppData\Local\Temp\cetrainers\CET55AE.tmp\Total War Attila V1.00 Build 4514 Trainer +17 MrAntiFun.exe
    Filesize

    196KB

    MD5

    808de473370ef6b5d98ab752f245a3ca

    SHA1

    800bd4ad10c17471829693fac3cee4502b14f029

    SHA256

    65cbed2e8db313b8966638e40eb27f94156c294eb060b28a02c130d146518c39

    SHA512

    fafaff03ad502523b3627e59e1026b8af4217a80215782a90667bc4f4c330871d8c3d890f2601b68ec9a42c0171d12b9e5b87067c95dcad1132b0a8979c56a4c

    Download Submit

  • \Users\Admin\AppData\Local\Temp\cetrainers\CET55AE.tmp\extracted\lua5.1-32.dll
    Filesize

    329KB

    MD5

    2730ff589ae86ef10d94952769f9404f

    SHA1

    8010834297a6aa488e6bf90eceaaf9e60bb60c6e

    SHA256

    faf0850051ba175347e40481da9e2cc3a122a09d428925042932be555db06e6b

    SHA512

    5fb35eb364603568b67ce0d19371016a382bc62500de807a12492ceacd5d2b765e0908e2e7e9798446b6c005c0e48c0da74c1a0f9d55c49a8ef4eb3c3d1307e0

    Download Submit

  • memory/2684-23-0x0000000003530000-0x0000000003531000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2684-25-0x0000000003530000-0x0000000003531000-memory.dmp

    Filesize

    4KB

    Download