fe48d4ec7eb6ddca46760eafd2dfd23ad831faae8f3f13fa7e7f8266d545df74

Analysis

max time kernel
149s
max time network
123s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
15/09/2024, 06:53

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
Size

10.6MB
MD5

f24bbe549710bd697ecfa18dc1742297
SHA1

d61d2ad7d720123baee1e1d9cf71023308476ac3
SHA256

a4308e619c4425414f4c0cf5b18e8941040f761b63b51eb8f37cdf340fc662b3
SHA512

aec4f772c77154782b43f3d324932e4203498576ca1a3c6bb45eb3aa778c2d1a1cb95b7099ff252462a99ac8e9be59d6ad65dda8cbf4f80e1ea9be30c4c04a14
SSDEEP

196608:d0TPlL0wYyavxPn91E80tT+GlNtmS7J9zDjxFW7JsocTwGsqN9dcUv9eot0mASI2:+PlL0wYyavFnk9zDjxFWmoMw0NLcUvzf

Score

7^/10

discovery

Malware Config

Signatures

Executes dropped EXE 2 IoCs

pid	Process
2372	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe

Loads dropped DLL 5 IoCs

pid	Process
2420	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2372	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe

Drops file in System32 directory 52 IoCs

description	ioc	Process
File opened for modification	C:\Windows\syswow64\USER32.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\USP10.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\SysWOW64\opengl32.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\MSCTF.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\kernel32.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\SysWOW64\wsock32.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\SysWOW64\DUI70.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\SysWOW64\GLU32.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\SysWOW64\DCIMAN32.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\CFGMGR32.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\shell32.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\SysWOW64\profapi.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\GDI32.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\comdlg32.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\LPK.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\SETUPAPI.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\ADVAPI32.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\ws2_32.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\psapi.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\RPCRT4.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\imm32.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\wininet.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\SspiCli.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\SysWOW64\DDRAW.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\DEVOBJ.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\SysWOW64\ntdll.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\SysWOW64\shfolder.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\msvcrt.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\CRYPTBASE.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\normaliz.DLL	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\KERNELBASE.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\oleaut32.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\SysWOW64\dwmapi.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\SysWOW64\hhctrl.ocx	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\NSI.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\SysWOW64\DUser.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\SysWOW64\sechost.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\SHLWAPI.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\iertutil.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\SysWOW64\uxtheme.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\SysWOW64\msimg32.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\SysWOW64\propsys.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\ole32.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\SysWOW64\version.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\imagehlp.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\syswow64\CLBCatQ.DLL	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
File opened for modification	C:\Windows\SysWOW64\explorerframe.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 3 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe

Suspicious use of AdjustPrivilegeToken 15 IoCs

description	pid	Process
Token: SeDebugPrivilege	2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
Token: SeTcbPrivilege	2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
Token: SeTcbPrivilege	2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
Token: SeLoadDriverPrivilege	2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
Token: SeCreateGlobalPrivilege	2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
Token: 33	2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
Token: SeSecurityPrivilege	2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
Token: SeTakeOwnershipPrivilege	2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
Token: SeManageVolumePrivilege	2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
Token: SeBackupPrivilege	2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
Token: SeCreatePagefilePrivilege	2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
Token: SeShutdownPrivilege	2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
Token: SeRestorePrivilege	2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
Token: 33	2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
Token: SeIncBasePriorityPrivilege	2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2504	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe

Suspicious use of WriteProcessMemory 8 IoCs

description	pid	Process	procid_target
PID 2420 wrote to memory of 2372	2420	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe	30
PID 2420 wrote to memory of 2372	2420	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe	30
PID 2420 wrote to memory of 2372	2420	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe	30
PID 2420 wrote to memory of 2372	2420	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe	30
PID 2372 wrote to memory of 2504	2372	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe	31
PID 2372 wrote to memory of 2504	2372	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe	31
PID 2372 wrote to memory of 2504	2372	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe	31
PID 2372 wrote to memory of 2504	2372	Horizon Chase Turbo V1.0 Plus 2 Trainer.exe	31

C:\Users\Admin\AppData\Local\Temp\Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
"C:\Users\Admin\AppData\Local\Temp\Horizon Chase Turbo V1.0 Plus 2 Trainer.exe"
1⤵
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:2420
- C:\Users\Admin\AppData\Local\Temp\cetrainers\CET8D13.tmp\Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
  "C:\Users\Admin\AppData\Local\Temp\cetrainers\CET8D13.tmp\Horizon Chase Turbo V1.0 Plus 2 Trainer.exe" -ORIGIN:"C:\Users\Admin\AppData\Local\Temp\"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  - Suspicious use of WriteProcessMemory
  PID:2372
- - C:\Users\Admin\AppData\Local\Temp\cetrainers\CET8D13.tmp\extracted\Horizon Chase Turbo V1.0 Plus 2 Trainer.exe
    "C:\Users\Admin\AppData\Local\Temp\cetrainers\CET8D13.tmp\extracted\Horizon Chase Turbo V1.0 Plus 2 Trainer.exe" "C:\Users\Admin\AppData\Local\Temp\cetrainers\CET8D13.tmp\extracted\CET_TRAINER.CETRAINER" "-ORIGIN:C:\Users\Admin\AppData\Local\Temp\"
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Drops file in System32 directory
    - Drops file in Windows directory
    - System Location Discovery: System Language Discovery
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious behavior: GetForegroundWindowSpam
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of FindShellTrayWindow
    PID:2504

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\cetrainers\CET8D13.tmp\CET_Archive.dat

Filesize
10.3MB

MD5
fbff62d3c7410ab12aeddc4654008ae6

SHA1
3dbe0ceeeb3ada113b9ae8e68e582df9682e3d98

SHA256
312ec4f97cc0f6ec013c4b64bfa3851dc42859f06d5fa50d265704599a4a3596

SHA512
989559426ef228152f023829f8f5f06d3d4e8d5588acfbfa8e0b8633a5650da213158a69d3e31c8140e3c045f2544d9ff2853cdfe86131cceb85aa2c588c9e5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\cetrainers\CET8D13.tmp\extracted\CET_TRAINER.CETRAINER

Filesize
465KB

MD5
2e8f4cff5d8776dccc58dde281ef4fe3

SHA1
219ca937e749a6c898b696c554e1182927b05f2e

SHA256
e3e01ae3ddad15bdad17c8e1d8a542a4ccfbc85e3505d1c177a35c17626bfb70

SHA512
4362761704772b90a8e99ee924a1098fd0b2eeaf79b4e6b79c0774fa981b6048dbbcb8cb118475462dfc50a59461089450e1d4e587317fc1d4ec73b6e8c17cb6

Download Submit
C:\Users\Admin\AppData\Local\Temp\cetrainers\CET8D13.tmp\extracted\defines.lua

Filesize
6KB

MD5
1197da76333f56519b3424cef6c2fe8c

SHA1
59f2fb8cc88e33a958589d9733464e72fbc50c6e

SHA256
54dbd22ed951515db3d92d948cfd8f590526220dc3231f56f3d1dda7005c72e8

SHA512
5051763eff99926a032570a43e6240079600a0c72029bf20421553e75b8da723b7da50799e33368c148ccb46a994e46fa5db242663497e6acaceb8acd410ecb2

Download Submit
C:\Users\Admin\AppData\Local\Temp\cetrainers\CET8D13.tmp\extracted\lua53-32.dll

Filesize
501KB

MD5
6dc19a76e755d0b54d9c6908e5512f43

SHA1
662ed416f8153be840ebe6ef9d2f0e2f2aec919c

SHA256
f6ae7f03cfecf8e634be1e529ab997f9b773cf0f08e3a4b1ab09818ca8de939d

SHA512
9c9fe0bc7dd7afb32d53acf2cb2fcc6cf078b67eb8e63cc95181ad29392107f896269ac5a7ada60e024e59b640d4f01dd02a8e7ffd441260f926cd8d5db3fd3c

Download Submit
C:\Users\Admin\AppData\Local\Temp\cetrainers\CET8D13.tmp\extracted\win32\dbghelp.dll

Filesize
1.2MB

MD5
9139604740814e53298a5e8428ba29d7

SHA1
c7bf8947e9276a311c4807ea4a57b504f95703c9

SHA256
150782fca5e188762a41603e2d5c7aad6b6419926bcadf350ebf84328e50948f

SHA512
0b99259e9c0ee566d55cc53c4a7eabf025ed95973edc80ded594023a33f8273cd5d3f3053993f771f9db8a9d234e988cba73845c19ddc6e629e15a243c54cd5d

Download Submit
\Users\Admin\AppData\Local\Temp\cetrainers\CET8D13.tmp\Horizon Chase Turbo V1.0 Plus 2 Trainer.exe

Filesize
189KB

MD5
a65c29111a4cf5a7fdd5a9d79f77bcab

SHA1
c0c59b1f792c975558c33a3b7cf0d94adc636660

SHA256
dab3003436b6861ae220cc5fdcb97970fc05afdf114c2f91e46eed627ce3d6af

SHA512
b37ef3351e8f46f7183550254acce99b54e0199fc37a02cca78b471dc2d8b697769afdaf7e6cfe89422cfed65a8dcc6d158ef52aba5b0ac9350ea05607fefd7f

Download Submit
\Users\Admin\AppData\Local\Temp\cetrainers\CET8D13.tmp\extracted\Horizon Chase Turbo V1.0 Plus 2 Trainer.exe

Filesize
7.9MB

MD5
95ec44a12eff9b812a1497ebfa471a7b

SHA1
11ed9418f43144b1ea93d01424355353dbc5ca9f

SHA256
0231d7714ef7808463bd20907ac8e6babfd236053097e3361197db9a4727d6a9

SHA512
1a823586db9de4f835b87ce7ac2cdfdb4ac6c87f3d7cea2a7e4603d272d30ed539a43b92218c09ee995619a6bd398ca5b59a9635ce337bf0028c06033bc4db3a

Download Submit
\Users\Admin\AppData\Local\Temp\cetrainers\CET8D13.tmp\extracted\libmikmod32.dll

Filesize
288KB

MD5
98be945674e8c278f7f13abfe1eddcc7

SHA1
13516fa78f4156f841ba64b2c967c749cd36e60c

SHA256
b9d1ef748a42da5024c657ecee566c8333199d4fcfd7548cbe484e7e54d3c1ff

SHA512
93175692eb0e62b17fccbdf04d3b1075b3ce5b6d7168573c163b1ed488e2f484ea092a2ff8b659fc096793fa062ee41078064f78f207dd1884f61eaf23813293

Download Submit