b97bec6c15a33ff4392e204ba19727631f98aa6aba62ba5584757aa684c55174

Analysis

max time kernel
145s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240802-es
resource tags

arch:x64arch:x86image:win10v2004-20240802-eslocale:es-esos:windows10-2004-x64systemwindows
submitted
28/09/2024, 21:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

COUNTER STRIKE 1.6.exe
Size

227.6MB
MD5

a176ca285438038ce9b5f7dd29f6d1ac
SHA1

1e931dc7e08592298cbc8d3dc1612b5967a9581c
SHA256

b97bec6c15a33ff4392e204ba19727631f98aa6aba62ba5584757aa684c55174
SHA512

a72d527f22a6827d802a932ecd71f79d67208f5a75720abf01afee7c7901c5223eeae65c69e87fb8ee1a709e53602f3c49e29b8afd2c548934475217d5fca2d8
SSDEEP

6291456:dJrWC2GFEgv/Egj+I+2H/WWVMGcgjpkyEsKCv6Bb:/SndWXx+2lVigdc

Score

7^/10

discovery

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
3044	is-UQAVC.tmp

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Counter-Strike 1.6\cstrike\maps\is-K106R.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\hgrunt\is-159JU.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\holo\is-O3QNA.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\cstrike\classes\is-L9RLQ.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\overviews\is-1NDHU.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\scientist\is-30EUG.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\scientist\is-L7CKN.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\scientist\is-SIUS0.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\cstrike\sound\radio\bot\cooked\is-TOMOF.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\debris\is-LRUBM.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\player\is-RBQ69.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\vox\is-Q82P0.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\reslists\Counter-Strike\is-TRMM9.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\cstrike\sound\weapons\is-BE81H.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\platform\AddOns\common\is-4PPI3.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\platform\AddOns\go\is-386FM.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\platform\resource\is-6E2D5.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\platform\Steam\cached\is-RLJK0.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\media\is-8FJJR.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\vox\is-PAQP0.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\cstrike\gfx\vgui\is-V3L0V.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\weapons\is-2NEKC.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\cstrike\sound\radio\bot\cooked\is-2G50J.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\cstrike\sound\weapons\is-S42LL.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\platform\Admin\is-M2QOS.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\models\is-V7HC9.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\ambience\is-AN0LG.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\barney\is-TG472.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\cstrike\models\is-5OPOS.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\cstrike\resource\is-3D2LR.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\cstrike\sound\radio\bot\cooked\is-92APL.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\cstrike\sound\weapons\is-HJ4FD.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\gfx\vgui\fonts\is-0295M.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\models\is-TKDIM.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\hgrunt\is-NFUKK.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\vox\is-E0Q03.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\cstrike\maps\is-BR058.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\reslists\Half-Life\is-ANEE7.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\debris\is-V7MBL.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\cstrike\sound\weapons\is-L0V8U.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\fvox\is-6FJTC.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\headcrab\is-UK1LC.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\is-0RRFS.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\cstrike\sound\radio\bot\cooked\is-RT6B7.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\platform\Steam\games\is-1MSG8.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\agrunt\is-HKHOV.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\barney\is-H1EKL.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\vox\is-U865H.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\cstrike\resource\is-2P6S5.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\platform\Steam\games\is-0UAH9.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\platform\Steam\games\is-OTBP8.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\gfx\env\is-ERRI0.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\vox\is-9PTPM.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\platform\Steam\cached\is-84TNL.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\cstrike\models\is-DUP9H.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\models\is-DV87K.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\barney\is-N6T2Q.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\barney\is-5O5NU.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\headcrab\is-U9HU1.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\hornet\is-8ML0H.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\cstrike\is-29217.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\barnacle\is-CKA31.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\cstrike\sound\radio\bot\cooked\is-G4CRE.tmp	is-UQAVC.tmp
File created	C:\Program Files (x86)\Counter-Strike 1.6\valve\is-9AOKC.tmp	is-UQAVC.tmp

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	COUNTER STRIKE 1.6.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	is-UQAVC.tmp

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4676 wrote to memory of 3044	4676	COUNTER STRIKE 1.6.exe	82
PID 4676 wrote to memory of 3044	4676	COUNTER STRIKE 1.6.exe	82
PID 4676 wrote to memory of 3044	4676	COUNTER STRIKE 1.6.exe	82

C:\Users\Admin\AppData\Local\Temp\COUNTER STRIKE 1.6.exe
"C:\Users\Admin\AppData\Local\Temp\COUNTER STRIKE 1.6.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:4676
- C:\Users\Admin\AppData\Local\Temp\is-2BFJB.tmp\is-UQAVC.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-2BFJB.tmp\is-UQAVC.tmp" /SL4 $A004C "C:\Users\Admin\AppData\Local\Temp\COUNTER STRIKE 1.6.exe" 238137020 209408
  2⤵
  - Executes dropped EXE
  - Drops file in Program Files directory
  - System Location Discovery: System Language Discovery
  PID:3044

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Counter-Strike 1.6\cstrike\events\is-H17A1.tmp

Filesize
11B

MD5
e41aa21f57500b1b71802b76fcaaecd1

SHA1
554eaebf267f8aaceb4e9b18e28dfa5131168a09

SHA256
2092e6c9862b42fe817a552f0ecf05a58a2609b2424402404a796c325bdf2098

SHA512
4c2b2e183bb68c16b383532aa03d5dbaebebde35b843ff442b84f6c9dba655868e7e7ba76b5b92d003db1ac73ebdd2aed5933595b35d073c702b1e841d94269d

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\cstrike\events\is-VHC5J.tmp

Filesize
9B

MD5
d14f11b47b92d829b6ec4912ca7349e8

SHA1
86b8dd77a055a3d1d154022492ed7d7e4ca371a5

SHA256
89a0f0c5f04ea6da99b4a48fb642b968d32350aa3e6697da24d2736b7bb195d0

SHA512
f19f860c86297921b972338dd0ee73241b3b822d1b9d977cee39e45891f1d57bf144cd676eb2e7e35985969613dff0896473dd8e89ad07c66e79ac94510fb5d7

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\cstrike\gfx\env\is-CB697.tmp

Filesize
192KB

MD5
9eda1bf021904ceaf1a8c50a76741eb5

SHA1
38f004101eb47ed0dffff757488263d9a2523bbf

SHA256
cdf4b2c96b5d1366fecdfa2aa764fcfc8d084bc5a682e2a10c41a03ed3ed3661

SHA512
aead546626ef7dc5a75348760b26f8e187a61b62c7a0a49bda16cf68b280749dfbc87974d05201dcefe6b4fd89401c3537b4f179f3ac5bda161066ae3ca0efbf

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\cstrike\gfx\vgui\is-KHVAP.tmp

Filesize
128KB

MD5
13b3a5cf4af8f97cd8a8328ef9952b7f

SHA1
253105b008a8ce333a64f5a66e4b2da0e3a3cb52

SHA256
9d8e087dd823e63f7009907ff1761e620dc5ee64db6a527e2d0ec830d4152437

SHA512
77f76cb9bb4edadecce9bfcd05031e1def1f4b967b58d8078bb9e6c3b03e3db9917bd2a77314553fb8ee233981683e9b0bad5af30c094344350ad2a1dd034667

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\cstrike\gfx\vgui\is-NFK8G.tmp

Filesize
128KB

MD5
1f10813901e2bd255a5ae21026de8b48

SHA1
03a1f78e07952f1876dd431ba4406b534435b920

SHA256
348584b23c63388045342dc0b79bdd37a8cff904a84215c386492e33273ab725

SHA512
b3fa7d1c675c4ae53ebc506d39234e166392bf6a0f6fa651b4c1a19240915f2423c9b150ccbe429159cebc0fa92135a9940cbfc8c79fa9fa3b353580f93342be

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\cstrike\gfx\vgui\is-V2K8P.tmp

Filesize
128KB

MD5
8c3ff438e747a73255ddb8c3ccbebbc2

SHA1
e81ddb67229feefece8cc5ff4d1b12c4b75cc103

SHA256
4a2460747b60d4b5843bf22a459f6c17f16a9664305b4b4bda182041a0fdebfa

SHA512
869270e4c6adbe4e914c07bc459a7858c50988ede0e75a02ce51a18080f9ba4bc4c483c4ee646e22fed948dafe388e7b908f58b09528b93eb1a87ef57a278b62

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\cstrike\sound\misc\is-GLIIL.tmp

Filesize
43KB

MD5
28ccbcf72b65f2dcf27e6ea22e34cfd1

SHA1
2c398971c3f51ae18f96846a3b33ca6337e53364

SHA256
c75f0091bb55fc3dadda598674f0efa05b757b7a1cb779a404b2d18b982a1c92

SHA512
a4c2461572ad4f559e4f293ed6f2a6e875363dda789b6147a91433d4365ca3c3b845421879750d9aa3873f08a3d828b6946d481511820ab0733f8068c3ae1c19

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\cstrike\sound\weapons\is-9JUJB.tmp

Filesize
10KB

MD5
7e7c4656f8ef80a72ef0d1e41317f511

SHA1
775a6ec4f092b3e8bcb59c21787ef33e9237ae48

SHA256
ffdaf0a862ce1f47615dc1ac59af868010796eeef50de895414c40a04da3680e

SHA512
a257ce57532a8497f8df5860ae08729c78f90477f0b96264f2f98dc31ee034ec2679ace4ddf1ed4ad14ba08170354fa00e984e2dae4a17491fb5f8b7e009391b

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\cstrike\sound\weapons\is-CQ7QL.tmp

Filesize
7KB

MD5
3d352efef15d6f7019168991cff7cf32

SHA1
10030aa93a41d80b35d39e59dda86e4c164f1a5f

SHA256
616e07c58c0d3d332c3c7fe65c1b7e6ef49d5c26d09d8132d1e7c36c3899ea46

SHA512
bc51565450631d2954c0736c7899aa7111aa1584b0cd20ad239a765662d5935aec7fc7b33f3fcb2d43e5a69b1a9c9728a63a5a82134ee4dce7740cfa22e9480f

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\cstrike\sound\weapons\is-PV4C0.tmp

Filesize
14KB

MD5
2876bbba2adae9cf3456ea95a2c0b546

SHA1
737a3eff26b380e189ada33a028f63d75b8f0e8a

SHA256
2ebbea31183105b5d305027e960bb89dc2e2582b81ba712b01b1851501b6092d

SHA512
5423d77697905521a1718b2209a7e29fc34c94f481bf093f2ea45c3c43eb9dfce38fc8c87802c221a1813c582b626fd84446540178cba918d8e021d1b4b5dcfb

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\cstrike\sprites\is-JAP72.tmp

Filesize
361KB

MD5
324aa00f639ff5f9cef8797a1f862ceb

SHA1
38d8564d31e700625ef0ce35cb681f5a6a34e070

SHA256
aae249f31605fdf3773d0753764dd4865873dca48a58108579923af755122fe5

SHA512
d37195b2033c064cf1396e02f9e01f63399196c4de290b0630cb252bc54f9685be98431d0df3ab3c8239b9a585373ae21c224d04d713e20e2b4d21b1720ef34b

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\hl.exe

Filesize
80KB

MD5
eb767e434413779f0c9260a9a2761b2a

SHA1
73927e9915f8bb15157011f8fe0a86bf0e4d971c

SHA256
aebc2327f2fb8c26340377b717eee79194d411e1ca6e4239c5c9c629dd6447c9

SHA512
3446a79e22e6cd4b60e446b8e0b0e0804c83b6f6d4c58482cf215afcddd7fa320a7a57d019046288fb31b208c4b88d7e5ef2baea7a4b7e885c24c2efc7ffe237

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\hlds.exe

Filesize
388KB

MD5
976717f76f70ea73d51117ca5a13318e

SHA1
b13041026cc416612bc3b659c7649a57eea83537

SHA256
bcd35ab8e7c1f56b4354567e8e5ca74efa9ecbf60dd84a820e50cfdfb1f4dcf1

SHA512
f0a2f5f004f007df8aabd80f2e02981bce59f4087f9c05e6eb0deffd53d5d33052acbf6462435becd7cadebaa89916c0e32f146c853bbe0c2de93ccab0267285

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\platform\AddOns\common\cards\is-R8OUR.tmp

Filesize
17KB

MD5
fedeec806033ab73e7dbb5ed2c06f4be

SHA1
8c77b9c9842e8a04322094b3fb21c2d78af43c1f

SHA256
40c583c8740eb42349f7ba5fe0c34b8cdc06bfc16153e26880d1620acaada5ad

SHA512
4059086c97b3322607f9b40e8c2f3eb744032d45848b1d350e814aca1f539a107974997c3d43ec56b9a5ca002f776463684ca13bfc75f908c6a4f232ecb26bf7

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\platform\Friends\is-JQK78.tmp

Filesize
1KB

MD5
cb39e3a0efcba5cf43adb241e03f3c53

SHA1
2ef3b884c136b66e0b6acee1a5a201506bf3deb0

SHA256
b490e7f1176c6b61610f6db010efb9dbd200b54ae09026654a96bcfb12aa3470

SHA512
30b7dd4a3b927d16df6ce7d76f0b2a5aa78efb53b418ec80dd287a38ea8512981a0743202fb673b2097dbe033caf10254a77c5b0497cb24340998bb31e770a72

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\platform\Steam\cached\is-3TV6D.tmp

Filesize
2KB

MD5
18581b2844d1b35bd0dc170f8557bc42

SHA1
05e8657b8f73f2608aeb07edd8f469f3639d29b7

SHA256
7f00fc14809350a11d04cb655e996beb4d829ae7c2d7ca320968661961e18fd2

SHA512
cb2be96b5ae7cc5c593f954092ec663b8ff41e06f2597b24bbec8883a025baa75bbc6c15cb24fa29389e05b7bdb0d017bb47ef747a524eea53b77fb4a479087a

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\platform\Steam\games\is-FC7IE.tmp

Filesize
1KB

MD5
200380f4259d09ec3f433e421cd5a55f

SHA1
9afc9cf71fd5949198b77bf7ec396a89058d6dee

SHA256
e136089e82c2d98a7283b55dcd93c5332a332149e7119d015bb7c353435ea9c6

SHA512
c77a433055077420eae1fcae302fc0738f592b8081ba2bdcae2015a3296672f1df2518934821d424e3a8c9535bf1891cbe7394c16ac68520099a3d7dfb4c50cf

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\platform\Steam\games\is-GS2AS.tmp

Filesize
1KB

MD5
0b5cc5aecf0b47e2886c384908532dbe

SHA1
add589f862a5fb871f8c84871501791b5dfb3c62

SHA256
e5972753625daccf5bd9b735261b60375b5f46cc5adcc8d1c18fd36cde5d7d1c

SHA512
859647325ab25bb1d412001bf425babbc720c7cb72c3255768fcd03b29b34908f68946478f5855e96358de74230aac396559411d71860c0e5bf5414929a69d6f

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\valve\events\is-KUJHM.tmp

Filesize
1KB

MD5
8cfcc0a84d0b6b51995ce17bc9f194f2

SHA1
f86d5edad7e5a3e2d994517da5ebd7d748a8c666

SHA256
2c7d43b8dc6ea01a32acddb7798b9dabf0ec44c7a6dcf75160539a7fe53e029d

SHA512
5f75243ff3e13b557859d89593432f5e29f014f2bc527bee363be3369e884feccb15ee593094c7eb0f8e4786b6a352cdf9fc6039636782cd23712cadc114ee1b

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\valve\gfx\vgui\fonts\is-024BE.tmp

Filesize
33KB

MD5
bca82506d597eed9b5507ff7ba16567b

SHA1
55ad94cc92b95ce8e2adf62df94a6a8244980e8f

SHA256
4eb392f4136f1a4b255ab26772947e62b80615ca8b1ccea93563c3f33539a8bd

SHA512
e817036968d39d3f86c2f6f241c6f80756bf139a700adf018feb870542331b230cad6369652eb2a26b26e94b14c3e27dc0112d3ccd1c512f73e8b056ddeb12fc

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\valve\gfx\vgui\fonts\is-2DCI7.tmp

Filesize
40KB

MD5
910e7f920f59348e20f787d9240fe2a7

SHA1
9f85998b0a73efbf34b2e732942a0caada57925d

SHA256
93eba9e5ba94654d73d76944cb9860e4fe8db92a6c734fcbc57864cb766caf1d

SHA512
a19fad5b08875df9f16993d48562cc2cb4bf5d918b5f102b0439c6d6d6fdb862783762d586393b0e0b6c324de3c38c27fbf09d4b48c55affd44aad2c1ee9726d

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\valve\gfx\vgui\fonts\is-676NT.tmp

Filesize
24KB

MD5
ebc1b6a271bf99cdadc78dae5e9a29c4

SHA1
afddb10163d0cacf30f7a2e9f9e4f534c8425586

SHA256
3988ddbea3e6fd927933a698d28d66572d51e59938ea16624f644afe2021818d

SHA512
ccbc9f59f59c46187954d5e8a70513542471a40e8653f59c8d58279777c9c378f2e1891c4949d8d5b104117410e991f756d768932fd5353dfcbdca3c37d6ac1a

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\valve\gfx\vgui\fonts\is-6T7HU.tmp

Filesize
45KB

MD5
d3d6c70dd23590745a0f691c28f88848

SHA1
b46b4a8427c59e590f8adace2ab659da2f4f4e9d

SHA256
f472485bdddb0f7acdce7ba6dfb1520dfdab6b2e870b37f77f61714533c5fe79

SHA512
06a400b5462c9a307bb281cf725358a8bc64a27e34b5f6b95748d3006703e66c4a756ad86fc5e2de9c2a2eba534921234fc2ec422b6107ef7264f7344a258a92

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\valve\gfx\vgui\fonts\is-7K3BL.tmp

Filesize
24KB

MD5
07306c3fa68e4b5bb4fd4da515adfdc1

SHA1
ae0203c50a3ef107992d61f4b135efd6fdc809ba

SHA256
fad8e72511e03ea0b215e491da1ada731d7474a03d43c26a2f858c8fcee9beac

SHA512
d6d1b8f13d9263932f8757fed790dcbcdca681ca51a7581ca552631409b8c65de212436f8e161c60463edf8589067118d15537789e8aead85eeb156af5c29a7a

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\valve\gfx\vgui\fonts\is-JFI7O.tmp

Filesize
44KB

MD5
ec8766ea06b999dab276c2ed85397067

SHA1
d043859519210810ab69bc4172406511b0391728

SHA256
dff807e488eee92c3f841de1f330bac00b42c36e34320e6335ed6e5d926243a8

SHA512
5b69d36450816306ba280d2690c65f7478b84a4b1d8eba37b8a4baf8631d767859599e1b20bcabb930dbb7ebbfd07d89bb3336c9999809c50e20fc0661cfb77c

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\valve\gfx\vgui\fonts\is-NMKG3.tmp

Filesize
27KB

MD5
8148e0f0a6679ced3ca04fd6c258d478

SHA1
9afc1daad5e004bb9481147ec5fac15693897f2c

SHA256
60946960e36a56fe17b02ab7c618e3ca0d61b7412acbb9967271ff309a76b5e0

SHA512
918c03891b46c645ff9b1a497a77bfee752befdbc2e82b882ca3d665dea21d3de1b112848ebb9b996b201c14bc14a70231838eece3df04a431becd0852417bed

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\valve\gfx\vgui\fonts\is-TB6K1.tmp

Filesize
34KB

MD5
46f3cc3d5ca0f0e80d30ec38a3ed9702

SHA1
2b7902e73522c60bb4e5a6d7905f91967ec54b46

SHA256
824ad8824e4d05319556d9c08dd0d4c90fecd6150a0dbcae8c946740cb4e2c56

SHA512
9f85b11a9479af47963155fc823a9390794b3db05fb50011efaa87e1adcf772d18fdc1bd57f3ca556ded84d5fc5671236ee0705043771c83663612cd2b0f16d3

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\valve\gfx\vgui\is-9HO8M.tmp

Filesize
1KB

MD5
1926ecbcf1b403f0c4a30426ea74276c

SHA1
24d8e0d5f3477f85e76985a0fc579e392482c402

SHA256
99986396ea8ebd9ab4eb1221b52db2a8a024e67c748e0b8080d8dad24e4e9cd2

SHA512
8e944a0304620fb7428acbe883049167c0bc1596d8f294b1ebcb383899e6881c5e54221ea5a60fa7c14210e5cfd91831a8481020608c22747f43c2f9d7e45060

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\valve\gfx\vgui\is-H7ECJ.tmp

Filesize
2KB

MD5
6deae390d10e5faef07cb793138a4ea2

SHA1
0e1b89e5e5e61f5e8959d3d6e17fc874f3d14a8e

SHA256
1efacc8931f4e6558fc9f854527e25e004d8c3fd90f1f5209273236924a9241b

SHA512
70c1ab592e46440f759ffdaa2ba1bbb9206212670762fbdbeb04f85da2304120e0a052ea4164fc0e0326e82c013924d0db0ea27fc21041489fc6d6d69b69d93a

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\valve\is-HCSCG.tmp

Filesize
4KB

MD5
f02c1d45a1a86f5d60ce9e310e24d144

SHA1
d991f95d96e1c76d2acb944bb09447628cd96caa

SHA256
01491c012c29f4706f0cc8f1117eb0f882b54f720bfbf320a3271ffac6c929dc

SHA512
88dafe4039264818c4193f563376db890ecea2f8f67df7902dd76aacd08be4cb47197257d02217eeec1a81295615b30b89e91d097837193a8fb64e72d03d7334

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\valve\models\is-5I1CD.tmp

Filesize
3KB

MD5
ab9f1bf1f7d14ca0032df954e1dd5212

SHA1
d51ab73cb33e1737b86ea0bf6db28aa895bb86ab

SHA256
748e6fb4465843238519d56774643c2d4fb3f77131ba49ee9ca2d700c42acb70

SHA512
c5dcb61363551755beaa4732a21ec870c9b077a44eb0e810029f056a7c89b7be4d6e2d4e48b860a4eedc707d057ba55b2b45c238cf4a99ec167a1c07686710bb

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\valve\models\is-EIF1I.tmp

Filesize
22KB

MD5
5f394d005ec12f63949d0c6a62c1b7b3

SHA1
957d1d0598c7bd0079db345db2006d8e4b755096

SHA256
47b5e88f5cc25627e8dc76b85eb6ad64d8613b00838d0cca6a85f118af81c7b0

SHA512
c51142a1e7902d720154378a7b8e01808fb4683e5a12c77516fa474b4eb05c0d2cc37aaf1b3b0a33757aecdc9ff8008333df66ed0e254b01cb5640b8646e6fb7

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\fvox\is-2UP0M.tmp

Filesize
2KB

MD5
299c3e28a49757ecab2e84ca9b220e62

SHA1
850cbc182e7000b6caa8b6af9986161a2554dbce

SHA256
0ffbcdb3466691fbc1043c69abe50434df646f997c52856a509de43cae501eee

SHA512
2caa0f84686df85905b355107ce2d50c1b8b6debadc50d49327330855e3ed2cea05768c1394cec746ddf90f7087a08ff98eda51272f89d7450923a5e41a13bf8

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\valve\sound\plats\is-9S018.tmp

Filesize
1KB

MD5
811989e09124f54cb27fe6154b0f1018

SHA1
90c22fc3b248588e2d9759e6ef395303a86b7b60

SHA256
5271b9aa2961809f47fadecb693be2eebde2dbed62fbc4f5f4889fcd8c4a65f8

SHA512
560d26fdbec34ab687e40b8be6144b0f586449bd3a0eaf286ab972ad60b1eb1fe002649daacad36039a298ad24aae96e3531404ac2d0d7b0b47e194b8169e18b

Download Submit
C:\Program Files (x86)\Counter-Strike 1.6\valve\sprites\is-514PR.tmp

Filesize
4KB

MD5
30c0c19f5c5226225ac3959dfe1f1428

SHA1
5c7be5173586da26dd730a790a151b8a16611106

SHA256
5603d52c5f089950f372e2b00845738746abebaa2796b0b3e2f6d8d2f4111760

SHA512
c71799d84798c2e2a82dbde7ffa5a2c8698eaac615e77d337de7dafc9239c4b59bc2794b2ccd5740d3e19957549257bcd468660d0696f09fdca37485150c233b

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-2BFJB.tmp\is-UQAVC.tmp

Filesize
796KB

MD5
8535bf33ec74a738eb87c20393ea3fb4

SHA1
76c89805be4c7623f2b15e9c701421d6902bfe61

SHA256
f80191c6d74ddf142d6cde8136bbfdf17d3b46bcde724e7b3755f60d0314e8f6

SHA512
199c6250e951d901ce1d6d47bbf46d0ea67734f5f2488e054f8c961dd0f61d5b3f2596fc2a4a813d46b93ad9354f5ea9a57d0eb3e9feaff3bbd0bbd69552a7e6

Download Submit
memory/3044-1222-0x0000000000400000-0x00000000004F5000-memory.dmp

Filesize
980KB

Download
memory/3044-65-0x0000000000400000-0x00000000004F5000-memory.dmp

Filesize
980KB

Download
memory/3044-5107-0x0000000000400000-0x00000000004F5000-memory.dmp

Filesize
980KB

Download
memory/3044-7994-0x0000000000400000-0x00000000004F5000-memory.dmp

Filesize
980KB

Download
memory/3044-68-0x0000000000400000-0x00000000004F5000-memory.dmp

Filesize
980KB

Download
memory/3044-7-0x0000000000400000-0x00000000004F5000-memory.dmp

Filesize
980KB

Download
memory/3044-12441-0x0000000000400000-0x00000000004F5000-memory.dmp

Filesize
980KB

Download
memory/3044-12445-0x0000000000400000-0x00000000004F5000-memory.dmp

Filesize
980KB

Download
memory/4676-1-0x0000000000401000-0x000000000040A000-memory.dmp

Filesize
36KB

Download
memory/4676-12-0x0000000000400000-0x0000000000439000-memory.dmp

Filesize
228KB

Download
memory/4676-0-0x0000000000400000-0x0000000000439000-memory.dmp

Filesize
228KB

Download
memory/4676-12446-0x0000000000400000-0x0000000000439000-memory.dmp

Filesize
228KB

Download