659c54979fa4c75840e4ee9b17393be08dd86c5e7c726493b7eb58a8623bb6a7

Analysis

max time kernel
150s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
03-10-2024 13:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

imager_1.8.5.exe
Size

19.3MB
MD5

1a1620e861f0a578783260e7e915e8f8
SHA1

b311b501a9b6a3f1635ef48be8118a028612072e
SHA256

659c54979fa4c75840e4ee9b17393be08dd86c5e7c726493b7eb58a8623bb6a7
SHA512

357a587f948afb92aa495ef2ebeb67fea795dd9ae8e0e4afe2ab6422025391d0af8c321063f6f25d3528a97745080188622bf156d3b63e084b2350a29af9de0e
SSDEEP

393216:u265BEBfTbWEkxnk+O0donJ6rHQOmOWoLeE4JTmdIrnw0+Cw:u/3kLT2BO2on+8GebTUIjwQw

Score

4^/10

discovery

Malware Config

Signatures

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Fusion\Popup.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Fusion\ProgressBar.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Fusion\RoundButton.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\libEGL.dll	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\SwipeView.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Material\BusyIndicator.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Material\DelayButton.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Material\Pane.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Imagine\TabButton.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtGraphicalEffects\private\qmldir	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\imageformats\qsvg.dll	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\libwinpthread-1.dll	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Universal\RadioIndicator.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Universal\SwitchDelegate.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Material\MenuItem.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Imagine\ItemDelegate.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\rpi-imager.exe	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\plugins.qmltypes	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Material\ApplicationWindow.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtGraphicalEffects\DirectionalBlur.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Imagine\GroupBox.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtGraphicalEffects\private\GaussianInnerShadow.qmlc	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Window.2\qmldir	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\CheckBox.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Material\ScrollIndicator.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Fusion\TextField.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Fusion\Tumbler.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Universal\SwitchIndicator.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Material\Drawer.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\SwipeDelegate.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Universal\Switch.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Imagine\RadioDelegate.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Fusion\ScrollBar.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\Qt5Svg.dll	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\BusyIndicator.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Imagine\Switch.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\Qt5WinExtras.dll	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Templates.2\plugins.qmltypes	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtGraphicalEffects\private\DropShadowBase.qmlc	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\platforms\qwindows.dll	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Fusion\Frame.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Fusion\TextArea.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Universal\RadioButton.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Material\ToolButton.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Fusion\Drawer.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtGraphicalEffects\HueSaturation.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtGraphicalEffects\LevelAdjust.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtGraphicalEffects\ZoomBlur.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\ComboBox.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Universal\MenuBarItem.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Material\SwitchDelegate.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Material\ToolBar.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Imagine\Tumbler.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\ItemDelegate.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\TextField.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Universal\RadioDelegate.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Imagine\TextField.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Fusion\DialogButtonBox.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Fusion\RadioDelegate.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Universal\CheckDelegate.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Universal\ProgressBar.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Universal\GroupBox.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Universal\PageIndicator.qml	imager_1.8.5.exe
File created	C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\Universal\ScrollIndicator.qml	imager_1.8.5.exe

Executes dropped EXE 1 IoCs

pid	Process
4296	rpi-imager.exe

Loads dropped DLL 43 IoCs

pid	Process
4508	imager_1.8.5.exe
4508	imager_1.8.5.exe
4508	imager_1.8.5.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	imager_1.8.5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rpi-imager.exe

Modifies registry class 21 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\RPI_IMAGINGUTILITY	imager_1.8.5.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\RPI_IMAGINGUTILITY\shell\open\FriendlyAppName = "Raspberry Pi Imager"	imager_1.8.5.exe
Key created	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\.zip	imager_1.8.5.exe
Key created	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\.xz\OpenWithProgIds	imager_1.8.5.exe
Key created	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\.xz	imager_1.8.5.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\.xz\OpenWithProgIds\RPI_IMAGINGUTILITY	imager_1.8.5.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\.img\OpenWithProgIds\RPI_IMAGINGUTILITY	imager_1.8.5.exe
Key created	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\RPI_IMAGINGUTILITY\shell\open	imager_1.8.5.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\RPI_IMAGINGUTILITY\shell\open\command\ = "\"C:\\Program Files (x86)\\Raspberry Pi Imager\\rpi-imager.exe\" \"%1\""	imager_1.8.5.exe
Key created	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\.zstd\OpenWithProgIds	imager_1.8.5.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\.zstd\OpenWithProgIds\RPI_IMAGINGUTILITY	imager_1.8.5.exe
Key created	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\RPI_IMAGINGUTILITY\shell\open\command	imager_1.8.5.exe
Key created	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\.zip\OpenWithProgIds	imager_1.8.5.exe
Key created	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\.gz\OpenWithProgIds	imager_1.8.5.exe
Key created	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\.gz	imager_1.8.5.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\.gz\OpenWithProgIds\RPI_IMAGINGUTILITY	imager_1.8.5.exe
Key created	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\.img\OpenWithProgIds	imager_1.8.5.exe
Key created	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\.img	imager_1.8.5.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\.zip\OpenWithProgIds\RPI_IMAGINGUTILITY	imager_1.8.5.exe
Key created	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\.zstd	imager_1.8.5.exe
Key created	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\RPI_IMAGINGUTILITY\shell	imager_1.8.5.exe

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
4296	rpi-imager.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe
4296	rpi-imager.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4508 wrote to memory of 4296	4508	imager_1.8.5.exe	88
PID 4508 wrote to memory of 4296	4508	imager_1.8.5.exe	88
PID 4508 wrote to memory of 4296	4508	imager_1.8.5.exe	88

C:\Users\Admin\AppData\Local\Temp\imager_1.8.5.exe
"C:\Users\Admin\AppData\Local\Temp\imager_1.8.5.exe"
1⤵
- Drops file in Program Files directory
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Modifies registry class
- Suspicious use of WriteProcessMemory
PID:4508
- C:\Program Files (x86)\Raspberry Pi Imager\rpi-imager.exe
  "C:\Program Files (x86)\Raspberry Pi Imager\rpi-imager.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  - Suspicious behavior: AddClipboardFormatListener
  - Suspicious use of SetWindowsHookEx
  PID:4296

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Raspberry Pi Imager\Qt5Core.dll

Filesize
8.2MB

MD5
39d509b1675c380dc549972506a8f717

SHA1
7fdbb1897ccd3ffcdee39ac3838e19f7b9d3f6c7

SHA256
bb88391d53cf771c58887cb54101b5dc638abeb84bce4beddd82be5fb4bae671

SHA512
bb4cfd92dd772b4d7a5bc84a6348be1e7d96864b086bfc331713ebefb47e30c7d1b304cde7d3a25b388ccd7e59816b0e3fe96f85676c722664be470723960ca9

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\Qt5Gui.dll

Filesize
9.2MB

MD5
f676936b5dfce1c5ac2f8a1a7f577844

SHA1
c9870365d594bf1d6a4215acd4e730695166f809

SHA256
77f8946ac559cd03694d9a36ab4630cc7d5f0db62b34c00ecec12bc021eafbe9

SHA512
ce4ca22c4afb55a035c68711708ac86b5abf08ddca0bb0b059c3ad130aa1c9266a36e412b4feaeb4cd89edda6aa8ad95225e0a777fb33bcbae828b41c316301a

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\Qt5Network.dll

Filesize
2.7MB

MD5
ced4531f553504ed6770d999f9c82cb9

SHA1
3405a3118bb6479413b9a749ce4c0b395622883c

SHA256
77f1bd3192d9e8b15dd23adb15a3f83e92e9474df9a30450247fbe9e96b71736

SHA512
df98b27470b30377928bcea23e18b0c3d8e7929d0d7ee6862887440f6ef577e5172fcb02b82a20b4903ce9eb7e1d00cfb8e1785476cbaaee3da92354f701dcbc

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\Qt5Qml.dll

Filesize
7.0MB

MD5
65781efc205f808159563cb526332e28

SHA1
771cfa537a523cad8987179a0211c653cda30c68

SHA256
7244b065771674bf963d998acefad1ee0c93ababfaf667724c4ea3c6bf4f0bce

SHA512
fadd974e9353575ec3e5f631643e246bfbbb0da30c90225fb18c587517603b4f279b0d5f1cab86e47844edb46f6832fda2a338e9717b1534faec7e76bd4d2304

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\Qt5QmlModels.dll

Filesize
947KB

MD5
a097b71d3afbc8e27dc4f577ed6ce0f1

SHA1
7ef05f005ee2dc7f0676d4b9fe22ee5dab86bb85

SHA256
4d4d9965174560fb8d9be778c2344deca655717a772bb549f57244cc92b58617

SHA512
70a96835180790e6f0c8ea99e2d16ef2484bea187a958a433340aedcec7a277b7b8ccfa82653be9bc7de5b0a4eb1962342a049749bc3357e15629bac3cd55649

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\Qt5QmlWorkerScript.dll

Filesize
141KB

MD5
4ecac5dda76d1060de28f45ae3746723

SHA1
f147bc6d65142fd8fb055ad8882c4099856bdc50

SHA256
c0896506288e3da386d0674fec374272a6785cb982b3b6fdcd2214fc6c431f69

SHA512
d6623ee3f50714db5acc6b40f46eec0677ea80136f078d8fd65a56b95ea4a24a13a0c54e9b01d856db152287bafde7474307a00cbde477cbcc7c7c50e57e478d

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\Qt5Quick.dll

Filesize
8.3MB

MD5
c300fa804a97c846a13f098a22934502

SHA1
3c3909fbdb64fd3a62134c3c634c7f2ded16ef36

SHA256
b7af3bc93e2905e336886805553dec7313e4567886f7f2ac5981778cdd67173b

SHA512
e45f011c10831c0f9542f1374d12e199403aab9e3291cb086a08bf119be2241faebe461af30f2235ff3b7af5267e1b4479d692bde46656a7145b61544f013dc1

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\Qt5Svg.dll

Filesize
582KB

MD5
825b515b5694b55982c4f7d004a94ad4

SHA1
7430898bb90f9e98bc85e0b172889c9bd63b5dc6

SHA256
d7f56abfc93e7d4d5c79b568222f09ffeecdd08f4c18c2c17dfab00114dd40a0

SHA512
1ae16ef69878efa975693f77498355a16622d4dbc619a674b5178d367c5cf82c64504cc8762033f2da4512c537afa20542dbdfd61a0fad91d44be87263d37993

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\Qt5Widgets.dll

Filesize
8.8MB

MD5
b037b86cd074ea2a216bbd4b7b489c9c

SHA1
bc6b32e01e03887b06e297009efcf965083aa435

SHA256
2f0c2a362f2ef318ce80e03e914981ad42a1751c74b534725a6bf3cf50ce03a3

SHA512
39472c8ba41dbe53e180568ca61472fd3b912ea55227bbc75e9e2889f9d18551b971079824e9102afe0f132782b20c42f2b7c06b576eba2509c36e5f77b6572b

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\Qt5WinExtras.dll

Filesize
432KB

MD5
ffd0b3e6a95ac68a7a534f932677b6e9

SHA1
e2b365833ba1125d2e41082e2f50564b437fc684

SHA256
a6b8f3b595bdd486143e80040dca1bc96390c0fc866e80c4a3a373c8b6a14b4e

SHA512
3590d4ed40f71a3f1028e806bf66a5d972132551d7f6c8056dee4d85126aa9ed3ecbc6c648310114179122fa71e419d237190ec404593b5dfb36ca54961ec26c

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\QtQuick.2\qmldir

Filesize
131B

MD5
d2cf96786ce59e93a2feb2178603a27f

SHA1
7478dfedcd7ac1795bf4ff2732ef716ec82b061a

SHA256
b6f63056ade6925aa070d3b2bd4133d26e80df4ea2719e81ad90027e19661ae8

SHA512
4fcde288c6a690728f919b70308b3bb2ead62c40223bea14e52ec5f3ef74f5467b1930f419df77d78b8d50e84ec81a1fe78cc9a3b42c4a6d261ba77c654a1714

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\QtQuick.2\qtquick2plugin.dll

Filesize
55KB

MD5
bc48935d7fb9d87eed3994024f1071f8

SHA1
9cea445364aae84a38d3e79b5aabdffd4229a284

SHA256
6fccb1c95c2198d15d818e640d7849af9215e741ebbaceecfee3f3315f90b0ae

SHA512
95dc78983ba867883766a3d2a988d56bd9c9a6252e8231e631a294c5a9cee3647862909f0282284d6c5d734d41685b8ca53823538bb23a7549098e5477676720

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\qmldir

Filesize
140B

MD5
659ed029afaeabbe4235968ff5292736

SHA1
565ceba5b695eebbf28030965ee5929c2a5a2346

SHA256
7b404175bb8e2b0d3822e75320c8d6d09c61bb53f4513c235a7d04ac7d34fd57

SHA512
41fcb039c054c7decb9fc7ca198f3218dc0965813758b66c5b8b174b732040a33f2d3f54037aec7a9c48af5cd3bcc798ddd41c7458924b8c9bdd49a38846195b

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Controls.2\qtquickcontrols2plugin.dll

Filesize
922KB

MD5
b64cdbba8f86ad1570980766ba01fc04

SHA1
f22fb76a9240414408cf732561a7306d1b49c49f

SHA256
9e7ae57b5f45ebca1f9130a238850910fb3d0124eaf69c219d94db0e74ec4c99

SHA512
13b03e6e0ee0c9497002ffe16956c498b4d6d5d40168e208d35039de58578a7d1b3d37dc3133344dec34072f0ec53a84f9e3061df97c0399fe825ac8aa77ebf1

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Window.2\qmldir

Filesize
122B

MD5
c434589591a9b33cbe88891afbb7c144

SHA1
42476fb63f3cf463b4bb03b47048aa0918e588b5

SHA256
8d88b81547e1573f8c91df998ea82608e0a79770b014c82f760a67388b41945a

SHA512
5a09830970ea37942166c1e5e5ce0fe452290eb9cd662ffaa9858bdb61806caa03b1016d30c98871a7b6c8fdfa369e29e3940a5f9779d967b98ede5901f4d30f

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\QtQuick\Window.2\windowplugin.dll

Filesize
157KB

MD5
aaa6f063228fe0f039fbfbdd71350b52

SHA1
0191185074bd6ae95910a9abc33245d68501fd01

SHA256
9ce4c676795449331955fbe0475b0ced2672d9f2e3693df06dae8a354306614c

SHA512
0f5626fa285c914407debbb815c8a867da19cc50f0e08303d67783d57a5cb5ed73cdcbde7273b4cd19a576bb4dcfbf4b88d1e2b00003e3519c61e6a89681a31d

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\bearer\qgenericbearer.dll

Filesize
156KB

MD5
0cd5e6423509f722a14ea18cdbff9131

SHA1
f7e3dfbf13cf500d66239c6ebbace4d5b596c9d3

SHA256
196b17ace66fcba78ca81ed6bf26071b4d953a7c6d86604305080cfcd8130b2b

SHA512
d42bef1c5a5ece868171e4944a008e9c58ba4dfbe55fba4814c903c9eec5c651ad2a9b579c7fa06171f498ed8789954e91215e3d10369bfe8e7c3098777b85a4

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\iconengines\qsvgicon.dll

Filesize
96KB

MD5
0e84e74db3c3c6318b1e436cbc3bc9bd

SHA1
2417d9359b8d77523647bccc3de9f469846cd4a2

SHA256
aab86d4b897a38043f79c01ddbb5655e838dc3f907d9579ccce2b4a4299cd588

SHA512
dbeeb50f7955d912436353a9063b1ede40d2e60594896569ea64950c85f69c8cf5e1f2bfe297a09da24b891fe351a53f4d519dc19a5b976e6a81898d384afe3f

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\imageformats\qicns.dll

Filesize
96KB

MD5
d4f3874acb16d7da9b47e03166f738f7

SHA1
c113e2508c1c919123659dcd9c121ffd79e27516

SHA256
dab35f7cf1241ed3cec03bd7fe21c19e188308dd271b71307b2b135c7ea6befb

SHA512
4ea7192d5f9204dcb82916e7405c87ef857db9040b863c39cf2e6d2ec826bcfd7dffa3ddd9dc3bc9b88cfe5f20c36a5e203eca0346d739cd11a491809c3203f7

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\imageformats\qico.dll

Filesize
81KB

MD5
1323ccaa656e019b2cf3ce8604527bb1

SHA1
7c0a04f58cc920aa75d655acfb857cf40fa643f8

SHA256
09fa3fb14c3f2d5e0703bb4a7c0294b0fa43d0804e894fc428bcdcde5605cf27

SHA512
cf5fda6564259b8a570b491c19fee6c9e52d6226d6085c9bbe29a648978c70421e37d6dd94b77608495e5e8127db6e31f14c937d55fbcd1152ead98a4df4cb60

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\imageformats\qjpeg.dll

Filesize
476KB

MD5
9fb6482c0659d0a441a54b81232d64e1

SHA1
f0697271cc8f618d1305c0ed882d46791c42de68

SHA256
b15aeacee8e9d5490ee222c84ea2505e2c44893228e2b07e08158cdb9e01e6ab

SHA512
04546439ce8d9420549ac1bc670e71e7b5aa6c7cbc36e0d8e20900f0d582c62f967939e780680b02906c96f644f962b106f24a8521eb4019a638ac76118c3685

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\imageformats\qsvg.dll

Filesize
72KB

MD5
85d6831f35b51c402fa8d3e669f6fbcc

SHA1
432429d425c44cf42b24cbeb46ef9f5767ecb6ce

SHA256
de24ec415cd1bdbeaff32f10f5cad3315cc548b4de2acd8ed3a0386a8c772aae

SHA512
31fb7a5148831e01a41b5f819b362306204e3125cf89e09c296220252d0e09181c3b31eb767e5159b29bceef055fbc616102ad7e2c1ebcc90ff3d8e72ce6ebc5

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\imageformats\qtga.dll

Filesize
68KB

MD5
8ddae0d848400076e87bc9eb7b012feb

SHA1
42d85b443c5a2466c6389b17a622607d02969b48

SHA256
8eaf9d6e983b86b17aa7231b661d0ae17047239d9eaffc873fcfb1ee8f006a72

SHA512
44fb65a92e9a5032849c29a738d6cf2807c4fcbd767a136ef1823f67958a186c97c29fc4b7197f24d6aa1b51a11f6a0998418bd2675a95e368337c78d1b140e2

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\imageformats\qwbmp.dll

Filesize
67KB

MD5
76ca2612c03f2fd2f54dee7d217786c2

SHA1
ffc184e6e5b69fc7afeb0ec9104b18dbba34cfad

SHA256
d1903311c33a9f29af3b9a71f6f2534f1dca03627214d032133064586aa34b3e

SHA512
f23a0cce9ae220234730629e95be4db3b8d8faeec6dc9e3cece3bf8c424af4777f7311a0608b90ad1302eec537711291fee21350e403140d86f60c1f8edce3d0

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\libcrypto-1_1.dll

Filesize
3.1MB

MD5
53ed6c7079e5a683acb8dff532de3fc2

SHA1
e4f1111a1f870a00d7a581e28fc217467156b231

SHA256
7202b19a44c4955ea2e700372a88b0a571acfa3c7bbb8b1217ba2c7e949fc3aa

SHA512
55fc0abd9ecc5524383817d040620236f382bbb3ce71df53d41729cd506bac0bdb543f3ebe7646e8025cb5f2b5bd065f8dca041ce6c0192d86a36d8b9b49f967

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\libgcc_s_dw2-1.dll

Filesize
113KB

MD5
9aec524b616618b0d3d00b27b6f51da1

SHA1
64264300801a353db324d11738ffed876550e1d3

SHA256
59a466f77584438fc3abc0f43edc0fc99d41851726827a008841f05cfe12da7e

SHA512
0648a26940e8f4aad73b05ad53e43316dd688e5d55e293cce88267b2b8744412be2e0d507dadad830776bf715bcd819f00f5d1f7ac1c5f1c4f682fb7457a20d0

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\libstdc++-6.dll

Filesize
1.5MB

MD5
051973a1420749e10d007049f15a30ab

SHA1
27141d4e7847e16f3cedd487dd3f074811556ff1

SHA256
672458902acead23b1a4dbca8b26e51324e88948196bc30d68703d45547898e8

SHA512
0f105ba29af981afe3a43e6d789f5df8a501c252d3f46bf730d5c92c98358c6656cbdc7bd7d5a0d4c5357ae0acb1144828358b07cf2b1515512ca9b4d3f047fa

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\libwinpthread-1.dll

Filesize
46KB

MD5
ed53eee1623a43e9ae174262169f0f2e

SHA1
4bf7e9fa40878e19d6d7b8277982ed958681af86

SHA256
0b5532f93126db45689d7e3162cfc6951f78738a182e52712bb2c71980468f23

SHA512
dce1bc89033313934323e9ad1fd0ef7a525df0fd8f2f7c64b5ca8f5e7780b5526ce9e1fff408f8a00b46f718763d492eae059b7d11d873eea3186e8584dca53c

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\platforms\qwindows.dll

Filesize
2.9MB

MD5
10de385a50aba297f8b92fb2eeaca1a3

SHA1
b1506e0f27f0661e3c46d2389159b8fc1fdc704b

SHA256
bd092da50a3d1d5113d0f5404bc8854faabc4875dd3247c81c4267fe8599e338

SHA512
29e8781cf4c98a2ea4d97cc0dd5f8bcfc8825caec55bd5d82c7124a4668c6823605910ac4f14d1a26fe46dfadc9bc8957c3c69b35d81837f8fc1f8d958e41f2c

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\rpi-imager.exe

Filesize
3.2MB

MD5
8e125aaa747edfbc2b6f4a0916d8d275

SHA1
3e0fe4905548f6b965dfbffd871ba055f53bc842

SHA256
11d043199e9699e21f5bca9d7a6bf19e75e945ac7216849eddaff9e04b46fb64

SHA512
b4bd1e6ba20307824d0d2616c0e4a46ce26430d54703dddb339cb671605869755363c2506dc21ed474ad64ce616b050daa309a0f8940394a48afc24c5afdeb23

Download Submit
C:\Program Files (x86)\Raspberry Pi Imager\styles\qwindowsvistastyle.dll

Filesize
332KB

MD5
f17db40c8253fab8642753677453c49c

SHA1
db14600290a48153481e5d84a378b08d8c55bcfb

SHA256
5e6bfaf6dcd4446ff34a6a385652923c470037963235072e624887d1bca98565

SHA512
b9ab3f59dd87e3f0752fcceec596ffa306b0bba6cba9864760e1a9b87ebbe0fc9c22adf8181bf6ec45973d774f91dbb6dc439809eea892cf92b7334a11212a29

Download Submit
C:\Users\Admin\AppData\Local\Temp\nse9EC2.tmp\InstallOptions.dll

Filesize
15KB

MD5
ece25721125d55aa26cdfe019c871476

SHA1
b87685ae482553823bf95e73e790de48dc0c11ba

SHA256
c7fef6457989d97fecc0616a69947927da9d8c493f7905dc8475c748f044f3cf

SHA512
4e384735d03c943f5eb3396bb3a9cb42c9d8a5479fe2871de5b8bc18db4bbd6e2c5f8fd71b6840512a7249e12a1c63e0e760417e4baa3dc30f51375588410480

Download Submit
C:\Users\Admin\AppData\Local\Temp\nse9EC2.tmp\System.dll

Filesize
12KB

MD5
cff85c549d536f651d4fb8387f1976f2

SHA1
d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

SHA256
8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

SHA512
531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

Download Submit
C:\Users\Admin\AppData\Local\Temp\nse9EC2.tmp\ioSpecial.ini

Filesize
1KB

MD5
f836df041653e64909d6e4edde24cc38

SHA1
1cf5fcea829c236e535eb5b24c1ef5e00d3f2841

SHA256
812e145cd131b81419ac4f7d776022f078330dc4d0000a6cf7d2172669a6fb8e

SHA512
5a0ae30543507d237becee73f32fee8ee06c4c3000bf5abe8dffcaf8f70dc975478a52f77b91b689cd0b9aa32ee86b4e9d9a90f422f1704c2f39b76d82270dc7

Download Submit
C:\Users\Admin\AppData\Local\Temp\nse9EC2.tmp\ioSpecial.ini

Filesize
1KB

MD5
ef82b540f86f2397a452d92dccab8378

SHA1
b35aa73ef382f9195316fda1d4b5e1880ddca896

SHA256
fafb3feb7d9b04ed640ffc09b01f00b98edc1f358986f87fc9fd2818cb810a8f

SHA512
3d7f15fc0cdffbac28865fe78e4fd982cf255e4e2e32eca5e9e47b1e951e6e46d1ccb190be4bbbb6b7533a57251781e12328092ba2db220c9ad31142b8acf935

Download Submit
C:\Users\Admin\AppData\Local\Temp\nse9EC2.tmp\ioSpecial.ini

Filesize
1KB

MD5
ac91ed22e6e3dd64ab62ae5230a104d7

SHA1
36bdd598570893acd7a21270255a9b97f764a96e

SHA256
b5353f74fd604011fda51e3036a15515beda66516dfb3cb99098b70f7223895a

SHA512
4129212f70df4f0509852ff523b42fd152820fdba0bd0ac4210a2b9f9ea1363cabc4acce462ccb911adf4702e8bc7bfc9662b3bc38010d979cc9b5bb55214781

Download Submit
memory/4296-654-0x0000000007230000-0x0000000007231000-memory.dmp

Filesize
4KB

Download
memory/4296-687-0x0000000007270000-0x0000000007271000-memory.dmp

Filesize
4KB

Download
memory/4296-618-0x0000000003CA0000-0x0000000003EA0000-memory.dmp

Filesize
2.0MB

Download
memory/4296-613-0x0000000068A80000-0x000000006911A000-memory.dmp

Filesize
6.6MB

Download
memory/4296-612-0x0000000068A80000-0x000000006911A000-memory.dmp

Filesize
6.6MB

Download
memory/4296-588-0x0000000001120000-0x0000000001751000-memory.dmp

Filesize
6.2MB

Download
memory/4296-630-0x0000000006920000-0x0000000006E1C000-memory.dmp

Filesize
5.0MB

Download
memory/4296-587-0x0000000061B40000-0x000000006225D000-memory.dmp

Filesize
7.1MB

Download
memory/4296-921-0x0000000068A80000-0x000000006911A000-memory.dmp

Filesize
6.6MB

Download
memory/4296-656-0x0000000007240000-0x0000000007241000-memory.dmp

Filesize
4KB

Download
memory/4296-585-0x0000000001120000-0x0000000001751000-memory.dmp

Filesize
6.2MB

Download
memory/4296-616-0x0000000005EE0000-0x0000000006320000-memory.dmp

Filesize
4.2MB

Download
memory/4296-592-0x0000000068A81000-0x0000000068E0B000-memory.dmp

Filesize
3.5MB

Download
memory/4296-639-0x0000000007AA0000-0x0000000007EF2000-memory.dmp

Filesize
4.3MB

Download
memory/4296-641-0x0000000007AA0000-0x0000000007EF2000-memory.dmp

Filesize
4.3MB

Download
memory/4296-646-0x0000000007210000-0x0000000007211000-memory.dmp

Filesize
4KB

Download
memory/4296-645-0x0000000007210000-0x0000000007211000-memory.dmp

Filesize
4KB

Download
memory/4296-644-0x0000000007210000-0x0000000007211000-memory.dmp

Filesize
4KB

Download
memory/4296-643-0x0000000007210000-0x0000000007211000-memory.dmp

Filesize
4KB

Download
memory/4296-642-0x0000000007210000-0x0000000007211000-memory.dmp

Filesize
4KB

Download
memory/4296-593-0x0000000068A80000-0x000000006911A000-memory.dmp

Filesize
6.6MB

Download
memory/4296-653-0x0000000007230000-0x0000000007231000-memory.dmp

Filesize
4KB

Download
memory/4296-652-0x0000000007230000-0x0000000007231000-memory.dmp

Filesize
4KB

Download
memory/4296-651-0x0000000007230000-0x0000000007231000-memory.dmp

Filesize
4KB

Download
memory/4296-650-0x0000000007230000-0x0000000007231000-memory.dmp

Filesize
4KB

Download
memory/4296-649-0x0000000007230000-0x0000000007231000-memory.dmp

Filesize
4KB

Download
memory/4296-648-0x0000000007230000-0x0000000007231000-memory.dmp

Filesize
4KB

Download
memory/4296-689-0x0000000007270000-0x0000000007271000-memory.dmp

Filesize
4KB

Download
memory/4296-688-0x0000000007270000-0x0000000007271000-memory.dmp

Filesize
4KB

Download
memory/4296-632-0x0000000006920000-0x0000000006E1C000-memory.dmp

Filesize
5.0MB

Download
memory/4296-686-0x0000000007270000-0x0000000007271000-memory.dmp

Filesize
4KB

Download
memory/4296-685-0x0000000007270000-0x0000000007271000-memory.dmp

Filesize
4KB

Download
memory/4296-684-0x0000000007270000-0x0000000007271000-memory.dmp

Filesize
4KB

Download
memory/4296-683-0x0000000007230000-0x0000000007231000-memory.dmp

Filesize
4KB

Download
memory/4296-682-0x0000000007270000-0x0000000007271000-memory.dmp

Filesize
4KB

Download
memory/4296-680-0x0000000007260000-0x0000000007261000-memory.dmp

Filesize
4KB

Download
memory/4296-679-0x0000000007260000-0x0000000007261000-memory.dmp

Filesize
4KB

Download
memory/4296-678-0x0000000007260000-0x0000000007261000-memory.dmp

Filesize
4KB

Download
memory/4296-677-0x0000000007260000-0x0000000007261000-memory.dmp

Filesize
4KB

Download
memory/4296-676-0x0000000007260000-0x0000000007261000-memory.dmp

Filesize
4KB

Download
memory/4296-675-0x0000000007250000-0x0000000007251000-memory.dmp

Filesize
4KB

Download
memory/4296-674-0x0000000007260000-0x0000000007261000-memory.dmp

Filesize
4KB

Download
memory/4296-672-0x0000000007250000-0x0000000007251000-memory.dmp

Filesize
4KB

Download
memory/4296-671-0x0000000007250000-0x0000000007251000-memory.dmp

Filesize
4KB

Download
memory/4296-670-0x0000000007250000-0x0000000007251000-memory.dmp

Filesize
4KB

Download
memory/4296-669-0x0000000007250000-0x0000000007251000-memory.dmp

Filesize
4KB

Download
memory/4296-668-0x0000000007250000-0x0000000007251000-memory.dmp

Filesize
4KB

Download
memory/4296-667-0x0000000007250000-0x0000000007251000-memory.dmp

Filesize
4KB

Download
memory/4296-666-0x0000000007250000-0x0000000007251000-memory.dmp

Filesize
4KB

Download
memory/4296-665-0x0000000007250000-0x0000000007251000-memory.dmp

Filesize
4KB

Download
memory/4296-664-0x0000000007250000-0x0000000007251000-memory.dmp

Filesize
4KB

Download
memory/4296-662-0x0000000007240000-0x0000000007241000-memory.dmp

Filesize
4KB

Download
memory/4296-661-0x0000000007240000-0x0000000007241000-memory.dmp

Filesize
4KB

Download
memory/4296-660-0x0000000007240000-0x0000000007241000-memory.dmp

Filesize
4KB

Download
memory/4296-659-0x0000000007230000-0x0000000007231000-memory.dmp

Filesize
4KB

Download
memory/4296-658-0x0000000007240000-0x0000000007241000-memory.dmp

Filesize
4KB

Download
memory/4296-657-0x0000000007240000-0x0000000007241000-memory.dmp

Filesize
4KB

Download
memory/4508-85-0x0000000002530000-0x0000000002531000-memory.dmp

Filesize
4KB

Download
memory/4508-86-0x00000000748B5000-0x00000000748B6000-memory.dmp

Filesize
4KB

Download