Overview

overview

7

Static

static

5

Device/Har...1).exe

windows7-x64

7

Device/Har...1).exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/11/2024, 11:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Device/HarddiskVolume4/SB Laptop/SUKUMARANS BACKUP/C Drive/Downloads/Business-in-a-Box_Setup (1).exe

  • Size

    727KB

  • MD5

    5cee8fd584a087e48cfed410c1441ff8

  • SHA1

    3d68443e8ed4d922973d6fd5b56dc9b03c68bfb2

  • SHA256

    b1a37f81545b33e6f5a5ef513ee5c94fd3057fdf82d883ce642bf2423791913b

  • SHA512

    43f644d6b4c84adf77f068f6892a82cd4b51ca4eaf13c5198dd24563f945ad166ae7714772d7ba3a1dd0ad9f1421e6f12b85ae296d9123931ca57b7cf5098a49

  • SSDEEP

    12288:r1KuFgYd+X772hRixPc2s6G4ifpog70kea6A+D7CL/npu6BAisaxn0noSptA:r1vFI7yWPXsvrQVWn9u+deA

Score
7/10
discoveryevasionpersistenceprivilege_escalationspywarestealertrojanupx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • Event Triggered Execution: Component Object Model Hijacking 1 TTPs

    Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    persistenceprivilege_escalation
  • Executes dropped EXE 4 IoCs
  • Loads dropped DLL 64 IoCs
  • Reads user/profile data of web browsers 3 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • UPX packed file 15 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in Program Files directory 64 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 13 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Checks processor information in registry 2 TTPs 6 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies Internet Explorer settings 1 TTPs 37 IoCs
    adwarespyware
  • Modifies registry class 64 IoCs
  • Modifies system certificate store 2 TTPs 2 IoCs
    evasionspywaretrojan
  • Suspicious behavior: EnumeratesProcesses 12 IoCs
  • Suspicious use of AdjustPrivilegeToken 3 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 64 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Device\HarddiskVolume4\SB Laptop\SUKUMARANS BACKUP\C Drive\Downloads\Business-in-a-Box_Setup (1).exe
    "C:\Users\Admin\AppData\Local\Temp\Device\HarddiskVolume4\SB Laptop\SUKUMARANS BACKUP\C Drive\Downloads\Business-in-a-Box_Setup (1).exe"
    1⤵
    • Loads dropped DLL
    • Adds Run key to start application
    • Drops file in Program Files directory
    • System Location Discovery: System Language Discovery
    • Checks processor information in registry
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1732
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.business-in-a-box.com/pages/en/try/thank-you/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2324
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2324 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2712
    • C:\Windows\SysWOW64\regsvr32.exe
      C:\Windows\system32\regsvr32.exe /s "C:\Program Files (x86)\Business-in-a-Box 2019\btdsoframer.ocx"
      2⤵
      • Loads dropped DLL
      • System Location Discovery: System Language Discovery
      • Modifies registry class
      PID:3884
    • C:\Windows\SysWOW64\regsvr32.exe
      C:\Windows\system32\regsvr32.exe /s "C:\Program Files (x86)\Business-in-a-Box 2019\BIBSharedTools.dll"
      2⤵
      • Loads dropped DLL
      • System Location Discovery: System Language Discovery
      • Modifies registry class
      PID:3928
    • C:\Windows\SysWOW64\regsvr32.exe
      C:\Windows\system32\regsvr32.exe /s "C:\Program Files (x86)\Business-in-a-Box 2019\BIBSharedTools64.dll"
      2⤵
      • Loads dropped DLL
      • System Location Discovery: System Language Discovery
      • Suspicious use of WriteProcessMemory
      PID:3948
      • C:\Windows\system32\regsvr32.exe
        /s "C:\Program Files (x86)\Business-in-a-Box 2019\BIBSharedTools64.dll"
        3⤵
        • Loads dropped DLL
        • Modifies registry class
        PID:3968
    • C:\Program Files (x86)\Business-in-a-Box 2019\OfficeToolbar\adxregistrator.exe
      "C:\Program Files (x86)\Business-in-a-Box 2019\OfficeToolbar\adxregistrator.exe" /install="C:\Program Files (x86)\Business-in-a-Box 2019\OfficeToolbar\OfficeToolbar.dll" /generateLogFile=true /logFileLocation="C:\ProgramData\Biztree\Business-in-a-Box\adxregistrator.log"
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Checks whether UAC is enabled
      • System Location Discovery: System Language Discovery
      • Modifies registry class
      • Suspicious use of AdjustPrivilegeToken
      PID:4020
    • C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
      "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" AxSpell.dll /silent
      2⤵
      • Loads dropped DLL
      • System Location Discovery: System Language Discovery
      PID:3268
    • C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
      "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" Interop.BIBSharedToolsLib.dll /silent
      2⤵
      • Loads dropped DLL
      • System Location Discovery: System Language Discovery
      • Modifies registry class
      PID:3468
    • C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
      "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" AxDocumentHost.dll /silent
      2⤵
      • Loads dropped DLL
      • System Location Discovery: System Language Discovery
      • Modifies registry class
      PID:3492
    • C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
      "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" AxSpreadHost.dll /silent
      2⤵
      • Loads dropped DLL
      • System Location Discovery: System Language Discovery
      PID:3436
    • C:\Program Files (x86)\Business-in-a-Box 2019\BIBLauncher.exe
      "C:\Program Files (x86)\Business-in-a-Box 2019\BIBLauncher.exe"
      2⤵
      • Executes dropped EXE
      • System Location Discovery: System Language Discovery
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      PID:2980
    • C:\Program Files (x86)\Business-in-a-Box 2019\BIB.exe
      "C:\Program Files (x86)\Business-in-a-Box 2019\BIB.exe"
      2⤵
      • Executes dropped EXE
      • System Location Discovery: System Language Discovery
      • Checks processor information in registry
      • Modifies Internet Explorer settings
      • Modifies system certificate store
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of SetWindowsHookEx
      PID:1792
      • C:\Program Files (x86)\Business-in-a-Box 2019\BIBLauncher.exe
        "C:\Program Files (x86)\Business-in-a-Box 2019\BIBLauncher.exe"
        3⤵
        • Executes dropped EXE
        • System Location Discovery: System Language Discovery
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of SetWindowsHookEx
        PID:6860

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Event Triggered Execution

1
T1546

Component Object Model Hijacking

1
T1546.015

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Event Triggered Execution

1
T1546

Component Object Model Hijacking

1
T1546.015

Defense Evasion

Modify Registry

3
T1112

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Credential Access

Credentials from Password Stores

1
T1555

Credentials from Web Browsers

1
T1555.003

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

Query Registry

2
T1012

System Information Discovery

3
T1082

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Data from Local System

1
T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files (x86)\Business-in-a-Box 2019\BIBLauncher.exe
    Filesize

    2.7MB

    MD5

    a9fdaaa5e8985a378301bd7db64312d1

    SHA1

    c72acb8548617446d70143d0934c6b43494c8f11

    SHA256

    4a732d0f330e48aa50819e742350c55ed450449b1c92e7f849bc2edcdfbef51b

    SHA512

    269d8853a4defa18bec96554a33171b2bf8c5b2f26086390ed25dddd008b6e8fb4eb067c4152d163e752100fdd7cd6db5b854937e534caf09e73285d1f200c08

    Download Submit

  • C:\Program Files (x86)\Business-in-a-Box 2019\BTDocEN.upd
    Filesize

    42.5MB

    MD5

    08808a4cc15ae19beb93bc9009ba997c

    SHA1

    b65ffc9ed73c90936da1d43bcca32ad1bdc6a3e1

    SHA256

    d65cc32835b127ddd3651423b8131a55770eaf37d4bc3cdf3197ee0d906f3bfa

    SHA512

    86523ddd6b3873635bbb870b8324d5bca7bf6332e4a4510fc3d1bba7d3daeb2539acc2a0d277ce83be8311fbc71275084d50748b9bdd596916c7bd80c527f438

    Download Submit

  • C:\Program Files (x86)\Business-in-a-Box 2019\Frameworks\DevExpress.XtraBars.v18.1.dll
    Filesize

    6.1MB

    MD5

    54b173202078bb304795d77746488276

    SHA1

    0c5d0e47befb3577e8518cd09a7e4cf849bb1418

    SHA256

    f9749aee57f67a1fc0d23d0935ca1604fd6a7663f35d836769bafe5d713f07a1

    SHA512

    2e8fddbfa3f5ec9b9ec49522ac93e5bfca1384cf82470c6e9892934f87729997bbd460d56e127eefc7a33f76ff098d647a517a78e968dc029590147ef89feb6c

    Download Submit

  • C:\Program Files (x86)\Business-in-a-Box 2019\OfficeToolbar\AddinExpress.MSO.2005.dll
    Filesize

    4.1MB

    MD5

    83ca15331b56ec1ea0817c82dc78e6c7

    SHA1

    1d20a2d47194235ce03c1fcaebbf6836bb35be9c

    SHA256

    2488b3a307a297d6f7b349f625eebf8f44a6c2dedcbe3d316ecc87a4d434f35b

    SHA512

    c0ebb6b304ed2e7f3e4c8c500a5c6a178f4d1c1a12ab0074a3ab269fc499c2f81b8b063ae40070fad429652136a737254f9ceb7aeb4ff22bf737510c681c0be1

    Download Submit

  • C:\Program Files (x86)\Business-in-a-Box 2019\Web\en\index.html
    Filesize

    669B

    MD5

    03944dbfb9d6498fa4801c088206ca35

    SHA1

    566cf9a3cdc31186074de1c7f773463fbcb197d4

    SHA256

    a15aaa698f731b293e7a76e1bb3009dec48e20f625db9f1720cdafed22dec966

    SHA512

    efd6794544de6536814d3fd038ace404b7b8b42c364f548729c9a5c69cd8d92add4498250954623ffb40b04f2519a012d93bdeccf11850a7d1fb8a21cf6f9c66

    Download Submit

  • C:\Program Files (x86)\Business-in-a-Box 2019\btdsoframer.ocx
    Filesize

    277KB

    MD5

    f7b2c4538173ddbf512bd9303cfc76bb

    SHA1

    96d88fb62afdfa70013ab147331d80ffe4a76ad1

    SHA256

    7f739e8e682f66d5a484e72189e600d124830eee2d9a774570d5d12fa3134932

    SHA512

    3766ebcbcbb69709209ba74062b80ca6e2f9220e7a0307aa45f32fe71392c2963d078adcd58efbf652599102c257f7b61cfd46e466541a81c1c1d531f3493bf1

    Download Submit

  • C:\ProgramData\Biztree\Business-in-a-Box\Libraries\ENGLISH\BTDoc\Legal\Incorporation\Limited Partnership Agreement 2.btd
    Filesize

    52KB

    MD5

    154fd44647365bf6983b3f7c5e5ec1ae

    SHA1

    1104f6b2cd556fe5d0b87b90bfa4d25a42df2ecc

    SHA256

    4f89f9a43af98ef67d0a13dd62aa3c19f07aa06f623f63418c40c27a28afd643

    SHA512

    014d94af66310f2de9be914f997df58ba345b9a21fb1500b11f6d6b154cf66b3d95d5a126520d56577cac7ffe5b5903f964337c49cf4664f7c7a2c2f13fcfb99

    Download Submit

  • C:\ProgramData\Biztree\Business-in-a-Box\btdact.bl1
    Filesize

    1.0MB

    MD5

    189b4ed0bb46a10d89d557309061d8de

    SHA1

    31ce4f14e20da847b574626aeaf98662e56320f8

    SHA256

    60b5b86344d2439ffcbc03622f2c6977b5b1b3c257bfbe5309110ca17290ec61

    SHA512

    8f982abae1bd3f2caa301e019a3f4ab0f7400376d72a463e3e42e2b10e9962b838b8378abb5f05cb113595c8e8cad223ef94ebffef22fc93952bf0bb9f60de97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    ff565325c72d2417e2cf45db4e6af577

    SHA1

    b39d060f43d4e1275eddd56edd22ecd7c23fec72

    SHA256

    ec331f893e644a85e2f6fa807d8c20ed6adc382e19469c07b9299f4cc5e2d317

    SHA512

    de7f05137770707e5e703770d745bd65969bfb06f58c44feedaaf4d1c9f858aaa4a5a692b58f782693406dd74e609b9b062936dadb79213b6c081aac53c95e18

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    53592122f3bccdcc1bbfaccb14eb018b

    SHA1

    9d781ebf26d8604cfb6c78297703d9c4e7b02bf4

    SHA256

    d5a56b0fedd8dff785eda2b3789d475f86cd71722b6db077be6a81f0c954a368

    SHA512

    64cd08e86484c430d02c069e8371e213eb76409577ddf153ab33b10bf27245ff07e4661695d1df677aa8fc3622dafe2569a32bf365537384c6882bbdcba04666

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8ffd23cde0db79303df926b2f894c5e6

    SHA1

    29c6c3cec4584a5ecb3ca553240232cb026d1291

    SHA256

    f470845e13f23f231f9a967cdbb50d5c266c764f54837fc64bd879bcfb1a8b74

    SHA512

    a4e40ce0c38a09343b935770fcbfab3c5fe4fa878ffcb192a5912726831c3683ac8f232de5488a4b32d4d21225c93cb04a68f56ecd22d892e19c29e8750b5847

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    afe16adfd8509da39636a61b9dd07270

    SHA1

    be752944e9d33203a59e388508c1404c7d20cb47

    SHA256

    635f98a8ef1fd4b26c4b207bdfbd3312f3a87df1afaf74537e1f9f91ad62b903

    SHA512

    cf7100b878562c0adc31e89709311fb2ec6d5c3390fc9274905045ea442f49968ded2f23f8b8f789acdabbc66f3ad07865a494827c1276a06c943e441002dc34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2dba19b4f4e0bf43806a2fd41ff57d22

    SHA1

    744ecaba86bcf0735056c918b98e71137a87f8cb

    SHA256

    096567ca29a6b25cc0ab57c24e6de54f7254016bfcb6bbea7a8bcde2e40f1299

    SHA512

    b1445a8c2903306ec2a3591a49f40d9141dc909eb8cca266a5c91345b46f208a2f653482ce6eed431bd717ead3caa9f3933fc2fdd20fc9f537802344709de35b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b4795dcc6cd919214746bf63da13b8f7

    SHA1

    4f1c6e28825814b752e9d858d512bd1b64fcf5f9

    SHA256

    04946be90cb5b7540901c2bc32049315d818049d26064a05ee4592300bbcd8bc

    SHA512

    d094009a6fec0adb0b3e39e049f83f989e3f52591b0fad5a9cef815f76f84194c5c81b611c59e03bf356338e2720d8df83f2865b2fe47b4a5df99c1e6f49783a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c8293a728c8071fab68e9cad02d30c72

    SHA1

    032a650f107c69fdb912417108d06376da9540b9

    SHA256

    b2651881365b6398ef2cd3d29d7ab3b00e453575fdaf472b973d362fdd1d1e18

    SHA512

    44cc9aadc7b161bb6dc113dc0fd7c9cb75a5bf261165d9637228ff7004e37a73b2964e1bf2e951d3aa9efed04df0cf4b10f6ba94aae15a020510d36eec214646

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ce859b69292874c6e6a104ac0026694f

    SHA1

    31765fc3b0a2b8d9ad3a4df3bc586ba6f9676f4b

    SHA256

    2bb62eb496baa82ce87db467aa0607b2af55f8ab71404ee1e7bb9bd6a8ddfd6d

    SHA512

    c10766f74479fe959ba3f82291abc4d5e66132128831a0031b0227e3314f35f935f30b00f4eff9c21cb73546040579b0c3533d8ad70ed6a7e9bc3d7f4289abcc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c2f9381421c3a80df180db93049a47d4

    SHA1

    44f6f8b92f19db611540ffb405c3771961a0c1f0

    SHA256

    cb59632ab84eb30abbd96dc59521b7453d622b468a37287b4fbbe1a0bda88681

    SHA512

    debc82a95e57f6b34cd79b2f02985908c007ac3d4bd5b1217fe5517a20d6acde7f8a81ffd4ab8d0379e437ce6b8f45660d82742c02beab17fbc79abbf1b1b588

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df22f6b73fc72943328903cc3cd416b1

    SHA1

    00bf758edfe4c9bcb7a6dd547a6723e562f1e592

    SHA256

    ba6de1f46e41ac1f49594d13a4e0a7c06d0d56fef9e87795ccfcd47dfd509e05

    SHA512

    db5d98378f303d1a90588d4bfe31958bbedc9c000ac698c7daa85a92ad78e2e860302bd9a7cb2036b5d604985d02a8cf5dac920b6833bce5aafc84cd6e02e333

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4fd1287ccdffea36473ef23a1c16968a

    SHA1

    d77c3395a6cf88cdfddc378302a22f0316dbe51a

    SHA256

    34eb2c45559f37c61ebeae72fc9666a136819fd86c26f6a1fa3eea945666c864

    SHA512

    bf082a54f1c023ef3d2bc14f0110e8102a3be595eec3dc0041317f439299bade6a94142d8546413a5e9d72b199e11ed079b70176e8e9c6ff753efbea1dd1f35f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3bad00152dbf91594d38cd638732b1d8

    SHA1

    aa9cb6fcfa003656b2f8d7ef367c4a095ec45ab7

    SHA256

    5979df4d284fd2fe54644c044f9774aa500c1677daccd289c203c8dfe7a194c6

    SHA512

    2017dd3b4b9a7fa2d937c4d4e084317944ea55a2d65d4e78329a6b5a793bf847e57b13509571c02a2af9bb244ce6f080c9e337cc2c0c5c3f12a95abb1a67c114

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    812e4de7fdb52155a7225b8d5f324fe6

    SHA1

    de97c234fd2845c86cfe9d833702e5fd445021df

    SHA256

    f0240f13835e87f521f1c648a81e379e3a167639da0b0c8a82a37254efa239cd

    SHA512

    3aa036ad4c7480ef36cbf9c633b63ae36cb2c807c4394cd6fa37249cf5c733d4eacc33c899538fef906bb328eff4145a61e45dee698c660f969802a52d58314e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    518811b4127f597844c81dddcc4cafc4

    SHA1

    d269f4d63deb98bbee7338c20a32494a63b416cb

    SHA256

    819ac4870af23772541bdc3db744d39e3152ad61c81e816ed7dc19fb2552a352

    SHA512

    38264e4e5cdd9e8bc715f88de31b055a7f7c26f552ca162ef644008084e6b394739b471ecece24eb9f96e14e7c0b5316c0a178482ae2559f566fe31f9043a398

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a812c6d0c706d0a330ba2dddcba9f338

    SHA1

    4a04440985ac1e2b8b12e61053c66ac40ece8e2b

    SHA256

    c6bd85b051a45795cd5c8f0190eb232ba3ab52269375ae724b35aae26fc2277b

    SHA512

    6a5c31f9212bc04bf742400ce75db758b5834d61932c865a46a9f4a25bbf979232515e5160385faab81bcf378a9ca91f0a8452b68245df950cda7077f178e490

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1aa651904fa4c67ac2a1b3f132a56660

    SHA1

    ae230d68b7c9d74d0d43b4965231b303ea46b284

    SHA256

    b032a2542f11d6fb8fec257dc16a6d880058137c7b7c374d4ac4fcb2cfca36d4

    SHA512

    83d0b0bcdc22413611e1fc92e44594116ba161841eb736bd094f09bcbdcf34d7f572150d068a7d1760a94b813841e4bac117fb80ec49646e1d218cd634bb34ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    857d5b8795987c453b1bfa168772caaf

    SHA1

    e9e07462ff5f8803fc47440d136b3be92a78f43b

    SHA256

    b2bc4fce96fb42e5a8f0430b53f89cb08f0c0afbdcfe7a98e86c3f5aed57ae0d

    SHA512

    a5b97a3fc9412ad1791fa79da2181395f89c0d920f43198efad37737989289bb95e5de46ce589e31a2a57a2e2d366f9a868cb00009d950614d74a4b932ceacad

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\BTDE678.tmp
    Filesize

    16KB

    MD5

    0b8ee649332698151171b34ca6c38db4

    SHA1

    fd2a84b0dadba45d354818d2b72fa33e0e213b3d

    SHA256

    1c3e2f1a6ce495819704fe357c496edd3ae1ef16049848c650a79c0a678befa9

    SHA512

    5446b31ec49dd657fd11d8f4e5be28057f29bb00e2cd3d06c6e9988bf5c9a0d8c92eb90fe8d08afdc4e52ec038cd00f3854a32cae19811178abca1e57152fa9d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4961.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4FF9.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1488793075-819845221-1497111674-1000\7b2f48bf9ed4daf97990dac56b343580_18cc84e5-41c1-45e6-bdc9-06ff0c9e128a
    Filesize

    77B

    MD5

    cc860b611308a01d656a216aed2cc68e

    SHA1

    cd0212883c0b8a5bdd402df104a9ff89373188eb

    SHA256

    97f06f748136b63254ca3f9a289f056711d3085d81082036adc3d41671f980d8

    SHA512

    264d45be836d1b3dcfa2d47400dcba18fd638f4125b385a46b48629de94a1dc846b0f47a7d959c1f5dd21bd353897d7d738ac751ca3708e25b55836fb863208b

    Download Submit

  • \Program Files (x86)\Business-in-a-Box 2019\BIB.exe
    Filesize

    17.7MB

    MD5

    03ecd802e5f402c742f9fbcd78197eea

    SHA1

    d155e936f92242aa485e18e92eaccc58ff4c9ac4

    SHA256

    bab70644b0e6debd2c51b78d708fc56aecaa5cd566280558e5e2c60848edc349

    SHA512

    b94d632e7a16bc9ef118a98ea715b2fc9b0f9a03c9bb0275825342cf85997cfc4d51ef6afb12bd6c235257afa3c517593d4928c8d2aa83f957b4b0ad7597fec4

    Download Submit

  • \Program Files (x86)\Business-in-a-Box 2019\BIBSharedTools.dll
    Filesize

    1.8MB

    MD5

    dc80aba54f08fbd575f160e7cd6b24e7

    SHA1

    a782959dfe0b055a8327fa4160994a30adcb9f25

    SHA256

    f3cf17b96c1bacd008cf8da62b9dd3d728211f3eb0343afe6a7314a8aa91210a

    SHA512

    4d50d3e8a2f3f28e4b8fc44bca36595bfbe439db2e8c4f8a6ed31cfdb5d110ebb44682c19026b83ef42f146a84673e58af2c4625a809ebad31da0125b0126675

    Download Submit

  • \Program Files (x86)\Business-in-a-Box 2019\BIBSharedTools64.dll
    Filesize

    2.4MB

    MD5

    b1cdfa597e0090af75b03c5724e62a53

    SHA1

    bd108bb9e29d81c7f7b2a7f86bfdb62a9a8fe35e

    SHA256

    b828add0028e2302de6138bbf8366b57c6a3d8dee4c3e5d490054b3e181e1325

    SHA512

    8ece7dcbc2cf69164d1cb9cc785f2134c0255d9bfa840bc7825efbd8839e3bc3dc3a7f6039fa3e0e4662b4eb4ae35c1532e81207a29c75c2acb98a34217de2b5

    Download Submit

  • \Program Files (x86)\Business-in-a-Box 2019\Frameworks\AxDocumentHost.dll
    Filesize

    333KB

    MD5

    ada0aa58dc265f77e97a8b2d3b29d913

    SHA1

    5d389f41960503bac3175e90c500c3c8921025ab

    SHA256

    f933cd3b85b547d084e62a06d6068e1e4454152afee16ff7e6a3ba1fc321d23d

    SHA512

    38f33f7b7388585446cb7649c1e658312b855473f2f52295eaa80ace1a3d40960ed3356295ebdde6078549d43126234934b679d0c1964e59c87d5e35737e7d73

    Download Submit

  • \Program Files (x86)\Business-in-a-Box 2019\Frameworks\AxSpreadHost.dll
    Filesize

    370KB

    MD5

    52efd16eb7ecfb904a8b9d8f2f11e912

    SHA1

    63b92a5b6373d307c32a2029697b079eb7110820

    SHA256

    f69d25c8d3406cf821b8311ccecd6c599799b417e40e20691ed64c79439d87a1

    SHA512

    af450735ad22abef0d755d0928c6ac43499b8ed518d9e4a8d4086066cdbea01d15f3d7e28f36748a186039214a03c492a6bf16d9866079fbbc57066bfb1c1072

    Download Submit

  • \Program Files (x86)\Business-in-a-Box 2019\Frameworks\DevExpress.Data.v18.1.dll
    Filesize

    6.4MB

    MD5

    22043d46a5b843a0c2357021f8067f19

    SHA1

    e8d6c0f3c31a82bb9ae94b9f231422de03f6ef14

    SHA256

    a9cdca2a184c61f751d6d9e65cf4758c279cca6b020a25bd23a1fcf193f2e64c

    SHA512

    aaeb6e6b87da6c0bcf65962f448a26b6c5b23bbc0adddd775fe6a4a67ef4df141ef3d890f36579d3a2b52dbae1436008169acff64c0f0bec55940c797d242932

    Download Submit

  • \Program Files (x86)\Business-in-a-Box 2019\Frameworks\DevExpress.Utils.v18.1.dll
    Filesize

    12.4MB

    MD5

    585099d834b5c70f819406f1d0c86b92

    SHA1

    fd6e7db7b36b76d9ac72558153c1839541426b2b

    SHA256

    097b15ac407faf3cfe2cbf993756808199a6f26508b1093cc5768035aba5d8c5

    SHA512

    26d044b9ba11a63f0520899f9476952a65eacb25d9959a86fc0b1ff10703989460f6dd6abae3cbdd525bdc31bffbcc6ad266412a7bbc57179a8b7254fe4c547e

    Download Submit

  • \Program Files (x86)\Business-in-a-Box 2019\Installation.dll
    Filesize

    1.3MB

    MD5

    f8660621d5dce83823bf8b7dcd75c025

    SHA1

    ae6ad8d07f95fb13c17ccbcc7462a49ae85ee63f

    SHA256

    f3109013801aad5342a9a84e46a52665b308118e78ecd99f3bfb62d0d08857ef

    SHA512

    e9d60a98dd8674937572b162a36423bae5f0271bc3214cdd3f80863f21c135053407493febb1cdbdc97c0177ae50a63bd37ae3755a7ec8e59207dd9e3a3b28fb

    Download Submit

  • \Program Files (x86)\Business-in-a-Box 2019\OfficeToolbar\Interop.BIBSharedToolsLib.dll
    Filesize

    19KB

    MD5

    e2fd8d93e5840b810cac8f6d561532be

    SHA1

    2d89e0d716e500b8e89cb927ce6b0b2f113b907b

    SHA256

    d6c20cc4bf425def06ff0fa25ba0164f49c4436d7b10bb55e77e3d911d1c7196

    SHA512

    7734e44919b1a04a4b459c02d01de74ffe3992861de1fabe0c31510b010065f58f9a0e888fff1cf8b0a6902d5e9a93d1890f3cc77dbc3be1687eac57a870b273

    Download Submit

  • \Program Files (x86)\Business-in-a-Box 2019\OfficeToolbar\adxregistrator.exe
    Filesize

    167KB

    MD5

    1d6be4e749fef9bf18a0082ee05e5344

    SHA1

    5b89cc6788c741627b1bb1a8326301169ae65ac9

    SHA256

    80e99c9bd8ebf68900d62e076e683b09098c9be4ecbca90e1eb43251046f202f

    SHA512

    685ac60f731e32d64c9b38f57a1ae9c200a38d826651f698874afceef35b2476c17c1230d6777109439df1c2125854b317520980f117b653feb797b89303dc8e

    Download Submit

  • \Program Files (x86)\Business-in-a-Box 2019\Spell\AxSpell.dll
    Filesize

    11KB

    MD5

    dc8303d6f1054382e450a750a1c24516

    SHA1

    5b621f205f3bc708b83d718a68eb58d2db632d8b

    SHA256

    b85459a48613597b2057a18a273089d1697af03578be830145c73ef37af05c1a

    SHA512

    472b74a98cf007d34b35f7edda08d11ce5182e25db1202c1be568cd5d7ddf0d4511b9ff719f10e8632c3384a04d45df8a58823aeb46e59254b268fd28b8f96fc

    Download Submit

  • \Program Files (x86)\Business-in-a-Box 2019\unrar.dll
    Filesize

    75KB

    MD5

    98aa3d4a9ae300a839f36381a1790741

    SHA1

    7e7857688d71887209e9fc6710762ecfb99c6c69

    SHA256

    1ebf9d3625896a0a9133ce8e4e7ef2d2c217204df9ce178dbe69d009fddba2e2

    SHA512

    7feb67757140306c25779319a43f7448b57d418efdeb9f16f4b0c98403ca29cb3def506abd5f481bc4e4905dcab8712075c5207dfc30c562d21165299f81bc68

    Download Submit

  • memory/1732-5128-0x00000000013C0000-0x000000000153D000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/1732-9792-0x00000000013C0000-0x000000000153D000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/1732-9793-0x0000000002AE0000-0x0000000002B16000-memory.dmp

    Filesize

    216KB

    Download

  • memory/1732-9910-0x00000000013C1000-0x0000000001487000-memory.dmp

    Filesize

    792KB

    Download

  • memory/1732-7428-0x00000000013C0000-0x000000000153D000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/1732-9909-0x00000000013C0000-0x000000000153D000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/1732-5129-0x0000000002AE0000-0x0000000002B16000-memory.dmp

    Filesize

    216KB

    Download

  • memory/1732-1665-0x0000000002AE0000-0x0000000002B16000-memory.dmp

    Filesize

    216KB

    Download

  • memory/1732-1664-0x00000000013C0000-0x000000000153D000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/1732-20-0x0000000002AE0000-0x0000000002B16000-memory.dmp

    Filesize

    216KB

    Download

  • memory/1732-16-0x00000000013C0000-0x000000000153D000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/1732-13-0x00000000013C1000-0x0000000001487000-memory.dmp

    Filesize

    792KB

    Download

  • memory/1732-12-0x00000000013C0000-0x000000000153D000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/1732-1-0x00000000013C0000-0x000000000153D000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/1732-3-0x00000000013C1000-0x0000000001487000-memory.dmp

    Filesize

    792KB

    Download

  • memory/1732-0-0x00000000013C0000-0x000000000153D000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/1732-4-0x00000000013C0000-0x000000000153D000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/1792-9972-0x0000000073390000-0x00000000733E8000-memory.dmp

    Filesize

    352KB

    Download

  • memory/1792-9931-0x000000006E9C0000-0x000000006E9F2000-memory.dmp

    Filesize

    200KB

    Download

  • memory/1792-10976-0x0000000017AE0000-0x0000000017B96000-memory.dmp

    Filesize

    728KB

    Download

  • memory/1792-9920-0x0000000075FD0000-0x0000000076C1A000-memory.dmp

    Filesize

    12.3MB

    Download

  • memory/1792-9924-0x0000000075B00000-0x0000000075B8F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/1792-9923-0x00000000759A0000-0x0000000075AFC000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/1792-9922-0x0000000075900000-0x0000000075957000-memory.dmp

    Filesize

    348KB

    Download

  • memory/1792-9926-0x0000000075B90000-0x0000000075DA5000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/1792-9928-0x0000000075180000-0x000000007529D000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1792-9930-0x0000000073390000-0x00000000733E8000-memory.dmp

    Filesize

    352KB

    Download

  • memory/1792-9933-0x000000000150C000-0x0000000001D63000-memory.dmp

    Filesize

    8.3MB

    Download

  • memory/1792-9936-0x0000000075FD0000-0x0000000076C1A000-memory.dmp

    Filesize

    12.3MB

    Download

  • memory/1792-9951-0x0000000073390000-0x00000000733E8000-memory.dmp

    Filesize

    352KB

    Download

  • memory/1792-9952-0x0000000073340000-0x000000007338F000-memory.dmp

    Filesize

    316KB

    Download

  • memory/1792-9975-0x000000006E9C0000-0x000000006E9F2000-memory.dmp

    Filesize

    200KB

    Download

  • memory/1792-9977-0x0000000075640000-0x0000000075659000-memory.dmp

    Filesize

    100KB

    Download

  • memory/1792-9976-0x0000000074EF0000-0x0000000074F9C000-memory.dmp

    Filesize

    688KB

    Download

  • memory/1792-9974-0x000000006E4F0000-0x000000006E52C000-memory.dmp

    Filesize

    240KB

    Download

  • memory/1792-9973-0x0000000073340000-0x000000007338F000-memory.dmp

    Filesize

    316KB

    Download

  • memory/1792-10975-0x0000000017A00000-0x0000000017ADC000-memory.dmp

    Filesize

    880KB

    Download

  • memory/1792-9971-0x00000000749F0000-0x00000000749FF000-memory.dmp

    Filesize

    60KB

    Download

  • memory/1792-9970-0x0000000074C40000-0x0000000074C59000-memory.dmp

    Filesize

    100KB

    Download

  • memory/1792-9969-0x0000000075180000-0x000000007529D000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1792-9968-0x0000000075B90000-0x0000000075DA5000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/1792-9967-0x0000000075660000-0x0000000075784000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1792-9964-0x0000000074A00000-0x0000000074B9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1792-9962-0x0000000074870000-0x00000000748C1000-memory.dmp

    Filesize

    324KB

    Download

  • memory/1792-9961-0x0000000074FB0000-0x0000000075050000-memory.dmp

    Filesize

    640KB

    Download

  • memory/1792-9957-0x000000000150C000-0x0000000001D63000-memory.dmp

    Filesize

    8.3MB

    Download

  • memory/1792-9966-0x0000000075B00000-0x0000000075B8F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/1792-9963-0x0000000075900000-0x0000000075957000-memory.dmp

    Filesize

    348KB

    Download

  • memory/1792-9960-0x0000000076E20000-0x0000000076EBD000-memory.dmp

    Filesize

    628KB

    Download

  • memory/1792-9954-0x000000006E9C0000-0x000000006E9F2000-memory.dmp

    Filesize

    200KB

    Download

  • memory/1792-9953-0x000000006E4F0000-0x000000006E52C000-memory.dmp

    Filesize

    240KB

    Download

  • memory/1792-9950-0x00000000687E0000-0x00000000688CB000-memory.dmp

    Filesize

    940KB

    Download

  • memory/1792-9949-0x00000000749F0000-0x00000000749FF000-memory.dmp

    Filesize

    60KB

    Download

  • memory/1792-9948-0x0000000074C40000-0x0000000074C59000-memory.dmp

    Filesize

    100KB

    Download

  • memory/1792-9947-0x0000000071970000-0x0000000071987000-memory.dmp

    Filesize

    92KB

    Download

  • memory/1792-9946-0x00000000745C0000-0x0000000074750000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1792-9945-0x0000000075B90000-0x0000000075DA5000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/1792-9944-0x00000000749C0000-0x00000000749C9000-memory.dmp

    Filesize

    36KB

    Download

  • memory/1792-9943-0x0000000075660000-0x0000000075784000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1792-9942-0x00000000749D0000-0x00000000749EC000-memory.dmp

    Filesize

    112KB

    Download

  • memory/1792-9941-0x0000000075B00000-0x0000000075B8F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/1792-9940-0x00000000759A0000-0x0000000075AFC000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/1792-9938-0x0000000074A00000-0x0000000074B9E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1792-9935-0x0000000074870000-0x00000000748C1000-memory.dmp

    Filesize

    324KB

    Download

  • memory/1792-9934-0x0000000074FB0000-0x0000000075050000-memory.dmp

    Filesize

    640KB

    Download

  • memory/1792-9932-0x000000000150C000-0x0000000001D63000-memory.dmp

    Filesize

    8.3MB

    Download

  • memory/1792-10974-0x0000000014D60000-0x0000000015AFC000-memory.dmp

    Filesize

    13.6MB

    Download

  • memory/1792-9937-0x0000000075900000-0x0000000075957000-memory.dmp

    Filesize

    348KB

    Download

  • memory/1792-9929-0x00000000687E0000-0x00000000688CB000-memory.dmp

    Filesize

    940KB

    Download

  • memory/1792-9927-0x00000000745C0000-0x0000000074750000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1792-9925-0x0000000075660000-0x0000000075784000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1792-10973-0x00000000149B0000-0x0000000014D58000-memory.dmp

    Filesize

    3.7MB

    Download

  • memory/1792-10972-0x0000000014770000-0x00000000148E4000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/1792-10971-0x0000000011E50000-0x00000000122EA000-memory.dmp

    Filesize

    4.6MB

    Download

  • memory/1792-10967-0x0000000011500000-0x000000001153E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/1792-9918-0x0000000074FB0000-0x0000000075050000-memory.dmp

    Filesize

    640KB

    Download

  • memory/1792-10591-0x0000000005190000-0x0000000005198000-memory.dmp

    Filesize

    32KB

    Download

  • memory/1792-9919-0x0000000074870000-0x00000000748C1000-memory.dmp

    Filesize

    324KB

    Download

  • memory/1792-10646-0x000000000A650000-0x000000000A714000-memory.dmp

    Filesize

    784KB

    Download

  • memory/1792-10665-0x000000000AF20000-0x000000000B586000-memory.dmp

    Filesize

    6.4MB

    Download

  • memory/1792-10657-0x0000000005950000-0x00000000059AE000-memory.dmp

    Filesize

    376KB

    Download

  • memory/1792-10644-0x00000000053A0000-0x00000000053E6000-memory.dmp

    Filesize

    280KB

    Download

  • memory/1792-9912-0x0000000076E20000-0x0000000076EBD000-memory.dmp

    Filesize

    628KB

    Download

  • memory/1792-10590-0x0000000005840000-0x0000000005894000-memory.dmp

    Filesize

    336KB

    Download

  • memory/1792-10970-0x00000000117B0000-0x0000000011C06000-memory.dmp

    Filesize

    4.3MB

    Download

  • memory/1792-10968-0x0000000011540000-0x000000001162C000-memory.dmp

    Filesize

    944KB

    Download

  • memory/1792-10969-0x0000000011630000-0x00000000117B0000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/1792-10757-0x000000000BBC0000-0x000000000C832000-memory.dmp

    Filesize

    12.4MB

    Download

  • memory/1792-10853-0x000000000EA00000-0x000000000F066000-memory.dmp

    Filesize

    6.4MB

    Download

  • memory/1792-10852-0x000000000DFE0000-0x000000000E1CC000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/1792-10903-0x0000000010670000-0x0000000010C76000-memory.dmp

    Filesize

    6.0MB

    Download

  • memory/1792-10863-0x000000000F7B0000-0x000000000F9EC000-memory.dmp

    Filesize

    2.2MB

    Download

  • memory/1792-10883-0x000000000F9F0000-0x000000000FE10000-memory.dmp

    Filesize

    4.1MB

    Download

  • memory/1792-10884-0x0000000010040000-0x0000000010666000-memory.dmp

    Filesize

    6.1MB

    Download

  • memory/1792-10881-0x000000000CA60000-0x000000000CB70000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/3268-9807-0x00000000006E0000-0x00000000006E8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3268-9801-0x00000000006E0000-0x00000000006E8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3436-9812-0x0000000000710000-0x000000000076E000-memory.dmp

    Filesize

    376KB

    Download

  • memory/3436-9822-0x0000000000710000-0x000000000076E000-memory.dmp

    Filesize

    376KB

    Download

  • memory/3436-9868-0x0000000006600000-0x0000000006C66000-memory.dmp

    Filesize

    6.4MB

    Download

  • memory/3436-9881-0x0000000006C70000-0x0000000007276000-memory.dmp

    Filesize

    6.0MB

    Download

  • memory/3436-9907-0x0000000007280000-0x000000000801C000-memory.dmp

    Filesize

    13.6MB

    Download

  • memory/3468-9806-0x0000000000570000-0x000000000057C000-memory.dmp

    Filesize

    48KB

    Download

  • memory/3468-9800-0x0000000000570000-0x000000000057C000-memory.dmp

    Filesize

    48KB

    Download

  • memory/3468-9791-0x0000000000810000-0x0000000000822000-memory.dmp

    Filesize

    72KB

    Download

  • memory/3492-9849-0x00000000056B0000-0x0000000006322000-memory.dmp

    Filesize

    12.4MB

    Download

  • memory/3492-9897-0x0000000007970000-0x0000000007BAC000-memory.dmp

    Filesize

    2.2MB

    Download

  • memory/3492-9829-0x0000000005080000-0x00000000056A6000-memory.dmp

    Filesize

    6.1MB

    Download

  • memory/3492-9816-0x00000000009A0000-0x00000000009F4000-memory.dmp

    Filesize

    336KB

    Download

  • memory/3492-9894-0x00000000070B0000-0x0000000007716000-memory.dmp

    Filesize

    6.4MB

    Download

  • memory/3492-9896-0x0000000007780000-0x000000000796C000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/3492-9819-0x00000000009A0000-0x00000000009F4000-memory.dmp

    Filesize

    336KB

    Download

  • memory/4020-9915-0x0000000005C00000-0x0000000005DE8000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/4020-9917-0x0000000005280000-0x000000000532C000-memory.dmp

    Filesize

    688KB

    Download

  • memory/4020-9916-0x0000000004860000-0x0000000004908000-memory.dmp

    Filesize

    672KB

    Download

  • memory/4020-9763-0x0000000004E50000-0x0000000005274000-memory.dmp

    Filesize

    4.1MB

    Download