0aa6bb21f06690f562ac443279bc02305c8c8852530f08ea768b0f43cbbaba96

Analysis

max time kernel
79s
max time network
117s
platform
windows10-ltsc 2021_x64
resource
win10ltsc2021-20241023-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20241023-enlocale:en-usos:windows10-ltsc 2021-x64system
submitted
21/11/2024, 10:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Bussin_Napture-portable.paf.exe
Size

25.1MB
MD5

74e44a9a8c2bfcf3688d835c90a2bafb
SHA1

35060b8edf9259582498f11521e2ea79fbf6f18c
SHA256

0aa6bb21f06690f562ac443279bc02305c8c8852530f08ea768b0f43cbbaba96
SHA512

32659f78022315ddd818487845a9e01e0efeb2294b52ae38c4f86fcc5f1e7a8ea708f67814bb4ff6a29ab6ff35d9cdda8029a1e4b039e0b5d7b2e6d3e56afd71
SSDEEP

786432:MS+nHbV0ytOPtLxrvS7RIncLtlAlSdfDw3/3sGg8:MS+nH50yQS7RgcLtSywP8GD

Score

7^/10

discovery

Malware Config

Signatures

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000\Control Panel\International\Geo\Nation	Bussin_Napture.exe

Executes dropped EXE 2 IoCs

pid	Process
3804	BussinNapturePortable.exe
4672	Bussin_Napture.exe

Loads dropped DLL 64 IoCs

pid	Process
4772	Bussin_Napture-portable.paf.exe
4772	Bussin_Napture-portable.paf.exe
4772	Bussin_Napture-portable.paf.exe
4772	Bussin_Napture-portable.paf.exe
3804	BussinNapturePortable.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe
4672	Bussin_Napture.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Bussin_Napture-portable.paf.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	BussinNapturePortable.exe

Checks processor information in registry 2 TTPs 4 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe

Modifies Control Panel 1 IoCs

evasion

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000\Control Panel\Colors	Bussin_Napture.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	Bussin_Napture-portable.paf.exe

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
4672	Bussin_Napture.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4772	Bussin_Napture-portable.paf.exe
4772	Bussin_Napture-portable.paf.exe
3804	BussinNapturePortable.exe
3804	BussinNapturePortable.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
4772	Bussin_Napture-portable.paf.exe

Suspicious use of FindShellTrayWindow 5 IoCs

pid	Process
4772	Bussin_Napture-portable.paf.exe
3832	firefox.exe
3832	firefox.exe
3832	firefox.exe
3832	firefox.exe

Suspicious use of SendNotifyMessage 4 IoCs

pid	Process
3832	firefox.exe
3832	firefox.exe
3832	firefox.exe
3832	firefox.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
4672	Bussin_Napture.exe
3832	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4772 wrote to memory of 3804	4772	Bussin_Napture-portable.paf.exe	90
PID 4772 wrote to memory of 3804	4772	Bussin_Napture-portable.paf.exe	90
PID 4772 wrote to memory of 3804	4772	Bussin_Napture-portable.paf.exe	90
PID 3804 wrote to memory of 4672	3804	BussinNapturePortable.exe	91
PID 3804 wrote to memory of 4672	3804	BussinNapturePortable.exe	91
PID 2716 wrote to memory of 3832	2716	firefox.exe	96
PID 2716 wrote to memory of 3832	2716	firefox.exe	96
PID 2716 wrote to memory of 3832	2716	firefox.exe	96
PID 2716 wrote to memory of 3832	2716	firefox.exe	96
PID 2716 wrote to memory of 3832	2716	firefox.exe	96
PID 2716 wrote to memory of 3832	2716	firefox.exe	96
PID 2716 wrote to memory of 3832	2716	firefox.exe	96
PID 2716 wrote to memory of 3832	2716	firefox.exe	96
PID 2716 wrote to memory of 3832	2716	firefox.exe	96
PID 2716 wrote to memory of 3832	2716	firefox.exe	96
PID 2716 wrote to memory of 3832	2716	firefox.exe	96
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 3784	3832	firefox.exe	97
PID 3832 wrote to memory of 4424	3832	firefox.exe	98
PID 3832 wrote to memory of 4424	3832	firefox.exe	98
PID 3832 wrote to memory of 4424	3832	firefox.exe	98

C:\Users\Admin\AppData\Local\Temp\Bussin_Napture-portable.paf.exe
"C:\Users\Admin\AppData\Local\Temp\Bussin_Napture-portable.paf.exe"
1⤵
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:4772
- C:\Users\Admin\Downloads\BussinNapturePortable\BussinNapturePortable.exe
  "C:\Users\Admin\Downloads\BussinNapturePortable\BussinNapturePortable.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:3804
- - C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\Bussin_Napture.exe
    "C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\Bussin_Napture.exe"
    3⤵
    - Checks computer location settings
    - Executes dropped EXE
    - Loads dropped DLL
    - Modifies Control Panel
    - Suspicious behavior: AddClipboardFormatListener
    - Suspicious use of SetWindowsHookEx
    PID:4672

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2716
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Checks processor information in registry
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:3832
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2004 -parentBuildID 20240401114208 -prefsHandle 1932 -prefMapHandle 1924 -prefsLen 23681 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {562d0ba9-467f-4bdc-8845-9ba0dc67955f} 3832 "\\.\pipe\gecko-crash-server-pipe.3832" gpu
    3⤵
    PID:3784
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2412 -parentBuildID 20240401114208 -prefsHandle 2404 -prefMapHandle 2392 -prefsLen 23717 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {366d039c-a90f-47ae-a8ee-e62bd2f4c6b1} 3832 "\\.\pipe\gecko-crash-server-pipe.3832" socket
    3⤵
    PID:4424
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3188 -childID 1 -isForBrowser -prefsHandle 2776 -prefMapHandle 1444 -prefsLen 23858 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d0ccda40-3336-490c-82a6-bd04bad9a37e} 3832 "\\.\pipe\gecko-crash-server-pipe.3832" tab
    3⤵
    PID:4536
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2608 -childID 2 -isForBrowser -prefsHandle 4324 -prefMapHandle 4320 -prefsLen 29091 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d025ff03-d930-48d2-a538-9eb9930edde5} 3832 "\\.\pipe\gecko-crash-server-pipe.3832" tab
    3⤵
    PID:2948
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5008 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4908 -prefMapHandle 4948 -prefsLen 29091 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ca0631c6-aaa7-4465-9f43-c9087b2e61b6} 3832 "\\.\pipe\gecko-crash-server-pipe.3832" utility
    3⤵
    PID:2340
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5576 -childID 3 -isForBrowser -prefsHandle 5548 -prefMapHandle 5544 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {67b6ed3b-3656-4583-a6f9-dc5472c9ec69} 3832 "\\.\pipe\gecko-crash-server-pipe.3832" tab
    3⤵
    PID:5520
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5672 -childID 4 -isForBrowser -prefsHandle 5748 -prefMapHandle 5744 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f80e0d38-cddf-4194-830d-1ae4ab4a6870} 3832 "\\.\pipe\gecko-crash-server-pipe.3832" tab
    3⤵
    PID:5532
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5888 -childID 5 -isForBrowser -prefsHandle 5652 -prefMapHandle 5656 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b532ea22-daf0-4655-a628-2f91d91363a9} 3832 "\\.\pipe\gecko-crash-server-pipe.3832" tab
    3⤵
    PID:5544
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6204 -childID 6 -isForBrowser -prefsHandle 6196 -prefMapHandle 6192 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {39f0fda4-1285-420c-99f3-2d4da595da01} 3832 "\\.\pipe\gecko-crash-server-pipe.3832" tab
    3⤵
    PID:1988

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\nsgD582.tmp\System.dll

Filesize
12KB

MD5
192639861e3dc2dc5c08bb8f8c7260d5

SHA1
58d30e460609e22fa0098bc27d928b689ef9af78

SHA256
23d618a0293c78ce00f7c6e6dd8b8923621da7dd1f63a070163ef4c0ec3033d6

SHA512
6e573d8b2ef6ed719e271fd0b2fd9cd451f61fc9a9459330108d6d7a65a0f64016303318cad787aa1d5334ba670d8f1c7c13074e1be550b4a316963ecc465cdc

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsgD582.tmp\modern-wizard.bmp

Filesize
603KB

MD5
4df53efcaa2c52f39618b2aad77bb552

SHA1
542de62a8a48a3ff57cf7845737803078062e95b

SHA256
ee13539f3d66cc0592942ea1a4c35d8fd9af67b1a7f272d0d791931e6e9ce4eb

SHA512
565a6ba0c9afc916cf62dac617c671f695cd86bd36358e9897f1f0e1a23a59d3019a12349029e05bf91abfb7b213ef02fc5c568a2bfcde0e3896e98cbcfa623a

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsgD582.tmp\nsDialogs.dll

Filesize
9KB

MD5
b7d61f3f56abf7b7ff0d4e7da3ad783d

SHA1
15ab5219c0e77fd9652bc62ff390b8e6846c8e3e

SHA256
89a82c4849c21dfe765052681e1fad02d2d7b13c8b5075880c52423dca72a912

SHA512
6467c0de680fadb8078bdaa0d560d2b228f5a22d4d8358a1c7d564c6ebceface5d377b870eaf8985fbee727001da569867554154d568e3b37f674096bbafafb8

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsgD582.tmp\w7tbp.dll

Filesize
2KB

MD5
9a3031cc4cef0dba236a28eecdf0afb5

SHA1
708a76aa56f77f1b0ebc62b023163c2e0426f3ac

SHA256
53bb519e3293164947ac7cbd7e612f637d77a7b863e3534ba1a7e39b350d3c00

SHA512
8fddde526e7d10d77e247ea80b273beae9dde1d4112806f1f5c3e6a409247d54d8a4445ab5bdd77025a434c3d1dcfdf480dac21abbdb13a308d5eb74517fab53

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsi320A.tmp\System.dll

Filesize
11KB

MD5
bf712f32249029466fa86756f5546950

SHA1
75ac4dc4808ac148ddd78f6b89a51afbd4091c2e

SHA256
7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af

SHA512
13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
479KB

MD5
09372174e83dbbf696ee732fd2e875bb

SHA1
ba360186ba650a769f9303f48b7200fb5eaccee1

SHA256
c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f

SHA512
b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
1012KB

MD5
0c5179acbe898006c13a192a4ba13b06

SHA1
b5aaf7fb63b4d46de5d08e8e69c9b4f1539947e6

SHA256
97041bae88bfee2afae431d45da1bb6191c17b573bfdba8018737f007cbf68ce

SHA512
ea6ba7977affa30897138608e53caeb6b6d4e212f1027bf75de369256a9ad817ab53a040e76555e4cbdcfb96949bfa5ff802cff6a2062f6c833fa47942627dab

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hohja4eo.default-release\AlternateServices.bin

Filesize
8KB

MD5
f6e3525a310ed550b59e44cdc09ec743

SHA1
ff1e0b752774fe957b3a25323d1bbf82130e2bcb

SHA256
c0e9c8ae10e718c2866874b7d54aa8600d6722ad98fd86c18b49e29849068cb0

SHA512
a7fec9e15166f146aa2c4e59eb292bf89cdf91eaeb3b2d3997573c5dc306c9aee0156273f81d86bbbb573bc39967a479f845a4dabfd3855cf2dade34c02be2e2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hohja4eo.default-release\AlternateServices.bin

Filesize
12KB

MD5
bf1ed6a33a8a2873b9cfe75c249f09c1

SHA1
0ad8bf7bd6d3b3069106b5aabd227cc829720638

SHA256
067d63dc27f66458bcf9ba9b1c84aee8f65403a9b5ea07a4153b7732344d26fa

SHA512
a61e4aa47f58efa601fe50d7a5ca52a2b1475a74ffcb9fccffc784e26293ebdb49a1e0725cf541481a12a628c601ec95a1090940e1ea850270c20f65e1e1336c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hohja4eo.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
1ca961d4128d294dc7d4688486418418

SHA1
335d2ef0ea68a5d17634fc85fc59fd7173b506d0

SHA256
92aed52c09582176c505c986571d4e1cefb87fece3d43924a7d38f89c36e32e9

SHA512
88edc429c5f2dd70d9f8774b083ed4551481e6c4ac5cde3bd9a24910a80cc20820d7ad800a29b0cc6d942dea58bb3ba08c1919cb16017164381eeb58cdc9d58f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hohja4eo.default-release\datareporting\glean\db\data.safe.tmp

Filesize
16KB

MD5
c764f3ece9ac91f7444338a10974aad4

SHA1
34810e995b2a4d4815c4e01128299c3d20e4fb92

SHA256
e36e0450b9850aa9f4eebabd77fdeee9e4ee34f7228d439e71a19038ed837b12

SHA512
6e8645f42878792e5d55649ac368fd7477c4f3908aa8df1d5d3d144bacff38e677e1a2b9c95ec017f4c3ceb08626094a4e11e5b80f61a97960a9340a3708e9da

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hohja4eo.default-release\datareporting\glean\pending_pings\4ac804db-3f27-426c-9d7a-e111508889c2

Filesize
27KB

MD5
20699b24fbef9ed0321e58c7e7b0d75d

SHA1
a8ae13b70c9be8c8fea4aef9b5c444a4a655e9c6

SHA256
1d6a03693db25f7e1e3649961d49d7224eee8339e89634f02f25ad4185c70464

SHA512
0b309896c88f0561ae17dab0f0b39b892b768be9c679ba76d14deda65ae1942af7b2a00aa0b9a45a946a7b5816df6530c38a8e8df1ad5e3eed88d6d343dc6c8d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hohja4eo.default-release\datareporting\glean\pending_pings\59b34800-215e-4596-836d-61bfbfada5d1

Filesize
982B

MD5
2d751cb1957a2e67c0a2d53f8ab595cf

SHA1
a3fb85d40deefc7a0d717f9b2b59189176182b75

SHA256
d534c0a3f1695b2588f2aca975a0a37155f9874af73358ce282c21e68604a55b

SHA512
5a9e5ff8d8bf4ae6523087060c066fd3cd6d17e61f00613b0ad15db293ed6bbb2889d6dbada72b1e4ef9673bbb65d95192a1c17e795143b59454221020bfbc0d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hohja4eo.default-release\datareporting\glean\pending_pings\a976ff4b-bcbb-4f40-a8ea-31e25065d0ad

Filesize
671B

MD5
d914aa92d04f22f7a1674395c485b3bd

SHA1
8d313f7ccf163719fc994a3cf1a7b4d44ff7df1c

SHA256
0efb64e4bf9fd5fda0cd53ecca3586687f0e6cd75be58ea4fa76a13d6044b033

SHA512
82addb05311c643d3526666ed10e4a027f648e459396a4930502ea62db0abb1dedaa7ecd569fad83f718d02611eb00b9983d06406c23ece77d02e489bd19ac36

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hohja4eo.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll

Filesize
995KB

MD5
08eed18d708762c8cf0c17cc8c89448d

SHA1
ccd72e15137a59eaa0c9488b88adf4a5931a1a76

SHA256
5f25a5c0e8f1c5f9031d3add46de2056672add6d2faa943e0fbed76896f50714

SHA512
405c0d4c1955ab4edbd409e3bff45fbada4336a63044ad891971196ba18262e1432ce8c8fccba369f2b531e4c5f03489280facb4803a4cb22558d3e32813d1df

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hohja4eo.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info

Filesize
116B

MD5
2a461e9eb87fd1955cea740a3444ee7a

SHA1
b10755914c713f5a4677494dbe8a686ed458c3c5

SHA256
4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc

SHA512
34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hohja4eo.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json

Filesize
372B

MD5
bf957ad58b55f64219ab3f793e374316

SHA1
a11adc9d7f2c28e04d9b35e23b7616d0527118a1

SHA256
bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda

SHA512
79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hohja4eo.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll

Filesize
629KB

MD5
48452ded48c126fce1b1326307d85316

SHA1
80ed62c99de87411c04958a2f942f589664b8c35

SHA256
5df9c74a75d0febb6e30e99939c9c9e1e34dbeed6d1e05a3728de941b303cdec

SHA512
80b419827066b034c8fd94a306a6fe6cab8845d218e0c00e476dc7e4c945bcdad3c4be41bef83023d34d7e8c030b985f942e25adc709f4051b93d23f79006331

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hohja4eo.default-release\prefs-1.js

Filesize
11KB

MD5
5bf26aaa8984b5189351feec4e9d6ee5

SHA1
bdf10441fe19124a0792b0d83a54cd4bf5c51e21

SHA256
c9b5053d3a48fd7d747b910165f9f5a5c2fce6c1e19409a41a5da587bb3471a6

SHA512
6c899b8396dcc1e26e486b8a7975ffb9393162d085412b6974fbba82b3b998a6704f10d82d54b95ad803b58d0ae39c608eb40f21e51a8d7dd50b4377c8728874

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hohja4eo.default-release\prefs.js

Filesize
10KB

MD5
e2192697da0a3a0b103f92720a439b32

SHA1
c831001b47db003d5b8a18475dd4174e3e85c6f6

SHA256
3818b834253d3e58b8b60184d3a4e05f3e06c51f2aaa72e98a6f75201dc37902

SHA512
a752dbcb5c9684d28fe2210a61e80bd9d95b9abc7d0f6192d848c3daf6fecc3eeb7c0855c50aa291ac0c84abcfe5013ad47fa3a2effe9d4d9c6a4797eb125f26

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hohja4eo.default-release\sessionstore-backups\recovery.baklz4

Filesize
3KB

MD5
4bb4d22f0d5f41451dfb7fb6ad035c03

SHA1
ea9c4a653f38198e3b442df24165f239d609d649

SHA256
4774630e1de27984878a7b4daf308324608ed2d2089bc2c42745edcdadc9f00b

SHA512
ee5a3b1dc94a7bea8329004b822be9080714ea2f41be93d51682a2c16b3bfe71eb363e37d3390424a09fe66483fafcb200009f1e3f7748015fac7cd94733e526

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hohja4eo.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

Filesize
576KB

MD5
d625ca26aaeaa0f7a4b6dc86af7862c9

SHA1
3f74866317641d7b5fb972ea118341af230590d4

SHA256
3153e6ac169bd9cbccfce30e6b7287563ac7e2fc485565922bcf44b023894a9a

SHA512
07f52496778023bac0bb2917cf6d19cc0976cf02529cb717601c053248ea72c806a71914a4685aa463827fbfb4945ef2340cc6136a6b946667aa166d5d23f6f4

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\AppInfo\Launcher\BussinNapturePortable.ini

Filesize
153B

MD5
bcd49063656b3febc210e88d818ff163

SHA1
d56e568752358a69f2bb984bdd41b0fe07caebc3

SHA256
001fc1be753b03aab23f250c05d5168a618d6fa3bbd9e0ee5bfb1e10e0504b21

SHA512
0125accf3c95df7e82faf0de79609fc8629d78216978c66d5e33ebdafeaf8fddee600464187f7deb299ecbe23506a204f15ecfd7cbde2f7f69589523f28bd6c1

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\AppInfo\appinfo.ini

Filesize
5KB

MD5
48b660b3c8267f93c3f9ef4dd88ff48b

SHA1
0cbfef4acfdd01c52ca0cafd48352a562f60cd24

SHA256
1bb4a37b13240ffbd2d771319ea7c6a58064c4acb0c035d2a869f6a0a37ece8b

SHA512
053bf58ce0edaae1d52dc7aed56e1b2924dad96cf2ce2fdb05c971cdcb16e722bc428ff59a26f4fdc1782cb0b77cbdf6abff5e8b816dbb05824bf837edcebcd0

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\Bussin_Napture.exe

Filesize
8.7MB

MD5
95953de2de8ac81d9b70f649ecfe1b43

SHA1
df084f40685ca8f88f0a41f37c117711b7b8032e

SHA256
3d326c24d37833eb9bbf096c0dceddeef144bc16c0fbe57ae4e556067f91ab65

SHA512
f0873ae9c0dfbff7aa5fe3844b2c22af9afa1d74234dcc00551497bb86fdea18f2ae44b290b5b44c4ccf74c503f75b6600b27c336a25d31770ea1295dfed7d33

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libadwaita-1-0.dll

Filesize
1.8MB

MD5
dc37efb09cbd253ea78fdae97aef2c92

SHA1
447125221db858a894248f27b69c5c486e18fcc3

SHA256
9377dcc7fed1d45f63f9b9325d1a6ff4f669f7aff5f28f1c7e9b1b472dfaeb49

SHA512
5f8715833ec064a5f5f30f35ec419aab7fcf9f06fa95aeb2315f5552c615f7220576204eed1ae78f87ef8907ba937b2132dbe4bb01d920f63b2570e3e5a83a41

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libappstream-5.dll

Filesize
638KB

MD5
a863cdcae931abd63899b1ff8dc3470f

SHA1
28855d4612175e01c17365800245c5ee2da24002

SHA256
a0151d6626929d5cb92b0318ac3cc8940385ce9185b77f5bf6aa8d9875314c58

SHA512
c7353b7c206c74b82fb38551273dfe4eb10887e13f9b52dd7d2f7c9613da03ee26361e4b2ddd43369baf0de21fc80fbdb0356e0e33ac6376cdd195934332feae

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libcairo-2.dll

Filesize
1.2MB

MD5
e0bad44aaf3da101f6fe555a1f31bd61

SHA1
6595bf250896e6092856341014f7c41f518a1867

SHA256
c531e50be733f641e39419bf62cb799698b20086afb958d73f56677ea0c3f9da

SHA512
efcd8ab06048132b4923b0e165b474e7e8bdb9497e8a9b6648c825ebd9c42308cd9d3767d37d780f5cb198e26e8fbd9934b495eadfd3aa598ec5c297756cffb2

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libcurl-4.dll

Filesize
865KB

MD5
07661d9a6c12f62a3b1bfbb03d626730

SHA1
0d2b01e03a5b0deb486bc82ac58cda85bb8316bc

SHA256
4f5a2d3fe5dead6022e313d26f4bc6c2f2fd84db6ab6220697195a5f29305caf

SHA512
922a15d5cfa6fc236b2d1104523a1709597dc0b0be8b9ede1fb2cac9120b640d07791ce72c81566013b9839edd760a6e3c6bf1f1fa157569627e845096db22b0

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libffi-8.dll

Filesize
32KB

MD5
65f6abd875511657fd918add6c969be5

SHA1
3343695e39c86bf58abafceb0204165e12ab554b

SHA256
f1ed51652b3746c1b4bce497b7041e677e5d80c5ab8198efebb8fc6f75329ae8

SHA512
314683b4f1a3c2b39a3bc1585858f6c77ac6ccf976d16947b65713eb08074a6fee07bdb224d78d378c0abb71fbd5de5ef2c2f37d017df2d4d3a2138bd6dabb51

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libfontconfig-1.dll

Filesize
341KB

MD5
85eebea643c71148a0422a85290120f3

SHA1
082f6ec7aa5d3f71653b051baad80795033cdacb

SHA256
d6c70b7e205f24ff96b29a80849b59c84f8701b311434f64f2bf93bd36bdb163

SHA512
e7bfeea4c321d7e355fe052e831ccbebec3f629be9276798d73662bbc12d0b52a565b975b7cf2f398a3fc01e84df797667952d5ec8a4977f5136e05f660e8f3e

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libfreetype-6.dll

Filesize
758KB

MD5
f29f7a0bb090aeff486217e8879a0dd3

SHA1
f293aba474d752513bfd0660cdcf78278a4da660

SHA256
5297f754dfca04abdb0d21705d5afc3c4122aa25c7afbdd87900313cb780c868

SHA512
6d35d7f8ccf12384b2802352e42d8c0e092592310a80f2838797308c38d56f3a07215767ffff5eb1d2bd40cbdf025014c6577c96c41919e23ec4cf32cc9e6016

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libfribidi-0.dll

Filesize
141KB

MD5
c4decb21c3199364d8d0cb91df7a8cce

SHA1
0266b84ce089c31393b91ec9324fdb08e3d72c0a

SHA256
449085380e54089871ccc9f32b715f65a2e53eb9f5125793fed900461d29a420

SHA512
180ef3bc7f58026860472f2e4f27b74d39bce627db6d4e6b8c551c1dc5633a7b937545cfb77aa7f6d4d5940497aaa5e71005858de394c69dd891d4ee36f6c616

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libgcc_s_seh-1.dll

Filesize
147KB

MD5
25d035933434a273b7916e6eb443d3b6

SHA1
f829301691214d24f6d989e7c948ffa8d8d64c37

SHA256
b22b954397a52703579d92db64b57812af70f2afcafe2e742a009c1640b9ec1a

SHA512
e3c1620bc24ea117279074ee01810e99be342649add6a80728b42ffc06e223e9eb65f16f6632ccec93e96f880304536a1b8dd4f0ac8c2ead1550290e11cea1c0

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libgdk_pixbuf-2.0-0.dll

Filesize
168KB

MD5
b548a12b72b8f65057d19a61848f3c57

SHA1
251c6cf8f79982ea6c76cf73cea23d2d9b9be3a3

SHA256
b4281273d319e59264cc4ab0c1fa74652599ad04e11da3b4c95d66fd75eaa148

SHA512
7740c18c664061273543091176dbf30bcd6337f462e1338bf81b51c2428c47b7634f6b2550fc34bf5c7e44652c15194f13445008982dd6533f17e1c2d3144b13

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libgio-2.0-0.dll

Filesize
1.7MB

MD5
30ea0d0d54214925e4f0de84260433d9

SHA1
a26ed373badd6e5debc328e04ff9b1ab35e3fbb7

SHA256
07bda2471ca0490598d1e6fbdfc8958cd91926d68effc90d9eda0ea2f9279c7c

SHA512
603d4518e7a94a384bb7baa1e0e36b7e858bef5f79d1ea2422bf091a726f9d17de6fba6d8c9d43d0a669f5ac656f24baf06890645ec7aacdde4939f2bc9383c3

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libglib-2.0-0.dll

Filesize
1.4MB

MD5
d79c8c635bcb25e7a68294b41ab99e63

SHA1
7c0d91e21ff8cf5fefe824ebc1e38ed7aba33d43

SHA256
12b2f4d609a5d3cf714a8c502074409d32f21082a682373f4e1bca36821f08bc

SHA512
4eb949886a316dfbded10b238b8575ce18a4336600e1bbc1b879cb02dcedab34a519a81f79087363c0096d73ef84af61ec0081840415705205b1c63e104dec26

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libgmodule-2.0-0.dll

Filesize
26KB

MD5
efe65e1087be9caf5f70c9a86933ce9e

SHA1
ae224dbd83a4e0cc9550d41de204125f375b1c4f

SHA256
8cf9bb9be24c88a66ad478214a55357a9d44702636789dfa436ca509457d781c

SHA512
9fca12b0f6dc5fcbe773bdc6a0f061bc4e771ab30ccaaee10f47963e74b3e04779dbd4028495642d603e59997834c0f8df740ada6c279705afa0b17bbfc4994d

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libgobject-2.0-0.dll

Filesize
350KB

MD5
dcb80c017505d887f6e4f8497fdf0226

SHA1
68a1dd41a6bae494cef6c6fde80491b49c2c3836

SHA256
4fcf4fb2d5ef234e717b389f3b637f05ee6ff111b698ef59664394f10622aef6

SHA512
8710a9419ebf89657ade7adce4eab6a6d34e7530cc34f352aa885abf053147b5d0b728ebad7e2b1946c20824d5b5fafc7541a415156352469581bc2fbf07fe68

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libgraphene-1.0-0.dll

Filesize
125KB

MD5
a4ae3b264f36b1e3e72e5fe0e09be60f

SHA1
39c9f2f351e9506f00704103fbef76e1c605f894

SHA256
f386006450db76dc16fb4a4b3354d7518c5e3d9fa015b9fde34a8b1a49f7860d

SHA512
ad84969759f269ef5ed58ce9a4b909ab792e4702aeba4fbfe1e2f8c8338bd8646bce326708790b73b2684e82f8d754a5bd838d56afacc467e46894c56ef8c2ff

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libgtk-4-1.dll

Filesize
9.2MB

MD5
7ec27eabb88444be6ef09e0eba92d451

SHA1
565b1275c5e1e8a537eb1c0a2e1c6ca5f9c3715f

SHA256
216750000961ff364ca49705cb6a89f0b864674641e0532df380542ed1af8dc7

SHA512
3c18db13bfbb5a69864bd8c326431e4630d84d4ac26b7c8fbbe9e1d0c9fc5e56286b640b9a7540d75b60760885db58ccde591bd56380e39b0268633bbb0138f0

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libharfbuzz-0.dll

Filesize
1.3MB

MD5
b5635527c3821ef7e36e99cc7a342061

SHA1
f3eab77d21702511e58daf8573f4d40b3dc0a23f

SHA256
929f2475fe9ade2c18de5883dc0d6da9e2d2d80e84502c6a44cd12fb8b073bd8

SHA512
de882cc6a1cf2a7e96bdcd72d21a4f4ccde493f2279cac6d17526caf3e5ad492e1625838a581721088e6f3b06dfcff6058cf38995a8764301bcd22965a36a091

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libintl-8.dll

Filesize
184KB

MD5
e3f805c0b24a800c30a63e36e6153ad1

SHA1
639f3f22b2a885335c8973d35b0923be979b621f

SHA256
42a63cb4c3c28a683d9f6c3510de5ec17849eb18c097fa02cd78aeb800bff202

SHA512
7aa18d7160301d99f14bf9d53325d417199da767b73586dcf366b740c1ff8411b98768ec1440d76c70e3dd2f103d7083fa0c211fd7b24abeb06b30d67ad9ea72

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libpango-1.0-0.dll

Filesize
392KB

MD5
2f3c9b6ccdee91608fe25141a68bb5a9

SHA1
f72b50d02735bef4eff3b0676ecb61ee2eac976b

SHA256
834caf40403a447634b0e80ff4ea290f1ee361364cf24ffc8bb55b048f9254a9

SHA512
7dc51465fd7f40954ffcb25c7b9039ad41f983f21f6f6e77f49975554de8c6eb80178e2ee8d56f8471a6f04cb18968d080cf73223aee16b71e034a0b746e88f7

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libpcre2-8-0.dll

Filesize
390KB

MD5
ded191d8fa5c496de4cef8ae7364e956

SHA1
affcdbc05d6f7a11a3c7730a82240e71b9df6071

SHA256
5ffa31709c275120a745f9f714974db1e86c8fd54f8ca6889617530dffbff95b

SHA512
1d6c8e4591745267d5083e00c1d575cda5519d5ce81085f4f5432a1bc5d7def8756ac745f70ee9a98444e2b8e8f9cb3af99649534c3bf69ed11cf0dece36b035

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libpixman-1-0.dll

Filesize
698KB

MD5
6910e27cf3c490bef5e02b84e3160c53

SHA1
8b8143711b930a569937b73517eff0242603338e

SHA256
8f8b8f09ec8fe9945ba76fadf8a04183056afd2c35aa7be1808e1a1301d87757

SHA512
e50766ebbe62b7a8b62f5561c030160d55ba9820358e83232364c5e9efa8dae3278480d98154b8763573c5aa4d2e697498119ba6dbcbb27736cb244073373761

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libpng16-16.dll

Filesize
241KB

MD5
e119bf4e7dc690ee9ebeed03686ca84e

SHA1
b0fce71875cb3e777c55de3a97dd128b4d472694

SHA256
f1b0a9d6cf3b8809c22fa0e27b5b82d9357e5bca43ab0ce8762f55fb303ed23f

SHA512
39a9373996ea6270eb6b4da245ae138ef37a37a6a1cdb8b98cb8745cc45aa035686132cadd06c8ff9122945be42fc59a51a767bf9d1e000a330a03f811821e9d

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libstdc++-6.dll

Filesize
2.3MB

MD5
27bb0a7aeabfdc799ad34a6ae2a24c57

SHA1
099bfb10b27edf7a52d0e75aee32b0ef5a04743a

SHA256
0d9c01ab1771df439c75f144b2d855b4ac400243f006d14d9a043493de628f0d

SHA512
4cf25bd823f447022f6ba5b70f8661321f0b0fb7dae1ba009d85e7ce13229d0d511ac092b26c3cbd7860ea43f99c600a3a2a66407d71df29e094b109d29f4b99

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libthai-0.dll

Filesize
68KB

MD5
699df03b4fd37411b02253a5adfa80ea

SHA1
81ca773170b0b6a9d25975cd3ad8543876e938e9

SHA256
420e08cedaf9daaabcf8f6c92349d9dadb7b5ad9e4e79d1126bb2a55a7cdbe09

SHA512
71a32b8a5c87c1e9331c9b1a7fc4b22582400f558966271373e47f04f1be622bb202147fbd3527fc5f86f19f27cf9d0ccb13ac2269fa53e92bb84bba6679a57f

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libxml2-2.dll

Filesize
1.2MB

MD5
0bd316c4adb346d7c2d17e3fee00a5ed

SHA1
f083735f31dcb48cc5180b6b6f510ac6f6e50ed0

SHA256
ef7e045aae776e66ff26d9e9eae4b615d80fe1540406742c97e1ad2cdd300e33

SHA512
644cbb1603cfa0d4f47a579f696e7806adde7589789d9994f04bcf9b8e20702db266e62b7d21ab8505eec1971d046b25be260d7fd726d07a633757c5ab5a073e

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libxmlb-2.dll

Filesize
159KB

MD5
473add41bd780d29664903540a1f5a4c

SHA1
1deb2a81b2f5e3955bab5f3c5ff63f024e8cc951

SHA256
a42562c66a3761d72333d7149b2efa48dea0c7a4940ffca65bb278ec1acee915

SHA512
8d7662a2d73adba64db402cd32592d87c439c31e7357ec0da5e3782d35c210161a8afc62846b934632d003d6bf654136619a675da4b3ebb8f3ff0f31dea50f8f

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\libyaml-0-2.dll

Filesize
149KB

MD5
519bb9227ea25552badbf5c726a607b0

SHA1
e4550c1f474c3e7d1e6b35fbe788fe771d538c50

SHA256
9cde231bef16846b12897b3c33efd4681d59ebdd32f42695941d141fece60161

SHA512
44c2b9ab590c5a51ccc052b9bced0fed588e8409c8b06bc4581de898a415d41ea67b801f3b8b5892296d4d74c66f259cd7b108810db96ed9a9ffc94fdf10b22f

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\App\BussinNapture\zlib1.dll

Filesize
117KB

MD5
66a3477a51e8b7d4586edf4659cde8d5

SHA1
3306c6aca3937d8bca11dd076effb03746367b9f

SHA256
cb7ab3788d10940df874acd97b1821bbb5ee4a91f3eec11982bb5bf7a3c96443

SHA512
948ba42499bba17b552723c3189289e9f07879c9303ec6f27b4d631b7d701c16fe66fc8c6a681236cef778b0cb0a14420493e048aa90bba682606ce2990c64ab

Download Submit
C:\Users\Admin\Downloads\BussinNapturePortable\BussinNapturePortable.exe

Filesize
164KB

MD5
2e3f072f4680c0693e917b466296a4de

SHA1
8778ba23c0aed467c4f57d8cb0bfc42d2b222641

SHA256
de29ffe4b4c9a563cf68d8d07a9e0556e954b39fe4bbd5a2ef8555d6fe6971af

SHA512
4e3bfa6fa977d3d14bf042ccbe47b20a9055b3a00141eb1be3408daa18c420ca762c736ee658efe7e8b7c9ee1261a29dc6678e0da5a3205c8b6a3b5401279be6

Download Submit
memory/4672-277-0x00007FFB35630000-0x00007FFB356E5000-memory.dmp

Filesize
724KB

Download
memory/4672-264-0x00007FFB35E20000-0x00007FFB35EC3000-memory.dmp

Filesize
652KB

Download
memory/4672-263-0x00007FFB3D890000-0x00007FFB3D8F7000-memory.dmp

Filesize
412KB

Download
memory/4672-262-0x00007FFB36B30000-0x00007FFB36C5F000-memory.dmp

Filesize
1.2MB

Download
memory/4672-258-0x00007FFB36970000-0x00007FFB36B29000-memory.dmp

Filesize
1.7MB

Download
memory/4672-257-0x00007FFB40720000-0x00007FFB40752000-memory.dmp

Filesize
200KB

Download
memory/4672-274-0x00007FFB35870000-0x00007FFB358D9000-memory.dmp

Filesize
420KB

Download
memory/4672-271-0x00007FFB3D230000-0x00007FFB3D25C000-memory.dmp

Filesize
176KB

Download
memory/4672-269-0x00007FFB35A10000-0x00007FFB35C63000-memory.dmp

Filesize
2.3MB

Download
memory/4672-270-0x00007FFB42270000-0x00007FFB42281000-memory.dmp

Filesize
68KB

Download
memory/4672-266-0x00007FFB41EC0000-0x00007FFB41EE6000-memory.dmp

Filesize
152KB

Download
memory/4672-256-0x00007FFB36C60000-0x00007FFB36E2C000-memory.dmp

Filesize
1.8MB

Download
memory/4672-293-0x00007FFB36B30000-0x00007FFB36C5F000-memory.dmp

Filesize
1.2MB

Download
memory/4672-292-0x00007FFB35ED0000-0x00007FFB36800000-memory.dmp

Filesize
9.2MB

Download
memory/4672-286-0x00007FF741760000-0x00007FF74201F000-memory.dmp

Filesize
8.7MB

Download
memory/4672-291-0x00007FFB40230000-0x00007FFB4028E000-memory.dmp

Filesize
376KB

Download
memory/4672-290-0x00007FFB36800000-0x00007FFB36969000-memory.dmp

Filesize
1.4MB

Download
memory/4672-288-0x00007FFB40720000-0x00007FFB40752000-memory.dmp

Filesize
200KB

Download
memory/4672-315-0x00007FF741760000-0x00007FF74201F000-memory.dmp

Filesize
8.7MB

Download
memory/4672-320-0x00007FFB40230000-0x00007FFB4028E000-memory.dmp

Filesize
376KB

Download
memory/4672-319-0x00007FFB36800000-0x00007FFB36969000-memory.dmp

Filesize
1.4MB

Download
memory/4672-317-0x00007FFB40720000-0x00007FFB40752000-memory.dmp

Filesize
200KB

Download
memory/4672-265-0x00007FFB423B0000-0x00007FFB423DB000-memory.dmp

Filesize
172KB

Download
memory/4672-267-0x00007FFB45ED0000-0x00007FFB45EDF000-memory.dmp

Filesize
60KB

Download
memory/4672-268-0x00007FFB3D260000-0x00007FFB3D295000-memory.dmp

Filesize
212KB

Download
memory/4672-272-0x00007FFB359B0000-0x00007FFB35A0E000-memory.dmp

Filesize
376KB

Download
memory/4672-273-0x00007FFB358E0000-0x00007FFB359A4000-memory.dmp

Filesize
784KB

Download
memory/4672-275-0x00007FFB35840000-0x00007FFB35864000-memory.dmp

Filesize
144KB

Download
memory/4672-261-0x00007FFB35ED0000-0x00007FFB36800000-memory.dmp

Filesize
9.2MB

Download
memory/4672-276-0x00007FFB356F0000-0x00007FFB3583B000-memory.dmp

Filesize
1.3MB

Download
memory/4672-278-0x00007FFB35550000-0x00007FFB3562A000-memory.dmp

Filesize
872KB

Download
memory/4672-279-0x00007FFB35500000-0x00007FFB35543000-memory.dmp

Filesize
268KB

Download
memory/4672-280-0x00007FFB40F20000-0x00007FFB40F38000-memory.dmp

Filesize
96KB

Download
memory/4672-281-0x00007FFB354D0000-0x00007FFB354FE000-memory.dmp

Filesize
184KB

Download
memory/4672-282-0x00007FFB354A0000-0x00007FFB354CD000-memory.dmp

Filesize
180KB

Download
memory/4672-283-0x00007FFB345E0000-0x00007FFB34622000-memory.dmp

Filesize
264KB

Download
memory/4672-255-0x00007FF741760000-0x00007FF74201F000-memory.dmp

Filesize
8.7MB

Download
memory/4672-260-0x00007FFB40230000-0x00007FFB4028E000-memory.dmp

Filesize
376KB

Download
memory/4672-259-0x00007FFB36800000-0x00007FFB36969000-memory.dmp

Filesize
1.4MB

Download