d71bde4d5c3e93407c192232e7da5be5cbb67f8ea801f085701aebefcc5cf10b

Analysis

max time kernel
63s
max time network
68s
platform
windows10-ltsc 2021_x64
resource
win10ltsc2021-20241023-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20241023-enlocale:en-usos:windows10-ltsc 2021-x64system
submitted
02-12-2024 15:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

birdfont-6.12.0-free.exe
Size

45.4MB
MD5

da825673dba9dec4c580b270c9e6d13b
SHA1

ff4bd79faaaaa435e8532aa5c16bb9a205e5092d
SHA256

d71bde4d5c3e93407c192232e7da5be5cbb67f8ea801f085701aebefcc5cf10b
SHA512

a6b68700979a41eb94bd8e8b0a7360b12b1044e2129194cd315e47f7277cd21435f7b106c6260b0ae8fedef6599a52dbd1112eeb625ae28f4e00536c1dba7879
SSDEEP

786432:dY34TUW75qmhvNQMdtmUsbwWxM4LbOeJ3XP9J2RLsxTtcol6LINPJqmLFiO:dYJW71hVQMdeOMbOeJnHi2Ttc66/aiO

Score

7^/10

discovery

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
3628	birdfont.exe

Loads dropped DLL 36 IoCs

pid	Process
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe
3628	birdfont.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Birdfont\libgee-0.8-2.dll	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\bg.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\es-419.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\fr.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\it.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\lv.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\etc\fonts\conf.d\51-local.conf	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\Roboto-Regular.birdfont	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\fa.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\hr.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\pl.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\vi.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\etc\fonts\conf.d\30-urw-aliases.conf	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\etc\fonts\conf.d\50-user.conf	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\key_bindings.xml	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\libfontconfig-1.dll	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\libiconv-2.dll	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\da.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\var\cache\fontconfig\ef9c9ad8cc5857eb63cb3660bc8bd202-x86_64.cache-7.NEW	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\api-ms-win-crt-heap-l1-1-0.dll	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\ja.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\tr.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\zh-TW.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\ffmpegsumo.dll	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\libgobject-2.0-0.dll	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\Roboto Mac.otf	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\ms.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\zh-CN.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\api-ms-win-crt-string-l1-1-0.dll	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\libbirdgems.dll	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\libsvgbird.dll	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\et.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\ta.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\te.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\etc\fonts\conf.d\69-unifont.conf	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\libcef.dll	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\Roboto-Regular.otf	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\d3dcompiler_43.dll	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\pt-PT.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\api-ms-win-crt-locale-l1-1-0.dll	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\d3dcompiler_46.dll	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\nl.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\icudt.dll	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\de.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\nb.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\var\cache\fontconfig\ef9c9ad8cc5857eb63cb3660bc8bd202-x86_64.cache-6	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\libbirdfont.dll	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\Roboto-Regular.eot	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\cs.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\etc\fonts\conf.d\30-metric-aliases.conf	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\etc\fonts\conf.d\40-nonlatin.conf	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\etc\fonts\conf.d\60-latin.conf	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\api-ms-win-crt-math-l1-1-0.dll	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\api-ms-win-crt-runtime-l1-1-0.dll	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\libGLESv2.dll	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\sr.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\etc\fonts\conf.d\65-fonts-persian.conf	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\cefclient.dll	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\codepages.sqlite	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\libgraphite2.dll	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\libstdc++-6.dll	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\locales\pt-BR.pak	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\etc\fonts\conf.d\49-sansserif.conf	birdfont-6.12.0-free.exe
File created	C:\Program Files (x86)\Birdfont\var\cache\fontconfig\ef9c9ad8cc5857eb63cb3660bc8bd202-i686.cache-6	birdfont-6.12.0-free.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	birdfont-6.12.0-free.exe

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	birdfont.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	birdfont.exe

Modifies registry class 17 IoCs

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.birdfont\ = "Font"	birdfont-6.12.0-free.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.bf	birdfont-6.12.0-free.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Font	birdfont-6.12.0-free.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Font\shell\ = "open"	birdfont-6.12.0-free.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Font\DefaultIcon\ = "C:\\Program Files (x86)\\Birdfont\\birdfont.exe,0"	birdfont-6.12.0-free.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Font\shell\edit	birdfont-6.12.0-free.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Font\shell\edit\ = "Edit Font"	birdfont-6.12.0-free.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Font\DefaultIcon	birdfont-6.12.0-free.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Font\shell\open\command	birdfont-6.12.0-free.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Font\shell\edit\command\ = "\"C:\\Program Files (x86)\\Birdfont\\birdfont.exe\" \"%1\""	birdfont-6.12.0-free.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.birdfont	birdfont-6.12.0-free.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.bf\ = "Font"	birdfont-6.12.0-free.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Font\ = "Font"	birdfont-6.12.0-free.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Font\shell	birdfont-6.12.0-free.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Font\shell\open	birdfont-6.12.0-free.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Font\shell\open\command\ = "\"C:\\Program Files (x86)\\Birdfont\\birdfont.exe\" \"%1\""	birdfont-6.12.0-free.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Font\shell\edit\command	birdfont-6.12.0-free.exe

C:\Users\Admin\AppData\Local\Temp\birdfont-6.12.0-free.exe
"C:\Users\Admin\AppData\Local\Temp\birdfont-6.12.0-free.exe"
1⤵
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Modifies registry class
PID:3132

C:\Program Files (x86)\Birdfont\birdfont.exe
"C:\Program Files (x86)\Birdfont\birdfont.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Checks processor information in registry
PID:3628

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Birdfont\MSVCP140.dll

Filesize
588KB

MD5
3388ba4d765db81aaafae89c8c13b66d

SHA1
a5f69e4da979177d1574221cd24a0b4bae76e5cd

SHA256
6f9e163b8da0b03a35ac72e5b289c5379853a074965d1eeb4258291321a8b71d

SHA512
983ec4612c6132d7efbc630639faf72c82c02eb0894d7ed7f87bccfc133851cd70852ae1d4aee26bc5fd5cf677bbad3652b3e6c8a49d305bdad5e1bc74330df7

Download Submit
C:\Program Files (x86)\Birdfont\birdfont.exe

Filesize
780KB

MD5
6d529a056c946610206ddb958daf62f7

SHA1
2e96f9bce8ac3d0d26a83b3a33963fe7375ff69c

SHA256
5ab14708bad33f5345664df5767f4f8387f502ee5b93df1e430295ef10129ed8

SHA512
99d7f186c637e25989771acdd4f575a0fc1804b213c6abd51eb95e6a096e00a4c430ba384b87504aa03161bf6464c12f5afde1ca353d768ce819448e46d1d9e8

Download Submit
C:\Program Files (x86)\Birdfont\cefclient.dll

Filesize
605KB

MD5
9b7789786157eeeb4c24b5eab18b5a38

SHA1
cbf4c49aa39c80d329aab9d7bffda7ebce533662

SHA256
b5f3057aae897a502a27d06702eab49954661796f44b97a50a130f185807fb00

SHA512
c1473124b68f09059ad87b422508566c967bd41ab0b6b67f24e7e58ff9d23942c88ebd3c0f0a80295f3124339bb3227c76020416b9111d734cd5257680335a1d

Download Submit
C:\Program Files (x86)\Birdfont\donated.dll

Filesize
11KB

MD5
c18493bcf9972e16e0a067d682a96ab4

SHA1
ed6f939bbaa60a188cdca88af7865e1795c43394

SHA256
93c6809d5bd7ea9bc3e1d93c4b084a38445af4ddf381f2921b4ddd25823fcf04

SHA512
fcb490735d8cf2ee0f92af07ca5de5eec6b4925a5d64c955123a95b3e75d8eb5fe0b9c189985e3ac0728e928bcff0a43cb6541b60c20e678c052d731eaed0ac9

Download Submit
C:\Program Files (x86)\Birdfont\libbirdfont.dll

Filesize
3.5MB

MD5
e96c933e57c28a008b29bc73d43ed30a

SHA1
a3533360aef123d6d3a0beeab1328880cf2079bd

SHA256
5a551a29c199c474eb67722cb21d13adfc71f0e51b2dd90df57046ae9e60dc64

SHA512
c17ac32cd4c6aa5a2eb687dc6b5f4471d088cd305f5e0b890cb226417b6a72dfd3690c1759e499b8587ce06025cec576b1562044d2f3e78773490d7267d4ed39

Download Submit
C:\Program Files (x86)\Birdfont\libbirdgems.dll

Filesize
64KB

MD5
e18980cc1772bf01eb6f267e5cbb213e

SHA1
d2d34dbb9a7dea297dd1dbdcebadf1c6a2de322e

SHA256
1ec70d56a25743f2ffa7f067f37a81e9004f26791063b301b3d5d49e7f832a58

SHA512
ea7f29f7852b40e10920e4c21a2b39681c804d854123c61027bad8c17b1533cd3794db51ad68f087381b6d410cb46546ae7022ae41dc782657375f39fa2331c4

Download Submit
C:\Program Files (x86)\Birdfont\libbz2-1.dll

Filesize
73KB

MD5
9b00e80f8a3a60465ca080759fd75bee

SHA1
e153fe5a6e39e1cc479fc6cc62da9e6470f9051a

SHA256
cc305887c03f1f81f1c521eeaf4cc839c691ccfc81b6f6eb820d3dbd8b6fd933

SHA512
d217edfe623b4b5ee67946045f28e946b693b6c18d5f97545869ff591a9620751430301b1b6fe287f6c441b498d0b3ba01e78d94815fa63352c5db79f95b1298

Download Submit
C:\Program Files (x86)\Birdfont\libcairo-2.dll

Filesize
940KB

MD5
28d8c59aee9b9ebcd1c7b47c04bb24ce

SHA1
a30a34ab94562da1e63329416db6892c4535a33f

SHA256
7fd06899bfd282b6fc03f102cb131fbf014dee3c477ef48c6ec11b26ba9e2899

SHA512
eea926a208d87a0ffd6d61d466f877fe2bba061d685cb4d36977ab30de44c023254c0843bf63ca85d470914778ba6b21bdfca7ab3fc0976a50a89850b8cb611b

Download Submit
C:\Program Files (x86)\Birdfont\libexpat-1.dll

Filesize
159KB

MD5
09effa9ced3ab4477c46dfe21f494253

SHA1
c4cb2328b4b297dccdb9e6ffc24128100613e476

SHA256
82716107d1998136e13f18ad8eedaaebff40ef81bf3a934886a4a9ffc5d8e5df

SHA512
7c2e8b626ae32450d0120b55ccf84d1d1fc7c731deac1b1475ce9e0aed025f10c4899a7c3c2d26dd2a47cd2f48fdb2db3f70785c6682c19fe252a690031912c4

Download Submit
C:\Program Files (x86)\Birdfont\libffi-6.dll

Filesize
34KB

MD5
a31b49431416949a1943bf92b8e970fe

SHA1
f76358526a4df3ea003d37326f74513bb23a1d92

SHA256
863ed3e619cc97a7b703bf5a8099d4e2a087377c37a1c5efbafe4e5decf81596

SHA512
f7a5707bd6cf12d932ed9a6be49204999d6a84b10f662197c69e4dac5d0f57d55f4d3fced6d19e48c8f96a225f8339f233cdca47acb2477b5e19003964780f40

Download Submit
C:\Program Files (x86)\Birdfont\libfontconfig-1.dll

Filesize
310KB

MD5
2c470ae4b9c6c3ae5ebfdcedb83b20ea

SHA1
dc62ecf9ae11898b880a5ecc8804f557a8de7b9b

SHA256
109a6f2d9b4e024978cbf8754c5c37dd8458f7da6dfb49657776a3e84c2e1f3c

SHA512
3676c3fdb10b734eecae98a19d7fadbcd9c7fb3bb878d0a926b7de75adb988891db0efbab2f5d63a43fad85eac90ccafb7ea80c4c4aaf9d72ab6171d162d1ffd

Download Submit
C:\Program Files (x86)\Birdfont\libfreetype-6.dll

Filesize
626KB

MD5
56dd717dc7e3f73e4d9de5ac3ac85a0c

SHA1
7c64c4a13b2aa1b8291bb286684e90819928f201

SHA256
20acfed1594417df15a67ab3059518b58adcfddfc45f066ed9e7f2007412b3ab

SHA512
800706636cadeca4cd73179525ca793770906082d940e9f5f63868fdce3af3f6df4468af727ac32e923e7e005d6e7feb6a5ba6d9e4f63eb65c2ce584d2696aa0

Download Submit
C:\Program Files (x86)\Birdfont\libgcc_s_seh-1.dll

Filesize
83KB

MD5
5cdfad917e6f1dd7b4f16c1b1dcf3d8d

SHA1
e4838391992349f389fafdbeb3c602466fcef6f7

SHA256
eb2ad32024a3cf71042a8454f2d06ffae9cc0e1b97b8ab41b0ee760d27cf4b41

SHA512
6d7249937e19ac926f21f0993d7fdbdac695a1f705f9388a7403dc2a0516052a60ff0f3f83bbfa22958833d32a335042134bcd625484344d01e9d858e69349aa

Download Submit
C:\Program Files (x86)\Birdfont\libgee-0.8-2.dll

Filesize
714KB

MD5
73c4d268a10bfb6fbd6c40bc37f3788c

SHA1
5c72856e2f1379fc90b2fafe422833495674ea05

SHA256
c6c15f0c22d36741c6968052a6fa0ace4bc202e065b0c4bf0f2fd252ed41de2b

SHA512
92850eba9ed1efcc444d6f6cda0cf75af0caf329481fe4c2202f42b319dd148a7e43eabffcf7b778d87dee9e4555e0c51e44a45f6476deb36182c5a0299f8840

Download Submit
C:\Program Files (x86)\Birdfont\libgio-2.0-0.dll

Filesize
1.4MB

MD5
3de57f1cd66947602d18c04801227dae

SHA1
fc2f704ef72333516309335d83999909632044a1

SHA256
ff77bbff68e1260f96a9ac306e3266954443ccf10dc4fa1c878885ffb72e7890

SHA512
8cc2fa1be606192e0fcbae8e8adcd5d77a184b6a63aaf30e9e329b204e66edd3d5825a70be13a1bdc40471a3cb9418bb0fcc1f708cf9558aeca0d348202b52b9

Download Submit
C:\Program Files (x86)\Birdfont\libglib-2.0-0.dll

Filesize
1.3MB

MD5
d654a853a0eebf592dbf2227a27002fa

SHA1
4704b73aaf37e6c5db504b0d9aec1ce328699980

SHA256
3ddd0dfafa2dbad5d6c504daf57ef7d3cda9fe6492db37e95c1ef02882bf14f0

SHA512
6b28fa75b094d53e60a00f2a5bcc9350be4871f866eeb09ef5a3ba19050bbad5da21300cab7772369c490dc395ffa54fdbe98afc352d7a31561930e3c32107ab

Download Submit
C:\Program Files (x86)\Birdfont\libgmodule-2.0-0.dll

Filesize
28KB

MD5
e698a4e49ea33d67bdbbe60604e601e6

SHA1
fdec483aec0780ec76549b19c744ad833d6b7fa4

SHA256
820dddadb84f1e6c11fb502e1cf4bbf4bc2f2f5c0807a81feb7c7212a357e05f

SHA512
2b96084c0c44d38c352b523e704496ae9e01658b6d73b76bfa7f46d3abd8ccedcf9cf4acdc922002dc1bdf3a6792f50e17a5859a7aa9a40b987f7fd3ca443035

Download Submit
C:\Program Files (x86)\Birdfont\libgobject-2.0-0.dll

Filesize
298KB

MD5
0c44b7ba5dc95a1f1511724fe2bb138b

SHA1
909b757d358e23651c7821b69ca16992d44ad441

SHA256
8d7631324ab053df9cb4dc163e8b8af2efd912479c5bfcb5bcda68d8bd7ebc19

SHA512
53b697c846bb4a45a7e211fc74c699a88e6bd05b275cdc5f84ce2f2d6d81969bb1008843d387771f26d45353e33e4c721c166ac6005cf2bc27727d1608ef40eb

Download Submit
C:\Program Files (x86)\Birdfont\libgraphite2.dll

Filesize
222KB

MD5
c3abb19e03e78629ccd7cfcebb5b4509

SHA1
b0dc081c32403e40458976cce18cab0b6274571f

SHA256
1c53fc8ebde60143f1b51e2bac41baa178998aa8d68adbaea6d405f55609e49a

SHA512
1cff50157b475f3159ffcea905cebe41e187a4b730482a0e485da2f8d102a6446ca873e9931003d1b8ea09c0152311d305b30feb815f4acd9c548c22b47c9a8d

Download Submit
C:\Program Files (x86)\Birdfont\libharfbuzz-0.dll

Filesize
387KB

MD5
bb4f77ff50b4b374890273d6a0c9ca33

SHA1
6137f6eb6bf1255675d98345c06b8253ac78a21e

SHA256
f920a8f1d7c6374114522ad5f54acdb4e9d49522004c5515a1da9daa901536c7

SHA512
f605ede6f7dc5fbd4cab30423b39222234d585ff70017b4f1429b3f889b21ef1a4b6c05a5828f5486d3538d319ee56ee4ad03abddfa4d4e471a5b1fb9f67aa22

Download Submit
C:\Program Files (x86)\Birdfont\libiconv-2.dll

Filesize
1.0MB

MD5
6c9f8150fc4cd26fef257da2e17b4d38

SHA1
dfae5a2f6fadca8d35939d04df38f6929d23bdad

SHA256
d459f5af82080b6df9b082a00d0edcb704cf6788eeb8894d94dc9c12368f7b58

SHA512
92b002ac2b955d4e397bd31e780a1804d15f793259409eb56b5e7b828e78293af1a452ab305730d429c5358b4dd6e0cd4ebdcf4e821be7d5e46fb35be2e3667c

Download Submit
C:\Program Files (x86)\Birdfont\libintl-8.dll

Filesize
134KB

MD5
5c5123fbc985f9d4929ae99f6e29fde3

SHA1
c139353b3c26f57da2710db5b8831e00a276d55b

SHA256
906b460eee8f3448810f0cdedad1da2865ac04cb10944ddc0fac0dec0e5fdb76

SHA512
84ac1979a515275b15ad3e33feed6cab32b58d690a384cb07ba5db4377974b96c60f15b88ca2c6e54cefa517f7ea868bc0474a324c95f6320d9a252b29b67cde

Download Submit
C:\Program Files (x86)\Birdfont\libpcre-1.dll

Filesize
273KB

MD5
f3d4658a3d7523366c470bdb6778e937

SHA1
6229a296785b71dd1eac18f7b49462896a0c3b0f

SHA256
e5b759e5d54981d88c46f6bcb6798fe8ccbf358f07571131fc7fa19c55eb1667

SHA512
f553ff2f389793baafe61fcc92202720bbda4c62240825a73ffe4e6a76eec2474f0553f5785d968d521201807a060842292fcdf3114d8b7ae42ab3a91e66c73b

Download Submit
C:\Program Files (x86)\Birdfont\libpixman-1-0.dll

Filesize
668KB

MD5
e87ec4a739014fe35b2eaa175ccd26fe

SHA1
009f73e195b766cf9934bcd2faa6c2ebe4ee5a2a

SHA256
7fa19498c664e1845c495128a2932082ee1a2eb0a42c952ff8752e9c86b29274

SHA512
3f1f4fa2c749feba7801758685c7d6e989d6e34c3b9b88ca9d6c89209f6d6b4f11a2fd8e8fd6cece936c021db6cbb97b5a5e3e6d5f29f90ae3b13c00037e9699

Download Submit
C:\Program Files (x86)\Birdfont\libpng16-16.dll

Filesize
227KB

MD5
d67a0108e0ed176132cf61cf778f189b

SHA1
e35f2be8b9b651b9dcd8fa8d70c3aabb7f5f6ac3

SHA256
33a312f875ed613320d48716ff790661d8fe952f4db2f8b63d2afdcd04e45f5b

SHA512
2dedcd6b8d63b78613bc918ca81426c440708b5606a55cedf608054323f2dc33063312797d6015f69228fb104c8cca860d0a728825b9253e30c98a17064999dc

Download Submit
C:\Program Files (x86)\Birdfont\libsqlite3-0.dll

Filesize
940KB

MD5
f09e850b276ffcc751f25e0817667390

SHA1
b6c9f1ae613d137a96ef78f6ebfe27a5a68e4a61

SHA256
56fa44d40352e5cdef2757ef7addbbee64109b68b719020b69c5bcecde3f7e1e

SHA512
449935bd53cfdae835cdf1602db475cc7c9de56a875863b755b9c5d9c6ad95991d99ac0173541dd5c2e9e3155808ae8a78528ed3851857c2cfcb521147a21fb1

Download Submit
C:\Program Files (x86)\Birdfont\libsvgbird.dll

Filesize
331KB

MD5
0715bca9e116cf7e2279eba8130a8c01

SHA1
8b0a057570f2818c5e990422c056ae5eb8b2327a

SHA256
afe3236ffe13bb4d04753f2b6c788f9917f9ae943b8e95d7602f020343842f6c

SHA512
872d9e12e6d6e745f6c20ce79d125a9dbab4fd8a60e4e831d176b30419dea1ac423743ebcb7fb9d4533fe5f806958c1fc9c1191d58872ea70fe0f57c83f229b4

Download Submit
C:\Program Files (x86)\Birdfont\libwinpthread-1.dll

Filesize
57KB

MD5
ac3a8fc7f0074a1b4aa2bfb28245f3df

SHA1
935d591fbabe7b411c9a7dc2fb5c5059755e943b

SHA256
8df4e35d3507fcf27c305a4433c1b5a205e312788e6eb386f8345bf9e9689e36

SHA512
59bb4223536db129ad4c23f1621b97b87c522ed1ebc4641731cfc6b7b0cb0aab5498db859e96b031f9b0e9926b1c46e67474c40bf3d6912ff782cdbcad89ec3f

Download Submit
C:\Program Files (x86)\Birdfont\libxmlbird.dll

Filesize
63KB

MD5
aa96b38f502a0a77e8f8c66b51e4fcab

SHA1
8230d1d80defcf2fe6f13b4f1d35874835121881

SHA256
e25d658ec2113f029c90ef10774b916371a503150a5a0be87e6cbf3c38915790

SHA512
9569d2607a4f2b7ae1b33c4ed838d031153eccb778138bb6dfd9b4646d041596e363a64c7ad80fc804462542e1ae76610ee322e8f7ef9cdfb09743374bdb702f

Download Submit
C:\Program Files (x86)\Birdfont\vcruntime140_1.dll

Filesize
28KB

MD5
b8cc7a732a6502f4e8a83144bbb09079

SHA1
90392dec839ee197111d8f41e4325a380c685bc1

SHA256
19c7ba2cc290b994bc4e446c4bc8885cda266e022d654cdd7ee1e24be8d75383

SHA512
68d0a59ad40e5772d618c5734f3ca6de07adb46eeef39ac838d1856a7d0438bdaff51849a9ed463621bbe1e7c091321e72c3565823a11c0dc6a0101181b18261

Download Submit
C:\Program Files (x86)\Birdfont\zlib1.dll

Filesize
89KB

MD5
ed334ca4aabfb609098a30f5052d67fe

SHA1
4f092532810c0779852773f74174daccc7711893

SHA256
730b19520c9e73c281c54fd1a05279bc55d936eb8545c2f8511961520a25bdfc

SHA512
c880b49d9b93a4eaf912d75e29fbe5a77adafc47520e4ed48c2bf36e6a9a631593db352b3c5b333092a6afb73d05fd815d411aec6fa4345fa234593240af8db2

Download Submit
C:\Users\Admin\AppData\Local\birdfont\settings

Filesize
5KB

MD5
a5f4d70a16bac297025bbc04352c3a0d

SHA1
2f270b131a1e4fca6a2ff4bbe671e6461e000915

SHA256
8033e2445b757d118fee8ab512b310285e98f61ccaef442a031d3a71115c8b0a

SHA512
5d13077ff7520e725952444a6e8c20a4ff197a0308c8809cec66dfd77362f38f821053f88f55687cc944709c2570bb7ba774507e817a5088942b25a4134a21f9

Download Submit
memory/3628-264-0x000000006D580000-0x000000006D6DC000-memory.dmp

Filesize
1.4MB

Download
memory/3628-277-0x0000000061600000-0x000000006166A000-memory.dmp

Filesize
424KB

Download
memory/3628-283-0x0000000070540000-0x000000007057F000-memory.dmp

Filesize
252KB

Download
memory/3628-282-0x0000000066000000-0x0000000066109000-memory.dmp

Filesize
1.0MB

Download
memory/3628-281-0x0000000068F40000-0x0000000068F6D000-memory.dmp

Filesize
180KB

Download
memory/3628-280-0x0000000069140000-0x000000006918B000-memory.dmp

Filesize
300KB

Download
memory/3628-279-0x0000000064940000-0x0000000064955000-memory.dmp

Filesize
84KB

Download
memory/3628-278-0x000000006DD00000-0x000000006DD0F000-memory.dmp

Filesize
60KB

Download
memory/3628-276-0x00000000626C0000-0x00000000626DA000-memory.dmp

Filesize
104KB

Download
memory/3628-275-0x000000006B740000-0x000000006B750000-memory.dmp

Filesize
64KB

Download
memory/3628-274-0x0000000062E80000-0x0000000062E9D000-memory.dmp

Filesize
116KB

Download
memory/3628-273-0x0000000065300000-0x00000000653AD000-memory.dmp

Filesize
692KB

Download
memory/3628-272-0x0000000068B40000-0x0000000068B80000-memory.dmp

Filesize
256KB

Download
memory/3628-271-0x0000000066380000-0x0000000066474000-memory.dmp

Filesize
976KB

Download
memory/3628-270-0x00007FF8F73F0000-0x00007FF8F7418000-memory.dmp

Filesize
160KB

Download
memory/3628-269-0x0000000064F80000-0x0000000064FD3000-memory.dmp

Filesize
332KB

Download
memory/3628-268-0x00007FF8F00B0000-0x00007FF8F010D000-memory.dmp

Filesize
372KB

Download
memory/3628-267-0x000000006EE80000-0x000000006EE97000-memory.dmp

Filesize
92KB

Download
memory/3628-266-0x00007FF8FFF60000-0x00007FF8FFF79000-memory.dmp

Filesize
100KB

Download
memory/3628-265-0x00007FF8F01B0000-0x00007FF8F02FE000-memory.dmp

Filesize
1.3MB

Download
memory/3628-263-0x000000006C1C0000-0x000000006C27A000-memory.dmp

Filesize
744KB

Download
memory/3628-262-0x00000000693C0000-0x0000000069465000-memory.dmp

Filesize
660KB

Download
memory/3628-261-0x0000000063A40000-0x0000000063A92000-memory.dmp

Filesize
328KB

Download
memory/3628-260-0x0000000068DC0000-0x0000000068EB1000-memory.dmp

Filesize
964KB

Download
memory/3628-259-0x00007FF8F0550000-0x00007FF8F08E6000-memory.dmp

Filesize
3.6MB

Download
memory/3628-292-0x00007FF8F01B0000-0x00007FF8F02FE000-memory.dmp

Filesize
1.3MB

Download
memory/3628-286-0x00007FF8F0550000-0x00007FF8F08E6000-memory.dmp

Filesize
3.6MB

Download
memory/3628-304-0x0000000061600000-0x000000006166A000-memory.dmp

Filesize
424KB

Download
memory/3628-288-0x0000000063A40000-0x0000000063A92000-memory.dmp

Filesize
328KB

Download
memory/3628-287-0x0000000068DC0000-0x0000000068EB1000-memory.dmp

Filesize
964KB

Download
memory/3628-316-0x00007FF8F0550000-0x00007FF8F08E6000-memory.dmp

Filesize
3.6MB

Download
memory/3628-328-0x0000000066380000-0x0000000066474000-memory.dmp

Filesize
976KB

Download
memory/3628-322-0x00007FF8F01B0000-0x00007FF8F02FE000-memory.dmp

Filesize
1.3MB

Download
memory/3628-318-0x0000000063A40000-0x0000000063A92000-memory.dmp

Filesize
328KB

Download
memory/3628-317-0x0000000068DC0000-0x0000000068EB1000-memory.dmp

Filesize
964KB

Download