Overview

overview

7

Static

static

1

aTube_Catc...91.exe

windows7-x64

7

aTube_Catc...91.exe

windows10-2004-x64

7

Resubmissions

09-03-2024 17:02

240309-vkd2fadd7t 7

09-03-2024 16:48

240309-vbgqzadb91 7

Analysis

  • max time kernel
    130s
  • max time network
    130s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09-03-2024 17:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    aTube_Catcher_FREE_9991.exe

  • Size

    24.1MB

  • MD5

    eec82d625010a7a177035dc6d7540824

  • SHA1

    3ff6ef5202a0b2d35d7509f703e3ae6d79305acd

  • SHA256

    61c11fd68de2448e1c396b811052766d4dbaf1812079b0b5278478eda367efb0

  • SHA512

    0ceabe9034c87149148d47e5302a1ee2a33b0739c897d6c51a7ea865db7fdbcf23ce0599f7155820a92948f7522e2c4a7acff0a9b4e7fe48d4e0eeeda427ef94

  • SSDEEP

    393216:AdrXnY1guAEElI9BUfibFyqpYCD8apON5AtWPm/v7xltQ/UiZdmuSngSLcGKrRi:iygx4UypVxpQAtKmHrtPBnRLcGKrRi

Score
7/10
discoverypersistence

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 3 IoCs
  • Loads dropped DLL 45 IoCs
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Drops file in System32 directory 10 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 3 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Kills process with taskkill 3 IoCs
    evasion
  • Modifies Internet Explorer settings 1 TTPs 48 IoCs
    adwarespyware
  • Modifies registry class 64 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 3 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\aTube_Catcher_FREE_9991.exe
    "C:\Users\Admin\AppData\Local\Temp\aTube_Catcher_FREE_9991.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3688
    • C:\Users\Admin\AppData\Local\Temp\is-V9FD3.tmp\aTube_Catcher_FREE_9991.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-V9FD3.tmp\aTube_Catcher_FREE_9991.tmp" /SL5="$80028,24704281,141824,C:\Users\Admin\AppData\Local\Temp\aTube_Catcher_FREE_9991.exe"
      2⤵
      • Checks computer location settings
      • Executes dropped EXE
      • Drops file in System32 directory
      • Drops file in Program Files directory
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of WriteProcessMemory
      PID:1684
      • C:\Windows\SysWOW64\taskkill.exe
        "taskkill.exe" /f /im "yct.exe"
        3⤵
        • Kills process with taskkill
        • Suspicious use of AdjustPrivilegeToken
        PID:368
      • C:\Windows\SysWOW64\taskkill.exe
        "taskkill.exe" /f /im "ffmpeg.dll"
        3⤵
        • Kills process with taskkill
        • Suspicious use of AdjustPrivilegeToken
        PID:940
      • C:\Windows\SysWOW64\taskkill.exe
        "taskkill.exe" /f /im "eworker.exe"
        3⤵
        • Kills process with taskkill
        • Suspicious use of AdjustPrivilegeToken
        PID:4168
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\aTubeRawSocket.dll"
        3⤵
        • Loads dropped DLL
        PID:5068
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\aTubeRec.dll"
        3⤵
        • Loads dropped DLL
        • Drops file in System32 directory
        PID:940
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\mscomctl.OCX"
        3⤵
        • Loads dropped DLL
        • Modifies Internet Explorer settings
        • Modifies registry class
        PID:1620
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\msscript.OCX"
        3⤵
        • Loads dropped DLL
        • Modifies registry class
        PID:416
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\PacketX.dll"
        3⤵
        • Loads dropped DLL
        PID:3088
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\dsnaic.ocx"
        3⤵
        • Loads dropped DLL
        PID:2188
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\DSNTabCtrl.ocx"
        3⤵
        • Loads dropped DLL
        • Modifies registry class
        PID:1056
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\ExGrid.dll"
        3⤵
        • Loads dropped DLL
        • Modifies registry class
        PID:616
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\ExButton.dll"
        3⤵
        • Loads dropped DLL
        • Modifies registry class
        PID:412
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\DSNCLiteTimer.dll"
        3⤵
        • Loads dropped DLL
        • Modifies registry class
        PID:4324
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\dvdauthor.ocx"
        3⤵
        • Loads dropped DLL
        • Modifies registry class
        PID:1008
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\ImageThumbnailCP.ocx"
        3⤵
        • Loads dropped DLL
        • Modifies registry class
        PID:1236
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\cshtpax9.ocx"
        3⤵
        • Loads dropped DLL
        PID:2392
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Windows\system32\DartSock.dll"
        3⤵
        • Loads dropped DLL
        • Modifies registry class
        PID:4168
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Windows\system32\DartCertificate.dll"
        3⤵
        • Loads dropped DLL
        • Modifies registry class
        PID:4700
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Windows\system32\DartSecure2.dll"
        3⤵
        • Loads dropped DLL
        • Modifies registry class
        PID:1532
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\ChilkatAx-9.5.0-win32.dll"
        3⤵
        • Loads dropped DLL
        • Modifies registry class
        PID:1380
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\StarBurnX12.dll"
        3⤵
        • Loads dropped DLL
        • Modifies registry class
        PID:5068
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\lame_enc.dll"
        3⤵
        • Loads dropped DLL
        PID:3128
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\viscomaudio.dll"
        3⤵
        • Loads dropped DLL
        PID:3972
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\viscomaudiodata.dll"
        3⤵
        • Loads dropped DLL
        PID:228
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\viscomaudioencoder.dll"
        3⤵
        • Loads dropped DLL
        PID:2128
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\viscomaudioprocess.dll"
        3⤵
        • Loads dropped DLL
        PID:624
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\viscomspeaker.dll"
        3⤵
        • Loads dropped DLL
        PID:1804
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\viscomwave.dll"
        3⤵
        • Loads dropped DLL
        • Modifies registry class
        PID:3608
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\viscomwaveform.dll"
        3⤵
        • Loads dropped DLL
        PID:3192
      • C:\Windows\SysWOW64\regsvr32.exe
        "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\AudioCapture.ocx"
        3⤵
        • Loads dropped DLL
        • Modifies registry class
        PID:1248
      • C:\Windows\SysWOW64\rundll32.exe
        "C:\Windows\System32\rundll32.exe" setupapi,InstallHinfSection DefaultInstall 132 C:\Users\Admin\AppData\Local\Temp\is-9R7RA.tmp\codecstp9376\fmcodec.inf
        3⤵
        • Adds Run key to start application
        • Drops file in System32 directory
        • Drops file in Windows directory
        PID:812
        • C:\Windows\SysWOW64\runonce.exe
          "C:\Windows\system32\runonce.exe" -r
          4⤵
          • Checks processor information in registry
          PID:1236
          • C:\Windows\SysWOW64\grpconv.exe
            "C:\Windows\System32\grpconv.exe" -o
            5⤵
              PID:4372
        • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\eWorker.exe
          "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\eWorker.exe" /RegServer
          3⤵
          • Executes dropped EXE
          PID:60
        • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
          "C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe"
          3⤵
          • Executes dropped EXE
          • Loads dropped DLL
          • Drops file in Program Files directory
          • Suspicious use of SetWindowsHookEx
          PID:4900
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1424 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:8
      1⤵
        PID:4580

      Network

      MITRE ATT&CK Matrix ATT&CK v13

      Initial Access

      Execution

      Persistence

      Boot or Logon Autostart Execution

      1
      T1547

      Registry Run Keys / Startup Folder

      1
      T1547.001

      Privilege Escalation

      Boot or Logon Autostart Execution

      1
      T1547

      Registry Run Keys / Startup Folder

      1
      T1547.001

      Defense Evasion

      Modify Registry

      2
      T1112

      Credential Access

      Discovery

      Query Registry

      3
      T1012

      System Information Discovery

      3
      T1082

      Lateral Movement

      Collection

      Exfiltration

      Command and Control

      Impact

      Resource Development

      Reconnaissance

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\AudioCapture.ocx
        Filesize

        164KB

        MD5

        9e547d542c334f0aa201f917f58c451f

        SHA1

        703c64efee37f2d6d7d0627384f9caa9aacd6e90

        SHA256

        b9ebb9caf9130276bb560e47c47fd97529cc81c9c601ba9b0f8cabf896c90080

        SHA512

        ebce8562f3b97a20e52c377099b90fd51970440911b04e3c8be34db142ce465a4de62bb0cbaabbdbb4e22f0a8a745626a4d610c710d390078f080e480fa0bda5

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\ChilkatAx-9.5.0-win32.dll
        Filesize

        9.6MB

        MD5

        9bb055a4c9d2af94d4f364558ffdd773

        SHA1

        d327b19f689b1e02be92516d85c10fbff1c5f8e1

        SHA256

        f8d54b00cb2ed337443e02eb5704b4c3edbf703cfb6297d0a95681369d061ff2

        SHA512

        e1f4246b32ba71ff157dba9eb8e0eb870686ae78e2c2ec1ceab454b010eeda6b4c5dd9acd33ea29683d1c3c194fb53dac771b2d44cd79b3387d8b3599ed8c99d

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\DSNCLiteTimer.dll
        Filesize

        28KB

        MD5

        72ec4057191f8ba5e9b6204d2f939642

        SHA1

        2f56e8a912253d95021394eace3f11d385ac9bd2

        SHA256

        5399e7cf6efa190657e6cffd5cd53b007afc1b452575dee6f4d64e90b73e97ba

        SHA512

        be4b0d94a20dbbe3e23cfef36f1e06380e76f24374999a39f21839186af6320bc88b65aa2424360e59fc79639d7872ec1ccd54af3da313301c3ce5213c544730

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\DSNTabCtrl.ocx
        Filesize

        136KB

        MD5

        0e21d5dd0949a0720fae0d2995d96a61

        SHA1

        d51505c0ed2c200e3b4f8b1ff59d028b6f8c4efb

        SHA256

        a701a90e409a79ee17e6423dcbeae12b33381e63d23333343ce0589fef21ee2c

        SHA512

        0eeb8f1a41131ba921a60471ee6d5939871453fe118c9bfe507dca35554a10d6b703b08dea2e807519df890bc84c9140376906c56b5fe1f07cdb6265444a46f7

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\ExButton.dll
        Filesize

        1004KB

        MD5

        0be6d3393ac857acecfaaf964c81515d

        SHA1

        6229a6bcec185ecb8fe2740e90710f700baa5e29

        SHA256

        c5464549d420879c2467401f0488a8406623a79008d3492ffdb33e131cf61864

        SHA512

        07295de0a1f4785dcce606648e187d1bb7d12831040a0cbdb23a5598c342bbde7db24653f1b2dbae1b98fa333900c1cfe44cbc8ea5076947f9177a8434f815db

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\ExGrid.dll
        Filesize

        2.8MB

        MD5

        62fda32453e109681380d44e4e7d14b8

        SHA1

        df4f1dad2a8c59a2634530235c9d97023281bd3c

        SHA256

        9d76c1a03541a035bd0ec54f5338ef800dc828054c0a767da3c82be2b3d37192

        SHA512

        82613d22ea713e3dadef6c73499dfa6e064c843b6db8b3c4a700271494283cf8956704e39b31a8ace2752b636c73497868d10341c9f485c796d5f14e333ecc96

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\ImageThumbnailCP.ocx
        Filesize

        1.7MB

        MD5

        1fa5e6b4f2f80d3fe17bfd21e045c146

        SHA1

        d4cdd4fd3a68d863cc8f23e4e995c63ccb5ab0ae

        SHA256

        15c8a8ee89e2f09565798204d39e4bcf2c5c73fa86b39e44577b5ec8c0ad7dd9

        SHA512

        ca1ebce8004fda036eb9d25bdcf0f6c425fb69d7c6468d0db47202f7247a3cb479d8216ff67d8dfd0bf6bc974f7ec6edc7e1bd28451b4aab5f24086379c9220e

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\PacketX.dll
        Filesize

        384KB

        MD5

        bf2de16e19f971efb99799a6f771761a

        SHA1

        3f0908e0a38512d2a4fb05a824aa0f6cf3ba3b71

        SHA256

        9f755c46d30e8c9627fc4bf6fd55212bb58b1077fc3d47d8bbff7b92cbce7bc8

        SHA512

        8376a566bcd182856fb10a9a970b4feb71e6c976550c23d884bc0d64a0be72e61790f207d16ce4309a471dc3b344fe65084e893b9d9245e794dd462c851d1acc

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\StarBurn.dll
        Filesize

        2.0MB

        MD5

        ed499b2253ddb27c21a131f0e77559b1

        SHA1

        01e287737631a2104a5e1d0e1430ec58f85e1448

        SHA256

        3169d32f1b49db4ff60b2ddb19070416ba059077cd13df7374cfe2a64e648235

        SHA512

        a9127cf5d96228124047b796562d4095d9b0c56677ca042cb2a84f68bdb256f9192d7858a4f41f8369361aaeaedc1fe6372e95233832b2afeef9d67630a4b363

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\StarBurn.dll
        Filesize

        2.1MB

        MD5

        f5912c9623f172aff029a93dfe22f199

        SHA1

        901230849411b566f692305e953eed6fe0951810

        SHA256

        2d990d3e0632aad8be8be50fa2ae478cd96683672a1478f66712a78dd5736cbd

        SHA512

        1cd9913b46e2966fe3b46107b80aa199d50f0a83bf39ec9e3531c13d86394a53a1356bf8d300e89c6ea053b961e30cc87cde0b228bdacbbf1aaac369389cf959

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\StarBurnX12.dll
        Filesize

        1.7MB

        MD5

        e7b108f6deb7ab8f01d81aa9777866e1

        SHA1

        20db8ca3db1157506ade714cd565abe9223a5d2c

        SHA256

        c26f2e3113de4516591ee99fc2f3937a0eca1855fbe4f3105c654999ef496d0a

        SHA512

        9d17c48bded1ef75768ca565c4d57fe1bc4918836a3d594323bfeefe9e15a7b7c265c549bac66d2895313f734217615632b7840a6052c87b9a08ce546ccccc6b

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\aTubeRawSocket.dll
        Filesize

        68KB

        MD5

        469801780d43c76c35b087b18541764e

        SHA1

        7771cd32bdd4da7c77c49aa94d8e56fb02c7cedb

        SHA256

        e6c6a4c894da9232ace480d015e3b52250622bfb5a6a97d1a41908400b531137

        SHA512

        47eaca40b404774515cd167f5fb8fc0a63c5d0d5b1041951508cbbbc17de92ad2ef93fcc397b508634fa4e50707175b39f62a9d14d7941636cce756b80f0fbe0

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\aTubeRec.dll
        Filesize

        780KB

        MD5

        354c32f891ba99c32359ea74b168bb59

        SHA1

        83168fdba507c59664cf57c08e8775a84363302f

        SHA256

        83828e4f59b6aa28706b1c05ee41ac6bd6f0922913398595db65575c0f01c632

        SHA512

        5285095c0155c7e2257a36b727c7e8de098300ffad34f1e784185d6e6a12a0a61835c39e75bce211f9a02cbc63c9ac908d329a15110aad9f6c3000775a0d1269

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\cshtpax9.ocx
        Filesize

        441KB

        MD5

        c1768153c6b8bb4d390db4fea45c5077

        SHA1

        2e3f471bffe1147c2cc6e94e4e5700796758a035

        SHA256

        cd25107b5fd9ccc92a286252b256af521090c07b072835abb304ee5f9803639f

        SHA512

        c64cccc32599268fcfa4673ed4ac51d148e0c47d4482b2f33a573997d1438aaa4691b755dc22db5b84b8a6781d6c7f5d01238e53677234dde623f79a79c6ab2d

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\dsnaic.ocx
        Filesize

        344KB

        MD5

        a6a46feb22f998fa35e0e6158be00569

        SHA1

        5b559328d37d44224a17b30537391a0f135bc136

        SHA256

        0a19a9491f60b82080ec3cde1f820ae57575efddfa790f23c6548d53b3165b2b

        SHA512

        66feb8abf67fbcdd7e6bd999302ab5e013176e4c6003d42227160e26284a2f8dcf68fc630f22a132703beb5fc5e3d5efbb7c8ccdc2eabaa2c9056d9adf93ca37

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\dvdauthor.ocx
        Filesize

        328KB

        MD5

        6f7f62505e12ef84ba141aed1b188d5b

        SHA1

        a8e54e9deaa7d0d2aa728f93a2315283bc01f47f

        SHA256

        45b5f2db8bdb0790651c81833fa42e45787feac3bc7a856198f42e414ecaab47

        SHA512

        60821ab12fcfa120b7b65d37a5ad58e822f73f52253a01f70b26a06571cc7cd34a4a2f61586153e741c35a72962ed0c482542f7b93189a52155a1a13c22329d6

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\lame_enc.dll
        Filesize

        256KB

        MD5

        2ad765c76147369070e712b4bb3f5c14

        SHA1

        baf543dd3722a0b13f35c8d4b4446fa15d6439cb

        SHA256

        dd81ff58adc8994aff0eccb0f43c9eaad9d1b106069928b0a6b5c0a466c885ef

        SHA512

        a1bb5cdd99990bcac7a9714449db56a1f680b69482358f64e81373bde41618e3c0fd3839ac4e4985895d05e6b60724247539d3e0d04d8604fc6db2a86c76ead1

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\mscomctl.OCX
        Filesize

        1.0MB

        MD5

        e52859fcb7a827cacfce7963184c7d24

        SHA1

        35c4ae05d90f610c0520933faaca2a8d39e1b2a1

        SHA256

        45b6eef5bbf223cf8ff78f5014b68a72f0bc2cceaed030dece0a1abacf88f1f8

        SHA512

        013e6bf4762b1f90650ee6a1cb275607d1cad9df481362f42606a37f3a6f63de5cd0cdb0e9739df141b58f67ac079cf27be4ffe4937371972dd14eae18c58a94

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\msscript.OCX
        Filesize

        101KB

        MD5

        bacce4e044212e8e57bd8946abca9072

        SHA1

        d91aeed0c9f2e97ce61c24698b7029c8275e8e59

        SHA256

        a647c88171f5051f8ecec4d65c2cb57f96e378cbd562b08758b6273b27758791

        SHA512

        f91851f4ac592487691a915e553c2c60f6c4231180722aa4ccb9463acdd1b141551f175a05a8332c96e9c60bacd0adb02860ed2b07fc4a9e9dcc03e584c92bc2

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\viscomaudio.dll
        Filesize

        100KB

        MD5

        77a4ca4de85629a0f3c64a632fac3c32

        SHA1

        9dab43ac031a82c60ad0d32fad2ee303dfae0023

        SHA256

        8fde2a88cc426ead96867ca7a38af6a25475609a7ac7a2917023032b80a620e9

        SHA512

        06f4571a737aaa8d93ddb7b6a23c074c589f8981919c3a3131cdfac6d13de00956cd9d9573ccfefec37876b3a773ba4863efef394d4a7e0df0bdb7e031421729

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\viscomaudiodata.dll
        Filesize

        92KB

        MD5

        ed60fb3b0a0ae5ce21300a927a06b131

        SHA1

        ce5d2f71f8a1770afbf4d3d35d4f355f629d36db

        SHA256

        4831f6ffdeb612cc1b928098d63a819f4c48848521d827e238eeeb66222cf57a

        SHA512

        01c13cfb0eb8a890180252b733cb99ef9b4647115258f3444bcd178eb81184cbdec50771157ce554d5a3c696ce1a690fb857a7a2e174f4bb92e66ea6cea56a09

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\viscomaudioencoder.dll
        Filesize

        108KB

        MD5

        849aaf23d5932cc8c3585309aeb8a3a4

        SHA1

        4c14d6a6ec10d060a862a18147e589fe35886666

        SHA256

        f54e53ed208acc509d4bb9f5b58ab136b4c45f8b7e08818d28e986e089249049

        SHA512

        c1cc5f9f22d179e5ff8008cde568504873a1ca6ff1dc4f01d57052c16f5d5407f5b6051b00da6a624a0edd2a1a7717dc8bfe0ee16919c116526f11cc30773994

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\viscomaudioprocess.dll
        Filesize

        68KB

        MD5

        632bb782309d2a09cad7b35ac8dc98fc

        SHA1

        6c4581f984d5dbba09f959ac6cdfd12eb3e235b1

        SHA256

        851240c7d42ab8cd5a27211d2198158c4086ddf2346b818c01d8503a32a80b75

        SHA512

        9a0b1acbe8c3ac2121ca5267d3b6aa12feac0a1baadad17b49a372ba8a83bed53071b0a260916a5999d67e24867dff35d991330b0d1613e65b8d66f0c84e5f24

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\viscomdvdimg.dll
        Filesize

        228KB

        MD5

        6c5e7b0ce88c91f31eece36ddc001f35

        SHA1

        f128ada2e7d8831561c8bde71e04dc18fdb5a737

        SHA256

        5f563497a38c931cad637cf1a86f008c82f0257df90bb731261e147c2b0f539c

        SHA512

        b85507d3f0e8951a98f36701d8dddaa8ff10e24c50658a92ca7c4da57df32b251e676d38cfb8a317ea5a801376b63d3fc821c74b41d10ef726c7111438ce9e5f

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\viscomspeaker.dll
        Filesize

        116KB

        MD5

        b94c6085c37d15a559538593f106f5f9

        SHA1

        4f1964f7f72c0f11edfa7bdea40e9b2c583ebc7b

        SHA256

        cbc9fe0fa98c54e54350c4d8ac73aeda25e4f5c7de12d35e6b9da14b41fb1177

        SHA512

        aa3739cf24c82be378f81a123fdabe466095c8772f5d5dc773149e88f901dc7406d986cfe3648fa9084f9a5e81290dcc584df31b6a6477982b779addf93823f1

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\viscomwave.dll
        Filesize

        80KB

        MD5

        29fb91549d3e63b279ab09124275ae64

        SHA1

        c96d9098074d401540be945fdbb96f0a7d9fd6af

        SHA256

        d9fbd7b3263c914d153e5be1652550612d16dadc16c212abc446f6cd41441589

        SHA512

        21d3ca8ebbad40b68cc6a76e86be006f010ffad05a4694b6d69ed177ab22d12e46d79196e9e337f0ee50dd8563c7ef8d554d79646a68abe59974b605c9cf3c2d

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\viscomwaveform.dll
        Filesize

        152KB

        MD5

        6c03c1cb5d90e620299009b942855f7e

        SHA1

        b3b26f783dd3f4e8ff92a6d3ba5b4f4fa897d083

        SHA256

        8c230b0ae294729728e3a4853feb56f13bd86f9aa2d072e4cfb288a314072000

        SHA512

        b13b28699c562bfc99f8ab86eeefda92ea4f730950928c01e6d5ad221510b569efd4b6e3bbc87be04b816e4f665f9d620402212c5b04a9e29956183a611a53f1

        Download Submit
      • C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
        Filesize

        5.7MB

        MD5

        78ff67b2d76f93f6738f3d63dd566465

        SHA1

        9621660fb99feccbd69a309e00ab6a220f12bc9e

        SHA256

        ae0cbb70c5098b43b5b8cc808ce5a0657a4b43410fdcff4410dd9bdee832cb77

        SHA512

        674c814aaa36dcc3adab41eb7a517a988a3eb527146a94734c9e01095a12c241578826311cd86b6af554d6ac5dd61f2eaa9583f2f9654877b654db1e35b187cd

        Download Submit
      • C:\Users\Admin\AppData\Local\Temp\is-9R7RA.tmp\codecstp9376\fmcodec.inf
        Filesize

        1KB

        MD5

        5070f76c2a37abcc32625328a5536c5f

        SHA1

        eacbe1153c115e8acbe1052bd74918d39278f440

        SHA256

        a0a515ca7ecca5c9b7534d0c3ba7711f8d9fd821f1a5d3ceecae9af372681a8d

        SHA512

        fcaa758274531e327786eda2635f18213cd1857ffce50ca1ec679baaf295f7ddbe346bcb39f2bf6e40ee8a6517f9b667877ab3491e7553b8262d59147d28c2e5

        Download Submit
      • C:\Users\Admin\AppData\Local\Temp\is-V9FD3.tmp\aTube_Catcher_FREE_9991.tmp
        Filesize

        1.2MB

        MD5

        db1676059e94b886c062a4fe2ed6e194

        SHA1

        2d6fd279c1eea4438638aab11bc286aea3b8aaba

        SHA256

        955a7b3d2a8416084550ff6f8918c148b071613ff9391fd6be6f9e7b5f2acf1a

        SHA512

        0cbbac993100f1c4cd022e4fe5d2eb50ae7a5eb3afcc2dcb984252029f04b0d05f549b999603cce3acd7a234b51d5f1c8a49bdd425f1e635c1c1c9450ca5e205

        Download Submit
      • C:\Windows\SysWOW64\DartCertificate.dll
        Filesize

        244KB

        MD5

        cded5c5ef0b224fe8e696b66426bc2c3

        SHA1

        e7190ce965882c68da5ee3678db0a26c9a882c7a

        SHA256

        33d9547e861ef85c66ce5afb325a0b8d31cc8a674c9f184b98e6ae907c84a89e

        SHA512

        90e8d5b89f5d6bffd76c1988073285eeed3926588a0d7e11417a9c912e9100655f21c74f377809be1f287cc488a4b1231ca0d3916f00ca51260ba752f7b3690d

        Download Submit
      • C:\Windows\SysWOW64\DartSecure2.dll
        Filesize

        392KB

        MD5

        82709dca75e8ead5574ffad16e65c4b9

        SHA1

        5d2fb7708dbb4499ba0f8b3f73301bd5685037fd

        SHA256

        b10ac240a1184bb0bc3f674799b2555b6c32a2f60807927893b948a552953eb8

        SHA512

        502d12c04eafe25a1883122cf80bc915a70d6ffc5ba17768ce0c429e27054d7c04128824644f05761376bef331a2bb824c62a134ab62607fa638d1db5587b73b

        Download Submit
      • C:\Windows\SysWOW64\DartSock.dll
        Filesize

        430KB

        MD5

        855c04bdeade5ea0be6892419568b13b

        SHA1

        8eb18fa861f22b0f7b48fa1f3bb3a98dcaeedebd

        SHA256

        1125a92cb1af37340cb1b0fd54c38aa058a3e67bc4f5c7f09e09d90337f27970

        SHA512

        0a44e54b410e06afa4029dac8428336197255f0f7bbf16ff135b5652e3aeca1d19175eab580d5dfaae8d4f9a2bae455a16ae548ff7ea182249b80b617fbee718

        Download Submit
      • C:\Windows\SysWOW64\fmcodec.DLL
        Filesize

        76KB

        MD5

        5c8874ee321f4623fff7a1315039ddbc

        SHA1

        d6931f0240d577dd439a0d92095f1c7609f584bc

        SHA256

        03a1426ddda7e9187e52ad5def652e9201fc6829bff09ff99b34032b14778f28

        SHA512

        60bff4ed9da714985a4382c714c785bdb324a0301fad2a8a3d0c4b9f0fbacc2cf9c7c53b1b12ab6fd2ed24f33ca9f5df64061cd5cd418e2ce01a4e91c4b289e1

        Download Submit
      • memory/228-332-0x0000000000840000-0x00000000008B2000-memory.dmp
        Filesize

        456KB

        Download
      • memory/1008-305-0x00000000015B0000-0x00000000015ED000-memory.dmp
        Filesize

        244KB

        Download
      • memory/1684-14-0x00000000021B0000-0x00000000021B1000-memory.dmp
        Filesize

        4KB

        Download
      • memory/1684-366-0x0000000000400000-0x0000000000533000-memory.dmp
        Filesize

        1.2MB

        Download
      • memory/1684-6-0x00000000021B0000-0x00000000021B1000-memory.dmp
        Filesize

        4KB

        Download
      • memory/1684-12-0x0000000000400000-0x0000000000533000-memory.dmp
        Filesize

        1.2MB

        Download
      • memory/1684-15-0x0000000000400000-0x0000000000533000-memory.dmp
        Filesize

        1.2MB

        Download
      • memory/1684-72-0x0000000000400000-0x0000000000533000-memory.dmp
        Filesize

        1.2MB

        Download
      • memory/1684-318-0x0000000000400000-0x0000000000533000-memory.dmp
        Filesize

        1.2MB

        Download
      • memory/1684-356-0x0000000000400000-0x0000000000533000-memory.dmp
        Filesize

        1.2MB

        Download
      • memory/1684-8-0x0000000000400000-0x0000000000533000-memory.dmp
        Filesize

        1.2MB

        Download
      • memory/3688-7-0x0000000000400000-0x000000000042D000-memory.dmp
        Filesize

        180KB

        Download
      • memory/3688-0-0x0000000000400000-0x000000000042D000-memory.dmp
        Filesize

        180KB

        Download
      • memory/3688-2-0x0000000000400000-0x000000000042D000-memory.dmp
        Filesize

        180KB

        Download
      • memory/3688-367-0x0000000000400000-0x000000000042D000-memory.dmp
        Filesize

        180KB

        Download
      • memory/4900-361-0x00000000038A0000-0x00000000038A1000-memory.dmp
        Filesize

        4KB

        Download
      • memory/4900-364-0x0000000004520000-0x0000000004620000-memory.dmp
        Filesize

        1024KB

        Download
      • memory/4900-369-0x0000000008380000-0x00000000083A3000-memory.dmp
        Filesize

        140KB

        Download
      • memory/4900-370-0x00000000038A0000-0x00000000038A1000-memory.dmp
        Filesize

        4KB

        Download
      • memory/4900-371-0x000000000ACB0000-0x000000000ACB1000-memory.dmp
        Filesize

        4KB

        Download
      • memory/4900-372-0x000000000AD30000-0x000000000AD31000-memory.dmp
        Filesize

        4KB

        Download
      • memory/4900-373-0x000000000ACF0000-0x000000000ACF1000-memory.dmp
        Filesize

        4KB

        Download
      • memory/4900-374-0x0000000007B70000-0x0000000007B71000-memory.dmp
        Filesize

        4KB

        Download
      • memory/4900-375-0x000000000AD70000-0x000000000AD71000-memory.dmp
        Filesize

        4KB

        Download