f9d3dfcdfa13a845ca0dfd0b00cf2577d744f86a81786adca3567f6ea121f758

Analysis

max time kernel
150s
max time network
115s
platform
windows10_x64
resource
win10v20201028
submitted
20-11-2020 00:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

VSCodeUserSetup-x64-1.50.1.exe
Size

61.1MB
MD5

49bcaf117095e95a2aa16b37c3533c92
SHA1

a56c59a621812bcd2a07b657e1b21f395250e9bc
SHA256

f9d3dfcdfa13a845ca0dfd0b00cf2577d744f86a81786adca3567f6ea121f758
SHA512

bbf62701f1d7676a2b315a4c52923c4a5d3b85305e63a8f0d853bbf811b3716054044ca7c64b35ec8b15b8193613ec5b470e9d6cc547eb2f0d9f11e99ab5648c

Score

8^/10

spyware

Malware Config

Signatures

Executes dropped EXE 1 IoCs

Processes:

VSCodeUserSetup-x64-1.50.1.tmp

pid process

68 VSCodeUserSetup-x64-1.50.1.tmp
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware

Data from Local System
T1005

Credentials in Files
T1081

pid	process
68	VSCodeUserSetup-x64-1.50.1.tmp

JavaScript code in executable 6 IoCs

Processes:

resource	yara_rule
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources.pak	js
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules.asar	js
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\out\vs\base\node\languagePacks.js	js
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\out\main.js	js
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\out\vs\code\electron-main\main.js	js
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\out\vs\loader.js	js

Checks processor information in registry 2 TTPs 3 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

Processes:

firefox.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

VSCodeUserSetup-x64-1.50.1.tmp

pid process

68 VSCodeUserSetup-x64-1.50.1.tmp
68 VSCodeUserSetup-x64-1.50.1.tmp
Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

VSCodeUserSetup-x64-1.50.1.tmp

pid process

68 VSCodeUserSetup-x64-1.50.1.tmp

pid	process
68	VSCodeUserSetup-x64-1.50.1.tmp
68	VSCodeUserSetup-x64-1.50.1.tmp

pid	process
68	VSCodeUserSetup-x64-1.50.1.tmp

Suspicious use of WriteProcessMemory 12 IoCs

Processes:

VSCodeUserSetup-x64-1.50.1.exefirefox.exe

description	pid	process	target process
PID 3336 wrote to memory of 68	3336	VSCodeUserSetup-x64-1.50.1.exe	VSCodeUserSetup-x64-1.50.1.tmp
PID 3336 wrote to memory of 68	3336	VSCodeUserSetup-x64-1.50.1.exe	VSCodeUserSetup-x64-1.50.1.tmp
PID 3336 wrote to memory of 68	3336	VSCodeUserSetup-x64-1.50.1.exe	VSCodeUserSetup-x64-1.50.1.tmp
PID 2260 wrote to memory of 1264	2260	firefox.exe	firefox.exe
PID 2260 wrote to memory of 1264	2260	firefox.exe	firefox.exe
PID 2260 wrote to memory of 1264	2260	firefox.exe	firefox.exe
PID 2260 wrote to memory of 1264	2260	firefox.exe	firefox.exe
PID 2260 wrote to memory of 1264	2260	firefox.exe	firefox.exe
PID 2260 wrote to memory of 1264	2260	firefox.exe	firefox.exe
PID 2260 wrote to memory of 1264	2260	firefox.exe	firefox.exe
PID 2260 wrote to memory of 1264	2260	firefox.exe	firefox.exe
PID 2260 wrote to memory of 1264	2260	firefox.exe	firefox.exe

C:\Users\Admin\AppData\Local\Temp\VSCodeUserSetup-x64-1.50.1.exe
"C:\Users\Admin\AppData\Local\Temp\VSCodeUserSetup-x64-1.50.1.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3336

C:\Users\Admin\AppData\Local\Temp\is-AIGEE.tmp\VSCodeUserSetup-x64-1.50.1.tmp
"C:\Users\Admin\AppData\Local\Temp\is-AIGEE.tmp\VSCodeUserSetup-x64-1.50.1.tmp" /SL5="$60030,63041572,828416,C:\Users\Admin\AppData\Local\Temp\VSCodeUserSetup-x64-1.50.1.exe"
2⤵
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
PID:68

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2260

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
2⤵
- Checks processor information in registry
PID:1264

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

T1081

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
MD5
9e9b737a73f2f23f1b16b2936da0c879

SHA1
5cb9e7103f031934d0d94b376c4689bbe000ea6b

SHA256
dec004824ebddd8328e4de652553c31cf69e5a7a707a7a65afa6f8eb0c73e135

SHA512
d1cea1b3ab05697370fd3c766dcc2138fd7ef84b01dae2ea4b3752557f5069fd5d0efff4c8c593fdd9888d748641db5c32e546c16e23ee939ac723b9a48e2caf

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
MD5
2f53e6811d050e0a952cbfac84e1d78c

SHA1
54734584bd75617eb624189a173a989f0a9f3bcc

SHA256
136bfbb33d9e12feabb38acf82100a9da657443145bfd459666c300ee05048fb

SHA512
bd198d35ec11c0f670ce59b28e91bd838d8a5dd748bd3611d773fd5d495858d930410734c3f43060a22b801ad600ac98359b323ab9c087a0a4e758d2133a06c2

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
MD5
411934e7eeb44d21a90a50292462b925

SHA1
2d34c12f9f7b00e7f6e44de9db86f0453c64ecfc

SHA256
80492e8288067de4cc4e052dd0abcd77a8699981b092a1934014e57ac1587c6b

SHA512
d962fd906917f42f747260bbbb39fa3b31ec72cacbbc23f3c5e4483ea550c66733ed131db8472e3cdefeef6d673b2c5c9c6ee82a16fad724da26c8c3906e6fcf

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
MD5
2994ef2f43319c3e33f231e750ad8ea6

SHA1
96c67bf9ff596091eafe1624e4bce6d97a1139dc

SHA256
e84553e6108bb0e231f9cc418d5873418e7831326d45b5ff4f1d81e1d41c8608

SHA512
1b8a80f6d06675d64096e3879edf53f64a06a49fef26ebd8f326514dd999a6179fbfb526fdeda37a9115dc3e0cf478fc45cd6ca77849605c39aee924e993af21

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
MD5
8982f0c33d1d3171da56b4c06a6a50ae

SHA1
f2b6692855ddc7495d0dbc37aa41f8cdd3ce1c84

SHA256
cdd4d216e2c0968a535cde41912c39e85e513ece79636e2d42e115e2909ef331

SHA512
1e563fec851cb82392529eac5d1f18ed42e5ce605d9f4896c6fbe3b763d790fffd13d432e70ef4340e328433d728af6384480902122c0f622318e0fd5e345b46

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\D3DCompiler_47.dll
MD5
13083e3084ab9dfb79f50061d0c2d5e5

SHA1
8b3ecd10d0a60d66e08ae2e733e86d604a5f23cf

SHA256
5e5ee0db3e97f14b33ce060a3631da20abeeb81d7dbbb357ab96f9bed663614a

SHA512
f82bb27dd238d74e71fd959fb02b5c8d7d90fa6690a18bf58865493a49a310474455586e7ca3ee39e983fcf4fc32daf60c841b15fa5c8a3310440113c9d125c1

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\chrome_100_percent.pak
MD5
d2106eca5c4501bc846f85fff427bc32

SHA1
113c37fdcaad0d8f60207fe982af04214c749cc2

SHA256
173fa0728f797ef1f2137e03efd4fbacaf3223b66c6fc4e45eb3daa051241237

SHA512
077ac4267d502ba85b25c4c4372ee996aa998cc611b76d85937481527634c78ebc4091fea19ac5026b68c69be5caacabfcd32e9539415c744402262c751bf535

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\chrome_200_percent.pak
MD5
d00f47f901464182a2dca1fd43143d46

SHA1
d42052df0c300ac6a51381122d70cd0efe7ce779

SHA256
ce81cc857e6deb1e56c29051ddd4c6672cc5a5d1c5c44765b8aacdbdff9abf0e

SHA512
112765a4d3a3fdf9e77cb797b261a43bea6affa83bcd800e4c3c77b28e13d3642f894b0877c9423a3c1aa7f55fc5acdbb09acc5d473476a8ecb34f4560c8c8e2

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\ffmpeg.dll
MD5
f74ccaff34147dc87fb86884f146dc6c

SHA1
3860cadfe5eac5d8661f9f99017111832ba6cdde

SHA256
7987bfbba7039780916848e239d3b71fb7d6c2f28aba19958ef23ad20dc458c7

SHA512
7360fe237c25029fe530fd6ac9a253be0dcf8f519c92be9d6987abd2db879647e63e19c4a4d4a4859d5e236ccd98b2fd7af4c6a51780bd0332cfd86f65f60b66

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\icudtl.dat
MD5
d1252d486a0e07c74c8a5de42397d018

SHA1
54ae925b7e5865878c8648f95dd2f1a322fa67f9

SHA256
9f632bc0d28213fecce4418b6cfef84fc43a70900fcd8428501c2435cf734367

SHA512
fbc9b0c09474c64f41bde14a9f5350c6e6a793a7ffb3b45f816388e36c906b39098b1201e9ecbe9da447af408d0589e394d82240b0aabd430186a09279d16748

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\locales\en-US.pak
MD5
b979ca7a2e26f96f991b34942ba8ba17

SHA1
0752955a92cfc5eaa9039ca717790dd90840dde3

SHA256
6d9baf2f803f792c09fc4764c134a479b98d7b4644c88789c1f4b086a9edb0c9

SHA512
efb85f8535d0c82f2f855b21e67d9f2cc5b8aa07c82dfdb605d91e09fc315c94dd6bb3ae0d0362e5f3c02b376d7ae8a86ee3121a22e9e8dc5351203f5a4646ff

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources.pak
MD5
92a9097ac41ff7eb7cfce1c809cd1fbf

SHA1
954041c9f77620b1e5dca715968a621db8f5128f

SHA256
39ebedf73ae8c69944850809d2feba8431833756799e4bdd6848b19409138fee

SHA512
5e87dc931034ececd86c295c590e4d2986b2cb8af850705ca70c95ead7de7b5ffb85ab3d114c21087fa8e51d56b38ac9c45d57b8ddc0b3b8108bb0b64c5cb2c2

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules.asar
MD5
efa960f789855f21c5f1cd8f89c2352e

SHA1
b8059957b8314f2f1b5eeeb69f4f5c74c4074430

SHA256
c46c3820907ea0a7083645e3a319902639ee5932699799d68abd1ee35b7957b7

SHA512
e823b45324e53bc50a03b3f9abcce903237b1a98a93ecad89b83a4129d8f2ee26a9cc99d6478825fc3524a371896e9f5139954a3a8ba6ceb37d2b550841ba592

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules.asar.unpacked\native-keymap\build\Release\keymapping.node
MD5
a7fcafc593bb3ee5532eae5b89d96a48

SHA1
7366f1a3306deddf27b488d427380f20a87bbecb

SHA256
15021fd44eef8fba18c8ec329adb3651923d10d2ee31a58a3049ddf50ce08acb

SHA512
48d0844edd406c150afc8b6d448067726f429375c36e2993adb9360f2f36d106fc5d4d651e059a655d0c8382e343000d93e5450f71486f416ac64ce06fae410f

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules.asar.unpacked\vscode-sqlite3\build\Release\sqlite.node
MD5
f23c5c69e96f6d48a2328074c08b447e

SHA1
daabdccf8d7071a97e873e44392c5f46aca7afb1

SHA256
25385e8a9ab1ea2ba2a0979180be38f1fbea5e2c5a65633b0fb0536d0e502431

SHA512
8284c903510f41fd9465cacc390bf5e23143884b264e5d9dd5bae480542074d45159950ce98c656487738910cf66e641d1b5c5a8fd10405088e979a344ccbd6e

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\out\bootstrap.js
MD5
fd16994a02f6266013753952056effd6

SHA1
20eaf1230d900e1c8292f5776becb06a528d8f87

SHA256
1b420c3db11a0ee671f0f6c974a2812d15812cacec8bc5bdc6f4a88bf5946cf1

SHA512
229ec000d9d6f2fa67dfc6b97ac15bee40ccf50765dbc90ebf36355aceaecc65e51142057091633efb969c542b9c3afaefe6930a8abe8d865f06b4aa1ab50097

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\out\main.js
MD5
c312592e1ce1a872fd158669fd05dff1

SHA1
0e5d8735aaa438a2c51c17e43b799cfc2b6f812a

SHA256
fea88247c01bc99486c20fd051a4c91fbe1d19d185aaec05f0451c7fa360541c

SHA512
60cda8362d09c828f08af8e2cd42f9726a90894dc286649755a229896e36e58c7fe204e1d37449bcf47b36b9832daedaeb4120190213f580864faccc57d2d03e

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\out\paths.js
MD5
7b33e8b7ab36dab198e94f4594c13ea4

SHA1
34c1f48f3c72d5dcfe93d59aa3492c5bdce1f5a0

SHA256
a240afa2074669bf5408e68483658c51487ffa764057db3ac67b8965e00c689c

SHA512
392650fcd18fd905e96ad8f96f7bfbde713de00c039694da8cd565664b6546663c8cc73e8b724a71a04ff840a408a9f2c5388117e70f3fe774bb32061a88cc65

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\out\vs\base\common\performance.js
MD5
a78db6c1eaf41de15ef3e28372bb1e8c

SHA1
2a93eb62e5ccd3142761492090791b7be3ff2d0b

SHA256
e95f9796786ed83f43231e47e7d0cd7a5b81d7d183396e40e7718c8a34087523

SHA512
a1ee0dcad1108c2529277a7d61dab26d99274830fb6d6e9e2e84b40362e5db38a020ccc18f1665fe908dabd0866caf1098ba76fcadcf500594b48b8b284d4e81

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\out\vs\base\node\languagePacks.js
MD5
f9176ebf429a938df1eab33f01308ff3

SHA1
5fda6e292acd80cffa5583b2a6d2d7829682c161

SHA256
5f3aa432258283dc00b423fde0586c295e7ff0d2a20fafd0f2c61e0e028a0c5d

SHA512
3f4d8f8615fcb85cb13d4a33130c1e0b02604a62b3071445a1d2f8b5151d08acbea3e8ddeefdb744971c382b2a9032cd12342ff9463e1820bc108746ba1aab24

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\out\vs\code\electron-browser\workbench\workbench.html
MD5
0c2031efa4c4efda09bdb544a2e0425d

SHA1
84c60b3beb9ed332ce15dea5c3d9982e123081f1

SHA256
3637389f4c4367d9636128a87096891dbd5a7e45c3379978bb8433cc28736a80

SHA512
efe1af8883d3ea007df9e443b12f2ab2ae7eb474c5365770688df6239d512d892aa7f0d2f36bffb0cb6dae7ce3c1c35eb95022edbd9ef66fb951f7211b54d8d0

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\out\vs\code\electron-main\main.js
MD5
14363cea8caf34b082439a8d1e5e14f6

SHA1
2209ef930a6fe9a3b08dea5f38dbd987af1170e2

SHA256
259979d242e42047271d9d334fb65f3489192ea6a71f319f9d20621365328a4c

SHA512
2e74e23ae720fea780eb43187a3ab46354df54e143d7c43d0f03c701ba1e4619ec40b4874a6d1a54bb21957244f34bf7686e89a10f47a0a9a2155a34e8eeb160

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\out\vs\code\electron-main\main.nls.js
MD5
0bdc74644b2f8a84568c1ff44f5d66ce

SHA1
e4e5d6c2cb437c5344cab3ec402c9ce1f3e1c9b1

SHA256
47e94a14cfb441bfbf3a28f94c7edc800d5dc30f4621f124ef1553944562c872

SHA512
845b7fde1e2ccc06ba14dd0040ad6abbb1cef7b5251db6e0894c46fd1b0f9b950de1f7385ae19563eba38f35a53ae9f9315281303743f4a98d8ddd38ccfb2364

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\out\vs\loader.js
MD5
8fc4c1140416ac031fd0fa17d62a7aa7

SHA1
a8f08ebab2b7d84c76d761aab589bebea4a6cf1d

SHA256
7874b4f91ad515132d8e426c98f7c0b804196f733b23b50b871d5469be141657

SHA512
6cca0abba4ac6f13b00d6d3d441e0f3ff62271f803714ef9cae8b749b8618c2c48a091af2f424398df7d087eee91b464db81a615dc5af599b18430b6a9b58c65

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\package.json
MD5
4cbbc7e3faae7112a929b554f54dd99e

SHA1
8ebce01df8a6e78c0f386c305ee10d569847a673

SHA256
131b8bcc069d51bbe5cdd444bfe9700bb0b223b48c35c6c0fe16365ac7fdec19

SHA512
33338768067d856b8b70dfcc08e577e0c98e6fc156f4580743e98c230749ee091b222b61353cc0ccb136ac314f47074da929361f079f8a0db0e9e848b9a10640

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\product.json
MD5
8e48f7192323a8ce799655cf96e200c4

SHA1
8a4ebaa280361596c909f2a4b3863265b20288ff

SHA256
dd8c38ddb0185c617428d97ded4fa364a5eac09e8ea739502d8f1e008169d46d

SHA512
fc534b510a97f3480bd718b012e2090993a2692d0971f063ed42803aa5b8bed24fa2c57bb8f35f9f2d5f3dd1da3f323d36d7b5cf7e7e8ef3675bd613377560b5

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\swiftshader\libglesv2.dll
MD5
58eca08e682d4986f9c1fc52f0ec7f58

SHA1
569b5a789faa9fc23eae38bc67ca11da1c01c90c

SHA256
59adfae3e7601931ab65a1e8f68b037ca0953f4620697c8bae480d28113e4045

SHA512
07826df9979cd9e4033417f8c3ab766918c261e20bebe619cb329f8dca88748d6a3d76733ee654b064732c3da3f224d13dfbccb74822575cb6f11121145b73cb

Download Submit
C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\v8_context_snapshot.bin
MD5
24f6ad9085d60a6bcb8cddbad29e82e2

SHA1
f87608a8ae62958ef9fc5c53e2c174576136264a

SHA256
b8aad44af2a846f3a805658163b4b39aab7bd77bcaf765215ee1bd81a0c1f1b4

SHA512
ceb4a2d76408f8c304985f05a2ef707fe0f1750d93338388afacdeaddbf78e577d1f6998e3c771f278bf83a83c69e97dc710c8248bf08ad3957d2b3d58956284

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-AIGEE.tmp\VSCodeUserSetup-x64-1.50.1.tmp
MD5
6d1adf13208ef4301ce6a50fc6f48996

SHA1
804a9ce84420c6bbad7c71605164fde36b557bcc

SHA256
4459f3f3e93e460ea687c9f7a62f4e9b9f183863e3d2183b6938797fac9bf6cf

SHA512
52272399f3e21d68079ee6df0fbff60e7e9e197092a4589893710583f4428dc1275841e9f0987ec07fa7ab72583eb2e56b59523c3351c775927998e3067b2090

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-AIGEE.tmp\VSCodeUserSetup-x64-1.50.1.tmp
MD5
6d1adf13208ef4301ce6a50fc6f48996

SHA1
804a9ce84420c6bbad7c71605164fde36b557bcc

SHA256
4459f3f3e93e460ea687c9f7a62f4e9b9f183863e3d2183b6938797fac9bf6cf

SHA512
52272399f3e21d68079ee6df0fbff60e7e9e197092a4589893710583f4428dc1275841e9f0987ec07fa7ab72583eb2e56b59523c3351c775927998e3067b2090

Download Submit
C:\Users\Admin\AppData\Roaming\Code\Crashpad\settings.dat
MD5
07b63e3f23385ba1a79476edf93ab5a2

SHA1
880509bac866581da6ff9f5fd32c2f21e4ea3888

SHA256
cbfc78fd97cf4264bae68e3c04231f2bde1e73304287ba6cb1878df1879f1cb7

SHA512
31d252cc5c4e71b8ea3ba02a8b8d035901cf399a713c31643c82618bd35162846408ac3238d41e30c5dafd11659357b63a60606a9c6f6198f41899b2e6a28c4c

Download Submit
\??\pipe\crashpad_4020_DDRPADVJYAHHAHCI
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
\Users\Admin\AppData\Local\Programs\Microsoft VS Code\d3dcompiler_47.dll
MD5
aad7fe376828f050533bc2052c4e6113

SHA1
4fbe11a135439801b4653254049311dcdcedd8b8

SHA256
e4b8874713e617740d6665d1e073fdaa83069474fb0764af54cbca3fe3a0bada

SHA512
069654844c69fe5c35961381fd895799c8dcb6bb1b438474ccde42136b2dd913912a7d8d7e11cbce9a27c8b0a94c6d30123cbda953d7f4a843dd1668d8418932

Download Submit
\Users\Admin\AppData\Local\Programs\Microsoft VS Code\ffmpeg.dll
MD5
c609c273c53c7762f30ac433f24b756d

SHA1
f72928e1c41d1c043a9c9ee9d0ea67bfc7c7c9e2

SHA256
f89b43e997e59569290d50a765ed677eaabf66a990d038ce656a8c6587d156a0

SHA512
608dc16de5fa3f148f465dcea7e60a33162eb78e91a3443a9f4527936accbcadc92e5c1fcd9b9b1e2aa0f77ceb96590f82e7f08a3836760f960b38d87bdf764e

Download Submit
\Users\Admin\AppData\Local\Programs\Microsoft VS Code\ffmpeg.dll
MD5
8cf6675b27eb7c4e39432705c46c31fa

SHA1
6397dc8e2d3068b0391a982b1726691431fa442a

SHA256
163cf6de1d4cba75695e8c31fedb971b4be9fee519fd1746e3b082bfca7ddc6f

SHA512
6ec8f344cd84b7612bb96f44f8d021ce3b4b7c1c06d9363dba1b1f5f5893ac0d2d89ac161c0bd9116d338907b6685431f4a43a1c1d25750ec44d965c1c80ee19

Download Submit
\Users\Admin\AppData\Local\Programs\Microsoft VS Code\ffmpeg.dll
MD5
d4eace588b0262de68879e684f08d91a

SHA1
8fe9706503c366799b00aad3ee4307eeb9b2e9ac

SHA256
3c9655845d598b539e29e023165d61b77a8d8a871e3691068600f3f8cccf08cb

SHA512
89099c47c90c970a38930b8effaf4ddbfa46163caf86fdb7dee366662fe02cb64819eb6d11d538ff19699e9e94b0409cae8c84ce23c7de57357d695485e23bec

Download Submit
\Users\Admin\AppData\Local\Programs\Microsoft VS Code\ffmpeg.dll
MD5
85bab5bf80c9d032b16849cbfee2b042

SHA1
e8fbe7fdadc3a6becaa7e83402614f1e2724115c

SHA256
456cffad571d4bf7493d8451d999889f921edcd0c1432e5137a12333624d85fc

SHA512
b4c6b73222d03a47fae0992deea13e9dc525a520e16a273bcf145bf4e877010c4389bf90e9a2b4787e77922d39b95f31b9f8ebc081ca46995d67efe2287a7e82

Download Submit
\Users\Admin\AppData\Local\Programs\Microsoft VS Code\ffmpeg.dll
MD5
0159d4b1fe85765de555d0de7b333341

SHA1
601cdebbaaf01d214b15f478eb19b0a0c2baa6c6

SHA256
4981f9652c1bbfe34c45ced46cb1146041669c878007877f2162a5294317c277

SHA512
f01f0cbedd20f94be7160d48096d5386170d9728da6a29c6d65d70eb72730e40ccc492757c22b390f6877f955bba123544ef74d17b38b1b0a2437f0ee5972e5f

Download Submit
\Users\Admin\AppData\Local\Programs\Microsoft VS Code\ffmpeg.dll
MD5
7d82fedc46394ad83dfc1fe13fdd54e3

SHA1
d7a7fdfbf37ae907918d492b60abe9f8bfbfcb44

SHA256
d470966ff5cdd907697f908d39db69a71f17d386b7d0fcded606a238d55aa5b8

SHA512
36fba178836b7cecd3136d0157261acc0a35bc34bb79a6358c63eae952ce9c796e72e80e00d8ba3135f83e708ae72d71c1a49045afd148e0a518adc8eb6b2d34

Download Submit
\Users\Admin\AppData\Local\Programs\Microsoft VS Code\ffmpeg.dll
MD5
3f5c8367bbe0266f5099345e18a6a1d6

SHA1
597470acda47d6bb8e24fc6bf33e527109a95dde

SHA256
b8a69b99f857ae3bc3b2a3d141c830986c4ee6f65fd9078879820739cd1c16c9

SHA512
d05c52ad3bb5051d2782cbe55b69607ae66ef77992c4c706ee7ced294d5bdf8506e66bd162f8d4d5e7846a6b41095cc506a89d3dcfe51303ae67dceea9d732e1

Download Submit
\Users\Admin\AppData\Local\Programs\Microsoft VS Code\ffmpeg.dll
MD5
3f5c8367bbe0266f5099345e18a6a1d6

SHA1
597470acda47d6bb8e24fc6bf33e527109a95dde

SHA256
b8a69b99f857ae3bc3b2a3d141c830986c4ee6f65fd9078879820739cd1c16c9

SHA512
d05c52ad3bb5051d2782cbe55b69607ae66ef77992c4c706ee7ced294d5bdf8506e66bd162f8d4d5e7846a6b41095cc506a89d3dcfe51303ae67dceea9d732e1

Download Submit
\Users\Admin\AppData\Local\Programs\Microsoft VS Code\ffmpeg.dll
MD5
2d33ad16bbf1a83c14d442411defadcb

SHA1
8a2afb54a2b3c4e402dc011adaf3fb65e23aed50

SHA256
7fcac0d99e414b03490952c21b37dff2b81fb854189a2f97eedb7bd7b96ae7e1

SHA512
0548b605963466ca9b5a630c1230121b3c3e53fda6c1af9cdb1a42a25cddae10df7d8236f54f6079e89d55c1f6323f6ec57278085cb03e447f6893f83274ca10

Download Submit
\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules.asar.unpacked\native-keymap\build\Release\keymapping.node
MD5
a7fcafc593bb3ee5532eae5b89d96a48

SHA1
7366f1a3306deddf27b488d427380f20a87bbecb

SHA256
15021fd44eef8fba18c8ec329adb3651923d10d2ee31a58a3049ddf50ce08acb

SHA512
48d0844edd406c150afc8b6d448067726f429375c36e2993adb9360f2f36d106fc5d4d651e059a655d0c8382e343000d93e5450f71486f416ac64ce06fae410f

Download Submit
\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules.asar.unpacked\spdlog\build\Release\spdlog.node
MD5
9e0ad40b35f36f256ae7157e3f4489e0

SHA1
be5f61dde2ee63f6241922d2da72415549ef1750

SHA256
ad10b9da93b112b35d8da1bccf63448700faacf1e4a164db5bfdb5e8573b11df

SHA512
02cc5521c30745bfa4fd71564ad92d29a5fdf62f6aa67f74408241afdc45cfcd92a547132bacf9882e35a4ef2045c85f324f06fc081530735625da38a94d6839

Download Submit
\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules.asar.unpacked\vscode-sqlite3\build\Release\sqlite.node
MD5
4a0cec5439d843a43a72d4d0da997c67

SHA1
ab29b9397ee7b80a414c8e43e9a3684f26f6b953

SHA256
95dede03281b64a61fc323ec9a96d1dff7a2e67d5816ae838ffa04f58414964b

SHA512
8a25cebda6d4bb3802c6ed54f482706011a27bc534cc71f9e7ab014e85ee9b18a33141ae9bb607bc8c66ebf00b8992b50b135161ad13fbea6e4089ea63d20ddd

Download Submit
\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules.asar.unpacked\windows-mutex\build\Release\CreateMutex.node
MD5
e4513b45814358bd206ad81ba4a6a203

SHA1
e179093045e3bddbead535d7717940309f5bc4d9

SHA256
b8d55f645d2b12b871a52e5c4a9e82bb8572c0a3acc1ed0ec9b72910a99290f6

SHA512
8f72772e89323ed42a025b8712c21afbcfeb09724e872dc5bf540a7ddcf2144200b9bb003960ef48c4ed7e308558edc9af6de3fc0cfd581b956c6badb62fd1dd

Download Submit
\Users\Admin\AppData\Local\Programs\Microsoft VS Code\swiftshader\libEGL.dll
MD5
ec7f4c0c7ca18d836c9c4ddffbe4bb2b

SHA1
206567cc4a8a5b242d90c588286d15e052f1d7fd

SHA256
6e67f35b51ec5fc2175864a297874c0313a04e7fd563b832b249cd973eb6674e

SHA512
abb099704cedd2e84986c5ab07cfc954f60ae69afee38abe34f58c44b9635fa90ef9a5b29862919d6b4d9de079d8566156c7f9e3ebd2fff0ec117000a3f069da

Download Submit
\Users\Admin\AppData\Local\Programs\Microsoft VS Code\swiftshader\libGLESv2.dll
MD5
9590ca7045258e3b606e87c23bc124c8

SHA1
8a5e001c186cbb46c311cd9a88dca704af65e9f9

SHA256
ed90211516327254c736efe8543c467382110dcedc98344e39af7c06e5384560

SHA512
93556bca608b483cf430d8a3c9807c938ab6a1051305c9dd8a6d6f16c7227f8b49f9438f01ac2e2f83ba30feda69c38dae87a025cfa2ebe1892019ea7b7ae9f0

Download Submit
memory/68-0-0x0000000000000000-mapping.dmp

Download
memory/192-70-0x00007FFDA47D0000-0x00007FFDA47D1000-memory.dmp

Filesize
4KB

Download
memory/192-68-0x0000000000000000-mapping.dmp

Download
memory/1264-3-0x0000000000000000-mapping.dmp

Download
memory/1544-79-0x0000000000000000-mapping.dmp

Download
memory/2700-73-0x0000000000000000-mapping.dmp

Download
memory/4020-43-0x0000023000040000-0x0000023000041000-memory.dmp

Filesize
4KB

Download
memory/4020-31-0x0000000000000000-mapping.dmp

Download
memory/4048-53-0x0000000000000000-mapping.dmp

Download