Overview

overview

8

Static

static

FalixNodes...op.exe

windows7-x64

7

FalixNodes...op.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    119s
  • max time network
    124s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-09-2022 06:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FalixNodes-Desktop.exe

  • Size

    67.5MB

  • MD5

    c6a86469d3f1a0fdb567f98e930c4e0f

  • SHA1

    b5a86b9a65707585d96b353db79840f88e118dde

  • SHA256

    8ce180778adea78c9173f6628fde60f237a214eb15878edca157ae5d3df7b801

  • SHA512

    98c14e9608fabd9869967c9e3e162c8486e048490a7424d160e763f3d09d878b86c7645587594d61b3c1714ab588974490fd3d328519da66acec3fd454297127

  • SSDEEP

    1572864:G+MIbSwSwqTb1s97C8SuRWNY71ELTXQlTyNb03ai7bmsjME:GFI2wSwaq97gPAywey3W2b

Score
8/10
discovery

Malware Config

Signatures

  • Executes dropped EXE 64 IoCs
  • Checks computer location settings 2 TTPs 64 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL 64 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Enumerates processes with tasklist 1 TTPs 1 IoCs
  • Modifies system certificate store 2 TTPs 31 IoCs
    evasionspywaretrojan
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious behavior: LoadsDriver 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\FalixNodes-Desktop.exe
    "C:\Users\Admin\AppData\Local\Temp\FalixNodes-Desktop.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:1568
    • C:\Windows\SysWOW64\cmd.exe
      cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq FalixNodes Desktop.exe" | find "FalixNodes Desktop.exe"
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:4944
      • C:\Windows\SysWOW64\tasklist.exe
        tasklist /FI "USERNAME eq Admin" /FI "IMAGENAME eq FalixNodes Desktop.exe"
        3⤵
        • Enumerates processes with tasklist
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of AdjustPrivilegeToken
        PID:4628
      • C:\Windows\SysWOW64\find.exe
        find "FalixNodes Desktop.exe"
        3⤵
          PID:664
    • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
      "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe"
      1⤵
      • Executes dropped EXE
      • Checks computer location settings
      • Loads dropped DLL
      • Modifies system certificate store
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of WriteProcessMemory
      PID:4532
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1484 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
        2⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:3516
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --mojo-platform-channel-handle=2044 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
        2⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:2436
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=4 --mojo-platform-channel-handle=2468 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:2620
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --mojo-platform-channel-handle=2580 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:1828
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --mojo-platform-channel-handle=3416 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:940
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=7 --mojo-platform-channel-handle=3460 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:524
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --mojo-platform-channel-handle=3552 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:1876
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=9 --mojo-platform-channel-handle=3452 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:4088
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=10 --mojo-platform-channel-handle=3596 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:2384
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=11 --mojo-platform-channel-handle=3608 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:968
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --mojo-platform-channel-handle=3696 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:4560
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=13 --mojo-platform-channel-handle=3692 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:3412
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=14 --mojo-platform-channel-handle=3712 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:1048
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --mojo-platform-channel-handle=3716 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:2336
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --mojo-platform-channel-handle=3728 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:1248
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=3732 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:5112
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=3820 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:5196
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --mojo-platform-channel-handle=3836 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:5212
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=3848 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:5280
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=3852 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:5292
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=3916 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:5368
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --mojo-platform-channel-handle=3936 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:5460
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --mojo-platform-channel-handle=3940 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:5540
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --mojo-platform-channel-handle=3952 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:5620
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --mojo-platform-channel-handle=3956 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:5648
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=28 --mojo-platform-channel-handle=3976 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:5772
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=29 --mojo-platform-channel-handle=3984 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:5804
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=3924 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:5440
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=30 --mojo-platform-channel-handle=3612 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:4932
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=31 --mojo-platform-channel-handle=4100 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:1300
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=32 --mojo-platform-channel-handle=4704 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:4152
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --no-sandbox --no-zygote --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=33 --mojo-platform-channel-handle=4952 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:5000
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --mojo-platform-channel-handle=5020 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
        2⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:1396
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=35 --mojo-platform-channel-handle=2628 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:5144
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=36 --mojo-platform-channel-handle=2596 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:2080
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=37 --mojo-platform-channel-handle=3404 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:4492
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=38 --mojo-platform-channel-handle=5548 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:5656
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=39 --mojo-platform-channel-handle=5732 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:5720
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=40 --mojo-platform-channel-handle=5876 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:5872
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=41 --mojo-platform-channel-handle=6000 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:5912
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=42 --mojo-platform-channel-handle=6200 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:5404
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=43 --mojo-platform-channel-handle=6328 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:5248
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=44 --mojo-platform-channel-handle=6480 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:6008
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=46 --mojo-platform-channel-handle=6640 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:5620
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=47 --mojo-platform-channel-handle=6672 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:2888
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=45 --mojo-platform-channel-handle=6168 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:2600
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=50 --mojo-platform-channel-handle=6772 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:4808
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=51 --mojo-platform-channel-handle=6844 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:3780
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=52 --mojo-platform-channel-handle=6812 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        PID:4044
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=53 --mojo-platform-channel-handle=6576 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        PID:6052
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=54 --mojo-platform-channel-handle=6304 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        PID:4836
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=55 --mojo-platform-channel-handle=7208 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        PID:3408
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=56 --mojo-platform-channel-handle=7216 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        PID:5360
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=57 --mojo-platform-channel-handle=6316 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        PID:5424
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=58 --mojo-platform-channel-handle=7248 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        PID:5452
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=59 --mojo-platform-channel-handle=7256 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        PID:4828
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=60 --mojo-platform-channel-handle=7264 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        PID:6184
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=63 --mojo-platform-channel-handle=7308 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        PID:6392
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=64 --mojo-platform-channel-handle=7412 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        PID:6456
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=66 --mojo-platform-channel-handle=7428 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        PID:6592
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=67 --mojo-platform-channel-handle=7444 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Checks computer location settings
        PID:6656
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=65 --mojo-platform-channel-handle=7420 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        PID:6576
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=62 --mojo-platform-channel-handle=7300 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        PID:6368
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=61 --mojo-platform-channel-handle=6200 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        PID:6264
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=69 --mojo-platform-channel-handle=8256 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Checks computer location settings
        PID:6820
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=70 --mojo-platform-channel-handle=7284 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Checks computer location settings
        PID:6832
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=71 --mojo-platform-channel-handle=7604 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Checks computer location settings
        PID:6948
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=72 --mojo-platform-channel-handle=8836 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Checks computer location settings
        PID:6960
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=73 --mojo-platform-channel-handle=8556 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Checks computer location settings
        PID:7072
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=75 --mojo-platform-channel-handle=8396 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Checks computer location settings
        PID:7152
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=76 --mojo-platform-channel-handle=8804 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Checks computer location settings
        PID:7164
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=77 --mojo-platform-channel-handle=7264 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Checks computer location settings
        PID:6292
      • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
        "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=78 --mojo-platform-channel-handle=8528 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
          PID:6300
        • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
          "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=79 --mojo-platform-channel-handle=4068 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
          2⤵
            PID:6188
          • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
            "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=80 --mojo-platform-channel-handle=3272 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
            2⤵
            • Checks computer location settings
            PID:6360
          • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
            "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=81 --mojo-platform-channel-handle=7836 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
            2⤵
            • Checks computer location settings
            PID:6644
          • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
            "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=82 --mojo-platform-channel-handle=8548 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
            2⤵
            • Checks computer location settings
            PID:6616
          • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
            "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=84 --mojo-platform-channel-handle=7740 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
            2⤵
              PID:6704
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
              "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=85 --mojo-platform-channel-handle=8876 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
              2⤵
              • Checks computer location settings
              PID:6780
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
              "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=87 --mojo-platform-channel-handle=8916 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
              2⤵
              • Checks computer location settings
              PID:5384
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
              "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=89 --mojo-platform-channel-handle=9164 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
              2⤵
              • Checks computer location settings
              PID:7008
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
              "C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\falixnodes" --app-path="C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app" --enable-sandbox --enable-blink-features --disable-blink-features --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=92 --mojo-platform-channel-handle=7724 --field-trial-handle=1660,i,13529331917189925491,2232965885664899387,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
              2⤵
                PID:7124
            • C:\Windows\system32\AUDIODG.EXE
              C:\Windows\system32\AUDIODG.EXE 0x410 0x470
              1⤵
              • Suspicious use of AdjustPrivilegeToken
              PID:1500

            Network

            MITRE ATT&CK Matrix ATT&CK v6

            Initial Access

            Execution

            Persistence

            Privilege Escalation

            Defense Evasion

            Install Root Certificate

            1
            T1130

            Modify Registry

            1
            T1112

            Credential Access

            Discovery

            Query Registry

            2
            T1012

            System Information Discovery

            2
            T1082

            Process Discovery

            1
            T1057

            Lateral Movement

            Collection

            Exfiltration

            Command and Control

            Impact

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\FalixNodes Desktop.exe
              Filesize

              139.8MB

              MD5

              d8a3e9ad4548d0a2efa2ffd94105d2f5

              SHA1

              038185e4387990b46ad754f08bb08ef4f629a771

              SHA256

              8128d6aee1f972057a4ae76826ec69051b7901d94ff553bab02e59af2a273b06

              SHA512

              b444c9e56d6328f38ef998956f24bfc04257f57f5a1642bf1612e9edcfaa2af8ed42ab223b79f48aad12ef337642d19fe89c1071682eef9ba57813afd7beb434

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\ffmpeg.dll
              Filesize

              2.6MB

              MD5

              b4ab376b47a1a55e929cab51c3ef8787

              SHA1

              724380c8d7c6ed42eff119c69885d2b771773b5d

              SHA256

              239f8596bebcd7e1e7718b642afaea8329d68e64ec0fad8bb34191530204040b

              SHA512

              4c70ce2d596864c8356b6daff4ac992720c182508bd0f5961ac59af8aebae6f949ad018c51a94689972dc2f26230830b0e0c2690bfeca2ce58cddbca4649df50

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\ffmpeg.dll
              Filesize

              2.6MB

              MD5

              b4ab376b47a1a55e929cab51c3ef8787

              SHA1

              724380c8d7c6ed42eff119c69885d2b771773b5d

              SHA256

              239f8596bebcd7e1e7718b642afaea8329d68e64ec0fad8bb34191530204040b

              SHA512

              4c70ce2d596864c8356b6daff4ac992720c182508bd0f5961ac59af8aebae6f949ad018c51a94689972dc2f26230830b0e0c2690bfeca2ce58cddbca4649df50

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\icudtl.dat
              Filesize

              9.8MB

              MD5

              d866d68e4a3eae8cdbfd5fc7a9967d20

              SHA1

              42a5033597e4be36ccfa16d19890049ba0e25a56

              SHA256

              c61704cc9cf5797bf32301a2b3312158af3fe86eadc913d937031cf594760c2d

              SHA512

              4cc04e708b9c3d854147b097e44ff795f956b8a714ab61ddd5434119ade768eb4da4b28938a9477e4cb0d63106cce09fd1ec86f33af1c864f4ea599f8d999b97

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\ansi-styles\index.js
              Filesize

              4KB

              MD5

              9d4acb14d5449b232b22bfe40453b00c

              SHA1

              5f96df8b074e4854c03db87ef309eb6c741f4618

              SHA256

              d3f197d370760ddd8753c1355b4bdb585a787f1baa92bb8ed217f170c138b594

              SHA512

              34ddb9208914ac53ed7c0e7162f74d0313a8f348f34db824414028313c03de674995ac98bbf856f5219d44d1af1455fa41678eb14dbc4639567b9227ef11ca31

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\ansi-styles\package.json
              Filesize

              663B

              MD5

              31f6df0c4fd357784d104ea10ed86a96

              SHA1

              308cda455702abaab78ddf22402cdd76a09a49ee

              SHA256

              19fe720007e802cf4ee62921963661dd5df03310602af66e4395930b78b69e16

              SHA512

              58d70c7aa2fa208f9d251a77bcb271fb909f08b86d30b1412b1434701ab99f6e97b137f8f323135b9c71411914fb0cc9d3af242e9f087f5b145dea1216f9e109

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\astral-regex\index.js
              Filesize

              203B

              MD5

              7fbaddaa119db4530da15b89c710bd80

              SHA1

              7ba290719f22905da56f50f211aecd6b4ed009b1

              SHA256

              cb1f850d4f7b3faced8900d35090c800fbd36b7c6b9789017adf306e224943d3

              SHA512

              c7bc09a16d2c7535959da6cf418dc52180e56ea90ddee8d88a9dfc2e0844c90bc1391df7c372d224f5b664509065f062ce73f7147b88589c8776a33c602034cf

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\astral-regex\package.json
              Filesize

              478B

              MD5

              187ed306309ed2400ea14210cfbc6ff9

              SHA1

              8041797c342a5341bf908b9b4fc0d8df7e74515a

              SHA256

              0d404796a34e6f0d8b546da3fd16e912b0a08c26f790b6c967baf2075d49757e

              SHA512

              14a56fc807b36ef3e4b61463a3398a8e0fd4ee458124bfe156d6e734d5ca9197325ae23f7e1027601fcf5386c957c64024612eb757773723479181fa269fe374

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\cli-truncate\index.js
              Filesize

              2KB

              MD5

              d638556942b03eb423d92aabc6ca729b

              SHA1

              9d1e837873478c57d656b90b323a3e784dcaeb47

              SHA256

              4331f894ede3aeefc6cc4b830e0ad957ad3462cb37fc1c0d95cb1945ce6b1f14

              SHA512

              8f92df69bf105a88b223e85437593b02a1eefb2b461988ef9aeb1fe59c4954bce11c734abecf3e5addb7b9d06bc3ee1de021ee7032b8976d904beef7adf2ab54

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\cli-truncate\package.json
              Filesize

              625B

              MD5

              26dd3f6190cca463554c6b74c93b19fe

              SHA1

              2b6653876703af45f0d27a5ae24dc3731a1522ea

              SHA256

              46f8d0a037449596d590ddeac86d8cc4a162b47cc282ac64bbfb2257331a2486

              SHA512

              a1c4f20bc6d736e89c4a33e320c82a55a7a7dcaca498421e5e17d3cc6b7472b41cf6a3690975374e6bbe1bb589335b22e5e51661a72c98a10ac79b6567c77fa4

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\custom-electron-titlebar\dist\main.js
              Filesize

              2KB

              MD5

              2d935b1601808e024183b19a9adbdc5f

              SHA1

              8d18fd4f13baa127afcd8b0cb6c485b047a68e2a

              SHA256

              5e91b4459048ab75f132fd51fd7a2cf3b3ef5b7a82415bed9b82c405aeb301d1

              SHA512

              77a49dc46446df1978889919d659559a693d15c995df95aa52a08a0ee28313672e0fe9bacc0d96ef10cf1ded887beec6e23182a3bd4ef0d426139f35f1fbd83b

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\custom-electron-titlebar\package.json
              Filesize

              1KB

              MD5

              bc04dda12cee68e07bac2b7db75a634e

              SHA1

              97dd7d7d10cd55cfbd07e8978724ea401e2db461

              SHA256

              67bdfeb8d84c4da1d795bbbbf5668dac0cba449fcef4ac2bd2f2d00e1b94f89f

              SHA512

              d7c984c5c9a860b25f650a1473bdd9814efaecee45bfeda2ce1a4a5b3422932e765c1eb08362e6b25ce6b4cb964a81f38f5e2f977bf4de34d6a90c42a7552675

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\electron-context-menu\index.js
              Filesize

              10KB

              MD5

              f08337c8e1980fbb4d5f7e395012badb

              SHA1

              548a43c94f3b74f70ad37a806ecc1446833b8cf4

              SHA256

              1e7070935bd06fab58f791cd404ccd0edf43ac25b3772790c0db9d1e9913e3c4

              SHA512

              0c19dc91a56ea95e45955a4842c90433219d72c57601e27a20c5780a7772cff91d73c904356417e4d934923cfe55cedaf237b7ec544634613eada9fdade3ea7a

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\electron-context-menu\package.json
              Filesize

              787B

              MD5

              3b89592bccb66fa21ebab4f387255345

              SHA1

              3b33db0419aa8a61495319d9b6e34e678b6fd065

              SHA256

              58eb2262e9c97ddf5895221b262790cf8cb880f111fba75628ebf5a46d249f25

              SHA512

              ee60425851b73f4be5b4a02a62ac1a78c96f22de0d851d77b4cdeb7505d7b3f54780399f1763414f43e4d8bcb2c16b4389d2b8f1008c2aa2e7d54a79c1d884eb

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\electron-dl\index.js
              Filesize

              5KB

              MD5

              da56c93ea4e4e6a589cf6be21e855951

              SHA1

              5c4844cd72d611a360646499c4b97d674c4efb84

              SHA256

              c45a1a57f0e68bc1cd642f39b98d10f187c0edf1d5bd753832822b202a962e0e

              SHA512

              fa2ba98309d32299f3560f3a507b0e244a0ed2e39eb44b10b81c3c9d6cfe46e77bef94c0ecd591917006f695da3948114bab910ee306a9c870ac3781b6cb69b8

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\electron-dl\package.json
              Filesize

              809B

              MD5

              86ef8cc544a81e3854a00a16b5440e05

              SHA1

              a118b74dd35b03ac77eb978bac21e7d04b9ed752

              SHA256

              77ecb53cb97088159213a3c082605c6db43cac81eec5e7318a38ae4895335896

              SHA512

              c9f871437e5f554c55353bf007b97e0d5f4b7cef468abbf1daba02662901dd4b46210e19626d9be37b003991396d4a79902812fed093ba8a9cad263718d46485

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\escape-goat\index.js
              Filesize

              797B

              MD5

              0a980b59f243d1cda2e1e70dcb888d23

              SHA1

              38b515de5d11fc8de154ca2e601832ad2f2646a7

              SHA256

              e963c05053adf4f814b93c0baf16eae9cdf5f526891dc015c5c6944365df4613

              SHA512

              2ab1b782c4e962f13a7487d715b01c6fdd5b888923cf16becb30d4dab8112d1c52960c4b2f8952a25afbf7ce23ec9a2af08ad37836acc0cf667554547fcfafc8

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\escape-goat\package.json
              Filesize

              476B

              MD5

              a806df6d4aa2807c04b8158dcb218d4e

              SHA1

              bab7cfb76ba522736f5c757c943e3f2ac210f322

              SHA256

              dad73dd63541b035b5944986c5bd1ea205dc4bd85a9726d8fd107b13c6146951

              SHA512

              4c3acf307fe1bde897397fd9232e771ad81c5c13e608fae674122e9775318ddfa3f8206bc88b43f926aebb2691203d339a590f21785dbf6c8be7507f3298173e

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\ext-list\index.js
              Filesize

              306B

              MD5

              bb406bbe9aa0f2765f626b8d0ae5baa8

              SHA1

              7dc867bd5423ce2c11ee081fb81103050af97030

              SHA256

              8e3eb15616a7895d8d0b4e0ccd538040f048a8f8f39b39bc49632d524f2fafdb

              SHA512

              01a858109347f9280682d58cc17667f98dbfae735e5a4f9fbb71c35f97e808e88a1b346a6f7adb2c4e3448853207965a73352ad953383cb56ea9a11aa18fcd87

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\ext-list\package.json
              Filesize

              487B

              MD5

              b53ff75d8c9475386c5a2af6cc0cdb91

              SHA1

              8e98d4e62f09c83bbe5c2da8b736d46a493993d4

              SHA256

              8f2447c6899e0cbe8e85d0fa881122e5885cd50ecf98de7bed474a2da8e98743

              SHA512

              c2348ab6357b1f803382039b640e0ac0b899243e560de47242f0217dbb55bc87b012be206b390e20c196b56cde68c6d68b692c6c695ae028177e143456f10f9f

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\ext-name\index.js
              Filesize

              579B

              MD5

              b27ee690ff99538591d349f3d6b3af0d

              SHA1

              55591b146a923a612fdbef6eb938ac92b2accce4

              SHA256

              09f54f2aeaf1b0bc9c4dd9ecdabd2aeccd60a7d1ff68d61c952077cccfa1371c

              SHA512

              e4c3f0188f3c16836a95358b5e0b8c1573e6976f9d7f20f14e02e2563dc1de3d946c6364fa776d87a2491e6623b841390b82a323a70c23ab1393acb6ebe33e97

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\ext-name\package.json
              Filesize

              514B

              MD5

              792a349d99f3c6b395b6a4ee1aa1a34d

              SHA1

              329a34865a8686dfd4ef82ad23912cda7b3779c6

              SHA256

              c51072e5b8e153ffd56728c9d30bfaf08f6726ae3c0176bd6e893703a2348c10

              SHA512

              77f7571dedf4d5cce272440249dc5cc547d6a9d80400f1b0b63810e7b5969be6a74c5396771a493531c68657a2d1ce5c6b2d7a04273e501192f8deedc3e62975

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\is-plain-obj\package.json
              Filesize

              410B

              MD5

              4a44defffc57003d4700a19c61e16e3d

              SHA1

              b0c72c362debbf97e1ba64892e3db2401070aec0

              SHA256

              19e5964dbb8ec5b4e5f50bd8224c9c46a8aec9e8d554a2b96bd51f68b2f0df1f

              SHA512

              96fd89352df2493e2cf731cf11cbd2f07c4c114e89e7543520b9c031fa5762fa2729d5f621f6e758c43fdd38f9baf820ae7009457d496725a302898fcc2206d8

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\mime-db\db.json
              Filesize

              180KB

              MD5

              604c420ed02e1785af79b9861f346006

              SHA1

              a3a9f92e884e297eff637e0a13cf7e04c63d5ab4

              SHA256

              2c91145113c55514925ae42d77f243b448dfe8dfe2bfa1fedf1f257393e564e6

              SHA512

              d90a3dbef1a9a9c1660636f5513ba63c445ba8da75fb608a09e267bb2e6846f444dd76058aeb75c50e3fbdeee31d18a25cc5e917ade06a2e6cd103ffef39a430

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\mime-db\index.js
              Filesize

              136B

              MD5

              a3e41e93954b3742ed84d3050d6038cf

              SHA1

              31180f8d0ae079b1bee7ee03e77ea5323583eb06

              SHA256

              a2532ace32711ae90deb4ae4654c5bc4e56f0a1e21bdd15ba26334bf723dfb09

              SHA512

              3fb66322fc8b6bcd9284ca8896d540084a7818aa57239d87ee0dcaf29ba9f529a958906685b2c6bb04daf778faed8158811934e656db968e5dd5ee3184ea6b30

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\mime-db\package.json
              Filesize

              776B

              MD5

              fe49785537497da42ecca5110f9b17d5

              SHA1

              57507925cca830c7c5672c14e483c9a62c60b40e

              SHA256

              4bfea20e34dc6374bb9d78ff844a0c803df941583b68a2f465e9a67793db98a9

              SHA512

              9409d6af46a48c50b9a075a4788d108ded9df2d557f23b8cb853ac13c5d1332b2aeca0b90436f84d49135785a2892fb65a1d8d4b5c460fd769ed2e7c7984c4d4

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\modify-filename\index.js
              Filesize

              410B

              MD5

              504ae9698ad7bb9ee85560c0708a251b

              SHA1

              bbe58fb63cab1a20151f87fabd4d72b0de191fa5

              SHA256

              986d2143fab470a323c7d7c15a9bd9e0e278d516f611713c2c1d4e433670b32d

              SHA512

              fd65242c510bbdac5c66164dd02f86578a453cc32c346caac1225cce6ef1d9d5c6f36e771da7ea60bd901c0d5129e5803126444b8cff8625b14b9b41b665bc89

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\modify-filename\package.json
              Filesize

              411B

              MD5

              60bd273b56eb3fcb8e44ed44a0792941

              SHA1

              4548ee9adac363b3183c114d6ff1c76eef9fd432

              SHA256

              00d25c68fc701fbce0b77b70581c348b2ab4c7ca48eb607f17d66209b474c37b

              SHA512

              663012627783f0bd1675ec6b6f4330dc3156103d3d7e6b8ecd09641048776cdf8e8856d734d45fb8ec01e2ac894def524de971f960cbd55be2a459518ac30fa3

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\path-exists\index.js
              Filesize

              347B

              MD5

              80637efcf86a9be0842e685bd13e6d8e

              SHA1

              e67614299feaa6105ac0b8acff41fbad72d12215

              SHA256

              379a30047a60f8d7b3bbbc2fa1fa0362f53e11ab7e63859fedfa7f2e25a99601

              SHA512

              1d8b8da9439b323745aded07cf23ecf5c3319750af15e1be95c88faf1698bfca6d22feab50f1c7479f8b2cf6f8540120b9319650f058cb838410bf4f79ff3638

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\path-exists\package.json
              Filesize

              452B

              MD5

              851e9c2595a9291d251e01adb6e6c4fa

              SHA1

              2237c9fc06a3f9ce22dbb192a6422cc931aab844

              SHA256

              3724866cc4154d79ad2a63edbd554910c2cb9662b29856f5f6f4b5f8c16ceb7a

              SHA512

              2f32c7766926bc4a859a69749504826e79af233ddca990d20bd0e4db6ca3eb73918b37e6b1bbb057da6c45fe85ba4dbc5e728399f1c699eb7e340fe3b3b3a604

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\pupa\index.js
              Filesize

              1KB

              MD5

              2ba8330a872a0fd1b2c05aa9be5616b4

              SHA1

              c0a509bc6bc0573e931590323b7964ace76d0ae5

              SHA256

              cf2e02d66c2eca332279570b44f7ead4b32004dd9a5066f11fcae13d09768e14

              SHA512

              1b38468c82330b108666bea79885e1b146135b3bb6d3741963455d6de262b980ff5965da2043b6c6db18962ab1e792f8a0b746e789f25af3a39acc2a85abb5b0

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\pupa\package.json
              Filesize

              492B

              MD5

              82623d9450e563e1ec5dddfab5296e99

              SHA1

              f6541579843aa79d36e41f9696820830677fc411

              SHA256

              357cc6ecbe9f9c1c71571ce476047fe035530bd5839287ad0d705074882cc0df

              SHA512

              c747659bed9842810355b65c2f4ff3b9649a838496db2dc249f661dfe99a027d8f64cb5fd6fd66bc16c13e24c06b801340ba294ed133282b4cafed9cc4ce563d

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\slice-ansi\index.js
              Filesize

              2KB

              MD5

              d48bdbacc961d96711c8860644a250fd

              SHA1

              b9cbe561895e16e4070cfe024f845684f5e8fa49

              SHA256

              ba7946cedfc0375ac06077d87782e96bed31652160dbcb98194a82c483c8aa0c

              SHA512

              89839dc1649a1c66dadab1c60f5f73ef35895e95c83ae811b80b3e6f1e92f8e83912f2ff613efb550425a8622cafbdb862d93ef8b57acf6e541f25479cf1604f

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\slice-ansi\node_modules\is-fullwidth-code-point\index.js
              Filesize

              1KB

              MD5

              4e13e3959f8c2840a6a8ab3da43c1e5b

              SHA1

              8d9c9023a3b6c9f8474e60f99ce698f68c1f4c5b

              SHA256

              7db24c9c5d58273ba32eee1bec3dfebd393fdeddd0b5879ef01dc595476e6979

              SHA512

              b68ccccfbeedf0596808498c004ae2e69c9739830d92f9c86d4b1a7f234f79a7f4dbf3f081993256e0c6164a5904472420cbc7c734fab54f1372036be41d755a

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\slice-ansi\node_modules\is-fullwidth-code-point\package.json
              Filesize

              537B

              MD5

              85bcb5093943890cabb31d9214d24981

              SHA1

              639ebcd7872d3b84b45ae9297c5b47f91a87642f

              SHA256

              a7b8154029328dcbfc790816357fde1a03f48f43854c7aabc5992853374a767e

              SHA512

              0ab32b6249839eb49d8e786b3c3f9cf8709789bee830535d15ccef35c10784de354e93ba6c10ef74645db83bfabaad3c16300491ae238ba717abfbc1e9e53019

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\slice-ansi\package.json
              Filesize

              506B

              MD5

              806859dc19aa5f14a7d1fce71460750f

              SHA1

              c2c30df4eea8ba1e59a3b3309029a24a46d8386a

              SHA256

              0d48c4d95f935b063dc09603e8f24acb6a783ee710b1a58d8b99d8abb815f407

              SHA512

              b5a50064cc4e85cd72da1b936ae0d63fbbb2c398cffb596dd6f27e40b671dbd2e53c62f8682ac36cb82bf05ee771e54d6347fe0669d45a057b73313dc0914f9a

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\sort-keys-length\index.js
              Filesize

              356B

              MD5

              38fdaaabfd3d5bd0df7e93b843e82e16

              SHA1

              52fe42337eb9663f8f4f29100f40b7570be21e36

              SHA256

              a91203cfeb2736d719e81a8546e89b460b18cd7256dd19bdcd3066ce5d61bb5d

              SHA512

              699d800aa4bec68b1069d5021587faf48f9b80382ad535523171bda42ff1b45b855732cbd075cf12723b2798488a20391d3b7286d62ba4d0ff6c1617d0a109d9

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\sort-keys-length\package.json
              Filesize

              470B

              MD5

              8c8c0acd596eb7c39ec7e26b2853a0cb

              SHA1

              a300d1c46b975e701fbfb7113c0bcddf031e85fc

              SHA256

              cc93d6711edd9dda67f8e04d62aa1637330751895798511d6c9e011a9ade171b

              SHA512

              3e17e86aa78a173e913404f600d029287c021b2efefeab5c55627845cc76cd88977d7b0e67a9829d47cf32248aa2fba933a00d589a8ecbbd3432623286f54b9a

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\sort-keys\index.js
              Filesize

              788B

              MD5

              baf3a7a385d3345bc4c385795e0b326d

              SHA1

              c2f8a0e2813ab5f5a5ef9d28f4b6a6185d233d9d

              SHA256

              ae87c455241bc3c1bfe9f37ac83345975f44a50fe93c2cf42c9b6364fbe68c5f

              SHA512

              3692d8bfec4fe2f4a2951d9301361cfb6e3b7cce394a6de09288ac04c2b9e7fc12cb959d726255511ef8cda23bad3b97f86db13025bff10dba139e8f975a9e09

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\sort-keys\package.json
              Filesize

              463B

              MD5

              fefd6a8b5c892a21dd563ad21613c208

              SHA1

              2b316ebd6761ddeeece85c1238d8d1a1b35209d6

              SHA256

              85a500636f8e0ac20a75b0f6fec278e6aa87da7995ea0a1bb035da63201ad839

              SHA512

              f9696374a1656e9d67c5bf2efc37ab20023129404f4a8443b0e0844b0bd06eb0aef68c6070c1d17f29e86f2a058ac3c1fe9a707a5264c57b919bf90f87ef53e8

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\string-width\index.js
              Filesize

              923B

              MD5

              570a2a45ed08d4c933084c566cfa9766

              SHA1

              e2b122265bccc50b8965d79b07a559a51e74747c

              SHA256

              ed69ea4f757130e46dc48a0cc31beb6257e61a31c70936d82b8a3f02ffd64df5

              SHA512

              f0ad29fc99cb379e7bcb2995c18a55da9ada9852456e8da752ecc679e0caf3d0f989d558ba5f041bb02bc02fb88a8c2f8ae7f1a524a2a041b54ec5637c71c121

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\string-width\node_modules\emoji-regex\index.js
              Filesize

              10KB

              MD5

              0438b0678667b951cf518a14560fa0b7

              SHA1

              e678799abbf2035d94ab0114ae0783b36a3e5994

              SHA256

              c56978800e47f095cfbfe96712b5e78d150d1f62e32bb4943675213fce481ef0

              SHA512

              75924c24968e298b1496170a66624b97a76a77fb4ce5968e7c097ad227401256752d9d28c8a1f84d313ce4b06f9dc9b20e3f75d81398c8951b45375ccb013e3e

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\string-width\node_modules\emoji-regex\package.json
              Filesize

              852B

              MD5

              3d104eee96968cc18a0198cbb8352b45

              SHA1

              b212883ce6a6194c7d09f2254c2d021580a77414

              SHA256

              bc390531ac1166d8fd8291a61b9bfe71b220ce892023b536effc7e88ec733664

              SHA512

              1611ee599c1a99ae9dd346c7ca20af3e33cdb9269e63d553f373a13022f6e2379fa3798eee1e4d6ba865341837f156137e26b9705c5a72b4b2cadb1bde6be60f

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\string-width\node_modules\is-fullwidth-code-point\index.js
              Filesize

              1KB

              MD5

              4e13e3959f8c2840a6a8ab3da43c1e5b

              SHA1

              8d9c9023a3b6c9f8474e60f99ce698f68c1f4c5b

              SHA256

              7db24c9c5d58273ba32eee1bec3dfebd393fdeddd0b5879ef01dc595476e6979

              SHA512

              b68ccccfbeedf0596808498c004ae2e69c9739830d92f9c86d4b1a7f234f79a7f4dbf3f081993256e0c6164a5904472420cbc7c734fab54f1372036be41d755a

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\string-width\node_modules\is-fullwidth-code-point\package.json
              Filesize

              537B

              MD5

              85bcb5093943890cabb31d9214d24981

              SHA1

              639ebcd7872d3b84b45ae9297c5b47f91a87642f

              SHA256

              a7b8154029328dcbfc790816357fde1a03f48f43854c7aabc5992853374a767e

              SHA512

              0ab32b6249839eb49d8e786b3c3f9cf8709789bee830535d15ccef35c10784de354e93ba6c10ef74645db83bfabaad3c16300491ae238ba717abfbc1e9e53019

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\string-width\package.json
              Filesize

              633B

              MD5

              04a26a0c8730fd7ed5bcbd3e0b829136

              SHA1

              e8b36b55b0cc874e3f4c9b115f0ca3aad0a7aa45

              SHA256

              9af9b1c5c08c1d130ff2a1b829d19fb2ef9d2dd78e04b1e79f5faf322d2912cd

              SHA512

              fe390fb5ba91675cf5b5f54792ef15b5ac51b9ed28f45c7ce528fd82e5f3cda5d66182ca4424ddfe0d2873f48b92ecf76ad948032425f30d0799d8d27963f626

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\strip-ansi\index.js
              Filesize

              154B

              MD5

              d2f059d0b9cfa91f1e899a4632d33da8

              SHA1

              ac06aab8c4ef70f9d2c18bbd0b2eb5ef0bb7c900

              SHA256

              bf37cd692bf030c2ec270945bc26aa8b19ad379fa5916f12304758f709ab0978

              SHA512

              0685ed108c20c84b3c0d4bf181318bf3f3ad6602de1b5bb71dc6a8d377575e974c42bcc14f5d72a244f06044bce8f81005c57ec2d246a513b6f196700a5010c2

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\strip-ansi\node_modules\ansi-regex\index.js
              Filesize

              350B

              MD5

              7d1a59d7267eef993b9827ee185500ab

              SHA1

              9305ae17262f6e11f8afd69835907716ba5c8ee0

              SHA256

              c92312790eb1f246b7c4c1fe9c1247b15441bbca3c6cb64d167beefc45302753

              SHA512

              d1bd977b33603f9d06d947bfe108c1945cc2cd4575cd39eb84a20f15876a7dffc59c3b52c92af3b6483c1bb426983bfcc0c00faffe32821a5bdb0bd7d38a0484

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\strip-ansi\node_modules\ansi-regex\package.json
              Filesize

              470B

              MD5

              842a7424b2dda87e9e4a90838f5fab9b

              SHA1

              0787e3ac5af8ba0341c5e65a771a1008a47d4ad6

              SHA256

              93fcfd1b014b9bd7f31b3f35b24a5a479839b6f141c95f62b73a1829bf112ad2

              SHA512

              b467038704d60b80f09d380df5fdb8fceaa46e77d1d29d4749dee81b0026b78a2688b8131f0eaa1f44a2cedc404037d7080fb73cf38b9b782606a66007d1f847

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\strip-ansi\package.json
              Filesize

              511B

              MD5

              a6de01ff36a45e09a3473336f1add9e8

              SHA1

              d884d25def2c2ec06ed22f33761fa447abf6f058

              SHA256

              4518dec682055621a82c1480a6c33479a7b6ae7d17019ccc4799b86e9be4d4d7

              SHA512

              74163a3d76c872174ca0c0574c5d08f6a0ff012301023df9f6ede39ff3f232c5df64321456a91715951c820cb7594310a5bfec566cb9f0c0f4a307a2c9f81a80

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\unused-filename\index.js
              Filesize

              808B

              MD5

              fe7f0e0827cdc52b8db64ada7c93553c

              SHA1

              9658ba14e070efcb278c130b503e09617db202a5

              SHA256

              8a39b9a4111b9e1a1bde7c8041a55811f564648138fd6a13e91dcd7717331a75

              SHA512

              e41a2f91730db8056f26585aec349650689ddb94949c452cfd74d46e314c214c5d1115ca4c92b83e1ec068a90e89256ec23db6d36b8d45354b8bdde09b68ebfa

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\node_modules\unused-filename\package.json
              Filesize

              612B

              MD5

              46cb4cfb0b33f11acbea5d959061705a

              SHA1

              63653359c54b2a199abd25c5d97b365b4b00c575

              SHA256

              0d9c432a5ea248999c5997d6f9ee1052d8dec26a0a0d98884f88318c84b0766d

              SHA512

              ca83cd27b342ebb18cfe85e08504a1cbc7d3f717c007211416543bce0d867f04fc67d6ee4b19a479ce81d1ddf1011ac86ce567bcca4d3ae405cf772797c03328

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\package.json
              Filesize

              415B

              MD5

              eb11ed277429a388595575850f8da920

              SHA1

              0e92123060c6e1c419f52c531629de5a2b0e2b1f

              SHA256

              d5bf4c8c46355f3b10f50c7c6acca9e69ca260b29ba48abb30033e4492a46987

              SHA512

              c00a1c485d345bf939de9a65a12dd4b77eefb8c574c60296e5ae4b7db6602543e5e634cc63d790100e42b1e7d283b82c4117e4aba2f7b7874b3c1c71970285d3

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\resources\app\src\js\electron\index.js
              Filesize

              13KB

              MD5

              f693ac593266c489dde0d4518621531e

              SHA1

              4d660e7e81bba89c976e789efb5b03f7eb3cd62e

              SHA256

              cf58d0a9a68d97c55ce65d3cfd6b14ab49f9d0e2017edbd3b2e33e6b773efe3a

              SHA512

              50e66ec5bc97bd92e99ed0da1444d208d402320ec190e1849527e171ea1a57a41a7ca68b950f4ec96ffb60fe0db9f5681d2bc031ddb10cb2a82e6011e20d9131

              Download Submit
            • C:\Users\Admin\AppData\Local\Programs\FalixNodes Desktop\v8_context_snapshot.bin
              Filesize

              709KB

              MD5

              32a536ff6be9f9284efafeeba528dde6

              SHA1

              581b0abdca676724b6485b601e27d75702a3cfc1

              SHA256

              f24c74397b0947e6b67ffe7d81079d8871e45cf71180189352c54d9b7f86a6be

              SHA512

              5d6db6ed599ad480c4c93915379e63bf1a05a6ad3677630563f686e64b880dd4d699205ff07e6310ecb414c637c1208b9b35dd317ccb93287c2964e38e8ed16e

              Download Submit
            • C:\Users\Admin\AppData\Local\Temp\nsw8BCB.tmp\LangDLL.dll
              Filesize

              5KB

              MD5

              ab1db56369412fe8476fefffd11e4cc0

              SHA1

              daad036a83b2ee2fa86d840a34a341100552e723

              SHA256

              6f14c8f01f50a30743dac68c5ac813451463dfb427eb4e35fcdfe2410e1a913b

              SHA512

              8d886643b4fc24adf78f76b663227d6e61863f89e0cbd49548f40dd040666ca94ea46bec9e336850e4f300995d56e6dc85b689c8e09ff46758822d280f06b03d

              Download Submit
            • C:\Users\Admin\AppData\Local\Temp\nsw8BCB.tmp\StdUtils.dll
              Filesize

              100KB

              MD5

              c6a6e03f77c313b267498515488c5740

              SHA1

              3d49fc2784b9450962ed6b82b46e9c3c957d7c15

              SHA256

              b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

              SHA512

              9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

              Download Submit
            • C:\Users\Admin\AppData\Local\Temp\nsw8BCB.tmp\System.dll
              Filesize

              12KB

              MD5

              0d7ad4f45dc6f5aa87f606d0331c6901

              SHA1

              48df0911f0484cbe2a8cdd5362140b63c41ee457

              SHA256

              3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

              SHA512

              c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

              Download Submit
            • C:\Users\Admin\AppData\Local\Temp\nsw8BCB.tmp\UAC.dll
              Filesize

              14KB

              MD5

              adb29e6b186daa765dc750128649b63d

              SHA1

              160cbdc4cb0ac2c142d361df138c537aa7e708c9

              SHA256

              2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08

              SHA512

              b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada

              Download Submit
            • C:\Users\Admin\AppData\Local\Temp\nsw8BCB.tmp\WinShell.dll
              Filesize

              3KB

              MD5

              1cc7c37b7e0c8cd8bf04b6cc283e1e56

              SHA1

              0b9519763be6625bd5abce175dcc59c96d100d4c

              SHA256

              9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

              SHA512

              7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

              Download Submit
            • C:\Users\Admin\AppData\Local\Temp\nsw8BCB.tmp\WinShell.dll
              Filesize

              3KB

              MD5

              1cc7c37b7e0c8cd8bf04b6cc283e1e56

              SHA1

              0b9519763be6625bd5abce175dcc59c96d100d4c

              SHA256

              9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

              SHA512

              7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

              Download Submit
            • C:\Users\Admin\AppData\Local\Temp\nsw8BCB.tmp\nsDialogs.dll
              Filesize

              9KB

              MD5

              466179e1c8ee8a1ff5e4427dbb6c4a01

              SHA1

              eb607467009074278e4bd50c7eab400e95ae48f7

              SHA256

              1e40211af65923c2f4fd02ce021458a7745d28e2f383835e3015e96575632172

              SHA512

              7508a29c722d45297bfb090c8eb49bd1560ef7d4b35413f16a8aed62d3b1030a93d001a09de98c2b9fea9acf062dc99a7278786f4ece222e7436b261d14ca817

              Download Submit
            • C:\Users\Admin\AppData\Local\Temp\nsw8BCB.tmp\nsExec.dll
              Filesize

              6KB

              MD5

              ec0504e6b8a11d5aad43b296beeb84b2

              SHA1

              91b5ce085130c8c7194d66b2439ec9e1c206497c

              SHA256

              5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962

              SHA512

              3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57

              Download Submit
            • C:\Users\Admin\AppData\Local\Temp\nsw8BCB.tmp\nsis7z.dll
              Filesize

              424KB

              MD5

              80e44ce4895304c6a3a831310fbf8cd0

              SHA1

              36bd49ae21c460be5753a904b4501f1abca53508

              SHA256

              b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592

              SHA512

              c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

              Download Submit
            • memory/524-207-0x0000000000000000-mapping.dmp
              Download
            • memory/664-140-0x0000000000000000-mapping.dmp
              Download
            • memory/940-205-0x0000000000000000-mapping.dmp
              Download
            • memory/968-211-0x0000000000000000-mapping.dmp
              Download
            • memory/1048-214-0x0000000000000000-mapping.dmp
              Download
            • memory/1248-216-0x0000000000000000-mapping.dmp
              Download
            • memory/1300-235-0x0000000000000000-mapping.dmp
              Download
            • memory/1396-242-0x0000000000000000-mapping.dmp
              Download
            • memory/1828-203-0x0000000000000000-mapping.dmp
              Download
            • memory/1876-208-0x0000000000000000-mapping.dmp
              Download
            • memory/2080-246-0x0000000000000000-mapping.dmp
              Download
            • memory/2336-215-0x0000000000000000-mapping.dmp
              Download
            • memory/2384-210-0x0000000000000000-mapping.dmp
              Download
            • memory/2436-201-0x0000000000000000-mapping.dmp
              Download
            • memory/2600-268-0x0000000000000000-mapping.dmp
              Download
            • memory/2620-202-0x0000000000000000-mapping.dmp
              Download
            • memory/2888-266-0x0000000000000000-mapping.dmp
              Download
            • memory/3408-280-0x0000000000000000-mapping.dmp
              Download
            • memory/3412-213-0x0000000000000000-mapping.dmp
              Download
            • memory/3516-200-0x0000000000000000-mapping.dmp
              Download
            • memory/3516-237-0x0000025E21512000-0x0000025E2151D000-memory.dmp
              Filesize

              44KB

              Download
            • memory/3516-236-0x0000025E21512000-0x0000025E2151D000-memory.dmp
              Filesize

              44KB

              Download
            • memory/3780-272-0x0000000000000000-mapping.dmp
              Download
            • memory/4044-274-0x0000000000000000-mapping.dmp
              Download
            • memory/4088-209-0x0000000000000000-mapping.dmp
              Download
            • memory/4152-239-0x0000000000000000-mapping.dmp
              Download
            • memory/4492-248-0x0000000000000000-mapping.dmp
              Download
            • memory/4560-212-0x0000000000000000-mapping.dmp
              Download
            • memory/4628-139-0x0000000000000000-mapping.dmp
              Download
            • memory/4808-270-0x0000000000000000-mapping.dmp
              Download
            • memory/4828-288-0x0000000000000000-mapping.dmp
              Download
            • memory/4836-278-0x0000000000000000-mapping.dmp
              Download
            • memory/4932-233-0x0000000000000000-mapping.dmp
              Download
            • memory/4944-138-0x0000000000000000-mapping.dmp
              Download
            • memory/5000-240-0x0000000000000000-mapping.dmp
              Download
            • memory/5112-217-0x0000000000000000-mapping.dmp
              Download
            • memory/5144-244-0x0000000000000000-mapping.dmp
              Download
            • memory/5196-219-0x0000000000000000-mapping.dmp
              Download
            • memory/5212-221-0x0000000000000000-mapping.dmp
              Download
            • memory/5248-260-0x0000000000000000-mapping.dmp
              Download
            • memory/5280-222-0x0000000000000000-mapping.dmp
              Download
            • memory/5292-223-0x0000000000000000-mapping.dmp
              Download
            • memory/5360-282-0x0000000000000000-mapping.dmp
              Download
            • memory/5368-224-0x0000000000000000-mapping.dmp
              Download
            • memory/5404-258-0x0000000000000000-mapping.dmp
              Download
            • memory/5424-284-0x0000000000000000-mapping.dmp
              Download
            • memory/5440-225-0x0000000000000000-mapping.dmp
              Download
            • memory/5452-286-0x0000000000000000-mapping.dmp
              Download
            • memory/5460-226-0x0000000000000000-mapping.dmp
              Download
            • memory/5540-227-0x0000000000000000-mapping.dmp
              Download
            • memory/5620-228-0x0000000000000000-mapping.dmp
              Download
            • memory/5620-264-0x0000000000000000-mapping.dmp
              Download
            • memory/5648-229-0x0000000000000000-mapping.dmp
              Download
            • memory/5656-250-0x0000000000000000-mapping.dmp
              Download
            • memory/5720-252-0x0000000000000000-mapping.dmp
              Download
            • memory/5772-230-0x0000000000000000-mapping.dmp
              Download
            • memory/5804-231-0x0000000000000000-mapping.dmp
              Download
            • memory/5872-254-0x0000000000000000-mapping.dmp
              Download
            • memory/5912-256-0x0000000000000000-mapping.dmp
              Download
            • memory/6008-262-0x0000000000000000-mapping.dmp
              Download
            • memory/6052-276-0x0000000000000000-mapping.dmp
              Download
            • memory/6184-290-0x0000000000000000-mapping.dmp
              Download
            • memory/6264-292-0x0000000000000000-mapping.dmp
              Download
            • memory/6368-294-0x0000000000000000-mapping.dmp
              Download
            • memory/6392-296-0x0000000000000000-mapping.dmp
              Download
            • memory/6456-298-0x0000000000000000-mapping.dmp
              Download