Overview

overview

10

Static

static

SpotifyFullSetup.exe

windows7-x64

10

SpotifyFullSetup.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    151s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-10-2022 21:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SpotifyFullSetup.exe

  • Size

    76.3MB

  • MD5

    7e075f3893790bb01af2fb6d72bd38c8

  • SHA1

    39043b78163a36d1e1ac43abbc5b189a29c4ad45

  • SHA256

    9300b77f4314c8970bc8e3a7407c7b21620e9a8806ffbc20479867bd2b46c4b5

  • SHA512

    6f290caec3334712e17e4e7e83a3d4838cad9d7d0c576714704f085cadcb3edc40e3c82c07f9535d570f586e1f08237170c470aaf43588587527bf1be901acb0

  • SSDEEP

    1572864:Caw8yEeplS58uIjZ/meoXYz3WE5oUCgojPanpepPdCwsj8NQ+GUUWjrlZsr4oGn0:xhgF6k5D1qa4dCtVuJJZsSKDXt

Score
8/10
discoverypersistence

Malware Config

Signatures

  • Executes dropped EXE 8 IoCs
  • Checks computer location settings 2 TTPs 2 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL 22 IoCs
  • Adds Run key to start application 2 TTPs 2 IoCs
    persistence
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Modifies Internet Explorer settings 1 TTPs 13 IoCs
    adwarespyware
  • Modifies registry class 15 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 5 IoCs
  • Suspicious use of SendNotifyMessage 4 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SpotifyFullSetup.exe
    "C:\Users\Admin\AppData\Local\Temp\SpotifyFullSetup.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5032
    • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
      Spotify.exe
      2⤵
      • Executes dropped EXE
      • Checks computer location settings
      • Loads dropped DLL
      • Adds Run key to start application
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:3052
      • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
        "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" --type=gpu-process --disable-d3d11 --log-severity=disable --user-agent-product="Chrome/105.0.5195.102 Spotify/1.1.95.893" --lang=en --user-data-dir="C:\Users\Admin\AppData\Local\Spotify\User Data" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --log-file="C:\Users\Admin\AppData\Roaming\Spotify\debug.log" --mojo-platform-channel-handle=1732 --field-trial-handle=1920,i,17194914584677832877,16344586305485213795,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:2
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:1312
      • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
        C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Spotify\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Spotify\User Data" --url=https://crashdump.spotify.com:443/ --annotation=platform=win32 --annotation=product=spotify --annotation=version=1.1.95.893 --initial-client-data=0x46c,0x470,0x474,0x444,0x478,0x74a5a400,0x74a5a410,0x74a5a41c
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:3620
      • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
        "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --log-severity=disable --user-agent-product="Chrome/105.0.5195.102 Spotify/1.1.95.893" --lang=en --user-data-dir="C:\Users\Admin\AppData\Local\Spotify\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Spotify\debug.log" --mojo-platform-channel-handle=2632 --field-trial-handle=1920,i,17194914584677832877,16344586305485213795,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:5092
      • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
        "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" --type=renderer --log-severity=disable --user-agent-product="Chrome/105.0.5195.102 Spotify/1.1.95.893" --disable-spell-checking --user-data-dir="C:\Users\Admin\AppData\Local\Spotify\User Data" --first-renderer-process --log-file="C:\Users\Admin\AppData\Roaming\Spotify\debug.log" --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --mojo-platform-channel-handle=3540 --field-trial-handle=1920,i,17194914584677832877,16344586305485213795,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:1
        3⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:2828
      • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
        "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="Chrome/105.0.5195.102 Spotify/1.1.95.893" --lang=en --user-data-dir="C:\Users\Admin\AppData\Local\Spotify\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Spotify\debug.log" --mojo-platform-channel-handle=2656 --field-trial-handle=1920,i,17194914584677832877,16344586305485213795,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:2344
      • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
        "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --log-severity=disable --user-agent-product="Chrome/105.0.5195.102 Spotify/1.1.95.893" --lang=en --user-data-dir="C:\Users\Admin\AppData\Local\Spotify\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Spotify\debug.log" --mojo-platform-channel-handle=2784 --field-trial-handle=1920,i,17194914584677832877,16344586305485213795,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:4988
      • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
        "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --disable-d3d11 --log-severity=disable --user-agent-product="Chrome/105.0.5195.102 Spotify/1.1.95.893" --lang=en --user-data-dir="C:\Users\Admin\AppData\Local\Spotify\User Data" --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --log-file="C:\Users\Admin\AppData\Roaming\Spotify\debug.log" --mojo-platform-channel-handle=2792 --field-trial-handle=1920,i,17194914584677832877,16344586305485213795,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:2
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • Suspicious behavior: EnumeratesProcesses
        PID:4704

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Spotify\User Data\Crashpad\settings.dat
    Filesize

    56B

    MD5

    2ff56ec021e18a13cc7ca39c9fb42e3f

    SHA1

    491de35cf8c88b5703978513b0bbd0937e8ccb5e

    SHA256

    039ee45246125ecfa9f3b84be91546c8165b187b730ffa2df0bb5758d9eab6ee

    SHA512

    0c869e8c0218e695a1453d3ee4468dcad5eb848d9028be3d948a63dcaaba4c8669a1eea30e599be1351ef0d22a720986372632cb8747194344e004cbad9ee7e5

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\Apps\login.spa
    Filesize

    1.6MB

    MD5

    1433289915b281e29fe238201f2744aa

    SHA1

    51ef1ef8afc712168934d5de2b03df9b4760f113

    SHA256

    78f2a032b42dfcd9aa05ae83e90d086751c0adefb740450fa58819194362a2ea

    SHA512

    b0bd9725333399c8ca7e71341ef3fad91fce7b4b409157e7eb3c95aec280b8717d81871318f67ddf06d2bbd00dae5ee5a8e8c61521f259985f24072c3ed16325

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\D3DCompiler_47.dll
    Filesize

    3.9MB

    MD5

    2a62c0af0bd0355f80868b3c9b0104b3

    SHA1

    c5d8b5c23be5bd786324700a1ea62177141038e7

    SHA256

    631a28d5783aa7e553d9c14b0f9edb7f5358516176fce43ca52f5ff900cc5b94

    SHA512

    071f329d89ab58359fdd895c4f3bb69b4f8977ea51cebaf97f37a2e044f6a85f60941b486062e7ad44d401db1fe2f6b3e0d50e1db1830f7ca729cf7f38dfbee7

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
    Filesize

    19.1MB

    MD5

    c9aeb82fa3ac3ed98e1465029e59f6da

    SHA1

    9836daaef18b841ed3ade97793b4f52529d4b479

    SHA256

    c3b06e911e4c8b3661307954283da785c385967b34701979694b38531b9315d3

    SHA512

    ab7ecc0c4eda43fda5c34c4c84ef3a58035c69938d96e6c3485ac945ce2f7d35dd930bdc59409845a1d5c3b1546140397b443ff3c9320cb7634e4916b57e5b90

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
    Filesize

    19.1MB

    MD5

    c9aeb82fa3ac3ed98e1465029e59f6da

    SHA1

    9836daaef18b841ed3ade97793b4f52529d4b479

    SHA256

    c3b06e911e4c8b3661307954283da785c385967b34701979694b38531b9315d3

    SHA512

    ab7ecc0c4eda43fda5c34c4c84ef3a58035c69938d96e6c3485ac945ce2f7d35dd930bdc59409845a1d5c3b1546140397b443ff3c9320cb7634e4916b57e5b90

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
    Filesize

    19.1MB

    MD5

    c9aeb82fa3ac3ed98e1465029e59f6da

    SHA1

    9836daaef18b841ed3ade97793b4f52529d4b479

    SHA256

    c3b06e911e4c8b3661307954283da785c385967b34701979694b38531b9315d3

    SHA512

    ab7ecc0c4eda43fda5c34c4c84ef3a58035c69938d96e6c3485ac945ce2f7d35dd930bdc59409845a1d5c3b1546140397b443ff3c9320cb7634e4916b57e5b90

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
    Filesize

    19.1MB

    MD5

    c9aeb82fa3ac3ed98e1465029e59f6da

    SHA1

    9836daaef18b841ed3ade97793b4f52529d4b479

    SHA256

    c3b06e911e4c8b3661307954283da785c385967b34701979694b38531b9315d3

    SHA512

    ab7ecc0c4eda43fda5c34c4c84ef3a58035c69938d96e6c3485ac945ce2f7d35dd930bdc59409845a1d5c3b1546140397b443ff3c9320cb7634e4916b57e5b90

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
    Filesize

    19.1MB

    MD5

    c9aeb82fa3ac3ed98e1465029e59f6da

    SHA1

    9836daaef18b841ed3ade97793b4f52529d4b479

    SHA256

    c3b06e911e4c8b3661307954283da785c385967b34701979694b38531b9315d3

    SHA512

    ab7ecc0c4eda43fda5c34c4c84ef3a58035c69938d96e6c3485ac945ce2f7d35dd930bdc59409845a1d5c3b1546140397b443ff3c9320cb7634e4916b57e5b90

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
    Filesize

    19.1MB

    MD5

    c9aeb82fa3ac3ed98e1465029e59f6da

    SHA1

    9836daaef18b841ed3ade97793b4f52529d4b479

    SHA256

    c3b06e911e4c8b3661307954283da785c385967b34701979694b38531b9315d3

    SHA512

    ab7ecc0c4eda43fda5c34c4c84ef3a58035c69938d96e6c3485ac945ce2f7d35dd930bdc59409845a1d5c3b1546140397b443ff3c9320cb7634e4916b57e5b90

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
    Filesize

    19.1MB

    MD5

    c9aeb82fa3ac3ed98e1465029e59f6da

    SHA1

    9836daaef18b841ed3ade97793b4f52529d4b479

    SHA256

    c3b06e911e4c8b3661307954283da785c385967b34701979694b38531b9315d3

    SHA512

    ab7ecc0c4eda43fda5c34c4c84ef3a58035c69938d96e6c3485ac945ce2f7d35dd930bdc59409845a1d5c3b1546140397b443ff3c9320cb7634e4916b57e5b90

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
    Filesize

    19.1MB

    MD5

    c9aeb82fa3ac3ed98e1465029e59f6da

    SHA1

    9836daaef18b841ed3ade97793b4f52529d4b479

    SHA256

    c3b06e911e4c8b3661307954283da785c385967b34701979694b38531b9315d3

    SHA512

    ab7ecc0c4eda43fda5c34c4c84ef3a58035c69938d96e6c3485ac945ce2f7d35dd930bdc59409845a1d5c3b1546140397b443ff3c9320cb7634e4916b57e5b90

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
    Filesize

    9.2MB

    MD5

    de6fea4b4740210f69ef57a4a1a578d1

    SHA1

    09e096d046bce220b7d25f41bc17b2359b1a4113

    SHA256

    3440a3824b3e42e5a7a42789776d541c8beb0e684c9cef8aebe3efa21f197728

    SHA512

    8879f355d7530908eaf97bb8b0310f2de43d6129a5923f42b94d91350658790eb835d739e694a18ce76e00505eebf619c959677c57942f008226bb481d4262bb

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\chrome_100_percent.pak
    Filesize

    600KB

    MD5

    690dcc40a5489bba50f7936ea930eda7

    SHA1

    dfc93b81b7640f145d1ebb74e91ed44c435d0957

    SHA256

    ea32edf4c87dfd6d0c7b671f84d33027e679304d57504229de205b762d611b75

    SHA512

    c318a3627efff258008055bc4c513f0686ae45909ae767a879f86d41051e0104705f7db92d3353ee90f5926027056cda0f67bdc9ceed8f7347f0551b2871b2b5

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\chrome_200_percent.pak
    Filesize

    896KB

    MD5

    f4ccf1c3d3330f7952d4040fc6677ecd

    SHA1

    03de025b3eaf3eb4be145a738fe783089f3e8a55

    SHA256

    26803daeaa535b01018face6cfcc78d3b462c5646bdfc6d6162596b511b596aa

    SHA512

    09368b7ea46f7aa51b71ca7de01e3679227a924fb41d448ab43b8e850ba2dc7d75f4153dd82e1b030e28fdd4b061df8c8fa39784058bdc616ee743af38159cdd

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\chrome_elf.dll
    Filesize

    986KB

    MD5

    0741739b6add2aeb38595ebb1089a6b0

    SHA1

    0302d15383797b1faa91f3cd2a3bdcec598f8af7

    SHA256

    71f92614515ba510e39433dca21b7f9f298e4ed481b3521da2073cb5eb1a9317

    SHA512

    936d8c6111c28340b6d83afd4fd3857a142f8e2fcc0eb4f81f885aa1c56b958c4b9c0dfdcbb4154b12e18f6b8f63ffd1ef000365ad6cfd64092215799b9aa0ac

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\chrome_elf.dll
    Filesize

    986KB

    MD5

    0741739b6add2aeb38595ebb1089a6b0

    SHA1

    0302d15383797b1faa91f3cd2a3bdcec598f8af7

    SHA256

    71f92614515ba510e39433dca21b7f9f298e4ed481b3521da2073cb5eb1a9317

    SHA512

    936d8c6111c28340b6d83afd4fd3857a142f8e2fcc0eb4f81f885aa1c56b958c4b9c0dfdcbb4154b12e18f6b8f63ffd1ef000365ad6cfd64092215799b9aa0ac

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\chrome_elf.dll
    Filesize

    986KB

    MD5

    0741739b6add2aeb38595ebb1089a6b0

    SHA1

    0302d15383797b1faa91f3cd2a3bdcec598f8af7

    SHA256

    71f92614515ba510e39433dca21b7f9f298e4ed481b3521da2073cb5eb1a9317

    SHA512

    936d8c6111c28340b6d83afd4fd3857a142f8e2fcc0eb4f81f885aa1c56b958c4b9c0dfdcbb4154b12e18f6b8f63ffd1ef000365ad6cfd64092215799b9aa0ac

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\chrome_elf.dll
    Filesize

    986KB

    MD5

    0741739b6add2aeb38595ebb1089a6b0

    SHA1

    0302d15383797b1faa91f3cd2a3bdcec598f8af7

    SHA256

    71f92614515ba510e39433dca21b7f9f298e4ed481b3521da2073cb5eb1a9317

    SHA512

    936d8c6111c28340b6d83afd4fd3857a142f8e2fcc0eb4f81f885aa1c56b958c4b9c0dfdcbb4154b12e18f6b8f63ffd1ef000365ad6cfd64092215799b9aa0ac

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\chrome_elf.dll
    Filesize

    986KB

    MD5

    0741739b6add2aeb38595ebb1089a6b0

    SHA1

    0302d15383797b1faa91f3cd2a3bdcec598f8af7

    SHA256

    71f92614515ba510e39433dca21b7f9f298e4ed481b3521da2073cb5eb1a9317

    SHA512

    936d8c6111c28340b6d83afd4fd3857a142f8e2fcc0eb4f81f885aa1c56b958c4b9c0dfdcbb4154b12e18f6b8f63ffd1ef000365ad6cfd64092215799b9aa0ac

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\chrome_elf.dll
    Filesize

    986KB

    MD5

    0741739b6add2aeb38595ebb1089a6b0

    SHA1

    0302d15383797b1faa91f3cd2a3bdcec598f8af7

    SHA256

    71f92614515ba510e39433dca21b7f9f298e4ed481b3521da2073cb5eb1a9317

    SHA512

    936d8c6111c28340b6d83afd4fd3857a142f8e2fcc0eb4f81f885aa1c56b958c4b9c0dfdcbb4154b12e18f6b8f63ffd1ef000365ad6cfd64092215799b9aa0ac

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\chrome_elf.dll
    Filesize

    986KB

    MD5

    0741739b6add2aeb38595ebb1089a6b0

    SHA1

    0302d15383797b1faa91f3cd2a3bdcec598f8af7

    SHA256

    71f92614515ba510e39433dca21b7f9f298e4ed481b3521da2073cb5eb1a9317

    SHA512

    936d8c6111c28340b6d83afd4fd3857a142f8e2fcc0eb4f81f885aa1c56b958c4b9c0dfdcbb4154b12e18f6b8f63ffd1ef000365ad6cfd64092215799b9aa0ac

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\chrome_elf.dll
    Filesize

    986KB

    MD5

    0741739b6add2aeb38595ebb1089a6b0

    SHA1

    0302d15383797b1faa91f3cd2a3bdcec598f8af7

    SHA256

    71f92614515ba510e39433dca21b7f9f298e4ed481b3521da2073cb5eb1a9317

    SHA512

    936d8c6111c28340b6d83afd4fd3857a142f8e2fcc0eb4f81f885aa1c56b958c4b9c0dfdcbb4154b12e18f6b8f63ffd1ef000365ad6cfd64092215799b9aa0ac

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\chrome_elf.dll
    Filesize

    986KB

    MD5

    0741739b6add2aeb38595ebb1089a6b0

    SHA1

    0302d15383797b1faa91f3cd2a3bdcec598f8af7

    SHA256

    71f92614515ba510e39433dca21b7f9f298e4ed481b3521da2073cb5eb1a9317

    SHA512

    936d8c6111c28340b6d83afd4fd3857a142f8e2fcc0eb4f81f885aa1c56b958c4b9c0dfdcbb4154b12e18f6b8f63ffd1ef000365ad6cfd64092215799b9aa0ac

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\crash_reporter.cfg
    Filesize

    655B

    MD5

    32bcd57baf4bddc28277cd79a5529ff1

    SHA1

    17715ccc6256b4c982485d5b5be393933fc08947

    SHA256

    e7e5ecd941c38457cc57ce4d867927105c3a243743151dc3fd0705f8dbbed158

    SHA512

    ff97d0cc5fbe91c2444a363dc004c25d783cfc74d3c43df205df4085022d8281cf9f6c8fd8f32171687dcae965739a80bc9f0a37de64f09d8ddc008322928f33

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\d3dcompiler_47.dll
    Filesize

    3.9MB

    MD5

    2a62c0af0bd0355f80868b3c9b0104b3

    SHA1

    c5d8b5c23be5bd786324700a1ea62177141038e7

    SHA256

    631a28d5783aa7e553d9c14b0f9edb7f5358516176fce43ca52f5ff900cc5b94

    SHA512

    071f329d89ab58359fdd895c4f3bb69b4f8977ea51cebaf97f37a2e044f6a85f60941b486062e7ad44d401db1fe2f6b3e0d50e1db1830f7ca729cf7f38dfbee7

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\icudtl.dat
    Filesize

    10.0MB

    MD5

    25d87a2bb3581bc3597dfb9008516710

    SHA1

    e3f59f1de852cde2204256c7a8b1580483ab907a

    SHA256

    b75bd14a3d9a174ee44eca8c62b89c65d9836fcf62c28d103bfa300c02cef255

    SHA512

    59977fa5ec1dbda7cb6525c48655d6e8f3d7b00408e973efed1f2235d1d7fd88eae443fdd5e07d52f31ce83943aba050c31261baf2798c1b10aeae67981685ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\libEGL.dll
    Filesize

    356KB

    MD5

    fd308ca32337b64082a89e2cae1b46eb

    SHA1

    7ff723066340a2e7956f6ddd69275d7ad874219f

    SHA256

    58484ffd31f4ec7ed5117146a2d47c8d57f9918c7d2632b10b4311b0d1070901

    SHA512

    85f03deaa1f93e959e1df86f9a2319f5ca3be0729d7edf23ec82fa9b524ad7210ecde668d148ffa1c42b495b5e9deb3f570d96681d95328cf25013350d3b7417

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\libGLESv2.dll
    Filesize

    5.4MB

    MD5

    f2f0fff738c60eb5f0208d314bac739d

    SHA1

    52c0e1e0f6642cccc8c86ba0e5787aecf35be883

    SHA256

    ad7a96f589e57997fc21ad5e9def4193c2ffded0e0d7008f25044bbfc6312058

    SHA512

    bc2c6a25d4c6709456adfb89a5a37222baf1f303fd02285b27efab2ddfed74f277fb61132cc81debb62573897ad97d0bbc524ced621835f10f93842714df915b

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\libcef.dll
    Filesize

    68.9MB

    MD5

    e63720d9019bfb0005057732bb9e8a8b

    SHA1

    8f170c48e63a89489786bec42f3816ff3e814df5

    SHA256

    9dce3793ca70204226f832c749e442a47485902fc569b038f4c685304b0ff82d

    SHA512

    6fd16d27d0faff282efc83fafe8b81f4bc61b5efa63fdeb759dfd4a69015cb99e0a87b4fe3e8bf2d471fee6ac825158b424b8e7d9befe7e2c1d459b33e9efe89

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\libcef.dll
    Filesize

    64.9MB

    MD5

    7ae5b955a5033fff75c79e8deacc9393

    SHA1

    78fe46b3d8fb9126b5d5f8190ebf887009625134

    SHA256

    16300f8f094cf60127b27b6899d4ac930f48c136ccd457443e3c70a481d49401

    SHA512

    a725f051d898012b057b33b343ac625c8c045fd64a98ad7b5736d0e8c6d1c7d9fd92c65af3e47622e52f6663788dd2472dc0e8c9f33652a01a3207eceda7c2d8

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\libcef.dll
    Filesize

    65.4MB

    MD5

    095abd8eadff5413e146f3c1c7118009

    SHA1

    7986533c77577fe91f20b5186e0c879c48dab97c

    SHA256

    6c51e0d9748b2aa0ed48b118155f835a388acdfed6cb9868e6710043a16b2b2f

    SHA512

    e80a5d2d5c8634705fbb4f732569979ff64a1f57ae0646db69117727ce50a62ac0f7a6970af06dc87c59a64e40442dc61f5dd6c8cb7c93a760becb1e9a2d6604

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\libcef.dll
    Filesize

    67.4MB

    MD5

    cde3e63d869d98d5aecadceb3f0c5ce7

    SHA1

    8608729b60731b7fe574fbb3ac4317d3fb695807

    SHA256

    bf78b12212e7c4294f6c520dafb71711b00b83e56a289e940f1bc656cd677161

    SHA512

    33e6f34ba6bf1a48ac5ca214463d54e8436e0205141f72b86935d707e5abb1f9033c832787cfc3d9643ec2c6f7f16e3ee83af0101de62d7237da8564e01ad2d2

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\libcef.dll
    Filesize

    64.4MB

    MD5

    742689f7178bb2deb28bae393b4d489b

    SHA1

    d5959cc94af6f5ce3a554d7abbd0fcdf0581fdd3

    SHA256

    34c9613f6eff85c175790d4e65a212d266790bc972ad2c8b7fa4306a8f65d83a

    SHA512

    c808a5bc093a5cc826e56bf341c9aea7e3a5298288565db88718af003d69eafc714eacf5047c48bb3dfdd5ddad63844f40758b6d2c3554bde31fc7ab7fcf17f2

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\libcef.dll
    Filesize

    64.6MB

    MD5

    6dfda4e461516f3d500307d7430ccff7

    SHA1

    6914f3f324b9aa79e33a3073ad893f52d3e9a2aa

    SHA256

    12ab895fcee280585915ca583638436a9ae6bd4479df8f265653b605697a3e3a

    SHA512

    c80a22cef9c629f8b94a56b1cedb4a725aebaca5aad7ca209583fd6e361505ab649af0044ad51178dedba71221b89d01ff6f0fbca4b615ac38bfd1c27caf1c2b

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\libcef.dll
    Filesize

    64.5MB

    MD5

    dd34c1b282c165eda43941e1b247283b

    SHA1

    063f3a7682ede9ef97b31c3103b2a87f64804101

    SHA256

    1833386097a794bb24bdca1412da1d05f6245ae9ddc2fa635a065cfbe233b746

    SHA512

    e002d901c8fc9fe10285cd153ea045a21620561c6083be3730919d2bef559d0d98da4abdc59e43e471eafa3e4ffabc27531379a48d344abc7d608b6c995b9554

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\libcef.dll
    Filesize

    47.1MB

    MD5

    832ca094a58dad9724e6f2e16c2f3423

    SHA1

    e8bda717de587d49918d550f599362b21d9d32fe

    SHA256

    ba5254f68b707ee1315abe22b573e6c212250b47386d75f11170a5f6da532144

    SHA512

    32bd86866ea479f35254395139fac788ba31c961a3b464026bb43cf766424fac6c0dcf1c2afa972c45ec40742ba3f667881743d96205a96e3f5cd19c0441cdcb

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\libcef.dll
    Filesize

    11.1MB

    MD5

    943016b657f7cea9add84928f9226b88

    SHA1

    efd4e581fef70f15c0105680a9c39facb11a1e4f

    SHA256

    9aed276584031ea1a784b66e06baf5d3c1974c15f1760514767e7ecc53840e1f

    SHA512

    ab886c487e6ff6249c624c34d0c80c6d93ddfb4b15e9053c48b82108993c940e9bcfd166cf41d48e43efd60d0d7719c71d23d75c0c00642fc2650f6622cc0d6c

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\libegl.dll
    Filesize

    356KB

    MD5

    fd308ca32337b64082a89e2cae1b46eb

    SHA1

    7ff723066340a2e7956f6ddd69275d7ad874219f

    SHA256

    58484ffd31f4ec7ed5117146a2d47c8d57f9918c7d2632b10b4311b0d1070901

    SHA512

    85f03deaa1f93e959e1df86f9a2319f5ca3be0729d7edf23ec82fa9b524ad7210ecde668d148ffa1c42b495b5e9deb3f570d96681d95328cf25013350d3b7417

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\libglesv2.dll
    Filesize

    5.4MB

    MD5

    f2f0fff738c60eb5f0208d314bac739d

    SHA1

    52c0e1e0f6642cccc8c86ba0e5787aecf35be883

    SHA256

    ad7a96f589e57997fc21ad5e9def4193c2ffded0e0d7008f25044bbfc6312058

    SHA512

    bc2c6a25d4c6709456adfb89a5a37222baf1f303fd02285b27efab2ddfed74f277fb61132cc81debb62573897ad97d0bbc524ced621835f10f93842714df915b

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\locales\en-US.pak
    Filesize

    332KB

    MD5

    41a71e4bc49ac86a4a1b911c580998fa

    SHA1

    e77415ee0d5e47529b37a98d841b24e324932dd7

    SHA256

    75b32485e5fb520419bac659c51691e336947ae1c44aff79f1484fb21dd42652

    SHA512

    6675381cf570f48647a8382ebb3e9a7c035d78cf8e66d83ffc608a52aa7d2b023d95ad77e8ced568438ee5d67e0487c53052548e42d51e6607c53ece89682ead

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\locales\en.mo
    Filesize

    13KB

    MD5

    159d3901f386388df374566fb6fcd622

    SHA1

    7ef0b2b651a7bdcba44efafb5e67b922d447f198

    SHA256

    e531925d86eb4f14ff09675bebce21a5ab6301ab139052f0514752e8ea346a19

    SHA512

    c951416ccfca17a533719e00d244844469a35dd7c6b1b21ad24daa400881b265750d97039c7e7f37e5d058b92402b1a016ca57315adb89627e0692330bc3282f

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\resources.pak
    Filesize

    7.1MB

    MD5

    0783438f026e70faa6ef81493f0c5e17

    SHA1

    68759fabd1504627f608e8ef6bbd595816444cdc

    SHA256

    a4b25956374d70a0dea486549f9f23edb75604158781a498eaae5a2862a7647d

    SHA512

    1bea9c4d8f6551b5961f8f3df02a53487e7064fccb215a840d79d9c20edd8bd2347a2d2e71e4aac318c0b67737cbac04579ec03b808be99839db263bd7eac31a

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\v8_context_snapshot.bin
    Filesize

    586KB

    MD5

    a48cec5f84d89bcc32da14fc3acb3f7c

    SHA1

    e4c98ad0a40f5f6f6240c7d17cb8bd57a04ab0e1

    SHA256

    f32974585958ba7abe0f9c2734886c627262e5f5d3ff260abaefadb5bc70804f

    SHA512

    671f19ecbdd41bdccbb581df38eab41c469e19176001e74529b371eb391150623c0e4aea3bc88f4082f7206f3770f6ed91b9029bb54df9c1462023c592456c0e

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\vk_swiftshader.dll
    Filesize

    3.4MB

    MD5

    59390ca4af72ffff5d1b4b900cb443c8

    SHA1

    179917ff03a24dfa0aea70a1d972df1784a904ae

    SHA256

    cbeae92d16f4f5aa4c3f372c29b81420aecdfbdffd71f5bcf28d46d657962930

    SHA512

    5bc6e9db4ca323057256f5d6de8d0684b522bb0c87cc0ed8f9330d9ba1dc68b0af61260538f682cd0d2f9ac1a7240b831b2710e6a6e16fbfe07e9febe08781c8

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\vk_swiftshader.dll
    Filesize

    3.4MB

    MD5

    59390ca4af72ffff5d1b4b900cb443c8

    SHA1

    179917ff03a24dfa0aea70a1d972df1784a904ae

    SHA256

    cbeae92d16f4f5aa4c3f372c29b81420aecdfbdffd71f5bcf28d46d657962930

    SHA512

    5bc6e9db4ca323057256f5d6de8d0684b522bb0c87cc0ed8f9330d9ba1dc68b0af61260538f682cd0d2f9ac1a7240b831b2710e6a6e16fbfe07e9febe08781c8

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\vk_swiftshader.dll
    Filesize

    3.4MB

    MD5

    59390ca4af72ffff5d1b4b900cb443c8

    SHA1

    179917ff03a24dfa0aea70a1d972df1784a904ae

    SHA256

    cbeae92d16f4f5aa4c3f372c29b81420aecdfbdffd71f5bcf28d46d657962930

    SHA512

    5bc6e9db4ca323057256f5d6de8d0684b522bb0c87cc0ed8f9330d9ba1dc68b0af61260538f682cd0d2f9ac1a7240b831b2710e6a6e16fbfe07e9febe08781c8

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\vk_swiftshader_icd.json
    Filesize

    106B

    MD5

    8642dd3a87e2de6e991fae08458e302b

    SHA1

    9c06735c31cec00600fd763a92f8112d085bd12a

    SHA256

    32d83ff113fef532a9f97e0d2831f8656628ab1c99e9060f0332b1532839afd9

    SHA512

    f5d37d1b45b006161e4cefeebba1e33af879a3a51d16ee3ff8c3968c0c36bbafae379bf9124c13310b77774c9cbb4fa53114e83f5b48b5314132736e5bb4496f

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\vulkan-1.dll
    Filesize

    713KB

    MD5

    0e771cb028f129755b89f4a383b46137

    SHA1

    96a7bf9ea020dfd1b48629f856c985bceed1a02d

    SHA256

    0c29a549f3f679c9aead0280da1ac5ae8ee0260a1e234f9faaf34ae75612787b

    SHA512

    3f23a4ade45a058891628cf2e7fd9b481d56dd8aa6d0466e796f966fc0103079e63c5dcf9b8f19f21ef2b1b3d8154364ac372bfa1fb3e9161165f2e6cce6236c

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Spotify\vulkan-1.dll
    Filesize

    713KB

    MD5

    0e771cb028f129755b89f4a383b46137

    SHA1

    96a7bf9ea020dfd1b48629f856c985bceed1a02d

    SHA256

    0c29a549f3f679c9aead0280da1ac5ae8ee0260a1e234f9faaf34ae75612787b

    SHA512

    3f23a4ade45a058891628cf2e7fd9b481d56dd8aa6d0466e796f966fc0103079e63c5dcf9b8f19f21ef2b1b3d8154364ac372bfa1fb3e9161165f2e6cce6236c

    Download Submit

  • memory/1312-191-0x0000000000400000-0x0000000001730000-memory.dmp

    Filesize

    19.2MB

    Download

  • memory/2344-193-0x0000000000400000-0x0000000001730000-memory.dmp

    Filesize

    19.2MB

    Download

  • memory/2828-194-0x0000000000400000-0x0000000001730000-memory.dmp

    Filesize

    19.2MB

    Download

  • memory/2828-196-0x0000000000400000-0x0000000001730000-memory.dmp

    Filesize

    19.2MB

    Download

  • memory/3052-195-0x0000000000400000-0x0000000001730000-memory.dmp

    Filesize

    19.2MB

    Download

  • memory/3052-135-0x0000000000400000-0x0000000001730000-memory.dmp

    Filesize

    19.2MB

    Download

  • memory/3620-169-0x0000000000400000-0x0000000001730000-memory.dmp

    Filesize

    19.2MB

    Download

  • memory/4704-209-0x0000000000400000-0x0000000001730000-memory.dmp

    Filesize

    19.2MB

    Download

  • memory/4988-203-0x0000000000400000-0x0000000001730000-memory.dmp

    Filesize

    19.2MB

    Download

  • memory/5092-192-0x0000000000400000-0x0000000001730000-memory.dmp

    Filesize

    19.2MB

    Download