97c3eec2df2a66e3c79d2d71724ee92fac5cf3adaac3fc2cccf3750b06fd0e75

Analysis

max time kernel
98s
max time network
158s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
05-01-2023 21:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

balenaEtcher-Setup-1.13.1.exe
Size

138.6MB
MD5

d2b48aa2bd4b6d6c16261cecda611770
SHA1

e4cb81b8725ba0db1dd98d5f4d4d2c2350dd7d59
SHA256

97c3eec2df2a66e3c79d2d71724ee92fac5cf3adaac3fc2cccf3750b06fd0e75
SHA512

26f5274c809f51e89bab9f7388aff15a668c2f77380380b58463da77dc6929258708f941d70781d3ad619bb3f2bcde5ab970f23affd9911bc34347b39667cc0c
SSDEEP

3145728:gE1sPGGdfh1HHumq7xmVEM1sPGGdfhqlrI31p:NI7up1mygIcVIH

Score

8^/10

discovery

Malware Config

Signatures

Executes dropped EXE 4 IoCs

pid	Process
1556	balenaEtcher.exe
4488	balenaEtcher.exe
3916	balenaEtcher.exe
4860	balenaEtcher.exe

Checks computer location settings 2 TTPs 2 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000\Control Panel\International\Geo\Nation	balenaEtcher.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000\Control Panel\International\Geo\Nation	balenaEtcher.exe

Loads dropped DLL 21 IoCs

pid	Process
2360	balenaEtcher-Setup-1.13.1.exe
2360	balenaEtcher-Setup-1.13.1.exe
2360	balenaEtcher-Setup-1.13.1.exe
2360	balenaEtcher-Setup-1.13.1.exe
2360	balenaEtcher-Setup-1.13.1.exe
2360	balenaEtcher-Setup-1.13.1.exe
2360	balenaEtcher-Setup-1.13.1.exe
1556	balenaEtcher.exe
4488	balenaEtcher.exe
3916	balenaEtcher.exe
4860	balenaEtcher.exe
4488	balenaEtcher.exe
4488	balenaEtcher.exe
4488	balenaEtcher.exe
4860	balenaEtcher.exe
4860	balenaEtcher.exe
4860	balenaEtcher.exe
4860	balenaEtcher.exe
4860	balenaEtcher.exe
4860	balenaEtcher.exe
4860	balenaEtcher.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Checks SCSI registry key(s) 3 TTPs 3 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000	balenaEtcher.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName	balenaEtcher.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\HardwareID	balenaEtcher.exe

Checks processor information in registry 2 TTPs 12 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	balenaEtcher.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1	balenaEtcher.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString	balenaEtcher.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1	balenaEtcher.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	balenaEtcher.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	balenaEtcher.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz	balenaEtcher.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString	balenaEtcher.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	balenaEtcher.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	balenaEtcher.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz	balenaEtcher.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	balenaEtcher.exe

Enumerates processes with tasklist 1 TTPs 1 IoCs

Process Discovery

T1057

pid	Process
1972	tasklist.exe

Modifies registry class 7 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\etcher\shell\open\command	balenaEtcher.exe
Key created	\REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\etcher\shell	balenaEtcher.exe
Key created	\REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\etcher\shell\open	balenaEtcher.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\etcher\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\balena-etcher\\balenaEtcher.exe\" \"%1\""	balenaEtcher.exe
Key created	\REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\etcher	balenaEtcher.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\etcher\URL Protocol	balenaEtcher.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\etcher\ = "URL:etcher"	balenaEtcher.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
2360	balenaEtcher-Setup-1.13.1.exe
2360	balenaEtcher-Setup-1.13.1.exe
1972	tasklist.exe
1972	tasklist.exe
3916	balenaEtcher.exe
3916	balenaEtcher.exe
4860	balenaEtcher.exe
4860	balenaEtcher.exe
4860	balenaEtcher.exe
4860	balenaEtcher.exe
4860	balenaEtcher.exe
4860	balenaEtcher.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	1972	tasklist.exe
Token: SeSecurityPrivilege	2360	balenaEtcher-Setup-1.13.1.exe
Token: SeIncreaseQuotaPrivilege	4036	wmic.exe
Token: SeSecurityPrivilege	4036	wmic.exe
Token: SeTakeOwnershipPrivilege	4036	wmic.exe
Token: SeLoadDriverPrivilege	4036	wmic.exe
Token: SeSystemProfilePrivilege	4036	wmic.exe
Token: SeSystemtimePrivilege	4036	wmic.exe
Token: SeProfSingleProcessPrivilege	4036	wmic.exe
Token: SeIncBasePriorityPrivilege	4036	wmic.exe
Token: SeCreatePagefilePrivilege	4036	wmic.exe
Token: SeBackupPrivilege	4036	wmic.exe
Token: SeRestorePrivilege	4036	wmic.exe
Token: SeShutdownPrivilege	4036	wmic.exe
Token: SeDebugPrivilege	4036	wmic.exe
Token: SeSystemEnvironmentPrivilege	4036	wmic.exe
Token: SeRemoteShutdownPrivilege	4036	wmic.exe
Token: SeUndockPrivilege	4036	wmic.exe
Token: SeManageVolumePrivilege	4036	wmic.exe
Token: 33	4036	wmic.exe
Token: 34	4036	wmic.exe
Token: 35	4036	wmic.exe
Token: 36	4036	wmic.exe
Token: SeIncreaseQuotaPrivilege	4036	wmic.exe
Token: SeSecurityPrivilege	4036	wmic.exe
Token: SeTakeOwnershipPrivilege	4036	wmic.exe
Token: SeLoadDriverPrivilege	4036	wmic.exe
Token: SeSystemProfilePrivilege	4036	wmic.exe
Token: SeSystemtimePrivilege	4036	wmic.exe
Token: SeProfSingleProcessPrivilege	4036	wmic.exe
Token: SeIncBasePriorityPrivilege	4036	wmic.exe
Token: SeCreatePagefilePrivilege	4036	wmic.exe
Token: SeBackupPrivilege	4036	wmic.exe
Token: SeRestorePrivilege	4036	wmic.exe
Token: SeShutdownPrivilege	4036	wmic.exe
Token: SeDebugPrivilege	4036	wmic.exe
Token: SeSystemEnvironmentPrivilege	4036	wmic.exe
Token: SeRemoteShutdownPrivilege	4036	wmic.exe
Token: SeUndockPrivilege	4036	wmic.exe
Token: SeManageVolumePrivilege	4036	wmic.exe
Token: 33	4036	wmic.exe
Token: 34	4036	wmic.exe
Token: 35	4036	wmic.exe
Token: 36	4036	wmic.exe
Token: SeIncreaseQuotaPrivilege	4756	wmic.exe
Token: SeSecurityPrivilege	4756	wmic.exe
Token: SeTakeOwnershipPrivilege	4756	wmic.exe
Token: SeLoadDriverPrivilege	4756	wmic.exe
Token: SeSystemProfilePrivilege	4756	wmic.exe
Token: SeSystemtimePrivilege	4756	wmic.exe
Token: SeProfSingleProcessPrivilege	4756	wmic.exe
Token: SeIncBasePriorityPrivilege	4756	wmic.exe
Token: SeCreatePagefilePrivilege	4756	wmic.exe
Token: SeBackupPrivilege	4756	wmic.exe
Token: SeRestorePrivilege	4756	wmic.exe
Token: SeShutdownPrivilege	4756	wmic.exe
Token: SeDebugPrivilege	4756	wmic.exe
Token: SeSystemEnvironmentPrivilege	4756	wmic.exe
Token: SeRemoteShutdownPrivilege	4756	wmic.exe
Token: SeUndockPrivilege	4756	wmic.exe
Token: SeManageVolumePrivilege	4756	wmic.exe
Token: 33	4756	wmic.exe
Token: 34	4756	wmic.exe
Token: 35	4756	wmic.exe

Suspicious use of WriteProcessMemory 57 IoCs

description	pid	Process	procid_target
PID 2360 wrote to memory of 5004	2360	balenaEtcher-Setup-1.13.1.exe	80
PID 2360 wrote to memory of 5004	2360	balenaEtcher-Setup-1.13.1.exe	80
PID 2360 wrote to memory of 5004	2360	balenaEtcher-Setup-1.13.1.exe	80
PID 5004 wrote to memory of 1972	5004	cmd.exe	82
PID 5004 wrote to memory of 1972	5004	cmd.exe	82
PID 5004 wrote to memory of 1972	5004	cmd.exe	82
PID 5004 wrote to memory of 2084	5004	cmd.exe	83
PID 5004 wrote to memory of 2084	5004	cmd.exe	83
PID 5004 wrote to memory of 2084	5004	cmd.exe	83
PID 1556 wrote to memory of 4036	1556	balenaEtcher.exe	92
PID 1556 wrote to memory of 4036	1556	balenaEtcher.exe	92
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 4488	1556	balenaEtcher.exe	94
PID 1556 wrote to memory of 3916	1556	balenaEtcher.exe	95
PID 1556 wrote to memory of 3916	1556	balenaEtcher.exe	95
PID 1556 wrote to memory of 4860	1556	balenaEtcher.exe	96
PID 1556 wrote to memory of 4860	1556	balenaEtcher.exe	96
PID 4860 wrote to memory of 4756	4860	balenaEtcher.exe	102
PID 4860 wrote to memory of 4756	4860	balenaEtcher.exe	102

C:\Users\Admin\AppData\Local\Temp\balenaEtcher-Setup-1.13.1.exe
"C:\Users\Admin\AppData\Local\Temp\balenaEtcher-Setup-1.13.1.exe"
1⤵
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:2360
- C:\Windows\SysWOW64\cmd.exe
  cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq balenaEtcher.exe" | %SYSTEMROOT%\System32\find.exe "balenaEtcher.exe"
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:5004
- - C:\Windows\SysWOW64\tasklist.exe
    tasklist /FI "USERNAME eq Admin" /FI "IMAGENAME eq balenaEtcher.exe"
    3⤵
    - Enumerates processes with tasklist
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    PID:1972
- - C:\Windows\SysWOW64\find.exe
    C:\Windows\System32\find.exe "balenaEtcher.exe"
    3⤵
    PID:2084

C:\Users\Admin\AppData\Local\Programs\balena-etcher\balenaEtcher.exe
"C:\Users\Admin\AppData\Local\Programs\balena-etcher\balenaEtcher.exe"
1⤵
- Executes dropped EXE
- Checks computer location settings
- Loads dropped DLL
- Checks processor information in registry
- Modifies registry class
- Suspicious use of WriteProcessMemory
PID:1556
- C:\Windows\System32\Wbem\wmic.exe
  wmic os get locale
  2⤵
  - Suspicious use of AdjustPrivilegeToken
  PID:4036
- C:\Users\Admin\AppData\Local\Programs\balena-etcher\balenaEtcher.exe
  "C:\Users\Admin\AppData\Local\Programs\balena-etcher\balenaEtcher.exe" --type=gpu-process --field-trial-handle=1640,199334496214448244,778627846572133316,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1652 /prefetch:2
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:4488
- C:\Users\Admin\AppData\Local\Programs\balena-etcher\balenaEtcher.exe
  "C:\Users\Admin\AppData\Local\Programs\balena-etcher\balenaEtcher.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1640,199334496214448244,778627846572133316,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1984 /prefetch:8
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious behavior: EnumeratesProcesses
  PID:3916
- C:\Users\Admin\AppData\Local\Programs\balena-etcher\balenaEtcher.exe
  "C:\Users\Admin\AppData\Local\Programs\balena-etcher\balenaEtcher.exe" --type=renderer --field-trial-handle=1640,199334496214448244,778627846572133316,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --lang=en-US --app-path="C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app" --no-sandbox --no-zygote --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2272 /prefetch:1
  2⤵
  - Executes dropped EXE
  - Checks computer location settings
  - Loads dropped DLL
  - Checks SCSI registry key(s)
  - Checks processor information in registry
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:4860
- - C:\Windows\System32\Wbem\wmic.exe
    wmic os get locale
    3⤵
    - Suspicious use of AdjustPrivilegeToken
    PID:4756

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4808

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Process Discovery

T1057

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Programs\balena-etcher\D3DCompiler_47.dll

Filesize
4.3MB

MD5
7641e39b7da4077084d2afe7c31032e0

SHA1
2256644f69435ff2fee76deb04d918083960d1eb

SHA256
44422e6936dc72b7ac5ed16bb8bcae164b7554513e52efb66a3e942cec328a47

SHA512
8010e1cb17fa18bbf72d8344e1d63ded7cef7be6e7c13434fa6d8e22ce1d58a4d426959bdcb031502d4b145e29cb111af929fcbc66001111fbc6d7a19e8800a5

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\balenaEtcher.exe

Filesize
130.1MB

MD5
d837a361162bc5c208efd6f5ec7306ae

SHA1
8d941250fb92df441e5433fff8daeb6adc22c37e

SHA256
35376f3ba1df95c639478ebabee2e4e1a5de75741f470f424df48fe148138b28

SHA512
f3930804b0859e70cc6656bc220c74242e3ca5747f35db91cc397609d9aab686c8230680bec3e1bb60bdaaa254bcd086b754653e5aa0c69cfcadc8bdf98347e2

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\balenaEtcher.exe

Filesize
130.1MB

MD5
d837a361162bc5c208efd6f5ec7306ae

SHA1
8d941250fb92df441e5433fff8daeb6adc22c37e

SHA256
35376f3ba1df95c639478ebabee2e4e1a5de75741f470f424df48fe148138b28

SHA512
f3930804b0859e70cc6656bc220c74242e3ca5747f35db91cc397609d9aab686c8230680bec3e1bb60bdaaa254bcd086b754653e5aa0c69cfcadc8bdf98347e2

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\balenaEtcher.exe

Filesize
130.1MB

MD5
d837a361162bc5c208efd6f5ec7306ae

SHA1
8d941250fb92df441e5433fff8daeb6adc22c37e

SHA256
35376f3ba1df95c639478ebabee2e4e1a5de75741f470f424df48fe148138b28

SHA512
f3930804b0859e70cc6656bc220c74242e3ca5747f35db91cc397609d9aab686c8230680bec3e1bb60bdaaa254bcd086b754653e5aa0c69cfcadc8bdf98347e2

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\balenaEtcher.exe

Filesize
130.1MB

MD5
d837a361162bc5c208efd6f5ec7306ae

SHA1
8d941250fb92df441e5433fff8daeb6adc22c37e

SHA256
35376f3ba1df95c639478ebabee2e4e1a5de75741f470f424df48fe148138b28

SHA512
f3930804b0859e70cc6656bc220c74242e3ca5747f35db91cc397609d9aab686c8230680bec3e1bb60bdaaa254bcd086b754653e5aa0c69cfcadc8bdf98347e2

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\balenaEtcher.exe

Filesize
130.1MB

MD5
d837a361162bc5c208efd6f5ec7306ae

SHA1
8d941250fb92df441e5433fff8daeb6adc22c37e

SHA256
35376f3ba1df95c639478ebabee2e4e1a5de75741f470f424df48fe148138b28

SHA512
f3930804b0859e70cc6656bc220c74242e3ca5747f35db91cc397609d9aab686c8230680bec3e1bb60bdaaa254bcd086b754653e5aa0c69cfcadc8bdf98347e2

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\chrome_100_percent.pak

Filesize
138KB

MD5
03aaa4f8525ba4b3e30d2a02cb40ab7a

SHA1
dd9ae5f8b56d317c71d0a0a738f5d4a320a02085

SHA256
c3f131faeefab4f506bf61c4b7752a6481f320429731d758ef5413a2f71441f7

SHA512
c89a1b89b669602ba7c8bf2c004755cac7320189603fecb4f4c5cf7a36db72da651c7b613607146f0c6da9eec5df412c7fba75475352192351c02aebdaa7d9a9

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\chrome_200_percent.pak

Filesize
202KB

MD5
7d4f330a5443eadf32e041c63e7e70ad

SHA1
26ce6fb98c0f28f508d7b88cf94a442b81e80c88

SHA256
b8704be578e7396ee3f2188d0c87d0ede5c5702e9bb8c841b5f8d458abf1356d

SHA512
f1b9b0dd7396863aa0feca06175b7f9ea0be4122351ecf0a0549ee4c34f85ac8c63cc927d7409a40b6e19fa91d2cb00a145616ba19f47045b2345bfbc2d4802d

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\d3dcompiler_47.dll

Filesize
4.3MB

MD5
7641e39b7da4077084d2afe7c31032e0

SHA1
2256644f69435ff2fee76deb04d918083960d1eb

SHA256
44422e6936dc72b7ac5ed16bb8bcae164b7554513e52efb66a3e942cec328a47

SHA512
8010e1cb17fa18bbf72d8344e1d63ded7cef7be6e7c13434fa6d8e22ce1d58a4d426959bdcb031502d4b145e29cb111af929fcbc66001111fbc6d7a19e8800a5

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\ffmpeg.dll

Filesize
2.6MB

MD5
7c3c780de9ae5cc4abeccbd7cb6b367b

SHA1
bda27b3c0b1ec023e2a0a97099a84b10e04cb135

SHA256
39293258d5a2418841edb5ccf9ab3ad23064fb95e1ddfa7a3c6295a24c272a08

SHA512
80a79f827c3154461158ec6f466db0c2ecd9ce9ffd7728001644d4cf382721d09c0758f98f73d7fa548e4e220ffd2b8842303d67a43e79b9146e8b882853658c

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\ffmpeg.dll

Filesize
2.6MB

MD5
7c3c780de9ae5cc4abeccbd7cb6b367b

SHA1
bda27b3c0b1ec023e2a0a97099a84b10e04cb135

SHA256
39293258d5a2418841edb5ccf9ab3ad23064fb95e1ddfa7a3c6295a24c272a08

SHA512
80a79f827c3154461158ec6f466db0c2ecd9ce9ffd7728001644d4cf382721d09c0758f98f73d7fa548e4e220ffd2b8842303d67a43e79b9146e8b882853658c

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\ffmpeg.dll

Filesize
2.6MB

MD5
7c3c780de9ae5cc4abeccbd7cb6b367b

SHA1
bda27b3c0b1ec023e2a0a97099a84b10e04cb135

SHA256
39293258d5a2418841edb5ccf9ab3ad23064fb95e1ddfa7a3c6295a24c272a08

SHA512
80a79f827c3154461158ec6f466db0c2ecd9ce9ffd7728001644d4cf382721d09c0758f98f73d7fa548e4e220ffd2b8842303d67a43e79b9146e8b882853658c

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\ffmpeg.dll

Filesize
2.6MB

MD5
7c3c780de9ae5cc4abeccbd7cb6b367b

SHA1
bda27b3c0b1ec023e2a0a97099a84b10e04cb135

SHA256
39293258d5a2418841edb5ccf9ab3ad23064fb95e1ddfa7a3c6295a24c272a08

SHA512
80a79f827c3154461158ec6f466db0c2ecd9ce9ffd7728001644d4cf382721d09c0758f98f73d7fa548e4e220ffd2b8842303d67a43e79b9146e8b882853658c

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\ffmpeg.dll

Filesize
2.6MB

MD5
7c3c780de9ae5cc4abeccbd7cb6b367b

SHA1
bda27b3c0b1ec023e2a0a97099a84b10e04cb135

SHA256
39293258d5a2418841edb5ccf9ab3ad23064fb95e1ddfa7a3c6295a24c272a08

SHA512
80a79f827c3154461158ec6f466db0c2ecd9ce9ffd7728001644d4cf382721d09c0758f98f73d7fa548e4e220ffd2b8842303d67a43e79b9146e8b882853658c

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\icudtl.dat

Filesize
9.9MB

MD5
80a7528515595d8b0bf99a477a7eff0d

SHA1
fde9a195fc5a6a23ec82b8594f958cfcf3159437

SHA256
6e0b6b0d9e14c905f2278dbf25b7bb58cc0622b7680e3b6ff617a1d42348736b

SHA512
c8df47a00f7b2472d272a26b3600b7e82be7ca22526d6453901ff06370b3abb66328655868db9d4e0a11dcba02e3788cc4883261fd9a7d3e521577dde1b88459

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\locales\en-US.pak

Filesize
88KB

MD5
af5c77e1d94dc4f772cb641bd310bc87

SHA1
0ceeb456e2601e22d873250bcc713bab573f2247

SHA256
781ef5aa8dce072a3e7732f39a7e991c497c70bfaec2264369d0d790ab7660a4

SHA512
8c3217b7d9b529d00785c7a1b2417a3297c234dec8383709c89c7ff9296f8ed4e9e6184e4304838edc5b4da9c9c3fe329b792c462e48b7175250ea3ea3acc70c

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources.pak

Filesize
4.9MB

MD5
91f8a4b158df6967163ccbbe765e095a

SHA1
95db67f0a2352fd898f4a4cfdfc860f6a9c58c87

SHA256
a30b8269e588c6cc2cea5fd4685da3012fd10451edb59a283005116f8e033182

SHA512
6450d75d53f24d11e1c1e7e3cacfc57ee9dd09c00ca0dc2ff30f580b59a6b17e7ad7d96682195bd7d806b49068653538c77ca4200491560cecff128a0b012d92

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app-update.yml

Filesize
120B

MD5
d4ff3f267ba34f37c967c40c1d9cbdbb

SHA1
63e8c264da051c7db1fa1559376694ce63acf3f2

SHA256
08dc4a54ec6d94f3a6350d61d333b6a861f960b61f5229bc56a551e10d902908

SHA512
d50cb447efe9e8737a70225af9d2a17341dfbfdca1d2c248930f29abeaf5497e83322e9fb5b5f77f610f8d5247161394568fb13f8fbe8e26ff9a6ff674ec2154

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app\generated\etcher.js

Filesize
1.2MB

MD5
3a25e62f64e55cefa4bdb4a0fef01454

SHA1
44c66908d8eef08b17eb31b3b54f48aaa38d4c24

SHA256
dedbba2c829dff6dbdb42ebfbb2e29779d3af9c5e95ee1bf4a43827d2dcb3459

SHA512
6c88f6dcd11d98e61d2bc9b25895f551695405d7ab1c40b7d28c15110b14fdbfe91da4d78db3e1cb0eef86639cdef4aad1b3d5e899d709dfc762ecdfcd4edaee

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app\generated\gui.js

Filesize
2.8MB

MD5
2c6809337bde15322e3bad35858b0bb8

SHA1
33ac9b70d127ef46d9bb71f10911571d52a47561

SHA256
7d3c1bfdaed23337f9265e69d8baf2816d85ad6b669b2ce81dffc9ce4e5938ca

SHA512
665dec54e6f898a06069df5b13d86b47e9f3162c36d73b9561680282baf9bee5a6f2af04be4a52be0d8069b07fb5506d4c5d1b8ed008d74c8fa19b19dec692f9

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app\generated\index.html

Filesize
252B

MD5
88b6264ee0cbc4a751237b2667c1205c

SHA1
b6d62387955fe9a99a966e4dc71d35441d56419a

SHA256
2ece67b551461c518a5d640594c256eacd9fb7aa63893c6e31b60f53ec135340

SHA512
86832cccb843cb397c2cda21b49f803b9dc9b368a75082c6600a273543fcca4605eb390f9b72bc5b691ed65d66338b5daafebabc2439579e2ad25326e9c46ced

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app\generated\lib\gui\app\css\fonts\SourceSansPro-SemiBold.ttf

Filesize
261KB

MD5
83476a890be79f84e97b792c9c40d743

SHA1
9e10e37c75e13f896382fb5ff0475edc454f4589

SHA256
3ba5c382a7ee6a8831bdf90192addceabe6db4278a679e67fe7e9c0226b729cf

SHA512
fcf87cfefa1e700d47d59b05f9d427811a2104e0cf03ceecb7b0b52164540551725ca042dbfbfb65225c0792cef5ed5af76c6eb7af67fab4ef6cadd939a2c682

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app\generated\media\icon.png

Filesize
5KB

MD5
185ee8b41d0fdb31da295afc982f9094

SHA1
1ef6574e7d7d2a278c4b43c25c91ffaa3f82745d

SHA256
21762dedff586bffa6fb48fdeedd32dc8e7aa5fb3b4424e2865033857a52a547

SHA512
8abfa3077b1611d20f7994a4ff518417ceb80794e32db35e4c9227f3c5d6956dcc3bfd1d8d4b0da201d64b731ce3ac3d7d97537741e0fe98692abdbf098e35e1

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\@balena\node-crc-utils\crc32.wasm

Filesize
961B

MD5
02814ccf0622838e37c2b878a4af1e01

SHA1
24d9de6ad5ade9076df6f40d8ecfe65a2461c40f

SHA256
b561513d45520f5bda0cc185c205e681fafc67b77197df189d270a23250bbcda

SHA512
b8f1b4635e1fcd84bde931b762db6cd01ec1cfead7d8bdb76e817bf59b9da03ab3664cea1f564562da46e017516bd4598a404c5f8a0d2347404cc1ca79637e1b

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\@ronomon\direct-io\binding.node

Filesize
156KB

MD5
1eacfc794ce74da3afeba7bffeb8832c

SHA1
1e0af98ee57fbb3362849511719938fa362dd180

SHA256
a7c3c773def7d608af1918a1632303e6646fac641befccabe7462da168572fd0

SHA512
67c5b4a8d8adcb552a79036b2b03b5ec51aad6f534fd11bf28092b2b2cc8f87274c8477250c3a3c67efdcef2a0ccbe54191aa86a248a250cc9298a943fff5550

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\@ronomon\direct-io\binding.node

Filesize
156KB

MD5
1eacfc794ce74da3afeba7bffeb8832c

SHA1
1e0af98ee57fbb3362849511719938fa362dd180

SHA256
a7c3c773def7d608af1918a1632303e6646fac641befccabe7462da168572fd0

SHA512
67c5b4a8d8adcb552a79036b2b03b5ec51aad6f534fd11bf28092b2b2cc8f87274c8477250c3a3c67efdcef2a0ccbe54191aa86a248a250cc9298a943fff5550

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\drivelist\build\Release\drivelist.node

Filesize
211KB

MD5
57e41ec24f3c2c1a92dfaaaf2995a284

SHA1
9486841431354b93929d872479475588addab0cf

SHA256
6ae8555f937347ee5d19c01d4c25d5bfbaee2499bb5b659b8bf3f7f0a48e7d06

SHA512
37dd9993a9eea22510e88917178c7111b6fd790bbffa4ffe7eba7b82424aab281b88a351bdbb91f50b508c4383c9756a836c72d07116301f5c5f23f680cdd389

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\drivelist\build\Release\drivelist.node

Filesize
211KB

MD5
57e41ec24f3c2c1a92dfaaaf2995a284

SHA1
9486841431354b93929d872479475588addab0cf

SHA256
6ae8555f937347ee5d19c01d4c25d5bfbaee2499bb5b659b8bf3f7f0a48e7d06

SHA512
37dd9993a9eea22510e88917178c7111b6fd790bbffa4ffe7eba7b82424aab281b88a351bdbb91f50b508c4383c9756a836c72d07116301f5c5f23f680cdd389

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\ext2fs\lib\libext2fs.wasm

Filesize
213KB

MD5
ffc5963ff902a12901b0341dbbe93d7d

SHA1
b409edbb8cf6e9eecf6c3c368c7fd8797c31cb71

SHA256
1b7bf270e3aedfc98965546cd07b76f5e614a821141298039e935e05a5511bd3

SHA512
993aabf6db53a42155a345bd741f70e04def3cc2b9d8f8eacc841f87e13822f3c52ac28d5a3dc8b730599306619790b87be510fe1053e4a3d4d53b0a1036396e

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\lzma-native\prebuilds\binding\electron.napi.node

Filesize
797KB

MD5
b872a2c94ff78af34eb7c14c71f7a784

SHA1
e8016fafa0a91176d56664d9218abbc286707411

SHA256
5c7dd24a625d806e37cca949e52ec348ef0054a902e8700f9fdb61cac44e4c9e

SHA512
df93b9c2e8b118d3e01da7dd63af83e4bf0c36d835ee49167aa49b3a9459b6f21b0802feeb6ed52d7eefc0c1270128a7748487ead1bee82f2039745599a80262

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\lzma-native\prebuilds\binding\electron.napi.node

Filesize
797KB

MD5
b872a2c94ff78af34eb7c14c71f7a784

SHA1
e8016fafa0a91176d56664d9218abbc286707411

SHA256
5c7dd24a625d806e37cca949e52ec348ef0054a902e8700f9fdb61cac44e4c9e

SHA512
df93b9c2e8b118d3e01da7dd63af83e4bf0c36d835ee49167aa49b3a9459b6f21b0802feeb6ed52d7eefc0c1270128a7748487ead1bee82f2039745599a80262

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\lzma-native\prebuilds\binding\liblzma.dll

Filesize
147KB

MD5
2e91129e126d90edccef94ebf7abd6e1

SHA1
a8d221d3475216c11f4beaed8c9b9f33ccee32fc

SHA256
fc7348418be392d5ecebd7b9f07c1ae5bc530260fef923801b140088eddce96e

SHA512
dbae0120c0b3709811fe9a738a4d66da4b47a1d09f0e5be373a77330d57fd87068963c76f294eac81723856dac500e3b824e7def828a1646fef611230d42898d

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\lzma-native\prebuilds\binding\liblzma.dll

Filesize
147KB

MD5
2e91129e126d90edccef94ebf7abd6e1

SHA1
a8d221d3475216c11f4beaed8c9b9f33ccee32fc

SHA256
fc7348418be392d5ecebd7b9f07c1ae5bc530260fef923801b140088eddce96e

SHA512
dbae0120c0b3709811fe9a738a4d66da4b47a1d09f0e5be373a77330d57fd87068963c76f294eac81723856dac500e3b824e7def828a1646fef611230d42898d

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\usb\prebuilds\binding\node.napi.node

Filesize
702KB

MD5
4c44890482b710061bcbf57134b9b79f

SHA1
7190a2aa6be5563c0d65527e407b3b008c0781f4

SHA256
07f95417fde480fce3e0d458a72cafd5fdd4e336ce98fd2bdeb6db7ebd7fa0ac

SHA512
91e737806dc23f2969eb85856fc6cab5c1e15287f61c1d6e3f778ac8bfc34096eeb5a0137df9b162872c94bfd631ee5a1f6c6f7d55d47a037b3aa5e4be266011

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\usb\prebuilds\binding\node.napi.node

Filesize
702KB

MD5
4c44890482b710061bcbf57134b9b79f

SHA1
7190a2aa6be5563c0d65527e407b3b008c0781f4

SHA256
07f95417fde480fce3e0d458a72cafd5fdd4e336ce98fd2bdeb6db7ebd7fa0ac

SHA512
91e737806dc23f2969eb85856fc6cab5c1e15287f61c1d6e3f778ac8bfc34096eeb5a0137df9b162872c94bfd631ee5a1f6c6f7d55d47a037b3aa5e4be266011

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\winusb-driver-generator\build\Release\Generator.node

Filesize
3.0MB

MD5
672a37c25ff35bb15136c96184625709

SHA1
0fcbcc167800161e61550e254e3f8b3ec45326f2

SHA256
50b3756e087b6059ccc47d319341c68eee30f69838350827e7e5bca294265b0f

SHA512
884f67e6ccc85e985289065f6958a7d328b96de60087714c2315cfe9fba5b4d11a5df81ec5bb85e9ced729b33bc37356e1f08b0f4a87256a9734822179f6d7b4

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\winusb-driver-generator\build\Release\Generator.node

Filesize
3.0MB

MD5
672a37c25ff35bb15136c96184625709

SHA1
0fcbcc167800161e61550e254e3f8b3ec45326f2

SHA256
50b3756e087b6059ccc47d319341c68eee30f69838350827e7e5bca294265b0f

SHA512
884f67e6ccc85e985289065f6958a7d328b96de60087714c2315cfe9fba5b4d11a5df81ec5bb85e9ced729b33bc37356e1f08b0f4a87256a9734822179f6d7b4

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\xxhash-addon\build\Release\addon.node

Filesize
300KB

MD5
cbcbe44f4cec5601d63338d11a6fa2d8

SHA1
7d46c0a0ed1073ca0a850d72e593e86269772102

SHA256
4c86298836b8527ef88348e0132449684cb3b24baf40a5941cb68af6de401d23

SHA512
799da0dd8b9cb7a99abd08d8aa0867deee6906380886254070f91d1772c34d35e3b5cd7f2835387e87798f0c859e8fb7380caead513ee8684746a62362c5c67e

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app\generated\modules\xxhash-addon\build\Release\addon.node

Filesize
300KB

MD5
cbcbe44f4cec5601d63338d11a6fa2d8

SHA1
7d46c0a0ed1073ca0a850d72e593e86269772102

SHA256
4c86298836b8527ef88348e0132449684cb3b24baf40a5941cb68af6de401d23

SHA512
799da0dd8b9cb7a99abd08d8aa0867deee6906380886254070f91d1772c34d35e3b5cd7f2835387e87798f0c859e8fb7380caead513ee8684746a62362c5c67e

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\resources\app\package.json

Filesize
1KB

MD5
3427abb2094046b365b46fde1e1e44b4

SHA1
20a57d1ba8138aebf241697a20b749d7953b2bdb

SHA256
6f5e1414387e1ea069a74949122adf380ed6373f8f132066301a210928bd8e27

SHA512
3a5d4c683ee673a78628499feecc4d89f3a1765399ceda60593bee54afba93b9741334e8f4c1d63157d927f6711a0e3606aafd6eb209ce759b22e5bc7d50b623

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\swiftshader\libEGL.dll

Filesize
448KB

MD5
038a73114d439bfc94be4732b2794998

SHA1
4b7a9d52da1bd808af979cf5cfb146404494317a

SHA256
b1054e0dc2ab31a7cf3cd7f3dae07b1ec31acd42c157be13ce47ea870840f0cc

SHA512
8788e43de424e1d7a163d0b7f4d719c36bf8fdee9808d405aeb05993c446d4f2a595741cb4d98f5e9611cd16d09de9445bf72176a799f4189168bb8509b115ff

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\swiftshader\libGLESv2.dll

Filesize
3.1MB

MD5
38ec86347b3e467c5868e35ab48f89f2

SHA1
4db17d065cc330b277a70f9fb8dff0c4b426f314

SHA256
2e10d308d0207835b07df3bb38bee88300aa57fcb214051e8654d29587257744

SHA512
2b2405ed51ea1d232f2d60072e4f57e70f36f1a8f9d0a935772bfb9a3be50c1d6136cee496fde9fb3dda1f0d2f1c643cb9f162e0b68828ff854645eb1e8216f4

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\swiftshader\libegl.dll

Filesize
448KB

MD5
038a73114d439bfc94be4732b2794998

SHA1
4b7a9d52da1bd808af979cf5cfb146404494317a

SHA256
b1054e0dc2ab31a7cf3cd7f3dae07b1ec31acd42c157be13ce47ea870840f0cc

SHA512
8788e43de424e1d7a163d0b7f4d719c36bf8fdee9808d405aeb05993c446d4f2a595741cb4d98f5e9611cd16d09de9445bf72176a799f4189168bb8509b115ff

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\swiftshader\libglesv2.dll

Filesize
3.1MB

MD5
38ec86347b3e467c5868e35ab48f89f2

SHA1
4db17d065cc330b277a70f9fb8dff0c4b426f314

SHA256
2e10d308d0207835b07df3bb38bee88300aa57fcb214051e8654d29587257744

SHA512
2b2405ed51ea1d232f2d60072e4f57e70f36f1a8f9d0a935772bfb9a3be50c1d6136cee496fde9fb3dda1f0d2f1c643cb9f162e0b68828ff854645eb1e8216f4

Download Submit
C:\Users\Admin\AppData\Local\Programs\balena-etcher\v8_context_snapshot.bin

Filesize
161KB

MD5
e47426f88649c7f8e27b8a1516cc0137

SHA1
5452aadfddbc55d6c5c18b801087e39529859b12

SHA256
09686ad5bf03d95de7c251d204e60a8e3824bd6420bedddee80b2c6e5609fb26

SHA512
f9647a35ff273ca622b3db4aefb9aaf75075386c42a31e085f916fc82f3a18fed25b0e05dcc09e678ca419408f59f0c34fa5762e5f945db35f9c6f67b7b94bc0

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso8459.tmp\SpiderBanner.dll

Filesize
9KB

MD5
17309e33b596ba3a5693b4d3e85cf8d7

SHA1
7d361836cf53df42021c7f2b148aec9458818c01

SHA256
996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93

SHA512
1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso8459.tmp\StdUtils.dll

Filesize
100KB

MD5
c6a6e03f77c313b267498515488c5740

SHA1
3d49fc2784b9450962ed6b82b46e9c3c957d7c15

SHA256
b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

SHA512
9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso8459.tmp\System.dll

Filesize
12KB

MD5
0d7ad4f45dc6f5aa87f606d0331c6901

SHA1
48df0911f0484cbe2a8cdd5362140b63c41ee457

SHA256
3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

SHA512
c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso8459.tmp\WinShell.dll

Filesize
3KB

MD5
1cc7c37b7e0c8cd8bf04b6cc283e1e56

SHA1
0b9519763be6625bd5abce175dcc59c96d100d4c

SHA256
9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

SHA512
7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso8459.tmp\WinShell.dll

Filesize
3KB

MD5
1cc7c37b7e0c8cd8bf04b6cc283e1e56

SHA1
0b9519763be6625bd5abce175dcc59c96d100d4c

SHA256
9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

SHA512
7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso8459.tmp\nsExec.dll

Filesize
6KB

MD5
ec0504e6b8a11d5aad43b296beeb84b2

SHA1
91b5ce085130c8c7194d66b2439ec9e1c206497c

SHA256
5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962

SHA512
3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso8459.tmp\nsis7z.dll

Filesize
424KB

MD5
80e44ce4895304c6a3a831310fbf8cd0

SHA1
36bd49ae21c460be5753a904b4501f1abca53508

SHA256
b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592

SHA512
c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

Download Submit
memory/1972-137-0x0000000000000000-mapping.dmp

Download
memory/2084-138-0x0000000000000000-mapping.dmp

Download
memory/3916-158-0x0000000000000000-mapping.dmp

Download
memory/4036-149-0x0000000000000000-mapping.dmp

Download
memory/4488-156-0x0000000000000000-mapping.dmp

Download
memory/4756-188-0x0000000000000000-mapping.dmp

Download
memory/4860-162-0x0000000000000000-mapping.dmp

Download
memory/5004-136-0x0000000000000000-mapping.dmp

Download