Overview

overview

10

Static

static

Instalador...er.exe

windows7-x64

10

Instalador...er.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    148s
  • max time network
    50s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    25-01-2023 10:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Instalador OJOLAND Launcher.exe

  • Size

    66.3MB

  • MD5

    310c7949dbe25bf1438101601c027a74

  • SHA1

    a895af964e9dd140b12a7a758e78149ae9572a39

  • SHA256

    f38b9d7f0e19fa967b156cba6e17f5fc126ef6310c2db176c60420a39b523a12

  • SHA512

    e81024db1693aa245116b173b3733383c59aa0821caa6b6e4c65d2ef6be44c569fe26f3a1c107248c73ee77a53a7eebe640462c55d5b57e9fd345e375d477ee1

  • SSDEEP

    1572864:MUvBpZSbXHI40LE9elZ0vfANzpXQDyz66e75iQFuUUTRs:Mof07T0Y9SZq5Q6rbFf

Score
10/10
discoveryransomware

Malware Config

Extracted

Path

C:\Users\Admin\AppData\Local\Programs\OJOLAND\LICENSES.chromium.html

Ransom Note
<!-- Generated by licenses.py; do not edit. --><!doctype html> <html> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width"> <meta name="color-scheme" content="light dark"> <title>Credits</title> <link rel="stylesheet" href="chrome://resources/css/text_defaults.css"> <link rel="stylesheet" href="chrome://credits/credits.css"> </head> <body> <span class="page-title" style="float:left;">Credits</span> <a id="print-link" href="#" style="float:right;" hidden>Print</a> <div style="clear:both; overflow:auto;"><!-- Chromium <3s the following projects --> <div class="product"> <span class="title">2-dim General Purpose FFT (Fast Fourier/Cosine/Sine Transform) Package</span> <span class="homepage"><a href="http://www.kurims.kyoto-u.ac.jp/~ooura/fft.html">homepage</a></span> <input type="checkbox" hidden id="0"> <label class="show" for="0" tabindex="0"></label> <div class="licence"> <pre>Copyright(C) 1997,2001 Takuya OOURA (email: ooura@kurims.kyoto-u.ac.jp). You may use, copy, modify this code for any purpose and without fee. You may distribute this ORIGINAL package. </pre> </div> </div> <div class="product"> <span class="title">Abseil</span> <span class="homepage"><a href="https://github.com/abseil/abseil-cpp">homepage</a></span> <input type="checkbox" hidden id="1"> <label class="show" for="1" tabindex="0"></label> <div class="licence"> <pre> Apache License Version 2.0, January 2004 https://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. &quot;License&quot; shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. &quot;Licensor&quot; shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. &quot;Legal Entity&quot; shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, &quot;control&quot; means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. &quot;You&quot; (or &quot;Your&quot;) shall mean an individual or Legal Entity exercising permissions granted by this License. &quot;Source&quot; form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. &quot;Object&quot; form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. &quot;Work&quot; shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). &quot;Derivative Works&quot; shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. &quot;Contribution&quot; shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, &quot;submitted&quot; means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as &quot;Not a Contribution.&quot; &quot;Contributor&quot; shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a &quot;NOTICE&quot; text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an &quot;AS IS&quot; BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets &quot;[]&quot; replaced with your own identifying information. (Don&#x27;t include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same &quot;printed page&quot; as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the &quot;License&quot;); you may not use this file except in compliance with the License. You may obtain a copy of the License at https://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an &quot;AS IS&quot; BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. </pre> </div> </div> <div class="product"> <span class="title">Accessibility Audit library, from Accessibility Developer Tools</span> <span class="homepage"><a href="https://raw.githubusercontent.com/GoogleChrome/accessibility-developer-tools/master/dist/js/axs_testing.js">homepage</a></span> <input type="checkbox" hidden id="2"> <label class="show" for="2" tabindex="0"></label> <div class="licence"> <pre> Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. &quot;License&quot; shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. &quot;Licensor&quot; shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. &quot;Legal Entity&quot; shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, &quot;control&quot; means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. &quot;You&quot; (or &quot;Your&quot;) shall mean an individual or Legal Entity exercising permissions granted by this License. &quot;Source&quot; form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. &quot;Object&quot; form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. &quot;Work&quot; shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). &quot;Derivative Works&quot; shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. &quot;Contribution&quot; shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, &quot;submitted&quot; means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, in
Emails

ooura@kurims.kyoto-u.ac.jp

victoria.zhislina@intel.com

openssl-core@openssl.org

eay@cryptsoft.com

tjh@cryptsoft.com

eay@cryptsoft.com)&quot

tjh@cryptsoft.com)&quot

john.boyer@abilitiessoft.com

&lt;daniel@haxx.se&gt

&lt;marijnh@gmail.com&gt

lionel.ulmer@free.fr

bbrox@bbrox.org

&lt;rob@ti.com&gt

&lt;mans@mansr.com&gt

&lt;christophe.gisquet@gmail.com&gt

&lt;skal@planet-d.net&gt

&lt;astrange@ithinksw.com&gt

&lt;pross@xvid.org&gt

&lt;peter@elecard.net.ru&gt

&lt;walken@zoy.org&gt
URLs

https://www.apache.org/licenses/

https://www.apache.org/licenses/LICENSE-2.0

http://www.apache.org/licenses/

http://www.apache.org/licenses/LICENSE-2.0

http://mozilla.org/MPL/2.0/

http://www.torchmobile.com/

https://cla.developers.google.com/clas

http://www.openssl.org/)&quot

https://github.com/mit-plv/fiat-crypto/blob/master/AUTHORS

http://www.opensource.apple.com/apsl/

https://github.com/typetools/jdk

https://github.com/typetools/stubparser

https://github.com/typetools/annotation-tools

https://github.com/plume-lib/

http://www.mozilla.org/MPL/

http://source.android.com/

http://source.android.com/compatibility

http://www.apple.com/legal/guidelinesfor3rdparties.html

https://github.com/easylist

https://easylist.to/)&quot

Signatures

  • Executes dropped EXE 5 IoCs
  • Checks computer location settings 2 TTPs 2 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL 24 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Enumerates processes with tasklist 1 TTPs 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 14 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Instalador OJOLAND Launcher.exe
    "C:\Users\Admin\AppData\Local\Temp\Instalador OJOLAND Launcher.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:1956
    • C:\Windows\SysWOW64\cmd.exe
      cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq OJOLAND Launcher.exe" | %SYSTEMROOT%\System32\find.exe "OJOLAND Launcher.exe"
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:1340
      • C:\Windows\SysWOW64\tasklist.exe
        tasklist /FI "USERNAME eq Admin" /FI "IMAGENAME eq OJOLAND Launcher.exe"
        3⤵
        • Enumerates processes with tasklist
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of AdjustPrivilegeToken
        PID:1500
      • C:\Windows\SysWOW64\find.exe
        C:\Windows\System32\find.exe "OJOLAND Launcher.exe"
        3⤵
          PID:1136
    • C:\Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe
      "C:\Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe"
      1⤵
      • Executes dropped EXE
      • Checks computer location settings
      • Loads dropped DLL
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of WriteProcessMemory
      PID:972
      • C:\Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe
        "C:\Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\OJOLAND" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=968 --field-trial-handle=1112,i,6713851067890337704,3074511959875342723,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
        2⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:1304
      • C:\Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe
        "C:\Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\OJOLAND" --mojo-platform-channel-handle=1276 --field-trial-handle=1112,i,6713851067890337704,3074511959875342723,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
        2⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:1744
      • C:\Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe
        "C:\Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\OJOLAND" --app-path="C:\Users\Admin\AppData\Local\Programs\OJOLAND\resources\app.asar" --no-sandbox --no-zygote --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=4 --mojo-platform-channel-handle=1476 --field-trial-handle=1112,i,6713851067890337704,3074511959875342723,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        2⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        PID:1020
      • C:\Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe
        "C:\Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\OJOLAND" --mojo-platform-channel-handle=1640 --field-trial-handle=1112,i,6713851067890337704,3074511959875342723,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
        2⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:684

    Network

    MITRE ATT&CK Matrix ATT&CK v6

    Initial Access

    Execution

    Persistence

    Privilege Escalation

    Defense Evasion

    Credential Access

    Discovery

    Query Registry

    2
    T1012

    System Information Discovery

    2
    T1082

    Process Discovery

    1
    T1057

    Lateral Movement

    Collection

    Exfiltration

    Command and Control

    Impact

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Programs\OJOLAND\D3DCompiler_47.dll
      Filesize

      4.7MB

      MD5

      cb9807f6cf55ad799e920b7e0f97df99

      SHA1

      bb76012ded5acd103adad49436612d073d159b29

      SHA256

      5653bc7b0e2701561464ef36602ff6171c96bffe96e4c3597359cd7addcba88a

      SHA512

      f7c65bae4ede13616330ae46a197ebad106920dce6a31fd5a658da29ed1473234ca9e2b39cc9833ff903fb6b52ff19e39e6397fac02f005823ed366ca7a34f62

      Download Submit
    • C:\Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe
      Filesize

      106.4MB

      MD5

      703ac878a6ac89046dda1ce8e89791e4

      SHA1

      52681d0fbc0d1a79d63f4a28354cb24c7ea21c3f

      SHA256

      6d17feac61dead17bb467c51934a8bc7781fa7a6edcdfb7b6594540169c6a201

      SHA512

      dce0e7e4527b6470b9ab6d9aa4452e0dd33d20dfec40c41a8ecee956a8f19604f79a7c420b2661d84b474dee9b481153ae140d6bbdf4eb30f9546b652622974a

      Download Submit
    • C:\Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe
      Filesize

      106.3MB

      MD5

      c8806a5cbc46dc4d6d8cd0e015db1b34

      SHA1

      e03b2e024650751b0438b52cfecd12ae8cd7543e

      SHA256

      a9a8e8b1df0d9108a5b31cfbda5d9ea9235a9983c302e42d745815197aab52e5

      SHA512

      0b46ae865451f92a79ca6859c2aa8b1d1c7e105d0e1a7fbc64867f6a2e9bb13a5a5385769933d0c9fc72f427924094f3171986270347402649b441f2e5613cb0

      Download Submit
    • C:\Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe
      Filesize

      106.4MB

      MD5

      a74312fd8f5adf742767d4fbb07458ce

      SHA1

      1a262424a322a2cdff6e8eaa653cf797bc22cd7a

      SHA256

      ff0942a05212bbc871fa4846bcf338a32d42ab47266950f97858a1c3b411ecc0

      SHA512

      0e92a44b706651fb065fbd16e8c008ec413bd888fd4a4afee0593a9d97bd19097e3f259ee336c1f8816b477e10b2febe8bdb0fec907d57e67461699e6e9fa7a2

      Download Submit
    • C:\Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe
      Filesize

      104.4MB

      MD5

      527f9049037d06307989ae7180bfdc73

      SHA1

      f9f39a39126bbcd28157f7b06aee41c633971b21

      SHA256

      56986460aa4090cb05b958725bbe880ac249998beae5a6c2aa8f2959bda58c7d

      SHA512

      751a3d62ce8a895854766e463d898c7d731bba4cbae7289362bfb00f6a55257752cedf77c1d6615534d607075c859823bc5870c6e215044e236d8704919ebf0c

      Download Submit
    • C:\Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe
      Filesize

      62.4MB

      MD5

      c19459d1657ed477e44f199d7f0bce17

      SHA1

      e8d2764b877c3918f817e9d06eed8525220299e5

      SHA256

      783d7b003cd733510a89f28c20194edd510df2290f79f48cddb4ff26bf0502b3

      SHA512

      f2c526ab38aed939f313daa3065723e7c05cbd53d587d4c1c06221602b848c76021ba369c145e77caadf065aaceb178f5961e976df199410fac29127a6993332

      Download Submit
    • C:\Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe
      Filesize

      144.9MB

      MD5

      978aa19073c5d119ce3477857ae2d3fb

      SHA1

      2fbf0487f9e0b69f280c51d55ee82801ae42fc0a

      SHA256

      2021025faf1c854534401f53150f3403a979ec1090638970e6ca391b42912ebc

      SHA512

      486f65f8c11e722756f62110f3f6c5b57283b91a3620094081b0c908aef1cb962d069c2a7041207254fc026c130f539baa19d690f2b5ad049c41d266fe894f93

      Download Submit
    • C:\Users\Admin\AppData\Local\Programs\OJOLAND\chrome_100_percent.pak
      Filesize

      126KB

      MD5

      a3d4515d3a33a407d313a62818e82a5d

      SHA1

      967ff9a6774a66f7b3299af4fd5d70961ed54d79

      SHA256

      662a9db6ef4197cb4b6c50648a2cafceb7fd903015828df3fee605a602370be0

      SHA512

      0c757e1beccbca1ae0791fa0c51a9e2019696bd0965c73de67b364fba6f317ea2cf20fa65e4fa7dd22519683528e5112dc8c530049170f4e702e0c8d4e065801

      Download Submit
    • C:\Users\Admin\AppData\Local\Programs\OJOLAND\chrome_200_percent.pak
      Filesize

      175KB

      MD5

      3bab45c70f22646cf8452c30903810cb

      SHA1

      40b31d4c79b5a2b8d12f8cf8b6c49c962c31f766

      SHA256

      d4282ae977f23afe252e19e421c8d09696ea3b83a1e73a6aaebaaa5547c74cbc

      SHA512

      85eda055494f0233c963e821906cf69d94e664d8396e8b08e7a8f412e1c16af71252fef1bfe3ed43cfad157aa90c0dcbb375626e2ddf0e807c9b23ad27e61d9c

      Download Submit
    • C:\Users\Admin\AppData\Local\Programs\OJOLAND\ffmpeg.dll
      Filesize

      2.7MB

      MD5

      a232e79a4b0722a446c747769afdeead

      SHA1

      422a5e94c7461608dbb6811ecca76eececc0e517

      SHA256

      11cbc8daec3a686a7383c6efd595719436342a49c9d471521835d64dfadf7aaa

      SHA512

      19b34f4cc9a042c3651380be4855d76fef53611c63316982f86da77f2f11aea63f276e42d33a93ee147bac53b06f6df0f07282a68b166f24e80b20589bfbfc88

      Download Submit
    • C:\Users\Admin\AppData\Local\Programs\OJOLAND\icudtl.dat
      Filesize

      10.0MB

      MD5

      516f6b90d1539bd1eaeaa2fc32dadb92

      SHA1

      8017789bef98902cdc95c18e67b84378ddd293c0

      SHA256

      51edd31f6c5d298c662af320424b632172a31e3348cdbb201380636c95ded794

      SHA512

      db4b5fd7f8a0e0a331ffa7c574d011b059df8654cdc6ee4970f84fda20b88a3b8706f2605d91d19a6dd86d2702cc9542e026a054d28f85c51b676daa8d3f3bb0

      Download Submit
    • C:\Users\Admin\AppData\Local\Programs\OJOLAND\libegl.dll
      Filesize

      458KB

      MD5

      67ba5fb2aa561a93d6bd38f9e41112e7

      SHA1

      d6f964388180cd1222f0124b7c7db13270bc98a3

      SHA256

      ffa93602b9f03d51ad7d59da7304756e3d9962b26bbb8911dd9a06389ab1add6

      SHA512

      45b8bca05d1e4123b65feb1ac6c3bf3b5bcd41cd200604dcfed6509479f2fdb5367c14fd266c2033aa2e6e54b20f0af705fbc7653cc08e114119848fdb24b408

      Download Submit
    • C:\Users\Admin\AppData\Local\Programs\OJOLAND\libglesv2.dll
      Filesize

      7.1MB

      MD5

      0f0bb49a8c0bf998e26bbaa27e7a0139

      SHA1

      5a76ebe032de97289417805d191ca478ee029def

      SHA256

      d9b32f8e13bbcb632ba3d93a6dea3366c25ee8e059fa5d5bb62ecf2d3c5ce5f3

      SHA512

      8a145c3aa9725fbdb345c9531b50fb3c960b5d8555ff58d738d1017e9ae41b4062a25baf4385e5bec64f9e4ec41993445d9c3ba4d2ccdfea97843acbafaff323

      Download Submit
    • C:\Users\Admin\AppData\Local\Programs\OJOLAND\locales\en-US.pak
      Filesize

      295KB

      MD5

      a2ed0e17819c287b824cae5c0ac03af7

      SHA1

      9694627f89cd65fbb511eacc6c785ab045525ff2

      SHA256

      c4a2c6a90945868a02ad14b3a994e94b123981d56190bd34cc3cb14f31f2270b

      SHA512

      a527351a1c61e6ed4e999c6549ec04b2096712644c4e1f28b48872c031c9f0a4bb118c0ceb40dc3a35315ddc7cf244e3c0c03d864a53d4a76f6dcf1b3889c109

      Download Submit
    • C:\Users\Admin\AppData\Local\Programs\OJOLAND\resources.pak
      Filesize

      5.1MB

      MD5

      915f50ee09363c2e946fa60c3080d97b

      SHA1

      38038c4bee8780aaa89936534e5559fbc6aec953

      SHA256

      d1c062104f136edf33ad4d89460b2e4d9c1e463e792834ab91ef7d2a11953794

      SHA512

      c59543522ae69753996a9912a2dec751f16dab7175c2073864253f77087654d895d12191815b257408b7442d027b0717c6a0d4e5e0b8948a3e60543197c1f10f

      Download Submit
    • C:\Users\Admin\AppData\Local\Programs\OJOLAND\resources\app.asar
      Filesize

      10.7MB

      MD5

      bbf62ce1ebe6f679c1d5b801b9a7ee7e

      SHA1

      f99a8e4216a87dbeeda8274bf64bc2bb6dd53f45

      SHA256

      9fa8f39743099ff465e984eb1d326bdf9f618dad6b0d13992bfef4483ca6a71a

      SHA512

      d6eb93db2f8e6d32cacc4cdf230fefe30f78bc727d201a8cf6f8d670905faba5a0afe2689158c9a65bb613030d34e93879f863541d8d461ef9fcac189525f31e

      Download Submit
    • C:\Users\Admin\AppData\Local\Programs\OJOLAND\v8_context_snapshot.bin
      Filesize

      716KB

      MD5

      7ea15faff14c6631ef7ef7899ec8235d

      SHA1

      b398fb7e8e3afa7886c483b054be4358aba5b800

      SHA256

      1717afb2f6958e37a34ab35b5b796ff2d9fa7d0d4828a405221ac3260b722973

      SHA512

      57e6fdf0c6c64f232fe6c247b955689bba09a9c2bd37124b3b4b419403ee1f1028b5eed6b1e3f96263cbc1762d3c2637e06ffb3a04891772d67487ee2fd8db45

      Download Submit
    • \Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe
      Filesize

      144.9MB

      MD5

      978aa19073c5d119ce3477857ae2d3fb

      SHA1

      2fbf0487f9e0b69f280c51d55ee82801ae42fc0a

      SHA256

      2021025faf1c854534401f53150f3403a979ec1090638970e6ca391b42912ebc

      SHA512

      486f65f8c11e722756f62110f3f6c5b57283b91a3620094081b0c908aef1cb962d069c2a7041207254fc026c130f539baa19d690f2b5ad049c41d266fe894f93

      Download Submit
    • \Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe
      Filesize

      144.9MB

      MD5

      978aa19073c5d119ce3477857ae2d3fb

      SHA1

      2fbf0487f9e0b69f280c51d55ee82801ae42fc0a

      SHA256

      2021025faf1c854534401f53150f3403a979ec1090638970e6ca391b42912ebc

      SHA512

      486f65f8c11e722756f62110f3f6c5b57283b91a3620094081b0c908aef1cb962d069c2a7041207254fc026c130f539baa19d690f2b5ad049c41d266fe894f93

      Download Submit
    • \Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe
      Filesize

      144.9MB

      MD5

      978aa19073c5d119ce3477857ae2d3fb

      SHA1

      2fbf0487f9e0b69f280c51d55ee82801ae42fc0a

      SHA256

      2021025faf1c854534401f53150f3403a979ec1090638970e6ca391b42912ebc

      SHA512

      486f65f8c11e722756f62110f3f6c5b57283b91a3620094081b0c908aef1cb962d069c2a7041207254fc026c130f539baa19d690f2b5ad049c41d266fe894f93

      Download Submit
    • \Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe
      Filesize

      144.9MB

      MD5

      978aa19073c5d119ce3477857ae2d3fb

      SHA1

      2fbf0487f9e0b69f280c51d55ee82801ae42fc0a

      SHA256

      2021025faf1c854534401f53150f3403a979ec1090638970e6ca391b42912ebc

      SHA512

      486f65f8c11e722756f62110f3f6c5b57283b91a3620094081b0c908aef1cb962d069c2a7041207254fc026c130f539baa19d690f2b5ad049c41d266fe894f93

      Download Submit
    • \Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe
      Filesize

      144.9MB

      MD5

      978aa19073c5d119ce3477857ae2d3fb

      SHA1

      2fbf0487f9e0b69f280c51d55ee82801ae42fc0a

      SHA256

      2021025faf1c854534401f53150f3403a979ec1090638970e6ca391b42912ebc

      SHA512

      486f65f8c11e722756f62110f3f6c5b57283b91a3620094081b0c908aef1cb962d069c2a7041207254fc026c130f539baa19d690f2b5ad049c41d266fe894f93

      Download Submit
    • \Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe
      Filesize

      144.9MB

      MD5

      978aa19073c5d119ce3477857ae2d3fb

      SHA1

      2fbf0487f9e0b69f280c51d55ee82801ae42fc0a

      SHA256

      2021025faf1c854534401f53150f3403a979ec1090638970e6ca391b42912ebc

      SHA512

      486f65f8c11e722756f62110f3f6c5b57283b91a3620094081b0c908aef1cb962d069c2a7041207254fc026c130f539baa19d690f2b5ad049c41d266fe894f93

      Download Submit
    • \Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe
      Filesize

      144.9MB

      MD5

      978aa19073c5d119ce3477857ae2d3fb

      SHA1

      2fbf0487f9e0b69f280c51d55ee82801ae42fc0a

      SHA256

      2021025faf1c854534401f53150f3403a979ec1090638970e6ca391b42912ebc

      SHA512

      486f65f8c11e722756f62110f3f6c5b57283b91a3620094081b0c908aef1cb962d069c2a7041207254fc026c130f539baa19d690f2b5ad049c41d266fe894f93

      Download Submit
    • \Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe
      Filesize

      144.9MB

      MD5

      978aa19073c5d119ce3477857ae2d3fb

      SHA1

      2fbf0487f9e0b69f280c51d55ee82801ae42fc0a

      SHA256

      2021025faf1c854534401f53150f3403a979ec1090638970e6ca391b42912ebc

      SHA512

      486f65f8c11e722756f62110f3f6c5b57283b91a3620094081b0c908aef1cb962d069c2a7041207254fc026c130f539baa19d690f2b5ad049c41d266fe894f93

      Download Submit
    • \Users\Admin\AppData\Local\Programs\OJOLAND\OJOLAND Launcher.exe
      Filesize

      144.9MB

      MD5

      978aa19073c5d119ce3477857ae2d3fb

      SHA1

      2fbf0487f9e0b69f280c51d55ee82801ae42fc0a

      SHA256

      2021025faf1c854534401f53150f3403a979ec1090638970e6ca391b42912ebc

      SHA512

      486f65f8c11e722756f62110f3f6c5b57283b91a3620094081b0c908aef1cb962d069c2a7041207254fc026c130f539baa19d690f2b5ad049c41d266fe894f93

      Download Submit
    • \Users\Admin\AppData\Local\Programs\OJOLAND\d3dcompiler_47.dll
      Filesize

      4.7MB

      MD5

      cb9807f6cf55ad799e920b7e0f97df99

      SHA1

      bb76012ded5acd103adad49436612d073d159b29

      SHA256

      5653bc7b0e2701561464ef36602ff6171c96bffe96e4c3597359cd7addcba88a

      SHA512

      f7c65bae4ede13616330ae46a197ebad106920dce6a31fd5a658da29ed1473234ca9e2b39cc9833ff903fb6b52ff19e39e6397fac02f005823ed366ca7a34f62

      Download Submit
    • \Users\Admin\AppData\Local\Programs\OJOLAND\ffmpeg.dll
      Filesize

      2.7MB

      MD5

      a232e79a4b0722a446c747769afdeead

      SHA1

      422a5e94c7461608dbb6811ecca76eececc0e517

      SHA256

      11cbc8daec3a686a7383c6efd595719436342a49c9d471521835d64dfadf7aaa

      SHA512

      19b34f4cc9a042c3651380be4855d76fef53611c63316982f86da77f2f11aea63f276e42d33a93ee147bac53b06f6df0f07282a68b166f24e80b20589bfbfc88

      Download Submit
    • \Users\Admin\AppData\Local\Programs\OJOLAND\ffmpeg.dll
      Filesize

      2.7MB

      MD5

      a232e79a4b0722a446c747769afdeead

      SHA1

      422a5e94c7461608dbb6811ecca76eececc0e517

      SHA256

      11cbc8daec3a686a7383c6efd595719436342a49c9d471521835d64dfadf7aaa

      SHA512

      19b34f4cc9a042c3651380be4855d76fef53611c63316982f86da77f2f11aea63f276e42d33a93ee147bac53b06f6df0f07282a68b166f24e80b20589bfbfc88

      Download Submit
    • \Users\Admin\AppData\Local\Programs\OJOLAND\ffmpeg.dll
      Filesize

      2.7MB

      MD5

      a232e79a4b0722a446c747769afdeead

      SHA1

      422a5e94c7461608dbb6811ecca76eececc0e517

      SHA256

      11cbc8daec3a686a7383c6efd595719436342a49c9d471521835d64dfadf7aaa

      SHA512

      19b34f4cc9a042c3651380be4855d76fef53611c63316982f86da77f2f11aea63f276e42d33a93ee147bac53b06f6df0f07282a68b166f24e80b20589bfbfc88

      Download Submit
    • \Users\Admin\AppData\Local\Programs\OJOLAND\ffmpeg.dll
      Filesize

      2.7MB

      MD5

      a232e79a4b0722a446c747769afdeead

      SHA1

      422a5e94c7461608dbb6811ecca76eececc0e517

      SHA256

      11cbc8daec3a686a7383c6efd595719436342a49c9d471521835d64dfadf7aaa

      SHA512

      19b34f4cc9a042c3651380be4855d76fef53611c63316982f86da77f2f11aea63f276e42d33a93ee147bac53b06f6df0f07282a68b166f24e80b20589bfbfc88

      Download Submit
    • \Users\Admin\AppData\Local\Programs\OJOLAND\ffmpeg.dll
      Filesize

      2.7MB

      MD5

      a232e79a4b0722a446c747769afdeead

      SHA1

      422a5e94c7461608dbb6811ecca76eececc0e517

      SHA256

      11cbc8daec3a686a7383c6efd595719436342a49c9d471521835d64dfadf7aaa

      SHA512

      19b34f4cc9a042c3651380be4855d76fef53611c63316982f86da77f2f11aea63f276e42d33a93ee147bac53b06f6df0f07282a68b166f24e80b20589bfbfc88

      Download Submit
    • \Users\Admin\AppData\Local\Programs\OJOLAND\libEGL.dll
      Filesize

      458KB

      MD5

      67ba5fb2aa561a93d6bd38f9e41112e7

      SHA1

      d6f964388180cd1222f0124b7c7db13270bc98a3

      SHA256

      ffa93602b9f03d51ad7d59da7304756e3d9962b26bbb8911dd9a06389ab1add6

      SHA512

      45b8bca05d1e4123b65feb1ac6c3bf3b5bcd41cd200604dcfed6509479f2fdb5367c14fd266c2033aa2e6e54b20f0af705fbc7653cc08e114119848fdb24b408

      Download Submit
    • \Users\Admin\AppData\Local\Programs\OJOLAND\libGLESv2.dll
      Filesize

      7.1MB

      MD5

      0f0bb49a8c0bf998e26bbaa27e7a0139

      SHA1

      5a76ebe032de97289417805d191ca478ee029def

      SHA256

      d9b32f8e13bbcb632ba3d93a6dea3366c25ee8e059fa5d5bb62ecf2d3c5ce5f3

      SHA512

      8a145c3aa9725fbdb345c9531b50fb3c960b5d8555ff58d738d1017e9ae41b4062a25baf4385e5bec64f9e4ec41993445d9c3ba4d2ccdfea97843acbafaff323

      Download Submit
    • \Users\Admin\AppData\Local\Temp\nsdDC8.tmp\SpiderBanner.dll
      Filesize

      9KB

      MD5

      17309e33b596ba3a5693b4d3e85cf8d7

      SHA1

      7d361836cf53df42021c7f2b148aec9458818c01

      SHA256

      996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93

      SHA512

      1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298

      Download Submit
    • \Users\Admin\AppData\Local\Temp\nsdDC8.tmp\StdUtils.dll
      Filesize

      100KB

      MD5

      c6a6e03f77c313b267498515488c5740

      SHA1

      3d49fc2784b9450962ed6b82b46e9c3c957d7c15

      SHA256

      b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

      SHA512

      9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

      Download Submit
    • \Users\Admin\AppData\Local\Temp\nsdDC8.tmp\System.dll
      Filesize

      12KB

      MD5

      0d7ad4f45dc6f5aa87f606d0331c6901

      SHA1

      48df0911f0484cbe2a8cdd5362140b63c41ee457

      SHA256

      3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

      SHA512

      c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

      Download Submit
    • \Users\Admin\AppData\Local\Temp\nsdDC8.tmp\WinShell.dll
      Filesize

      3KB

      MD5

      1cc7c37b7e0c8cd8bf04b6cc283e1e56

      SHA1

      0b9519763be6625bd5abce175dcc59c96d100d4c

      SHA256

      9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

      SHA512

      7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

      Download Submit
    • \Users\Admin\AppData\Local\Temp\nsdDC8.tmp\WinShell.dll
      Filesize

      3KB

      MD5

      1cc7c37b7e0c8cd8bf04b6cc283e1e56

      SHA1

      0b9519763be6625bd5abce175dcc59c96d100d4c

      SHA256

      9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

      SHA512

      7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

      Download Submit
    • \Users\Admin\AppData\Local\Temp\nsdDC8.tmp\nsExec.dll
      Filesize

      6KB

      MD5

      ec0504e6b8a11d5aad43b296beeb84b2

      SHA1

      91b5ce085130c8c7194d66b2439ec9e1c206497c

      SHA256

      5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962

      SHA512

      3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57

      Download Submit
    • \Users\Admin\AppData\Local\Temp\nsdDC8.tmp\nsis7z.dll
      Filesize

      424KB

      MD5

      80e44ce4895304c6a3a831310fbf8cd0

      SHA1

      36bd49ae21c460be5753a904b4501f1abca53508

      SHA256

      b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592

      SHA512

      c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

      Download Submit
    • memory/684-135-0x0000000000000000-mapping.dmp
      Download
    • memory/972-83-0x000007FEFC421000-0x000007FEFC423000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1020-132-0x0000000000000000-mapping.dmp
      Download
    • memory/1136-62-0x0000000000000000-mapping.dmp
      Download
    • memory/1304-119-0x0000000000000000-mapping.dmp
      Download
    • memory/1304-118-0x0000000147D12000-0x0000000147D13000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1304-117-0x0000000147D12000-0x0000000147D13000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1340-59-0x0000000000000000-mapping.dmp
      Download
    • memory/1500-61-0x0000000000000000-mapping.dmp
      Download
    • memory/1744-120-0x0000000000000000-mapping.dmp
      Download
    • memory/1956-54-0x00000000762F1000-0x00000000762F3000-memory.dmp
      Filesize

      8KB

      Download