Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

TLauncher-...al.exe

windows7-x64

8

TLauncher-...al.exe

windows10-2004-x64

8

Resubmissions

01/02/2023, 03:01

230201-dh2ahsde5s 8

01/02/2023, 02:57

230201-df2s9sbf34 8

Analysis

  • max time kernel
    110s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    01/02/2023, 02:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TLauncher-2.871-Installer-1.0.6-global.exe

  • Size

    23.6MB

  • MD5

    7a4472a78d0651e11d20aa08e43cc045

  • SHA1

    aab1d5f80d7399ae2c1982201733be7681d100b1

  • SHA256

    318df7404e6c4d5538a6d31997b95af52bbb8d40caf5553b3cbd9b1bc4f6db96

  • SHA512

    c152c9d21b0615548173dcc61accb1a1afd5b6f98e6ec21f6a7119536397f07a54ad4087669716c3344dd338ce4f24cecf9989d472f65eaa18c87d496f23c681

  • SSDEEP

    393216:gXQLpnUN/n8IPfs/dQETVlOBbpFEj9GZ1GphRqV56Hpk7IXOzDnKI17fyVS:ggLFUp8aHExiTI3qqHp6zvKcfyVS

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Signatures

  • Downloads MZ/PE file
  • Executes dropped EXE 31 IoCs
  • UPX packed file 41 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Checks computer location settings 2 TTPs 3 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL 64 IoCs
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Adds Run key to start application 2 TTPs 2 IoCs
    persistence
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Enumerates connected drives 3 TTPs 3 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Enumerates system info in registry 2 TTPs 5 IoCs
  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Modifies registry class 64 IoCs
  • Modifies system certificate store 2 TTPs 6 IoCs
    evasionspywaretrojan
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 28 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\TLauncher-2.871-Installer-1.0.6-global.exe
    "C:\Users\Admin\AppData\Local\Temp\TLauncher-2.871-Installer-1.0.6-global.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:744
    • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
      "C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe" __IRAOFF:1910546 "__IRAFN:C:\Users\Admin\AppData\Local\Temp\TLauncher-2.871-Installer-1.0.6-global.exe" "__IRCT:3" "__IRTSS:24771453" "__IRSID:S-1-5-21-3845472200-3839195424-595303356-1000"
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1936
      • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\AdditionalExecuteTL.exe
        "C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\AdditionalExecuteTL.exe" /S:C:\Users\Admin\AppData\Local\Temp\setuparguments.ini
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • Suspicious use of WriteProcessMemory
        PID:680
        • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe
          "C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe" /S:C:\Users\Admin\AppData\Local\Temp\setuparguments.ini __IRAOFF:1816850 "__IRAFN:C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\AdditionalExecuteTL.exe" "__IRCT:3" "__IRTSS:1840872" "__IRSID:S-1-5-21-3845472200-3839195424-595303356-1000"
          4⤵
          • Executes dropped EXE
          • Loads dropped DLL
          • Modifies system certificate store
          • Suspicious use of SetWindowsHookEx
          • Suspicious use of WriteProcessMemory
          PID:1140
          • C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
            "C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe" --silent --allusers=0
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            • Enumerates connected drives
            • Modifies system certificate store
            • Suspicious use of WriteProcessMemory
            PID:1616
            • C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
              C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=94.0.4606.76 --initial-client-data=0x1a4,0x1a8,0x1ac,0x178,0x1b0,0x71298658,0x71298668,0x71298674
              6⤵
              • Executes dropped EXE
              • Loads dropped DLL
              PID:1984
            • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera-installer-bro.exe
              "C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera-installer-bro.exe" --version
              6⤵
              • Executes dropped EXE
              • Loads dropped DLL
              PID:620
            • C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
              "C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --installfolder="C:\Users\Admin\AppData\Local\Programs\Opera" --profile-folder --language=en --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --pin-additional-shortcuts=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --initial-pid=1616 --package-dir-prefix="C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_20230201035901" --session-guid=d7ede383-028e-4a94-9f27-3ed3a8e6a3f8 --server-tracking-blob=YWM3MDVkYTYwNDJlMzc5NzI4MWE2ZmNjYjhkZTE0YjczNTc4NjdkYTU0OGU3YjYxNDEzNjZlZmUzOTE0Yjc5Nzp7ImNvdW50cnkiOiJJTiIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFTZXR1cC5leGUiLCJwcm9kdWN0Ijoib3BlcmEiLCJxdWVyeSI6Ii9vcGVyYS9zdGFibGUvd2luZG93cz91dG1fbWVkaXVtPWFwYiZ1dG1fc291cmNlPU1TVEwmdXRtX2NhbXBhaWduPU9wZXJhRGVza3RvcCIsInRpbWVzdGFtcCI6IjE2NzUyMjAzMzkuNDA0MyIsInVzZXJhZ2VudCI6IlNldHVwIEZhY3RvcnkgOS4wIiwidXRtIjp7ImNhbXBhaWduIjoiT3BlcmFEZXNrdG9wIiwibWVkaXVtIjoiYXBiIiwic291cmNlIjoiTVNUTCJ9LCJ1dWlkIjoiYzg2NmE0NTEtM2MyMi00ZGQwLWExYTktMWRiYjczMTVjODg5In0= --silent --desktopshortcut=1 --wait-for-package --initial-proc-handle=3C03000000000000
              6⤵
              • Executes dropped EXE
              • Loads dropped DLL
              • Enumerates connected drives
              • Suspicious use of WriteProcessMemory
              PID:2016
              • C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
                C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=94.0.4606.76 --initial-client-data=0x1b0,0x1b4,0x1b8,0x178,0x1bc,0x70878658,0x70878668,0x70878674
                7⤵
                • Executes dropped EXE
                • Loads dropped DLL
                PID:2020
              • C:\Users\Admin\AppData\Local\Programs\Opera\94.0.4606.76\installer.exe
                "C:\Users\Admin\AppData\Local\Programs\Opera\94.0.4606.76\installer.exe" --backend --initial-pid=1616 --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --installfolder="C:\Users\Admin\AppData\Local\Programs\Opera" --profile-folder --language=en --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --pin-additional-shortcuts=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --package-dir="C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302010359011" --session-guid=d7ede383-028e-4a94-9f27-3ed3a8e6a3f8 --server-tracking-blob=YWM3MDVkYTYwNDJlMzc5NzI4MWE2ZmNjYjhkZTE0YjczNTc4NjdkYTU0OGU3YjYxNDEzNjZlZmUzOTE0Yjc5Nzp7ImNvdW50cnkiOiJJTiIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFTZXR1cC5leGUiLCJwcm9kdWN0Ijoib3BlcmEiLCJxdWVyeSI6Ii9vcGVyYS9zdGFibGUvd2luZG93cz91dG1fbWVkaXVtPWFwYiZ1dG1fc291cmNlPU1TVEwmdXRtX2NhbXBhaWduPU9wZXJhRGVza3RvcCIsInRpbWVzdGFtcCI6IjE2NzUyMjAzMzkuNDA0MyIsInVzZXJhZ2VudCI6IlNldHVwIEZhY3RvcnkgOS4wIiwidXRtIjp7ImNhbXBhaWduIjoiT3BlcmFEZXNrdG9wIiwibWVkaXVtIjoiYXBiIiwic291cmNlIjoiTVNUTCJ9LCJ1dWlkIjoiYzg2NmE0NTEtM2MyMi00ZGQwLWExYTktMWRiYjczMTVjODg5In0= --silent --desktopshortcut=1 --install-subfolder=94.0.4606.76
                7⤵
                • Executes dropped EXE
                • Loads dropped DLL
                • Enumerates connected drives
                • Modifies registry class
                PID:1632
                • C:\Users\Admin\AppData\Local\Programs\Opera\94.0.4606.76\installer.exe
                  C:\Users\Admin\AppData\Local\Programs\Opera\94.0.4606.76\installer.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=94.0.4606.76 --initial-client-data=0x174,0x178,0x17c,0x148,0x180,0x7fef6472c98,0x7fef6472ca8,0x7fef6472cb8
                  8⤵
                  • Executes dropped EXE
                  • Loads dropped DLL
                  PID:1500
                • C:\Users\Admin\AppData\Local\Programs\Opera\launcher.exe
                  "C:\Users\Admin\AppData\Local\Programs\Opera\launcher.exe" --start-maximized
                  8⤵
                  • Executes dropped EXE
                  • Loads dropped DLL
                  PID:1628
                  • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
                    "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --start-maximized --ran-launcher
                    9⤵
                    • Executes dropped EXE
                    • Loads dropped DLL
                    • Enumerates system info in registry
                    PID:1976
                    • C:\Users\Admin\AppData\Local\Programs\Opera\94.0.4606.76\opera_crashreporter.exe
                      C:\Users\Admin\AppData\Local\Programs\Opera\94.0.4606.76\opera_crashreporter.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=94.0.4606.76 --initial-client-data=0x15c,0x160,0x164,0x130,0x168,0x7feee57c490,0x7feee57c4a0,0x7feee57c4b0
                      10⤵
                      • Executes dropped EXE
                      PID:1960
                    • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
                      "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=gpu-process --start-stack-profiler --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1012 --field-trial-handle=1088,i,12685168491756695421,13449884455704973784,131072 /prefetch:2
                      10⤵
                        PID:2140
              • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302010359011\assistant\_sfx.exe
                "C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302010359011\assistant\_sfx.exe"
                6⤵
                • Executes dropped EXE
                PID:1812
              • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302010359011\assistant\assistant_installer.exe
                "C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302010359011\assistant\assistant_installer.exe" --version
                6⤵
                • Executes dropped EXE
                • Loads dropped DLL
                PID:1104
                • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302010359011\assistant\assistant_installer.exe
                  "C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302010359011\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=94.0.4606.38 --initial-client-data=0x148,0x14c,0x150,0x11c,0x154,0x582dc0,0x582dd0,0x582ddc
                  7⤵
                  • Executes dropped EXE
                  PID:752
        • C:\Users\Admin\AppData\Local\Temp\jre-windows.exe
          "C:\Users\Admin\AppData\Local\Temp\jre-windows.exe" STATIC=1
          3⤵
            PID:2864
            • C:\Users\Admin\AppData\Local\Temp\jds7198385.tmp\jre-windows.exe
              "C:\Users\Admin\AppData\Local\Temp\jds7198385.tmp\jre-windows.exe" "STATIC=1"
              4⤵
                PID:2312
        • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
          "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --start-maximized --ran-launcher --flag-switches-begin --flag-switches-end --enable-quic --lowered-browser
          1⤵
          • Executes dropped EXE
          • Checks computer location settings
          • Loads dropped DLL
          • Adds Run key to start application
          • Enumerates system info in registry
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious use of AdjustPrivilegeToken
          PID:2204
          • C:\Users\Admin\AppData\Local\Programs\Opera\94.0.4606.76\opera_crashreporter.exe
            C:\Users\Admin\AppData\Local\Programs\Opera\94.0.4606.76\opera_crashreporter.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=94.0.4606.76 --initial-client-data=0x15c,0x160,0x164,0x130,0x168,0x7feee57c490,0x7feee57c4a0,0x7feee57c4b0
            2⤵
            • Executes dropped EXE
            PID:2276
          • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
            "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=gpu-process --start-stack-profiler --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1164 --field-trial-handle=1100,i,17205556854810990714,16529302859845664017,131072 /prefetch:2
            2⤵
            • Executes dropped EXE
            PID:2468
          • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
            "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --enable-quic --start-stack-profiler --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --mojo-platform-channel-handle=1340 --field-trial-handle=1100,i,17205556854810990714,16529302859845664017,131072 /prefetch:8
            2⤵
            • Executes dropped EXE
            PID:2636
          • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
            "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --mojo-platform-channel-handle=1464 --field-trial-handle=1100,i,17205556854810990714,16529302859845664017,131072 /prefetch:8
            2⤵
            • Executes dropped EXE
            PID:2648
          • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
            "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --mojo-platform-channel-handle=1828 --field-trial-handle=1100,i,17205556854810990714,16529302859845664017,131072 /prefetch:8
            2⤵
            • Executes dropped EXE
            PID:2856
          • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
            "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --mojo-platform-channel-handle=1840 --field-trial-handle=1100,i,17205556854810990714,16529302859845664017,131072 /prefetch:8
            2⤵
            • Executes dropped EXE
            PID:3020
          • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
            "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --mojo-platform-channel-handle=1852 --field-trial-handle=1100,i,17205556854810990714,16529302859845664017,131072 /prefetch:8
            2⤵
            • Executes dropped EXE
            PID:644
          • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
            "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --mojo-platform-channel-handle=1864 --field-trial-handle=1100,i,17205556854810990714,16529302859845664017,131072 /prefetch:8
            2⤵
            • Executes dropped EXE
            PID:2264
          • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
            "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --mojo-platform-channel-handle=1876 --field-trial-handle=1100,i,17205556854810990714,16529302859845664017,131072 /prefetch:8
            2⤵
            • Executes dropped EXE
            PID:1956
          • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
            "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --mojo-platform-channel-handle=1888 --field-trial-handle=1100,i,17205556854810990714,16529302859845664017,131072 /prefetch:8
            2⤵
            • Executes dropped EXE
            PID:2732
          • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
            "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --start-stack-profiler --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=13 --mojo-platform-channel-handle=1908 --field-trial-handle=1100,i,17205556854810990714,16529302859845664017,131072 /prefetch:1
            2⤵
            • Executes dropped EXE
            • Checks computer location settings
            PID:2948
          • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
            "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --mojo-platform-channel-handle=1920 --field-trial-handle=1100,i,17205556854810990714,16529302859845664017,131072 /prefetch:1
            2⤵
            • Executes dropped EXE
            • Checks computer location settings
            PID:2096
          • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
            "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=14 --mojo-platform-channel-handle=2308 --field-trial-handle=1100,i,17205556854810990714,16529302859845664017,131072 /prefetch:1
            2⤵
            • Executes dropped EXE
            PID:2404
          • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
            "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --mojo-platform-channel-handle=2300 --field-trial-handle=1100,i,17205556854810990714,16529302859845664017,131072 /prefetch:1
            2⤵
              PID:2836
            • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
              "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --start-stack-profiler --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --mojo-platform-channel-handle=2292 --field-trial-handle=1100,i,17205556854810990714,16529302859845664017,131072 /prefetch:1
              2⤵
                PID:1440
              • C:\Users\Admin\AppData\Local\Programs\Opera\94.0.4606.76\opera_autoupdate.exe
                "C:\Users\Admin\AppData\Local\Programs\Opera\94.0.4606.76\opera_autoupdate.exe" --user-data-dir="C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable" --pipeid=oauc_pipe2906202b27b41e4bd66c9238c4b575c1
                2⤵
                  PID:2232
                  • C:\Users\Admin\AppData\Local\Programs\Opera\94.0.4606.76\opera_autoupdate.exe
                    C:\Users\Admin\AppData\Local\Programs\Opera\94.0.4606.76\opera_autoupdate.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=94.0.4606.76 --initial-client-data=0x138,0x13c,0x140,0x10c,0x144,0x13f71ab38,0x13f71ab48,0x13f71ab58
                    3⤵
                      PID:2632
                  • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
                    "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --start-stack-profiler --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=2284 --field-trial-handle=1100,i,17205556854810990714,16529302859845664017,131072 /prefetch:1
                    2⤵
                      PID:1616
                    • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
                      "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=2204 --field-trial-handle=1100,i,17205556854810990714,16529302859845664017,131072 /prefetch:1
                      2⤵
                        PID:2788
                      • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
                        "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --extension-process --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --mojo-platform-channel-handle=2252 --field-trial-handle=1100,i,17205556854810990714,16529302859845664017,131072 /prefetch:1
                        2⤵
                          PID:852
                        • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
                          "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=gpu-process --start-stack-profiler --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2968 --field-trial-handle=1100,i,17205556854810990714,16529302859845664017,131072 /prefetch:2
                          2⤵
                            PID:1528
                          • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
                            "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --enable-quic --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --mojo-platform-channel-handle=1924 --field-trial-handle=1100,i,17205556854810990714,16529302859845664017,131072 /prefetch:8
                            2⤵
                              PID:1208
                            • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
                              "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --extension-process --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --mojo-platform-channel-handle=3092 --field-trial-handle=1100,i,17205556854810990714,16529302859845664017,131072 /prefetch:1
                              2⤵
                                PID:2584
                            • C:\Windows\system32\taskeng.exe
                              taskeng.exe {445AE8FB-27B4-44ED-8581-C02FDB77807B} S-1-5-21-3845472200-3839195424-595303356-1000:ZERMMMDR\Admin:Interactive:[1]
                              1⤵
                                PID:2928
                                • C:\Users\Admin\AppData\Local\Programs\Opera\launcher.exe
                                  C:\Users\Admin\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate --autoupdaterequesttype=automatic --autoupdateoperaversion=94.0.4606.76 --newautoupdaterlogic
                                  2⤵
                                    PID:2148
                                    • C:\Users\Admin\AppData\Local\Temp\.opera\72A8C838D015\installer.exe
                                      "C:\Users\Admin\AppData\Local\Temp\.opera\72A8C838D015\installer.exe" --version
                                      3⤵
                                        PID:1076

                                  Network

                                  MITRE ATT&CK Enterprise v6

                                  Replay Monitor

                                  Loading Replay Monitor...

                                  Downloads

                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_ADE4E4D3A3BCBCA5C39C54D362D88565
                                    Filesize

                                    471B

                                    MD5

                                    9cbb254ca8da5a4099c66d7dce2d69de

                                    SHA1

                                    3f328e1410c5c4ea2fa2b387dbef7c6479ea258c

                                    SHA256

                                    f6cad04bfeb909acd5c89c6137fd33b267fa2e021553b3515c82e9d7cfb3fc58

                                    SHA512

                                    93fe3387c563d18ea2f9cb96f1d868d1d5a26c0490126242279a6f39a2df53311fc9806ee14b4b0301195a17dd75abc318695aa0a328330820e8fc20b6fed4a4

                                    Download Submit

                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                                    Filesize

                                    340B

                                    MD5

                                    6fc470d77401d0d00d200dda42329483

                                    SHA1

                                    193b56f07abd0327cea05dc0bff2599f3cf969db

                                    SHA256

                                    486d24d6702bb843b373725615f1415af02bd26ec81f9ae0b002dbfa6009e043

                                    SHA512

                                    b36e23fd03488dedcebcb3136a46ec9675951d0b19f1ec925b806c54fdc45bf58b388934dcea1ee796599834c97314746d7b2bb72def14b6638438aded82ff20

                                    Download Submit

                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_ADE4E4D3A3BCBCA5C39C54D362D88565
                                    Filesize

                                    434B

                                    MD5

                                    ab53658c95c813cd25adf1edfc37d68b

                                    SHA1

                                    ab5c9344dbf5a114a23d7fba40d6c7f2e9027aac

                                    SHA256

                                    5b2e70daa0fab632bce1786df6134cd732c756c85db0a7fe97074c530de87b86

                                    SHA512

                                    643ec95a7458ca127ba4cfb551de3bbfb0c13223b72f1e4797fa5db85b4fbe22fad9f3526f526ffaf7967840e9b03f813ca02c47d3210e79ea43854ae80be7b9

                                    Download Submit

                                  • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera-installer-bro.exe
                                    Filesize

                                    2.7MB

                                    MD5

                                    b72b15de237ef6315794e77a15056330

                                    SHA1

                                    f1e1ccd4da213a563ac4b69fa74f3fea0c9e5799

                                    SHA256

                                    6dc9f4de36e19e9b5ceab7043b00981040dfe5fcfce291e6dcbf661eba102352

                                    SHA512

                                    3031b4e678a459b7fef010cd60fd1ba782f1769ab113b3a61de8048befe2c75f6355638a5c9d9c64dbfdb9db494002b333fe55e250255457452772afcec939bf

                                    Download Submit

                                  • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302010359011\assistant\_sfx.exe
                                    Filesize

                                    1.7MB

                                    MD5

                                    0238df215bf6943892daf85de8ad433a

                                    SHA1

                                    3d905e4e2c0e9170df61b7a199321847691f945e

                                    SHA256

                                    a7818aca6acbe347df13d51d9750f6a852c5aa2a58580f7f2015113e0a3e06d7

                                    SHA512

                                    fc6c12e359b9a4ce84ef878f29648a4c97c38fd12ed80996c5e03829833220010fff9c751a99f399dad3529bda6438424194ed18236addfbe430343807aaad69

                                    Download Submit

                                  • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302010359011\assistant\_sfx.exe
                                    Filesize

                                    1.7MB

                                    MD5

                                    0238df215bf6943892daf85de8ad433a

                                    SHA1

                                    3d905e4e2c0e9170df61b7a199321847691f945e

                                    SHA256

                                    a7818aca6acbe347df13d51d9750f6a852c5aa2a58580f7f2015113e0a3e06d7

                                    SHA512

                                    fc6c12e359b9a4ce84ef878f29648a4c97c38fd12ed80996c5e03829833220010fff9c751a99f399dad3529bda6438424194ed18236addfbe430343807aaad69

                                    Download Submit

                                  • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302010359011\assistant\assistant_installer.exe
                                    Filesize

                                    2.1MB

                                    MD5

                                    9df6e2fbb7e38964f35016bf91ef7424

                                    SHA1

                                    d0c1266dc46814bc6165cf6a69e90581228989a7

                                    SHA256

                                    3573825f31875d403832de8e06aabc2adbdf0c5279d80ea62dfcb1f159f06c1d

                                    SHA512

                                    b14c2224ae10c80429205a39791745b1627c1a487176c06aa105d0689e77fb0b86427e1a7d5aef5d06460070b3df4ebea41db67d54e221ea25979b3bb5318d3e

                                    Download Submit

                                  • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302010359011\assistant\assistant_installer.exe
                                    Filesize

                                    2.1MB

                                    MD5

                                    9df6e2fbb7e38964f35016bf91ef7424

                                    SHA1

                                    d0c1266dc46814bc6165cf6a69e90581228989a7

                                    SHA256

                                    3573825f31875d403832de8e06aabc2adbdf0c5279d80ea62dfcb1f159f06c1d

                                    SHA512

                                    b14c2224ae10c80429205a39791745b1627c1a487176c06aa105d0689e77fb0b86427e1a7d5aef5d06460070b3df4ebea41db67d54e221ea25979b3bb5318d3e

                                    Download Submit

                                  • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302010359011\assistant\assistant_installer.exe
                                    Filesize

                                    2.1MB

                                    MD5

                                    9df6e2fbb7e38964f35016bf91ef7424

                                    SHA1

                                    d0c1266dc46814bc6165cf6a69e90581228989a7

                                    SHA256

                                    3573825f31875d403832de8e06aabc2adbdf0c5279d80ea62dfcb1f159f06c1d

                                    SHA512

                                    b14c2224ae10c80429205a39791745b1627c1a487176c06aa105d0689e77fb0b86427e1a7d5aef5d06460070b3df4ebea41db67d54e221ea25979b3bb5318d3e

                                    Download Submit

                                  • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\AdditionalExecuteTL.exe
                                    Filesize

                                    1.8MB

                                    MD5

                                    aa4de04ccc16b74a4c2301da8d621ec1

                                    SHA1

                                    d05c6d8200f6e6b1283df82d24d687adc47d9664

                                    SHA256

                                    e2b0c8e54983b6fcd847a891c5443cb321fb4f0c9106ec8ed6a37cab5ebcc81b

                                    SHA512

                                    28d62bbe394bc2300d60263971cdee15fa417c6fcc7e44ecd2b3b567821e99953377383d137b0827f3f904d30deb508732bcb77cd37d444032d6ffc25c60712e

                                    Download Submit

                                  • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\AdditionalExecuteTL.exe
                                    Filesize

                                    1.8MB

                                    MD5

                                    aa4de04ccc16b74a4c2301da8d621ec1

                                    SHA1

                                    d05c6d8200f6e6b1283df82d24d687adc47d9664

                                    SHA256

                                    e2b0c8e54983b6fcd847a891c5443cb321fb4f0c9106ec8ed6a37cab5ebcc81b

                                    SHA512

                                    28d62bbe394bc2300d60263971cdee15fa417c6fcc7e44ecd2b3b567821e99953377383d137b0827f3f904d30deb508732bcb77cd37d444032d6ffc25c60712e

                                    Download Submit

                                  • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
                                    Filesize

                                    1.3MB

                                    MD5

                                    7e08af319c9eb3297e09ca7bb8387de4

                                    SHA1

                                    4cf091f77a3eb9437ef33985e64bd10c1257284f

                                    SHA256

                                    6c006c982746826a613bc0f09890955a1cdca309d9d98572aed35ad782dd11c8

                                    SHA512

                                    bb7aaebd3f6c1ff18bd0cb9eb9347894f0785dc011ec9765d9bc180de9b60769c891151626fdef88aa3fd53ae6246c1cb91f723933da54920bfbc8a5a24f8851

                                    Download Submit

                                  • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
                                    Filesize

                                    1.3MB

                                    MD5

                                    7e08af319c9eb3297e09ca7bb8387de4

                                    SHA1

                                    4cf091f77a3eb9437ef33985e64bd10c1257284f

                                    SHA256

                                    6c006c982746826a613bc0f09890955a1cdca309d9d98572aed35ad782dd11c8

                                    SHA512

                                    bb7aaebd3f6c1ff18bd0cb9eb9347894f0785dc011ec9765d9bc180de9b60769c891151626fdef88aa3fd53ae6246c1cb91f723933da54920bfbc8a5a24f8851

                                    Download Submit

                                  • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\lua5.1.dll
                                    Filesize

                                    326KB

                                    MD5

                                    80d93d38badecdd2b134fe4699721223

                                    SHA1

                                    e829e58091bae93bc64e0c6f9f0bac999cfda23d

                                    SHA256

                                    c572a6103af1526f97e708a229a532fd02100a52b949f721052107f1f55e0c59

                                    SHA512

                                    9f28073cc186b55ef64661c2e4f6fe1c112785a262b9d8e9a431703fdb1000f1d8cc0b2a3c153c822cfd48782ae945742ccb07beae4d6388d5d0b4df03103bd4

                                    Download Submit

                                  • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe
                                    Filesize

                                    1.3MB

                                    MD5

                                    e801c5847f5f9d207db53aaaf5c6f3a2

                                    SHA1

                                    8e6818ce66555e2cca92e5c5f32551fb4a91645e

                                    SHA256

                                    196eb4b81988326f6b44b1efcc4fa7a31a289bcf3893a16c3db6f889aa439b03

                                    SHA512

                                    303ab54112fd38a36c10484037f8ff4eeadd0c6f7dde18cf4f3b7f64bf7f7756b30f634427be1cf596ec995f41923c8678040a9a06244129f2337a3fe2f9bab3

                                    Download Submit

                                  • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe
                                    Filesize

                                    1.3MB

                                    MD5

                                    e801c5847f5f9d207db53aaaf5c6f3a2

                                    SHA1

                                    8e6818ce66555e2cca92e5c5f32551fb4a91645e

                                    SHA256

                                    196eb4b81988326f6b44b1efcc4fa7a31a289bcf3893a16c3db6f889aa439b03

                                    SHA512

                                    303ab54112fd38a36c10484037f8ff4eeadd0c6f7dde18cf4f3b7f64bf7f7756b30f634427be1cf596ec995f41923c8678040a9a06244129f2337a3fe2f9bab3

                                    Download Submit

                                  • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\lua5.1.dll
                                    Filesize

                                    326KB

                                    MD5

                                    80d93d38badecdd2b134fe4699721223

                                    SHA1

                                    e829e58091bae93bc64e0c6f9f0bac999cfda23d

                                    SHA256

                                    c572a6103af1526f97e708a229a532fd02100a52b949f721052107f1f55e0c59

                                    SHA512

                                    9f28073cc186b55ef64661c2e4f6fe1c112785a262b9d8e9a431703fdb1000f1d8cc0b2a3c153c822cfd48782ae945742ccb07beae4d6388d5d0b4df03103bd4

                                    Download Submit

                                  • C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
                                    Filesize

                                    2.7MB

                                    MD5

                                    b72b15de237ef6315794e77a15056330

                                    SHA1

                                    f1e1ccd4da213a563ac4b69fa74f3fea0c9e5799

                                    SHA256

                                    6dc9f4de36e19e9b5ceab7043b00981040dfe5fcfce291e6dcbf661eba102352

                                    SHA512

                                    3031b4e678a459b7fef010cd60fd1ba782f1769ab113b3a61de8048befe2c75f6355638a5c9d9c64dbfdb9db494002b333fe55e250255457452772afcec939bf

                                    Download Submit

                                  • C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
                                    Filesize

                                    2.7MB

                                    MD5

                                    b72b15de237ef6315794e77a15056330

                                    SHA1

                                    f1e1ccd4da213a563ac4b69fa74f3fea0c9e5799

                                    SHA256

                                    6dc9f4de36e19e9b5ceab7043b00981040dfe5fcfce291e6dcbf661eba102352

                                    SHA512

                                    3031b4e678a459b7fef010cd60fd1ba782f1769ab113b3a61de8048befe2c75f6355638a5c9d9c64dbfdb9db494002b333fe55e250255457452772afcec939bf

                                    Download Submit

                                  • C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
                                    Filesize

                                    2.7MB

                                    MD5

                                    b72b15de237ef6315794e77a15056330

                                    SHA1

                                    f1e1ccd4da213a563ac4b69fa74f3fea0c9e5799

                                    SHA256

                                    6dc9f4de36e19e9b5ceab7043b00981040dfe5fcfce291e6dcbf661eba102352

                                    SHA512

                                    3031b4e678a459b7fef010cd60fd1ba782f1769ab113b3a61de8048befe2c75f6355638a5c9d9c64dbfdb9db494002b333fe55e250255457452772afcec939bf

                                    Download Submit

                                  • C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
                                    Filesize

                                    2.7MB

                                    MD5

                                    b72b15de237ef6315794e77a15056330

                                    SHA1

                                    f1e1ccd4da213a563ac4b69fa74f3fea0c9e5799

                                    SHA256

                                    6dc9f4de36e19e9b5ceab7043b00981040dfe5fcfce291e6dcbf661eba102352

                                    SHA512

                                    3031b4e678a459b7fef010cd60fd1ba782f1769ab113b3a61de8048befe2c75f6355638a5c9d9c64dbfdb9db494002b333fe55e250255457452772afcec939bf

                                    Download Submit

                                  • C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
                                    Filesize

                                    2.7MB

                                    MD5

                                    b72b15de237ef6315794e77a15056330

                                    SHA1

                                    f1e1ccd4da213a563ac4b69fa74f3fea0c9e5799

                                    SHA256

                                    6dc9f4de36e19e9b5ceab7043b00981040dfe5fcfce291e6dcbf661eba102352

                                    SHA512

                                    3031b4e678a459b7fef010cd60fd1ba782f1769ab113b3a61de8048befe2c75f6355638a5c9d9c64dbfdb9db494002b333fe55e250255457452772afcec939bf

                                    Download Submit

                                  • C:\Users\Admin\AppData\Local\Temp\setuparguments.ini
                                    Filesize

                                    602B

                                    MD5

                                    a8ce36b26dc26dee2ce636806f6ef6da

                                    SHA1

                                    cdb5144c3a8d9af9722cbd73cdd35146e839cc1e

                                    SHA256

                                    1da7bff55479e5ebe75ce742f05a8a24969056c3bdf9b5dac071581cfb67d469

                                    SHA512

                                    1bf64beeca1cded7ad9389e40592a2ab6f292ab42748d214e97b8d26abceab1cf281e410ed2646b1855f6cbcb17867dc96e82873c60aa083632903320c9bdd77

                                    Download Submit

                                  • C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports\settings.dat
                                    Filesize

                                    40B

                                    MD5

                                    0731f523d68dc0d06cd17c5ac9bc2967

                                    SHA1

                                    9604893b23c7bf4a4ef59afb7c54e48b2d3537a7

                                    SHA256

                                    4185a9ffca06bd9b0a1f0f723d6269eba86b9f318f087180c66fdcf09325fd0c

                                    SHA512

                                    403b82dc3a01176e59ab3758b623f7923a82dc82a4a9e7e886aa2896ea075ee52da9073f363a69fa1a5015e7054193a4b771ff66018953ce8fa765d45806cf81

                                    Download Submit

                                  • C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports\settings.dat
                                    Filesize

                                    40B

                                    MD5

                                    0731f523d68dc0d06cd17c5ac9bc2967

                                    SHA1

                                    9604893b23c7bf4a4ef59afb7c54e48b2d3537a7

                                    SHA256

                                    4185a9ffca06bd9b0a1f0f723d6269eba86b9f318f087180c66fdcf09325fd0c

                                    SHA512

                                    403b82dc3a01176e59ab3758b623f7923a82dc82a4a9e7e886aa2896ea075ee52da9073f363a69fa1a5015e7054193a4b771ff66018953ce8fa765d45806cf81

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera-installer-bro.exe
                                    Filesize

                                    2.7MB

                                    MD5

                                    b72b15de237ef6315794e77a15056330

                                    SHA1

                                    f1e1ccd4da213a563ac4b69fa74f3fea0c9e5799

                                    SHA256

                                    6dc9f4de36e19e9b5ceab7043b00981040dfe5fcfce291e6dcbf661eba102352

                                    SHA512

                                    3031b4e678a459b7fef010cd60fd1ba782f1769ab113b3a61de8048befe2c75f6355638a5c9d9c64dbfdb9db494002b333fe55e250255457452772afcec939bf

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302010359011\assistant\_sfx.exe
                                    Filesize

                                    1.7MB

                                    MD5

                                    0238df215bf6943892daf85de8ad433a

                                    SHA1

                                    3d905e4e2c0e9170df61b7a199321847691f945e

                                    SHA256

                                    a7818aca6acbe347df13d51d9750f6a852c5aa2a58580f7f2015113e0a3e06d7

                                    SHA512

                                    fc6c12e359b9a4ce84ef878f29648a4c97c38fd12ed80996c5e03829833220010fff9c751a99f399dad3529bda6438424194ed18236addfbe430343807aaad69

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302010359011\assistant\assistant_installer.exe
                                    Filesize

                                    2.1MB

                                    MD5

                                    9df6e2fbb7e38964f35016bf91ef7424

                                    SHA1

                                    d0c1266dc46814bc6165cf6a69e90581228989a7

                                    SHA256

                                    3573825f31875d403832de8e06aabc2adbdf0c5279d80ea62dfcb1f159f06c1d

                                    SHA512

                                    b14c2224ae10c80429205a39791745b1627c1a487176c06aa105d0689e77fb0b86427e1a7d5aef5d06460070b3df4ebea41db67d54e221ea25979b3bb5318d3e

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302010359011\assistant\assistant_installer.exe
                                    Filesize

                                    2.1MB

                                    MD5

                                    9df6e2fbb7e38964f35016bf91ef7424

                                    SHA1

                                    d0c1266dc46814bc6165cf6a69e90581228989a7

                                    SHA256

                                    3573825f31875d403832de8e06aabc2adbdf0c5279d80ea62dfcb1f159f06c1d

                                    SHA512

                                    b14c2224ae10c80429205a39791745b1627c1a487176c06aa105d0689e77fb0b86427e1a7d5aef5d06460070b3df4ebea41db67d54e221ea25979b3bb5318d3e

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302010359011\opera_package
                                    Filesize

                                    86.7MB

                                    MD5

                                    038275aad393989e8c0b6634da083fc7

                                    SHA1

                                    65b4ebd22a289935b71d41077a06eeda11eed154

                                    SHA256

                                    ac96d0fca59c713690e2dd0d899c90d0c27ad4784f8425656ae14aefdaca3d05

                                    SHA512

                                    2dd5bdfa1e500232ac0ac06030db3b73b3a5af2a8d9fa1601913deeb853ec99249387bc96f5efa25919fa3ef2bf1c512e21dd07b2baecccacfa90548cd21a4d8

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302010359011\opera_package
                                    Filesize

                                    86.7MB

                                    MD5

                                    038275aad393989e8c0b6634da083fc7

                                    SHA1

                                    65b4ebd22a289935b71d41077a06eeda11eed154

                                    SHA256

                                    ac96d0fca59c713690e2dd0d899c90d0c27ad4784f8425656ae14aefdaca3d05

                                    SHA512

                                    2dd5bdfa1e500232ac0ac06030db3b73b3a5af2a8d9fa1601913deeb853ec99249387bc96f5efa25919fa3ef2bf1c512e21dd07b2baecccacfa90548cd21a4d8

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\Opera_installer_2302010358592591616.dll
                                    Filesize

                                    4.3MB

                                    MD5

                                    832ae69091fba73338df9103db4f8be1

                                    SHA1

                                    d386710f4a8b5cfcf0ef2e0acc73f4dd883094b7

                                    SHA256

                                    191b3d16fa277b5dcbaa342ccafaea28c3ad25ddc1f9fa6ab2f3e23d46931e47

                                    SHA512

                                    b14835a3ac8e0a1089ded8620b2664ef2f1c86392f979ea4ac4e53eca97e1fbf3327ad40e8ea496bd9d4be36490cd781a12987e500d09d8d023847b90c76c387

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\Opera_installer_2302010359000701984.dll
                                    Filesize

                                    4.3MB

                                    MD5

                                    832ae69091fba73338df9103db4f8be1

                                    SHA1

                                    d386710f4a8b5cfcf0ef2e0acc73f4dd883094b7

                                    SHA256

                                    191b3d16fa277b5dcbaa342ccafaea28c3ad25ddc1f9fa6ab2f3e23d46931e47

                                    SHA512

                                    b14835a3ac8e0a1089ded8620b2664ef2f1c86392f979ea4ac4e53eca97e1fbf3327ad40e8ea496bd9d4be36490cd781a12987e500d09d8d023847b90c76c387

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\Opera_installer_230201035901131620.dll
                                    Filesize

                                    4.3MB

                                    MD5

                                    832ae69091fba73338df9103db4f8be1

                                    SHA1

                                    d386710f4a8b5cfcf0ef2e0acc73f4dd883094b7

                                    SHA256

                                    191b3d16fa277b5dcbaa342ccafaea28c3ad25ddc1f9fa6ab2f3e23d46931e47

                                    SHA512

                                    b14835a3ac8e0a1089ded8620b2664ef2f1c86392f979ea4ac4e53eca97e1fbf3327ad40e8ea496bd9d4be36490cd781a12987e500d09d8d023847b90c76c387

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\Opera_installer_2302010359029402016.dll
                                    Filesize

                                    4.3MB

                                    MD5

                                    832ae69091fba73338df9103db4f8be1

                                    SHA1

                                    d386710f4a8b5cfcf0ef2e0acc73f4dd883094b7

                                    SHA256

                                    191b3d16fa277b5dcbaa342ccafaea28c3ad25ddc1f9fa6ab2f3e23d46931e47

                                    SHA512

                                    b14835a3ac8e0a1089ded8620b2664ef2f1c86392f979ea4ac4e53eca97e1fbf3327ad40e8ea496bd9d4be36490cd781a12987e500d09d8d023847b90c76c387

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\Opera_installer_2302010359049842020.dll
                                    Filesize

                                    4.3MB

                                    MD5

                                    832ae69091fba73338df9103db4f8be1

                                    SHA1

                                    d386710f4a8b5cfcf0ef2e0acc73f4dd883094b7

                                    SHA256

                                    191b3d16fa277b5dcbaa342ccafaea28c3ad25ddc1f9fa6ab2f3e23d46931e47

                                    SHA512

                                    b14835a3ac8e0a1089ded8620b2664ef2f1c86392f979ea4ac4e53eca97e1fbf3327ad40e8ea496bd9d4be36490cd781a12987e500d09d8d023847b90c76c387

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\AdditionalExecuteTL.exe
                                    Filesize

                                    1.8MB

                                    MD5

                                    aa4de04ccc16b74a4c2301da8d621ec1

                                    SHA1

                                    d05c6d8200f6e6b1283df82d24d687adc47d9664

                                    SHA256

                                    e2b0c8e54983b6fcd847a891c5443cb321fb4f0c9106ec8ed6a37cab5ebcc81b

                                    SHA512

                                    28d62bbe394bc2300d60263971cdee15fa417c6fcc7e44ecd2b3b567821e99953377383d137b0827f3f904d30deb508732bcb77cd37d444032d6ffc25c60712e

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\AdditionalExecuteTL.exe
                                    Filesize

                                    1.8MB

                                    MD5

                                    aa4de04ccc16b74a4c2301da8d621ec1

                                    SHA1

                                    d05c6d8200f6e6b1283df82d24d687adc47d9664

                                    SHA256

                                    e2b0c8e54983b6fcd847a891c5443cb321fb4f0c9106ec8ed6a37cab5ebcc81b

                                    SHA512

                                    28d62bbe394bc2300d60263971cdee15fa417c6fcc7e44ecd2b3b567821e99953377383d137b0827f3f904d30deb508732bcb77cd37d444032d6ffc25c60712e

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\AdditionalExecuteTL.exe
                                    Filesize

                                    1.8MB

                                    MD5

                                    aa4de04ccc16b74a4c2301da8d621ec1

                                    SHA1

                                    d05c6d8200f6e6b1283df82d24d687adc47d9664

                                    SHA256

                                    e2b0c8e54983b6fcd847a891c5443cb321fb4f0c9106ec8ed6a37cab5ebcc81b

                                    SHA512

                                    28d62bbe394bc2300d60263971cdee15fa417c6fcc7e44ecd2b3b567821e99953377383d137b0827f3f904d30deb508732bcb77cd37d444032d6ffc25c60712e

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\AdditionalExecuteTL.exe
                                    Filesize

                                    1.8MB

                                    MD5

                                    aa4de04ccc16b74a4c2301da8d621ec1

                                    SHA1

                                    d05c6d8200f6e6b1283df82d24d687adc47d9664

                                    SHA256

                                    e2b0c8e54983b6fcd847a891c5443cb321fb4f0c9106ec8ed6a37cab5ebcc81b

                                    SHA512

                                    28d62bbe394bc2300d60263971cdee15fa417c6fcc7e44ecd2b3b567821e99953377383d137b0827f3f904d30deb508732bcb77cd37d444032d6ffc25c60712e

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\AdditionalExecuteTL.exe
                                    Filesize

                                    1.8MB

                                    MD5

                                    aa4de04ccc16b74a4c2301da8d621ec1

                                    SHA1

                                    d05c6d8200f6e6b1283df82d24d687adc47d9664

                                    SHA256

                                    e2b0c8e54983b6fcd847a891c5443cb321fb4f0c9106ec8ed6a37cab5ebcc81b

                                    SHA512

                                    28d62bbe394bc2300d60263971cdee15fa417c6fcc7e44ecd2b3b567821e99953377383d137b0827f3f904d30deb508732bcb77cd37d444032d6ffc25c60712e

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\AdditionalExecuteTL.exe
                                    Filesize

                                    1.8MB

                                    MD5

                                    aa4de04ccc16b74a4c2301da8d621ec1

                                    SHA1

                                    d05c6d8200f6e6b1283df82d24d687adc47d9664

                                    SHA256

                                    e2b0c8e54983b6fcd847a891c5443cb321fb4f0c9106ec8ed6a37cab5ebcc81b

                                    SHA512

                                    28d62bbe394bc2300d60263971cdee15fa417c6fcc7e44ecd2b3b567821e99953377383d137b0827f3f904d30deb508732bcb77cd37d444032d6ffc25c60712e

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRZip.lmd
                                    Filesize

                                    1.7MB

                                    MD5

                                    1bbf5dd0b6ca80e4c7c77495c3f33083

                                    SHA1

                                    e0520037e60eb641ec04d1e814394c9da0a6a862

                                    SHA256

                                    bc6bd19ab0977ac794e18e2c82ace3116bf0537711a352638efd2d8d847c140b

                                    SHA512

                                    97bc810871868217f944bc5e60ab642f161c1f082bc9e4122094f10b4e309a6d96e3dd695553a20907cb8fea5aef4802f5a2f0a852328c1a1cd85944022abaab

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\Wow64.lmd
                                    Filesize

                                    97KB

                                    MD5

                                    da1d0cd400e0b6ad6415fd4d90f69666

                                    SHA1

                                    de9083d2902906cacf57259cf581b1466400b799

                                    SHA256

                                    7a79b049bdc3b6e4d101691888360f4f993098f3e3a8beefff4ac367430b1575

                                    SHA512

                                    f12f64670f158c2e846e78b7b5d191158268b45ecf3c288f02bbee15ae10c4a62e67fb3481da304ba99da2c68ac44d713a44a458ef359db329b6fef3d323382a

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
                                    Filesize

                                    1.3MB

                                    MD5

                                    7e08af319c9eb3297e09ca7bb8387de4

                                    SHA1

                                    4cf091f77a3eb9437ef33985e64bd10c1257284f

                                    SHA256

                                    6c006c982746826a613bc0f09890955a1cdca309d9d98572aed35ad782dd11c8

                                    SHA512

                                    bb7aaebd3f6c1ff18bd0cb9eb9347894f0785dc011ec9765d9bc180de9b60769c891151626fdef88aa3fd53ae6246c1cb91f723933da54920bfbc8a5a24f8851

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
                                    Filesize

                                    1.3MB

                                    MD5

                                    7e08af319c9eb3297e09ca7bb8387de4

                                    SHA1

                                    4cf091f77a3eb9437ef33985e64bd10c1257284f

                                    SHA256

                                    6c006c982746826a613bc0f09890955a1cdca309d9d98572aed35ad782dd11c8

                                    SHA512

                                    bb7aaebd3f6c1ff18bd0cb9eb9347894f0785dc011ec9765d9bc180de9b60769c891151626fdef88aa3fd53ae6246c1cb91f723933da54920bfbc8a5a24f8851

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
                                    Filesize

                                    1.3MB

                                    MD5

                                    7e08af319c9eb3297e09ca7bb8387de4

                                    SHA1

                                    4cf091f77a3eb9437ef33985e64bd10c1257284f

                                    SHA256

                                    6c006c982746826a613bc0f09890955a1cdca309d9d98572aed35ad782dd11c8

                                    SHA512

                                    bb7aaebd3f6c1ff18bd0cb9eb9347894f0785dc011ec9765d9bc180de9b60769c891151626fdef88aa3fd53ae6246c1cb91f723933da54920bfbc8a5a24f8851

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
                                    Filesize

                                    1.3MB

                                    MD5

                                    7e08af319c9eb3297e09ca7bb8387de4

                                    SHA1

                                    4cf091f77a3eb9437ef33985e64bd10c1257284f

                                    SHA256

                                    6c006c982746826a613bc0f09890955a1cdca309d9d98572aed35ad782dd11c8

                                    SHA512

                                    bb7aaebd3f6c1ff18bd0cb9eb9347894f0785dc011ec9765d9bc180de9b60769c891151626fdef88aa3fd53ae6246c1cb91f723933da54920bfbc8a5a24f8851

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
                                    Filesize

                                    1.3MB

                                    MD5

                                    7e08af319c9eb3297e09ca7bb8387de4

                                    SHA1

                                    4cf091f77a3eb9437ef33985e64bd10c1257284f

                                    SHA256

                                    6c006c982746826a613bc0f09890955a1cdca309d9d98572aed35ad782dd11c8

                                    SHA512

                                    bb7aaebd3f6c1ff18bd0cb9eb9347894f0785dc011ec9765d9bc180de9b60769c891151626fdef88aa3fd53ae6246c1cb91f723933da54920bfbc8a5a24f8851

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\lua5.1.dll
                                    Filesize

                                    326KB

                                    MD5

                                    80d93d38badecdd2b134fe4699721223

                                    SHA1

                                    e829e58091bae93bc64e0c6f9f0bac999cfda23d

                                    SHA256

                                    c572a6103af1526f97e708a229a532fd02100a52b949f721052107f1f55e0c59

                                    SHA512

                                    9f28073cc186b55ef64661c2e4f6fe1c112785a262b9d8e9a431703fdb1000f1d8cc0b2a3c153c822cfd48782ae945742ccb07beae4d6388d5d0b4df03103bd4

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe
                                    Filesize

                                    1.3MB

                                    MD5

                                    e801c5847f5f9d207db53aaaf5c6f3a2

                                    SHA1

                                    8e6818ce66555e2cca92e5c5f32551fb4a91645e

                                    SHA256

                                    196eb4b81988326f6b44b1efcc4fa7a31a289bcf3893a16c3db6f889aa439b03

                                    SHA512

                                    303ab54112fd38a36c10484037f8ff4eeadd0c6f7dde18cf4f3b7f64bf7f7756b30f634427be1cf596ec995f41923c8678040a9a06244129f2337a3fe2f9bab3

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe
                                    Filesize

                                    1.3MB

                                    MD5

                                    e801c5847f5f9d207db53aaaf5c6f3a2

                                    SHA1

                                    8e6818ce66555e2cca92e5c5f32551fb4a91645e

                                    SHA256

                                    196eb4b81988326f6b44b1efcc4fa7a31a289bcf3893a16c3db6f889aa439b03

                                    SHA512

                                    303ab54112fd38a36c10484037f8ff4eeadd0c6f7dde18cf4f3b7f64bf7f7756b30f634427be1cf596ec995f41923c8678040a9a06244129f2337a3fe2f9bab3

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe
                                    Filesize

                                    1.3MB

                                    MD5

                                    e801c5847f5f9d207db53aaaf5c6f3a2

                                    SHA1

                                    8e6818ce66555e2cca92e5c5f32551fb4a91645e

                                    SHA256

                                    196eb4b81988326f6b44b1efcc4fa7a31a289bcf3893a16c3db6f889aa439b03

                                    SHA512

                                    303ab54112fd38a36c10484037f8ff4eeadd0c6f7dde18cf4f3b7f64bf7f7756b30f634427be1cf596ec995f41923c8678040a9a06244129f2337a3fe2f9bab3

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe
                                    Filesize

                                    1.3MB

                                    MD5

                                    e801c5847f5f9d207db53aaaf5c6f3a2

                                    SHA1

                                    8e6818ce66555e2cca92e5c5f32551fb4a91645e

                                    SHA256

                                    196eb4b81988326f6b44b1efcc4fa7a31a289bcf3893a16c3db6f889aa439b03

                                    SHA512

                                    303ab54112fd38a36c10484037f8ff4eeadd0c6f7dde18cf4f3b7f64bf7f7756b30f634427be1cf596ec995f41923c8678040a9a06244129f2337a3fe2f9bab3

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe
                                    Filesize

                                    1.3MB

                                    MD5

                                    e801c5847f5f9d207db53aaaf5c6f3a2

                                    SHA1

                                    8e6818ce66555e2cca92e5c5f32551fb4a91645e

                                    SHA256

                                    196eb4b81988326f6b44b1efcc4fa7a31a289bcf3893a16c3db6f889aa439b03

                                    SHA512

                                    303ab54112fd38a36c10484037f8ff4eeadd0c6f7dde18cf4f3b7f64bf7f7756b30f634427be1cf596ec995f41923c8678040a9a06244129f2337a3fe2f9bab3

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\lua5.1.dll
                                    Filesize

                                    326KB

                                    MD5

                                    80d93d38badecdd2b134fe4699721223

                                    SHA1

                                    e829e58091bae93bc64e0c6f9f0bac999cfda23d

                                    SHA256

                                    c572a6103af1526f97e708a229a532fd02100a52b949f721052107f1f55e0c59

                                    SHA512

                                    9f28073cc186b55ef64661c2e4f6fe1c112785a262b9d8e9a431703fdb1000f1d8cc0b2a3c153c822cfd48782ae945742ccb07beae4d6388d5d0b4df03103bd4

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
                                    Filesize

                                    2.7MB

                                    MD5

                                    b72b15de237ef6315794e77a15056330

                                    SHA1

                                    f1e1ccd4da213a563ac4b69fa74f3fea0c9e5799

                                    SHA256

                                    6dc9f4de36e19e9b5ceab7043b00981040dfe5fcfce291e6dcbf661eba102352

                                    SHA512

                                    3031b4e678a459b7fef010cd60fd1ba782f1769ab113b3a61de8048befe2c75f6355638a5c9d9c64dbfdb9db494002b333fe55e250255457452772afcec939bf

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
                                    Filesize

                                    2.7MB

                                    MD5

                                    b72b15de237ef6315794e77a15056330

                                    SHA1

                                    f1e1ccd4da213a563ac4b69fa74f3fea0c9e5799

                                    SHA256

                                    6dc9f4de36e19e9b5ceab7043b00981040dfe5fcfce291e6dcbf661eba102352

                                    SHA512

                                    3031b4e678a459b7fef010cd60fd1ba782f1769ab113b3a61de8048befe2c75f6355638a5c9d9c64dbfdb9db494002b333fe55e250255457452772afcec939bf

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
                                    Filesize

                                    2.7MB

                                    MD5

                                    b72b15de237ef6315794e77a15056330

                                    SHA1

                                    f1e1ccd4da213a563ac4b69fa74f3fea0c9e5799

                                    SHA256

                                    6dc9f4de36e19e9b5ceab7043b00981040dfe5fcfce291e6dcbf661eba102352

                                    SHA512

                                    3031b4e678a459b7fef010cd60fd1ba782f1769ab113b3a61de8048befe2c75f6355638a5c9d9c64dbfdb9db494002b333fe55e250255457452772afcec939bf

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
                                    Filesize

                                    2.7MB

                                    MD5

                                    b72b15de237ef6315794e77a15056330

                                    SHA1

                                    f1e1ccd4da213a563ac4b69fa74f3fea0c9e5799

                                    SHA256

                                    6dc9f4de36e19e9b5ceab7043b00981040dfe5fcfce291e6dcbf661eba102352

                                    SHA512

                                    3031b4e678a459b7fef010cd60fd1ba782f1769ab113b3a61de8048befe2c75f6355638a5c9d9c64dbfdb9db494002b333fe55e250255457452772afcec939bf

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
                                    Filesize

                                    2.7MB

                                    MD5

                                    b72b15de237ef6315794e77a15056330

                                    SHA1

                                    f1e1ccd4da213a563ac4b69fa74f3fea0c9e5799

                                    SHA256

                                    6dc9f4de36e19e9b5ceab7043b00981040dfe5fcfce291e6dcbf661eba102352

                                    SHA512

                                    3031b4e678a459b7fef010cd60fd1ba782f1769ab113b3a61de8048befe2c75f6355638a5c9d9c64dbfdb9db494002b333fe55e250255457452772afcec939bf

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
                                    Filesize

                                    2.7MB

                                    MD5

                                    b72b15de237ef6315794e77a15056330

                                    SHA1

                                    f1e1ccd4da213a563ac4b69fa74f3fea0c9e5799

                                    SHA256

                                    6dc9f4de36e19e9b5ceab7043b00981040dfe5fcfce291e6dcbf661eba102352

                                    SHA512

                                    3031b4e678a459b7fef010cd60fd1ba782f1769ab113b3a61de8048befe2c75f6355638a5c9d9c64dbfdb9db494002b333fe55e250255457452772afcec939bf

                                    Download Submit

                                  • \Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
                                    Filesize

                                    2.7MB

                                    MD5

                                    b72b15de237ef6315794e77a15056330

                                    SHA1

                                    f1e1ccd4da213a563ac4b69fa74f3fea0c9e5799

                                    SHA256

                                    6dc9f4de36e19e9b5ceab7043b00981040dfe5fcfce291e6dcbf661eba102352

                                    SHA512

                                    3031b4e678a459b7fef010cd60fd1ba782f1769ab113b3a61de8048befe2c75f6355638a5c9d9c64dbfdb9db494002b333fe55e250255457452772afcec939bf

                                    Download Submit

                                  • memory/620-127-0x0000000000400000-0x0000000000908000-memory.dmp

                                    Filesize

                                    5.0MB

                                    Download

                                  • memory/644-342-0x000007FEFBCE1000-0x000007FEFBCE3000-memory.dmp

                                    Filesize

                                    8KB

                                    Download

                                  • memory/680-98-0x0000000002B70000-0x0000000002F58000-memory.dmp

                                    Filesize

                                    3.9MB

                                    Download

                                  • memory/680-99-0x0000000002B70000-0x0000000002F58000-memory.dmp

                                    Filesize

                                    3.9MB

                                    Download

                                  • memory/744-54-0x0000000075FB1000-0x0000000075FB3000-memory.dmp

                                    Filesize

                                    8KB

                                    Download

                                  • memory/744-66-0x0000000002D80000-0x0000000003168000-memory.dmp

                                    Filesize

                                    3.9MB

                                    Download

                                  • memory/744-73-0x0000000002D80000-0x0000000003168000-memory.dmp

                                    Filesize

                                    3.9MB

                                    Download

                                  • memory/744-64-0x0000000002D80000-0x0000000003168000-memory.dmp

                                    Filesize

                                    3.9MB

                                    Download

                                  • memory/744-65-0x0000000002D80000-0x0000000003168000-memory.dmp

                                    Filesize

                                    3.9MB

                                    Download

                                  • memory/852-691-0x000007FEFBCE1000-0x000007FEFBCE3000-memory.dmp

                                    Filesize

                                    8KB

                                    Download

                                  • memory/1140-116-0x0000000005530000-0x0000000005A38000-memory.dmp

                                    Filesize

                                    5.0MB

                                    Download

                                  • memory/1140-117-0x0000000000210000-0x00000000005F8000-memory.dmp

                                    Filesize

                                    3.9MB

                                    Download

                                  • memory/1140-100-0x0000000000210000-0x00000000005F8000-memory.dmp

                                    Filesize

                                    3.9MB

                                    Download

                                  • memory/1140-102-0x00000000029D0000-0x00000000029E0000-memory.dmp

                                    Filesize

                                    64KB

                                    Download

                                  • memory/1208-753-0x000007FEFBCE1000-0x000007FEFBCE3000-memory.dmp

                                    Filesize

                                    8KB

                                    Download

                                  • memory/1440-593-0x000007FEFBCE1000-0x000007FEFBCE3000-memory.dmp

                                    Filesize

                                    8KB

                                    Download

                                  • memory/1616-137-0x0000000003400000-0x0000000003908000-memory.dmp

                                    Filesize

                                    5.0MB

                                    Download

                                  • memory/1616-122-0x0000000002970000-0x0000000002E78000-memory.dmp

                                    Filesize

                                    5.0MB

                                    Download

                                  • memory/1616-121-0x0000000000400000-0x0000000000908000-memory.dmp

                                    Filesize

                                    5.0MB

                                    Download

                                  • memory/1616-182-0x0000000000400000-0x0000000000908000-memory.dmp

                                    Filesize

                                    5.0MB

                                    Download

                                  • memory/1616-160-0x0000000003880000-0x0000000003D88000-memory.dmp

                                    Filesize

                                    5.0MB

                                    Download

                                  • memory/1616-627-0x000007FEFBCE1000-0x000007FEFBCE3000-memory.dmp

                                    Filesize

                                    8KB

                                    Download

                                  • memory/1616-135-0x0000000003880000-0x0000000003D88000-memory.dmp

                                    Filesize

                                    5.0MB

                                    Download

                                  • memory/1632-167-0x000007FEFBCE1000-0x000007FEFBCE3000-memory.dmp

                                    Filesize

                                    8KB

                                    Download

                                  • memory/1936-72-0x0000000000390000-0x0000000000393000-memory.dmp

                                    Filesize

                                    12KB

                                    Download

                                  • memory/1936-74-0x0000000001140000-0x0000000001528000-memory.dmp

                                    Filesize

                                    3.9MB

                                    Download

                                  • memory/1936-71-0x0000000010000000-0x0000000010051000-memory.dmp

                                    Filesize

                                    324KB

                                    Download

                                  • memory/1936-67-0x0000000001140000-0x0000000001528000-memory.dmp

                                    Filesize

                                    3.9MB

                                    Download

                                  • memory/1936-83-0x0000000002DB0000-0x0000000002DC0000-memory.dmp

                                    Filesize

                                    64KB

                                    Download

                                  • memory/1936-147-0x0000000002DB0000-0x0000000002DC0000-memory.dmp

                                    Filesize

                                    64KB

                                    Download

                                  • memory/1956-403-0x000007FEFBCE1000-0x000007FEFBCE3000-memory.dmp

                                    Filesize

                                    8KB

                                    Download

                                  • memory/1976-180-0x0000000002470000-0x0000000002480000-memory.dmp

                                    Filesize

                                    64KB

                                    Download

                                  • memory/1984-184-0x0000000000400000-0x0000000000908000-memory.dmp

                                    Filesize

                                    5.0MB

                                    Download

                                  • memory/1984-123-0x0000000000400000-0x0000000000908000-memory.dmp

                                    Filesize

                                    5.0MB

                                    Download

                                  • memory/2016-176-0x0000000000400000-0x0000000000908000-memory.dmp

                                    Filesize

                                    5.0MB

                                    Download

                                  • memory/2016-143-0x0000000002980000-0x0000000002E88000-memory.dmp

                                    Filesize

                                    5.0MB

                                    Download

                                  • memory/2016-136-0x0000000000400000-0x0000000000908000-memory.dmp

                                    Filesize

                                    5.0MB

                                    Download

                                  • memory/2020-144-0x0000000000400000-0x0000000000908000-memory.dmp

                                    Filesize

                                    5.0MB

                                    Download

                                  • memory/2020-179-0x0000000000400000-0x0000000000908000-memory.dmp

                                    Filesize

                                    5.0MB

                                    Download

                                  • memory/2096-494-0x000007FEFBCE1000-0x000007FEFBCE3000-memory.dmp

                                    Filesize

                                    8KB

                                    Download

                                  • memory/2264-374-0x000007FEFBCE1000-0x000007FEFBCE3000-memory.dmp

                                    Filesize

                                    8KB

                                    Download

                                  • memory/2404-529-0x000007FEFBCE1000-0x000007FEFBCE3000-memory.dmp

                                    Filesize

                                    8KB

                                    Download

                                  • memory/2648-250-0x000007FEFBCE1000-0x000007FEFBCE3000-memory.dmp

                                    Filesize

                                    8KB

                                    Download

                                  • memory/2788-657-0x000007FEFBCE1000-0x000007FEFBCE3000-memory.dmp

                                    Filesize

                                    8KB

                                    Download

                                  • memory/2856-280-0x000007FEFBCE1000-0x000007FEFBCE3000-memory.dmp

                                    Filesize

                                    8KB

                                    Download

                                  • memory/2948-467-0x000007FEFBCE1000-0x000007FEFBCE3000-memory.dmp

                                    Filesize

                                    8KB

                                    Download

                                  • memory/3020-312-0x000007FEFBCE1000-0x000007FEFBCE3000-memory.dmp

                                    Filesize

                                    8KB

                                    Download