Overview

overview

8

Static

static

1

TLauncher-....6.exe

windows10-2004-x64

8

Resubmissions

03/02/2023, 00:48

230203-a55pnshd53 8

03/02/2023, 00:39

230203-az46yscf2t 8

31/01/2023, 20:06

230131-yvhzxsca3x 8

Analysis

  • max time kernel
    74s
  • max time network
    122s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-es
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-eslocale:es-esos:windows10-2004-x64systemwindows
  • submitted
    03/02/2023, 00:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TLauncher-2.871-Installer-1.0.6.exe

  • Size

    23.7MB

  • MD5

    49fb0f13cdb8d7cad1487889b6becced

  • SHA1

    b71d98ec45e6f7314f0e33106485beef99b2ee7c

  • SHA256

    7e49e00be1992fbc4ac14f2e5e3c05dccadf8fba3c3936357d8df7f146f5f0a3

  • SHA512

    639fa23294556bf77080d420e7e1b5b7c07a8b1e93897c36a4f8e398c1c58de9b91636420102e68f6957c768793797728664e32dc38aa68315746882b4ebe1d9

  • SSDEEP

    393216:XX921sp/n85Pfs/dQETVlOBbpFEj9GZ1GphRqV56Hpk7IXOzDnKI17fyV5:XN8s18hHExiTI3qqHp6zvKcfyV5

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Signatures

  • Downloads MZ/PE file
  • Checks computer location settings 2 TTPs 4 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 17 IoCs
  • Loads dropped DLL 13 IoCs
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Registers COM server for autorun 1 TTPs 3 IoCs
    persistence
  • UPX packed file 25 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Enumerates connected drives 3 TTPs 3 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Enumerates system info in registry 2 TTPs 2 IoCs
  • Modifies registry class 43 IoCs
  • Modifies system certificate store 2 TTPs 6 IoCs
    evasionspywaretrojan
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 22 IoCs
  • Suspicious use of SetWindowsHookEx 64 IoCs
  • Suspicious use of WriteProcessMemory 48 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\TLauncher-2.871-Installer-1.0.6.exe
    "C:\Users\Admin\AppData\Local\Temp\TLauncher-2.871-Installer-1.0.6.exe"
    1⤵
    • Checks computer location settings
    • Suspicious use of WriteProcessMemory
    PID:5060
    • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
      "C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe" __IRAOFF:1910546 "__IRAFN:C:\Users\Admin\AppData\Local\Temp\TLauncher-2.871-Installer-1.0.6.exe" "__IRCT:3" "__IRTSS:24870711" "__IRSID:S-1-5-21-2295526160-1155304984-640977766-1000"
      2⤵
      • Checks computer location settings
      • Executes dropped EXE
      • Loads dropped DLL
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:4428
      • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\AdditionalExecuteTL.exe
        "C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\AdditionalExecuteTL.exe" /S:C:\Users\Admin\AppData\Local\Temp\setuparguments.ini
        3⤵
        • Checks computer location settings
        • Executes dropped EXE
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:5020
        • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe
          "C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe" /S:C:\Users\Admin\AppData\Local\Temp\setuparguments.ini __IRAOFF:1816850 "__IRAFN:C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\AdditionalExecuteTL.exe" "__IRCT:3" "__IRTSS:1840872" "__IRSID:S-1-5-21-2295526160-1155304984-640977766-1000"
          4⤵
          • Checks computer location settings
          • Executes dropped EXE
          • Loads dropped DLL
          • Suspicious use of SetWindowsHookEx
          • Suspicious use of WriteProcessMemory
          PID:1468
          • C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
            "C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe" --silent --allusers=0
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            • Enumerates connected drives
            • Modifies system certificate store
            • Suspicious use of SetWindowsHookEx
            • Suspicious use of WriteProcessMemory
            PID:2356
            • C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
              C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=95.0.4635.25 --initial-client-data=0x340,0x344,0x348,0x31c,0x34c,0x6f45e428,0x6f45e438,0x6f45e444
              6⤵
              • Executes dropped EXE
              • Loads dropped DLL
              • Suspicious use of SetWindowsHookEx
              PID:1100
            • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera-installer-bro.exe
              "C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera-installer-bro.exe" --version
              6⤵
              • Executes dropped EXE
              • Loads dropped DLL
              • Suspicious use of SetWindowsHookEx
              PID:4244
            • C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
              "C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --installfolder="C:\Users\Admin\AppData\Local\Programs\Opera" --profile-folder --language=es --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --pin-additional-shortcuts=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --initial-pid=2356 --package-dir-prefix="C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_20230203014934" --session-guid=7bcd34bd-192f-4696-8d42-6d5c81c7340a --server-tracking-blob=NTk1MTUwNTlmYTM2MTdhNjk0OGY2YTgzMmIxYjVkOGE2YzI3ODlhMjYwODFkYmZhZDUxZGQ2YmM1ZTI4ODFiODp7ImNvdW50cnkiOiJJTiIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFTZXR1cC5leGUiLCJwcm9kdWN0Ijoib3BlcmEiLCJxdWVyeSI6Ii9vcGVyYS9zdGFibGUvd2luZG93cz91dG1fbWVkaXVtPWFwYiZ1dG1fc291cmNlPU1TVEwmdXRtX2NhbXBhaWduPU9wZXJhRGVza3RvcCIsInRpbWVzdGFtcCI6IjE2NzUzODUzNzIuMjg3MSIsInVzZXJhZ2VudCI6IlNldHVwIEZhY3RvcnkgOS4wIiwidXRtIjp7ImNhbXBhaWduIjoiT3BlcmFEZXNrdG9wIiwibWVkaXVtIjoiYXBiIiwic291cmNlIjoiTVNUTCJ9LCJ1dWlkIjoiNDRhOTBiMzYtNzM0YS00ZjI4LWJkMTktZjc4NmU0N2U4OWUwIn0= --silent --desktopshortcut=1 --wait-for-package --initial-proc-handle=AC05000000000000
              6⤵
              • Executes dropped EXE
              • Loads dropped DLL
              • Enumerates connected drives
              • Suspicious use of SetWindowsHookEx
              • Suspicious use of WriteProcessMemory
              PID:1672
              • C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
                C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=95.0.4635.25 --initial-client-data=0x34c,0x350,0x354,0x31c,0x358,0x6e93e428,0x6e93e438,0x6e93e444
                7⤵
                • Executes dropped EXE
                • Loads dropped DLL
                • Suspicious use of SetWindowsHookEx
                PID:3604
              • C:\Users\Admin\AppData\Local\Programs\Opera\95.0.4635.25\installer.exe
                "C:\Users\Admin\AppData\Local\Programs\Opera\95.0.4635.25\installer.exe" --backend --initial-pid=2356 --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --installfolder="C:\Users\Admin\AppData\Local\Programs\Opera" --profile-folder --language=es --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --pin-additional-shortcuts=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --package-dir="C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302030149341" --session-guid=7bcd34bd-192f-4696-8d42-6d5c81c7340a --server-tracking-blob=NTk1MTUwNTlmYTM2MTdhNjk0OGY2YTgzMmIxYjVkOGE2YzI3ODlhMjYwODFkYmZhZDUxZGQ2YmM1ZTI4ODFiODp7ImNvdW50cnkiOiJJTiIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFTZXR1cC5leGUiLCJwcm9kdWN0Ijoib3BlcmEiLCJxdWVyeSI6Ii9vcGVyYS9zdGFibGUvd2luZG93cz91dG1fbWVkaXVtPWFwYiZ1dG1fc291cmNlPU1TVEwmdXRtX2NhbXBhaWduPU9wZXJhRGVza3RvcCIsInRpbWVzdGFtcCI6IjE2NzUzODUzNzIuMjg3MSIsInVzZXJhZ2VudCI6IlNldHVwIEZhY3RvcnkgOS4wIiwidXRtIjp7ImNhbXBhaWduIjoiT3BlcmFEZXNrdG9wIiwibWVkaXVtIjoiYXBiIiwic291cmNlIjoiTVNUTCJ9LCJ1dWlkIjoiNDRhOTBiMzYtNzM0YS00ZjI4LWJkMTktZjc4NmU0N2U4OWUwIn0= --silent --desktopshortcut=1 --install-subfolder=95.0.4635.25
                7⤵
                • Executes dropped EXE
                • Loads dropped DLL
                • Registers COM server for autorun
                • Enumerates connected drives
                • Modifies registry class
                • Suspicious use of FindShellTrayWindow
                • Suspicious use of SendNotifyMessage
                • Suspicious use of SetWindowsHookEx
                • Suspicious use of WriteProcessMemory
                PID:1492
                • C:\Users\Admin\AppData\Local\Programs\Opera\95.0.4635.25\installer.exe
                  C:\Users\Admin\AppData\Local\Programs\Opera\95.0.4635.25\installer.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=95.0.4635.25 --initial-client-data=0x2b8,0x2bc,0x2c0,0x294,0x2c4,0x7ff8c3fea908,0x7ff8c3fea918,0x7ff8c3fea928
                  8⤵
                  • Executes dropped EXE
                  • Loads dropped DLL
                  • Suspicious use of SetWindowsHookEx
                  PID:3404
                • C:\Users\Admin\AppData\Local\Programs\Opera\launcher.exe
                  "C:\Users\Admin\AppData\Local\Programs\Opera\launcher.exe" --start-maximized
                  8⤵
                  • Executes dropped EXE
                  • Suspicious use of WriteProcessMemory
                  PID:4084
                  • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
                    "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --start-maximized --ran-launcher
                    9⤵
                    • Executes dropped EXE
                    • Loads dropped DLL
                    • Enumerates system info in registry
                    • Suspicious use of WriteProcessMemory
                    PID:4544
                    • C:\Users\Admin\AppData\Local\Programs\Opera\95.0.4635.25\opera_crashreporter.exe
                      C:\Users\Admin\AppData\Local\Programs\Opera\95.0.4635.25\opera_crashreporter.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=95.0.4635.25 --initial-client-data=0x2e4,0x2e8,0x2ec,0x2c0,0x2f0,0x7ff8bb1f1a18,0x7ff8bb1f1a28,0x7ff8bb1f1a38
                      10⤵
                      • Executes dropped EXE
                      PID:3832
                    • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
                      "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=gpu-process --start-stack-profiler --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:booking-modal=off --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=off --with-feature:installer-one-version-one-subfolder=off --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1652 --field-trial-handle=1936,i,9487607170593093618,12117746918455525125,131072 /prefetch:2
                      10⤵
                        PID:2788
                      • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
                        "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=es --service-sandbox-type=none --enable-quic --start-stack-profiler --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:booking-modal=off --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=off --with-feature:installer-one-version-one-subfolder=off --mojo-platform-channel-handle=2092 --field-trial-handle=1936,i,9487607170593093618,12117746918455525125,131072 /prefetch:8
                        10⤵
                          PID:4572
                • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302030149341\assistant\_sfx.exe
                  "C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302030149341\assistant\_sfx.exe"
                  6⤵
                  • Executes dropped EXE
                  • Suspicious use of SetWindowsHookEx
                  PID:4468
                • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302030149341\assistant\assistant_installer.exe
                  "C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302030149341\assistant\assistant_installer.exe" --version
                  6⤵
                  • Executes dropped EXE
                  • Suspicious use of SetWindowsHookEx
                  • Suspicious use of WriteProcessMemory
                  PID:2500
                  • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302030149341\assistant\assistant_installer.exe
                    "C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302030149341\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=94.0.4606.38 --initial-client-data=0x2f0,0x2f4,0x2f8,0x2cc,0x2fc,0x492dc0,0x492dd0,0x492ddc
                    7⤵
                    • Executes dropped EXE
                    • Suspicious use of SetWindowsHookEx
                    PID:1080
          • C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe
            "C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe"
            3⤵
            • Executes dropped EXE
            • Suspicious use of SetWindowsHookEx
            • Suspicious use of WriteProcessMemory
            PID:4364
            • C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe
              "C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe"
              4⤵
                PID:3344
        • C:\Windows\SysWOW64\DllHost.exe
          C:\Windows\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}
          1⤵
          • Suspicious use of SetWindowsHookEx
          PID:1804
        • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
          "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --start-maximized --ran-launcher --flag-switches-begin --flag-switches-end --enable-quic --lowered-browser
          1⤵
            PID:2908
            • C:\Users\Admin\AppData\Local\Programs\Opera\95.0.4635.25\opera_crashreporter.exe
              C:\Users\Admin\AppData\Local\Programs\Opera\95.0.4635.25\opera_crashreporter.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=95.0.4635.25 --initial-client-data=0x2e4,0x2e8,0x2ec,0x2c0,0x2f0,0x7ff8bb1f1a18,0x7ff8bb1f1a28,0x7ff8bb1f1a38
              2⤵
                PID:1080
              • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
                "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=gpu-process --start-stack-profiler --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:booking-modal=off --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=off --with-feature:installer-one-version-one-subfolder=off --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1720 --field-trial-handle=2004,i,1942534416873166671,17016392332198061881,131072 /prefetch:2
                2⤵
                  PID:4080
                • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
                  "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=es --service-sandbox-type=none --enable-quic --start-stack-profiler --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:booking-modal=off --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=off --with-feature:installer-one-version-one-subfolder=off --mojo-platform-channel-handle=1892 --field-trial-handle=2004,i,1942534416873166671,17016392332198061881,131072 /prefetch:8
                  2⤵
                    PID:4780
                  • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
                    "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=es --service-sandbox-type=service --enable-quic --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:booking-modal=off --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=off --with-feature:installer-one-version-one-subfolder=off --mojo-platform-channel-handle=2384 --field-trial-handle=2004,i,1942534416873166671,17016392332198061881,131072 /prefetch:8
                    2⤵
                      PID:4512
                    • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
                      "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=es --service-sandbox-type=service --enable-quic --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:booking-modal=off --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=off --with-feature:installer-one-version-one-subfolder=off --mojo-platform-channel-handle=3108 --field-trial-handle=2004,i,1942534416873166671,17016392332198061881,131072 /prefetch:8
                      2⤵
                        PID:4372
                      • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
                        "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=es --service-sandbox-type=service --enable-quic --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout-expanded=on --with-feature:booking-modal=off --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-maker-studio-integration=on --with-feature:gaming-api=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:partner-dropdown-suggestions-boost=on --with-feature:personalized-speeddials=on --with-feature:premium-valve-in=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-sync-banner=on --with-feature:tiktok-panel=off --with-feature:yandex-zen-iframe-scroll=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=off --with-feature:installer-one-version-one-subfolder=off --mojo-platform-channel-handle=3140 --field-trial-handle=2004,i,1942534416873166671,17016392332198061881,131072 /prefetch:8
                        2⤵
                          PID:2832
                      • C:\Windows\System32\GameBarPresenceWriter.exe
                        "C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
                        1⤵
                          PID:2584
                        • C:\Windows\system32\OpenWith.exe
                          C:\Windows\system32\OpenWith.exe -Embedding
                          1⤵
                            PID:4980

                          Network

                          MITRE ATT&CK Enterprise v6

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads

                          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_ADE4E4D3A3BCBCA5C39C54D362D88565
                            Filesize

                            471B

                            MD5

                            4038229605b21ba892ffb3b09b0464b5

                            SHA1

                            6000daff72e1059e2e17ac53cb9c591a71d550d4

                            SHA256

                            be703417a8d1c4bbf3f07e5283eec1ebd08a2ab9e7b2b2f5e51e7d7ba70bc142

                            SHA512

                            3835eb7f77602d56c8cc4e70431ee02b30d4e18507c70039a3225d2d097dfee2baed4bf038b7977ca21b5def862360dd59f4f69bba43add937ae0dc34c8c67c6

                            Download Submit

                          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_ADE4E4D3A3BCBCA5C39C54D362D88565
                            Filesize

                            434B

                            MD5

                            2006fe7bd90ba01957dbfb02aa76eb8f

                            SHA1

                            764196cb3a6653c53f839840f3ed979a986b47ab

                            SHA256

                            8fd85ff32f5e554337d19180a9d4f04abd68db0dcab2664f2cfb3b35a8994ec9

                            SHA512

                            6fd7ff131d2ab7e487af09d109340e01e47b60112a42efed0fc37eac56e4d5257df7521a1398a855a57eecbdec1deaf74f9c1304a7281cf2d7c58da088a62e07

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Programs\Opera\95.0.4635.25\installer.exe
                            Filesize

                            6.2MB

                            MD5

                            a33e62d3b0534ee26944f30f501843fe

                            SHA1

                            806718f157ef9782339efc43957fe504f1e22f79

                            SHA256

                            b3af95c038e9e2b53ddf0fa747b6866ba433c796f7e6906551969d897b438954

                            SHA512

                            582450d82a25e3a7e4b2cee9db11658c2219c8b671b365c2e6a76e146cf9cad6d49e4e04c5dd0a11ca1d7be6bed8731eb54df4c11a2f42c7c3c59fb62bf29975

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Programs\Opera\95.0.4635.25\installer.exe
                            Filesize

                            6.2MB

                            MD5

                            a33e62d3b0534ee26944f30f501843fe

                            SHA1

                            806718f157ef9782339efc43957fe504f1e22f79

                            SHA256

                            b3af95c038e9e2b53ddf0fa747b6866ba433c796f7e6906551969d897b438954

                            SHA512

                            582450d82a25e3a7e4b2cee9db11658c2219c8b671b365c2e6a76e146cf9cad6d49e4e04c5dd0a11ca1d7be6bed8731eb54df4c11a2f42c7c3c59fb62bf29975

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Programs\Opera\95.0.4635.25\opera_browser.dll
                            Filesize

                            15.1MB

                            MD5

                            aadfcc32cfd95ac4580482863fa8a001

                            SHA1

                            7bfc1e1bcb963327a85c2a42eac7de18590ddc01

                            SHA256

                            a3b619bb91000ef025d2bcbc917eb8a96023c95717f08fadd2a6c7e82ac6815a

                            SHA512

                            0f876554343fe6f7305bf6f927b51ebd2dfbb820ec9b3065b7ed6cacde418d3cb1e02fef4b02c78c21203549edf6aea98b379b2bd791f73bf89e3c931e2e075b

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Programs\Opera\95.0.4635.25\opera_browser.dll
                            Filesize

                            16.9MB

                            MD5

                            0548030fa4aa7feaf84f71acdd420d66

                            SHA1

                            f3490eedd26bab159388f567f300b0c87b3d3f4d

                            SHA256

                            bcb0e9f722f671f1ea7d96caa309785bd124a934e51d27a28a2c548147bb893e

                            SHA512

                            36ce1442b8731b912b7f9e70a512878de3f8cc3f9d195be46d17d625a9ec48cd7866e62cf616843a29fcbfd63468bebf4ad020b8507942a441a57918cd0aa9b7

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Programs\Opera\95.0.4635.25\opera_crashreporter.exe
                            Filesize

                            2.3MB

                            MD5

                            546223401773f16e10d8b01d72d9f7ee

                            SHA1

                            31f2d388de6c3db5eaedf31686b6b5520459fda6

                            SHA256

                            3b5f31eb9627de3f05466b337b6cf3efd47f4a28c069b80128b3b1f8a3e5c253

                            SHA512

                            0972c8bb6403a90f5801e5b6eb11cc5ee3ce98320dbfa75f9c33478253e8fb23fa4d700f9e20ac770d0f45a1420b4dc8c2e18b176eeb1e33c126f08fb36dc670

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Programs\Opera\95.0.4635.25\opera_elf.dll
                            Filesize

                            1.1MB

                            MD5

                            4382dc71fcb29a3536effbc75fb47414

                            SHA1

                            2fe0dbfea8a4853a83f47d169331af9dbd21a689

                            SHA256

                            9ce89f5ac296e6714fa3ea34c31c1770fe102e55d0a630963344609d8f9c4cc1

                            SHA512

                            c37e3810f18fed9be60936be5d2285867c9842ad1c49c18b80bea674aa08334eeaf7d53efa4d11bf2abf52701a275c91985a9cb2ca5fdbf6daec66d69b92b1ea

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Programs\Opera\95.0.4635.25\opera_elf.dll
                            Filesize

                            1.1MB

                            MD5

                            4382dc71fcb29a3536effbc75fb47414

                            SHA1

                            2fe0dbfea8a4853a83f47d169331af9dbd21a689

                            SHA256

                            9ce89f5ac296e6714fa3ea34c31c1770fe102e55d0a630963344609d8f9c4cc1

                            SHA512

                            c37e3810f18fed9be60936be5d2285867c9842ad1c49c18b80bea674aa08334eeaf7d53efa4d11bf2abf52701a275c91985a9cb2ca5fdbf6daec66d69b92b1ea

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Programs\Opera\95.0.4635.25\opera_elf.dll
                            Filesize

                            1.1MB

                            MD5

                            4382dc71fcb29a3536effbc75fb47414

                            SHA1

                            2fe0dbfea8a4853a83f47d169331af9dbd21a689

                            SHA256

                            9ce89f5ac296e6714fa3ea34c31c1770fe102e55d0a630963344609d8f9c4cc1

                            SHA512

                            c37e3810f18fed9be60936be5d2285867c9842ad1c49c18b80bea674aa08334eeaf7d53efa4d11bf2abf52701a275c91985a9cb2ca5fdbf6daec66d69b92b1ea

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Programs\Opera\installation_status.json
                            Filesize

                            11KB

                            MD5

                            e30ff11755716768b2d17525be07c0a4

                            SHA1

                            94f0e9f9cef3ac00733d2daa312a8156d9e8601b

                            SHA256

                            41d2375a15307602f14d04c22c1632dd8198b5bb371c61709fe67ab8cb0c3a64

                            SHA512

                            6a75204f63360cc05b2c8011dd7719b7392635ef6e5adde45f3f9d161c18d4b7bbe33ed6082eea8d64bca2d88cac245b9d69f2290102facabb432188bfd4db43

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Programs\Opera\installer_prefs.json
                            Filesize

                            1KB

                            MD5

                            e0ff554cc1a82ff4407cba906d0ee0f5

                            SHA1

                            bfb96a4c664e06f046e0ddc9f4ca610aa6fdfbd3

                            SHA256

                            20b4c2a5b880f44b6b5d837c63897a2e473242958ce7486184e6d4871ae2db79

                            SHA512

                            d80124bd29dd504149201a950eb0adaeb28366b07dbe19fceb8e86e5c98098be45647deea4ca3b47208acea55da1d5bcd957c040c728db2ed3760fa151c75ed0

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Programs\Opera\launcher.exe
                            Filesize

                            2.5MB

                            MD5

                            71b46d82ffdb677df400d915f401918c

                            SHA1

                            d8af66d938741da7a1d803c815fedbea1e2114eb

                            SHA256

                            ada3823a6e9eb6fc51e986cd606129f43bfb3f87a1c7103e581e1cabe5d4f196

                            SHA512

                            29e4ae7f510e811ab251e2d406d37d51523a221b0b7504201ed3b4878be2dacd63bce3c26506706418f2e3372a2af0b788784e6859e11ce83e5978019422963d

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Programs\Opera\launcher.exe
                            Filesize

                            2.5MB

                            MD5

                            71b46d82ffdb677df400d915f401918c

                            SHA1

                            d8af66d938741da7a1d803c815fedbea1e2114eb

                            SHA256

                            ada3823a6e9eb6fc51e986cd606129f43bfb3f87a1c7103e581e1cabe5d4f196

                            SHA512

                            29e4ae7f510e811ab251e2d406d37d51523a221b0b7504201ed3b4878be2dacd63bce3c26506706418f2e3372a2af0b788784e6859e11ce83e5978019422963d

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
                            Filesize

                            1.5MB

                            MD5

                            ef2789f47e2fec7d2ef1845d3a453ace

                            SHA1

                            cb4dc554065b7b2de21feddcf17bf4eb74351fdc

                            SHA256

                            77ee5ccb31effa5bde0b1433d2b5899618b8c4c368c5a7664b68bd25ba363d71

                            SHA512

                            838dcaf54dbf0b8f599e91b6bfe8b3c9fb5d427c8b62b4bac61d68084ef2c23acfec9dc5db56344e909b29431f5ca8f85ee4d56fffb7979b461b9cd75f0940aa

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
                            Filesize

                            1.5MB

                            MD5

                            ef2789f47e2fec7d2ef1845d3a453ace

                            SHA1

                            cb4dc554065b7b2de21feddcf17bf4eb74351fdc

                            SHA256

                            77ee5ccb31effa5bde0b1433d2b5899618b8c4c368c5a7664b68bd25ba363d71

                            SHA512

                            838dcaf54dbf0b8f599e91b6bfe8b3c9fb5d427c8b62b4bac61d68084ef2c23acfec9dc5db56344e909b29431f5ca8f85ee4d56fffb7979b461b9cd75f0940aa

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
                            Filesize

                            1.5MB

                            MD5

                            ef2789f47e2fec7d2ef1845d3a453ace

                            SHA1

                            cb4dc554065b7b2de21feddcf17bf4eb74351fdc

                            SHA256

                            77ee5ccb31effa5bde0b1433d2b5899618b8c4c368c5a7664b68bd25ba363d71

                            SHA512

                            838dcaf54dbf0b8f599e91b6bfe8b3c9fb5d427c8b62b4bac61d68084ef2c23acfec9dc5db56344e909b29431f5ca8f85ee4d56fffb7979b461b9cd75f0940aa

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe
                            Filesize

                            1.5MB

                            MD5

                            ef2789f47e2fec7d2ef1845d3a453ace

                            SHA1

                            cb4dc554065b7b2de21feddcf17bf4eb74351fdc

                            SHA256

                            77ee5ccb31effa5bde0b1433d2b5899618b8c4c368c5a7664b68bd25ba363d71

                            SHA512

                            838dcaf54dbf0b8f599e91b6bfe8b3c9fb5d427c8b62b4bac61d68084ef2c23acfec9dc5db56344e909b29431f5ca8f85ee4d56fffb7979b461b9cd75f0940aa

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Programs\Opera\pref_default_overrides
                            Filesize

                            57B

                            MD5

                            f488c9f9d9d5e631484d4bf155f45442

                            SHA1

                            0f0e624770e47bea5186748a9de85c677dd84fa7

                            SHA256

                            e6f214ff5ccbbe6e7abcf309138cdcb46d3fe3915e9bbbe8dd3c15afb439f708

                            SHA512

                            d72d1daa86e650a0589f6991f7a7bb3b7ca3484d49bc0d0d703b28b8f399f3123df2bf3c949a899fab55bde7d888736f655e462e2cd02ade59bbf9e67df54064

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera-installer-bro.exe
                            Filesize

                            2.7MB

                            MD5

                            9cbefccac5dd0ad57aeff45fe8dcb0ea

                            SHA1

                            67fd7def906e32e1cbacaa4b2b2b658892bf31ed

                            SHA256

                            003d3d04797a3458f4a95fe0a5fad9fa527cbd2557b7beb999a5681d4c85e884

                            SHA512

                            aaefceffe59178f845f699a152eb55169d3a6e5de34c2ab3c83a69aa6aee0d0a82dcd4cbc94656030171774e13ad6b86c8418493438bba2fd5d3349065f33049

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera-installer-bro.exe
                            Filesize

                            2.7MB

                            MD5

                            9cbefccac5dd0ad57aeff45fe8dcb0ea

                            SHA1

                            67fd7def906e32e1cbacaa4b2b2b658892bf31ed

                            SHA256

                            003d3d04797a3458f4a95fe0a5fad9fa527cbd2557b7beb999a5681d4c85e884

                            SHA512

                            aaefceffe59178f845f699a152eb55169d3a6e5de34c2ab3c83a69aa6aee0d0a82dcd4cbc94656030171774e13ad6b86c8418493438bba2fd5d3349065f33049

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302030149341\assistant\_sfx.exe
                            Filesize

                            1.7MB

                            MD5

                            0238df215bf6943892daf85de8ad433a

                            SHA1

                            3d905e4e2c0e9170df61b7a199321847691f945e

                            SHA256

                            a7818aca6acbe347df13d51d9750f6a852c5aa2a58580f7f2015113e0a3e06d7

                            SHA512

                            fc6c12e359b9a4ce84ef878f29648a4c97c38fd12ed80996c5e03829833220010fff9c751a99f399dad3529bda6438424194ed18236addfbe430343807aaad69

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302030149341\assistant\_sfx.exe
                            Filesize

                            1.7MB

                            MD5

                            0238df215bf6943892daf85de8ad433a

                            SHA1

                            3d905e4e2c0e9170df61b7a199321847691f945e

                            SHA256

                            a7818aca6acbe347df13d51d9750f6a852c5aa2a58580f7f2015113e0a3e06d7

                            SHA512

                            fc6c12e359b9a4ce84ef878f29648a4c97c38fd12ed80996c5e03829833220010fff9c751a99f399dad3529bda6438424194ed18236addfbe430343807aaad69

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302030149341\assistant\assistant_installer.exe
                            Filesize

                            2.1MB

                            MD5

                            9df6e2fbb7e38964f35016bf91ef7424

                            SHA1

                            d0c1266dc46814bc6165cf6a69e90581228989a7

                            SHA256

                            3573825f31875d403832de8e06aabc2adbdf0c5279d80ea62dfcb1f159f06c1d

                            SHA512

                            b14c2224ae10c80429205a39791745b1627c1a487176c06aa105d0689e77fb0b86427e1a7d5aef5d06460070b3df4ebea41db67d54e221ea25979b3bb5318d3e

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302030149341\assistant\assistant_installer.exe
                            Filesize

                            2.1MB

                            MD5

                            9df6e2fbb7e38964f35016bf91ef7424

                            SHA1

                            d0c1266dc46814bc6165cf6a69e90581228989a7

                            SHA256

                            3573825f31875d403832de8e06aabc2adbdf0c5279d80ea62dfcb1f159f06c1d

                            SHA512

                            b14c2224ae10c80429205a39791745b1627c1a487176c06aa105d0689e77fb0b86427e1a7d5aef5d06460070b3df4ebea41db67d54e221ea25979b3bb5318d3e

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302030149341\assistant\assistant_installer.exe
                            Filesize

                            2.1MB

                            MD5

                            9df6e2fbb7e38964f35016bf91ef7424

                            SHA1

                            d0c1266dc46814bc6165cf6a69e90581228989a7

                            SHA256

                            3573825f31875d403832de8e06aabc2adbdf0c5279d80ea62dfcb1f159f06c1d

                            SHA512

                            b14c2224ae10c80429205a39791745b1627c1a487176c06aa105d0689e77fb0b86427e1a7d5aef5d06460070b3df4ebea41db67d54e221ea25979b3bb5318d3e

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302030149341\installer_prefs_include.json
                            Filesize

                            1KB

                            MD5

                            ddb372f1a196ea6ee1c59a21bae3a299

                            SHA1

                            90d7fc15564210a7188f49b608af46e3d2e8c2ef

                            SHA256

                            09b276292bd7ebfc8cd3c4eebca1763fc2e276d585aa8e9bcd91f8ceee743686

                            SHA512

                            cf25a94ed02e7a4cde6dda5a4365e9d5fe6b2e7903675caf2f1995de7275af3913122c0e9c984c533464a28986f9f02949653558d58d7bf4255aeee3b4fea499

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302030149341\installer_prefs_include.json.backup
                            Filesize

                            1KB

                            MD5

                            ddb372f1a196ea6ee1c59a21bae3a299

                            SHA1

                            90d7fc15564210a7188f49b608af46e3d2e8c2ef

                            SHA256

                            09b276292bd7ebfc8cd3c4eebca1763fc2e276d585aa8e9bcd91f8ceee743686

                            SHA512

                            cf25a94ed02e7a4cde6dda5a4365e9d5fe6b2e7903675caf2f1995de7275af3913122c0e9c984c533464a28986f9f02949653558d58d7bf4255aeee3b4fea499

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302030149341\opera_package
                            Filesize

                            86.8MB

                            MD5

                            7f98c2aa3a2b1a46caf94752d2e73907

                            SHA1

                            105b7b96c23d403008f603a1e3cc4c7162884fe3

                            SHA256

                            8f85c61fe1ca76f4c8e2dcb5f51758de73c85d25817cfab70540fa193d3ee417

                            SHA512

                            57f46f5af493f73472f7c664f12156cf8e18126a3f91e4c313d1ec185c78dad9301e09db38396cf811ada24eecd01b4b705384ca61da5f640c7ad38f3860b1e0

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202302030149341\pref_default_overrides
                            Filesize

                            57B

                            MD5

                            f488c9f9d9d5e631484d4bf155f45442

                            SHA1

                            0f0e624770e47bea5186748a9de85c677dd84fa7

                            SHA256

                            e6f214ff5ccbbe6e7abcf309138cdcb46d3fe3915e9bbbe8dd3c15afb439f708

                            SHA512

                            d72d1daa86e650a0589f6991f7a7bb3b7ca3484d49bc0d0d703b28b8f399f3123df2bf3c949a899fab55bde7d888736f655e462e2cd02ade59bbf9e67df54064

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\Opera_installer_2302030149322402356.dll
                            Filesize

                            4.6MB

                            MD5

                            914ec7fb3d69e977440248ef30323636

                            SHA1

                            2aa31e599769f34d0cb6e979947ca5728db9b009

                            SHA256

                            528117e7c698fbe7ad3036aef77f99ab8af74316def7a4ba60f738c40168c203

                            SHA512

                            ff62901ffe79bbc8ffe6cce3efc8f13e71f13a41772b8d0180614b6ba80d5b9db1094a97cf3d239057dca2efdd7b0adc217f3ddce5111267c50ec9d0d1125b3a

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\Opera_installer_2302030149328181100.dll
                            Filesize

                            4.6MB

                            MD5

                            914ec7fb3d69e977440248ef30323636

                            SHA1

                            2aa31e599769f34d0cb6e979947ca5728db9b009

                            SHA256

                            528117e7c698fbe7ad3036aef77f99ab8af74316def7a4ba60f738c40168c203

                            SHA512

                            ff62901ffe79bbc8ffe6cce3efc8f13e71f13a41772b8d0180614b6ba80d5b9db1094a97cf3d239057dca2efdd7b0adc217f3ddce5111267c50ec9d0d1125b3a

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\Opera_installer_2302030149344444244.dll
                            Filesize

                            4.6MB

                            MD5

                            914ec7fb3d69e977440248ef30323636

                            SHA1

                            2aa31e599769f34d0cb6e979947ca5728db9b009

                            SHA256

                            528117e7c698fbe7ad3036aef77f99ab8af74316def7a4ba60f738c40168c203

                            SHA512

                            ff62901ffe79bbc8ffe6cce3efc8f13e71f13a41772b8d0180614b6ba80d5b9db1094a97cf3d239057dca2efdd7b0adc217f3ddce5111267c50ec9d0d1125b3a

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\Opera_installer_2302030149347401672.dll
                            Filesize

                            4.6MB

                            MD5

                            914ec7fb3d69e977440248ef30323636

                            SHA1

                            2aa31e599769f34d0cb6e979947ca5728db9b009

                            SHA256

                            528117e7c698fbe7ad3036aef77f99ab8af74316def7a4ba60f738c40168c203

                            SHA512

                            ff62901ffe79bbc8ffe6cce3efc8f13e71f13a41772b8d0180614b6ba80d5b9db1094a97cf3d239057dca2efdd7b0adc217f3ddce5111267c50ec9d0d1125b3a

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\Opera_installer_2302030149366623604.dll
                            Filesize

                            4.6MB

                            MD5

                            914ec7fb3d69e977440248ef30323636

                            SHA1

                            2aa31e599769f34d0cb6e979947ca5728db9b009

                            SHA256

                            528117e7c698fbe7ad3036aef77f99ab8af74316def7a4ba60f738c40168c203

                            SHA512

                            ff62901ffe79bbc8ffe6cce3efc8f13e71f13a41772b8d0180614b6ba80d5b9db1094a97cf3d239057dca2efdd7b0adc217f3ddce5111267c50ec9d0d1125b3a

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\Opera_installer_2302030150059061492.dll
                            Filesize

                            5.5MB

                            MD5

                            1c7944977fab5254479a6ea6a09ee144

                            SHA1

                            1351d08d36b3d1ea8bced9041486630b701ea7a0

                            SHA256

                            2f48658421e22346a005d01a92f63aa32a621e885ac93717c3726818725b7773

                            SHA512

                            868a0a614c326e4a52b95de26bcde8e99e173158d093a3a3cfb2f59079bf06e41c03c5bf1cc2541673677db03b9abeb150842d12c4665e973b9f5bb2e0894646

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\Opera_installer_2302030150067353404.dll
                            Filesize

                            5.5MB

                            MD5

                            1c7944977fab5254479a6ea6a09ee144

                            SHA1

                            1351d08d36b3d1ea8bced9041486630b701ea7a0

                            SHA256

                            2f48658421e22346a005d01a92f63aa32a621e885ac93717c3726818725b7773

                            SHA512

                            868a0a614c326e4a52b95de26bcde8e99e173158d093a3a3cfb2f59079bf06e41c03c5bf1cc2541673677db03b9abeb150842d12c4665e973b9f5bb2e0894646

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\AdditionalExecuteTL.exe
                            Filesize

                            1.8MB

                            MD5

                            aa4de04ccc16b74a4c2301da8d621ec1

                            SHA1

                            d05c6d8200f6e6b1283df82d24d687adc47d9664

                            SHA256

                            e2b0c8e54983b6fcd847a891c5443cb321fb4f0c9106ec8ed6a37cab5ebcc81b

                            SHA512

                            28d62bbe394bc2300d60263971cdee15fa417c6fcc7e44ecd2b3b567821e99953377383d137b0827f3f904d30deb508732bcb77cd37d444032d6ffc25c60712e

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\AdditionalExecuteTL.exe
                            Filesize

                            1.8MB

                            MD5

                            aa4de04ccc16b74a4c2301da8d621ec1

                            SHA1

                            d05c6d8200f6e6b1283df82d24d687adc47d9664

                            SHA256

                            e2b0c8e54983b6fcd847a891c5443cb321fb4f0c9106ec8ed6a37cab5ebcc81b

                            SHA512

                            28d62bbe394bc2300d60263971cdee15fa417c6fcc7e44ecd2b3b567821e99953377383d137b0827f3f904d30deb508732bcb77cd37d444032d6ffc25c60712e

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRZip.lmd
                            Filesize

                            1.7MB

                            MD5

                            1bbf5dd0b6ca80e4c7c77495c3f33083

                            SHA1

                            e0520037e60eb641ec04d1e814394c9da0a6a862

                            SHA256

                            bc6bd19ab0977ac794e18e2c82ace3116bf0537711a352638efd2d8d847c140b

                            SHA512

                            97bc810871868217f944bc5e60ab642f161c1f082bc9e4122094f10b4e309a6d96e3dd695553a20907cb8fea5aef4802f5a2f0a852328c1a1cd85944022abaab

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\Wow64.lmd
                            Filesize

                            97KB

                            MD5

                            da1d0cd400e0b6ad6415fd4d90f69666

                            SHA1

                            de9083d2902906cacf57259cf581b1466400b799

                            SHA256

                            7a79b049bdc3b6e4d101691888360f4f993098f3e3a8beefff4ac367430b1575

                            SHA512

                            f12f64670f158c2e846e78b7b5d191158268b45ecf3c288f02bbee15ae10c4a62e67fb3481da304ba99da2c68ac44d713a44a458ef359db329b6fef3d323382a

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
                            Filesize

                            1.3MB

                            MD5

                            ec4efe0ebb80b619737bd26180cc76cc

                            SHA1

                            7fd72c0eb6bee289e4b2714cf1fb8c197754811b

                            SHA256

                            b1501df2280c557ad1535a504bd43c25611c168fd543008b7949c03b29e70547

                            SHA512

                            384ae150773cf07322c614459db9db98e1995f6b185579c7b56763ed0352e043f51d0e840f94ac3e832a1378452f090b68ee281c437b16da3762974723e64e1a

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
                            Filesize

                            1.3MB

                            MD5

                            ec4efe0ebb80b619737bd26180cc76cc

                            SHA1

                            7fd72c0eb6bee289e4b2714cf1fb8c197754811b

                            SHA256

                            b1501df2280c557ad1535a504bd43c25611c168fd543008b7949c03b29e70547

                            SHA512

                            384ae150773cf07322c614459db9db98e1995f6b185579c7b56763ed0352e043f51d0e840f94ac3e832a1378452f090b68ee281c437b16da3762974723e64e1a

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\lua5.1.dll
                            Filesize

                            326KB

                            MD5

                            80d93d38badecdd2b134fe4699721223

                            SHA1

                            e829e58091bae93bc64e0c6f9f0bac999cfda23d

                            SHA256

                            c572a6103af1526f97e708a229a532fd02100a52b949f721052107f1f55e0c59

                            SHA512

                            9f28073cc186b55ef64661c2e4f6fe1c112785a262b9d8e9a431703fdb1000f1d8cc0b2a3c153c822cfd48782ae945742ccb07beae4d6388d5d0b4df03103bd4

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\lua5.1.dll
                            Filesize

                            326KB

                            MD5

                            80d93d38badecdd2b134fe4699721223

                            SHA1

                            e829e58091bae93bc64e0c6f9f0bac999cfda23d

                            SHA256

                            c572a6103af1526f97e708a229a532fd02100a52b949f721052107f1f55e0c59

                            SHA512

                            9f28073cc186b55ef64661c2e4f6fe1c112785a262b9d8e9a431703fdb1000f1d8cc0b2a3c153c822cfd48782ae945742ccb07beae4d6388d5d0b4df03103bd4

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe
                            Filesize

                            1.3MB

                            MD5

                            e801c5847f5f9d207db53aaaf5c6f3a2

                            SHA1

                            8e6818ce66555e2cca92e5c5f32551fb4a91645e

                            SHA256

                            196eb4b81988326f6b44b1efcc4fa7a31a289bcf3893a16c3db6f889aa439b03

                            SHA512

                            303ab54112fd38a36c10484037f8ff4eeadd0c6f7dde18cf4f3b7f64bf7f7756b30f634427be1cf596ec995f41923c8678040a9a06244129f2337a3fe2f9bab3

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe
                            Filesize

                            1.3MB

                            MD5

                            e801c5847f5f9d207db53aaaf5c6f3a2

                            SHA1

                            8e6818ce66555e2cca92e5c5f32551fb4a91645e

                            SHA256

                            196eb4b81988326f6b44b1efcc4fa7a31a289bcf3893a16c3db6f889aa439b03

                            SHA512

                            303ab54112fd38a36c10484037f8ff4eeadd0c6f7dde18cf4f3b7f64bf7f7756b30f634427be1cf596ec995f41923c8678040a9a06244129f2337a3fe2f9bab3

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\lua5.1.dll
                            Filesize

                            326KB

                            MD5

                            80d93d38badecdd2b134fe4699721223

                            SHA1

                            e829e58091bae93bc64e0c6f9f0bac999cfda23d

                            SHA256

                            c572a6103af1526f97e708a229a532fd02100a52b949f721052107f1f55e0c59

                            SHA512

                            9f28073cc186b55ef64661c2e4f6fe1c112785a262b9d8e9a431703fdb1000f1d8cc0b2a3c153c822cfd48782ae945742ccb07beae4d6388d5d0b4df03103bd4

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\lua5.1.dll
                            Filesize

                            326KB

                            MD5

                            80d93d38badecdd2b134fe4699721223

                            SHA1

                            e829e58091bae93bc64e0c6f9f0bac999cfda23d

                            SHA256

                            c572a6103af1526f97e708a229a532fd02100a52b949f721052107f1f55e0c59

                            SHA512

                            9f28073cc186b55ef64661c2e4f6fe1c112785a262b9d8e9a431703fdb1000f1d8cc0b2a3c153c822cfd48782ae945742ccb07beae4d6388d5d0b4df03103bd4

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
                            Filesize

                            2.7MB

                            MD5

                            9cbefccac5dd0ad57aeff45fe8dcb0ea

                            SHA1

                            67fd7def906e32e1cbacaa4b2b2b658892bf31ed

                            SHA256

                            003d3d04797a3458f4a95fe0a5fad9fa527cbd2557b7beb999a5681d4c85e884

                            SHA512

                            aaefceffe59178f845f699a152eb55169d3a6e5de34c2ab3c83a69aa6aee0d0a82dcd4cbc94656030171774e13ad6b86c8418493438bba2fd5d3349065f33049

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
                            Filesize

                            2.7MB

                            MD5

                            9cbefccac5dd0ad57aeff45fe8dcb0ea

                            SHA1

                            67fd7def906e32e1cbacaa4b2b2b658892bf31ed

                            SHA256

                            003d3d04797a3458f4a95fe0a5fad9fa527cbd2557b7beb999a5681d4c85e884

                            SHA512

                            aaefceffe59178f845f699a152eb55169d3a6e5de34c2ab3c83a69aa6aee0d0a82dcd4cbc94656030171774e13ad6b86c8418493438bba2fd5d3349065f33049

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
                            Filesize

                            2.7MB

                            MD5

                            9cbefccac5dd0ad57aeff45fe8dcb0ea

                            SHA1

                            67fd7def906e32e1cbacaa4b2b2b658892bf31ed

                            SHA256

                            003d3d04797a3458f4a95fe0a5fad9fa527cbd2557b7beb999a5681d4c85e884

                            SHA512

                            aaefceffe59178f845f699a152eb55169d3a6e5de34c2ab3c83a69aa6aee0d0a82dcd4cbc94656030171774e13ad6b86c8418493438bba2fd5d3349065f33049

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
                            Filesize

                            2.7MB

                            MD5

                            9cbefccac5dd0ad57aeff45fe8dcb0ea

                            SHA1

                            67fd7def906e32e1cbacaa4b2b2b658892bf31ed

                            SHA256

                            003d3d04797a3458f4a95fe0a5fad9fa527cbd2557b7beb999a5681d4c85e884

                            SHA512

                            aaefceffe59178f845f699a152eb55169d3a6e5de34c2ab3c83a69aa6aee0d0a82dcd4cbc94656030171774e13ad6b86c8418493438bba2fd5d3349065f33049

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\opera-installer-bro.exe
                            Filesize

                            2.7MB

                            MD5

                            9cbefccac5dd0ad57aeff45fe8dcb0ea

                            SHA1

                            67fd7def906e32e1cbacaa4b2b2b658892bf31ed

                            SHA256

                            003d3d04797a3458f4a95fe0a5fad9fa527cbd2557b7beb999a5681d4c85e884

                            SHA512

                            aaefceffe59178f845f699a152eb55169d3a6e5de34c2ab3c83a69aa6aee0d0a82dcd4cbc94656030171774e13ad6b86c8418493438bba2fd5d3349065f33049

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\setuparguments.ini
                            Filesize

                            647B

                            MD5

                            88e360402a16f33f5bf4b4d0ffaf4a66

                            SHA1

                            47d4ecd27f59b81e2f13232bc7e7b5aefc8b0c4e

                            SHA256

                            34048bd2e336df1803d5cf30f9a8812016545e57b0f579b65f99d313b18e000e

                            SHA512

                            f99384df6ea6923469333b9093aaf7b1e0ded6eabcddcf7dbedeefd827764f99520d98e54d86513c90bdbacbbdfc29a788f2c69d50c4092cacf01c9f87ef1f87

                            Download Submit

                          • C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe
                            Filesize

                            5.2MB

                            MD5

                            58e22c0ee91280156cdaadacac7acddb

                            SHA1

                            189c552c94a9b0ae0208763bca77f2801debc224

                            SHA256

                            765cab48564743844b057e21eab768d5d84194a635b09d02d9d2909f632f5714

                            SHA512

                            9f510c896d641919b037e201f5ba9de476241e7cab1004d92a85df4b9240ff947737619921b1223cd926c8c5a6e667dc76cad37e818d2a9d144b826836d562c6

                            Download Submit

                          • C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe
                            Filesize

                            5.2MB

                            MD5

                            58e22c0ee91280156cdaadacac7acddb

                            SHA1

                            189c552c94a9b0ae0208763bca77f2801debc224

                            SHA256

                            765cab48564743844b057e21eab768d5d84194a635b09d02d9d2909f632f5714

                            SHA512

                            9f510c896d641919b037e201f5ba9de476241e7cab1004d92a85df4b9240ff947737619921b1223cd926c8c5a6e667dc76cad37e818d2a9d144b826836d562c6

                            Download Submit

                          • C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Navegador Opera.lnk
                            Filesize

                            1KB

                            MD5

                            bb5c86c41a6fd673749802e8f58af495

                            SHA1

                            ae0c714b458c6efa66c008137ab8a5bece89d2bb

                            SHA256

                            0617fd7b001fbda37b7de68b04c1a30d6d28285d5c9a114539edc2cd6dbca0e1

                            SHA512

                            cb89c4adb7d4832a4dad3b1581e72a4d43360ef758a7856521d7c2158c0138b5b3436507ec136c7422cd8f79cc142002406e7b45c762314cd5925b1eb6e8ddc2

                            Download Submit

                          • C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports\settings.dat
                            Filesize

                            40B

                            MD5

                            b5d9f58a0124c4fb4e768999b4176445

                            SHA1

                            6cf72a392d64d58560327b17db1a56d649237984

                            SHA256

                            a5bc833a71dbc06d85d4f47c93aaf7dd548f4f122678b481975b2422a2242817

                            SHA512

                            32f9b73c0e1ff297eaf050818a43b21668ec06d406f19a822d9bbfdcae5d729967d1d8b8143a9e7092c26f59aaea850b35e063ff152f8b71b8fc6c4dbc649e61

                            Download Submit

                          • C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports\settings.dat
                            Filesize

                            40B

                            MD5

                            b5d9f58a0124c4fb4e768999b4176445

                            SHA1

                            6cf72a392d64d58560327b17db1a56d649237984

                            SHA256

                            a5bc833a71dbc06d85d4f47c93aaf7dd548f4f122678b481975b2422a2242817

                            SHA512

                            32f9b73c0e1ff297eaf050818a43b21668ec06d406f19a822d9bbfdcae5d729967d1d8b8143a9e7092c26f59aaea850b35e063ff152f8b71b8fc6c4dbc649e61

                            Download Submit

                          • C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports\settings.dat
                            Filesize

                            40B

                            MD5

                            b5d9f58a0124c4fb4e768999b4176445

                            SHA1

                            6cf72a392d64d58560327b17db1a56d649237984

                            SHA256

                            a5bc833a71dbc06d85d4f47c93aaf7dd548f4f122678b481975b2422a2242817

                            SHA512

                            32f9b73c0e1ff297eaf050818a43b21668ec06d406f19a822d9bbfdcae5d729967d1d8b8143a9e7092c26f59aaea850b35e063ff152f8b71b8fc6c4dbc649e61

                            Download Submit

                          • C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports\settings.dat
                            Filesize

                            40B

                            MD5

                            b5d9f58a0124c4fb4e768999b4176445

                            SHA1

                            6cf72a392d64d58560327b17db1a56d649237984

                            SHA256

                            a5bc833a71dbc06d85d4f47c93aaf7dd548f4f122678b481975b2422a2242817

                            SHA512

                            32f9b73c0e1ff297eaf050818a43b21668ec06d406f19a822d9bbfdcae5d729967d1d8b8143a9e7092c26f59aaea850b35e063ff152f8b71b8fc6c4dbc649e61

                            Download Submit

                          • memory/1100-285-0x0000000000400000-0x0000000000947000-memory.dmp

                            Filesize

                            5.3MB

                            Download

                          • memory/1100-162-0x0000000000400000-0x0000000000947000-memory.dmp

                            Filesize

                            5.3MB

                            Download

                          • memory/1468-152-0x0000000000AD0000-0x0000000000EB8000-memory.dmp

                            Filesize

                            3.9MB

                            Download

                          • memory/1468-166-0x0000000000AD0000-0x0000000000EB8000-memory.dmp

                            Filesize

                            3.9MB

                            Download

                          • memory/1672-282-0x0000000000400000-0x0000000000947000-memory.dmp

                            Filesize

                            5.3MB

                            Download

                          • memory/1672-170-0x0000000000400000-0x0000000000947000-memory.dmp

                            Filesize

                            5.3MB

                            Download

                          • memory/2356-277-0x0000000000400000-0x0000000000947000-memory.dmp

                            Filesize

                            5.3MB

                            Download

                          • memory/2356-159-0x0000000000400000-0x0000000000947000-memory.dmp

                            Filesize

                            5.3MB

                            Download

                          • memory/3344-232-0x0000000002DE0000-0x0000000003DE0000-memory.dmp

                            Filesize

                            16.0MB

                            Download

                          • memory/3344-279-0x0000000002DE0000-0x0000000003DE0000-memory.dmp

                            Filesize

                            16.0MB

                            Download

                          • memory/3344-264-0x0000000002DE0000-0x0000000003DE0000-memory.dmp

                            Filesize

                            16.0MB

                            Download

                          • memory/3344-260-0x0000000002DE0000-0x0000000003DE0000-memory.dmp

                            Filesize

                            16.0MB

                            Download

                          • memory/3344-271-0x0000000002DE0000-0x0000000003DE0000-memory.dmp

                            Filesize

                            16.0MB

                            Download

                          • memory/3344-215-0x0000000002DE0000-0x0000000003DE0000-memory.dmp

                            Filesize

                            16.0MB

                            Download

                          • memory/3344-266-0x0000000002DE0000-0x0000000003DE0000-memory.dmp

                            Filesize

                            16.0MB

                            Download

                          • memory/3344-283-0x0000000002DE0000-0x0000000003DE0000-memory.dmp

                            Filesize

                            16.0MB

                            Download

                          • memory/3344-291-0x0000000002DE0000-0x0000000003DE0000-memory.dmp

                            Filesize

                            16.0MB

                            Download

                          • memory/3344-246-0x0000000002DE0000-0x0000000003DE0000-memory.dmp

                            Filesize

                            16.0MB

                            Download

                          • memory/3604-292-0x0000000000400000-0x0000000000947000-memory.dmp

                            Filesize

                            5.3MB

                            Download

                          • memory/3604-176-0x0000000000400000-0x0000000000947000-memory.dmp

                            Filesize

                            5.3MB

                            Download

                          • memory/3604-189-0x0000000000400000-0x0000000000947000-memory.dmp

                            Filesize

                            5.3MB

                            Download

                          • memory/4244-167-0x0000000000400000-0x0000000000947000-memory.dmp

                            Filesize

                            5.3MB

                            Download

                          • memory/4428-205-0x0000000000650000-0x0000000000A38000-memory.dmp

                            Filesize

                            3.9MB

                            Download

                          • memory/4428-137-0x0000000000650000-0x0000000000A38000-memory.dmp

                            Filesize

                            3.9MB

                            Download

                          • memory/4428-140-0x0000000010000000-0x0000000010051000-memory.dmp

                            Filesize

                            324KB

                            Download

                          • memory/4428-141-0x0000000006750000-0x0000000006753000-memory.dmp

                            Filesize

                            12KB

                            Download

                          • memory/4428-142-0x0000000000650000-0x0000000000A38000-memory.dmp

                            Filesize

                            3.9MB

                            Download