53df6797d4db230140138285ebc0544e1fe4055fa1f7b6131c82e6ee4a7534d7

Analysis

max time kernel
38s
max time network
177s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
01-03-2023 23:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

LOLPRO 13.4.exe
Size

449KB
MD5

420dc8123043a54629f25adfb1cff776
SHA1

fe54a1692343895742c6f043508d1c1e3913897b
SHA256

3c08ff244314007374e4f36f88f876b8ef650c6e039d1df6a2c39948f742578a
SHA512

f08267ba0a2fc9ad8e3bd74ace74d0415097c1a14a433190fe6ac9edb11dc4ae59ff10eb4083d6b3087245c25fad4c85c28220b5f7a962a4e466518110f11c42
SSDEEP

12288:rBBbTe4jix+DsUp6BOaX8nfM3qEpg81EPC:rBNBe+Q5X8nZMg8n

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
1740	qtC.exe

Loads dropped DLL 5 IoCs

pid	Process
1484	LOLPRO 13.4.exe
1484	LOLPRO 13.4.exe
1484	LOLPRO 13.4.exe
1484	LOLPRO 13.4.exe
1484	LOLPRO 13.4.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 33 IoCs

pid	Process
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1440	chrome.exe
1440	chrome.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe

Suspicious use of AdjustPrivilegeToken 6 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1484	LOLPRO 13.4.exe
1484	LOLPRO 13.4.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe
1740	qtC.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1484 wrote to memory of 1740	1484	LOLPRO 13.4.exe	27
PID 1484 wrote to memory of 1740	1484	LOLPRO 13.4.exe	27
PID 1484 wrote to memory of 1740	1484	LOLPRO 13.4.exe	27
PID 1484 wrote to memory of 1740	1484	LOLPRO 13.4.exe	27
PID 1440 wrote to memory of 904	1440	chrome.exe	30
PID 1440 wrote to memory of 904	1440	chrome.exe	30
PID 1440 wrote to memory of 904	1440	chrome.exe	30
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1352	1440	chrome.exe	32
PID 1440 wrote to memory of 1984	1440	chrome.exe	34
PID 1440 wrote to memory of 1984	1440	chrome.exe	34
PID 1440 wrote to memory of 1984	1440	chrome.exe	34
PID 1440 wrote to memory of 324	1440	chrome.exe	33
PID 1440 wrote to memory of 324	1440	chrome.exe	33
PID 1440 wrote to memory of 324	1440	chrome.exe	33
PID 1440 wrote to memory of 324	1440	chrome.exe	33
PID 1440 wrote to memory of 324	1440	chrome.exe	33
PID 1440 wrote to memory of 324	1440	chrome.exe	33
PID 1440 wrote to memory of 324	1440	chrome.exe	33
PID 1440 wrote to memory of 324	1440	chrome.exe	33
PID 1440 wrote to memory of 324	1440	chrome.exe	33
PID 1440 wrote to memory of 324	1440	chrome.exe	33
PID 1440 wrote to memory of 324	1440	chrome.exe	33
PID 1440 wrote to memory of 324	1440	chrome.exe	33
PID 1440 wrote to memory of 324	1440	chrome.exe	33
PID 1440 wrote to memory of 324	1440	chrome.exe	33
PID 1440 wrote to memory of 324	1440	chrome.exe	33

C:\Users\Admin\AppData\Local\Temp\LOLPRO 13.4.exe
"C:\Users\Admin\AppData\Local\Temp\LOLPRO 13.4.exe"
1⤵
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1484
- C:\Users\Admin\AppData\Local\Temp\qtC.exe
  "C:\Users\Admin\AppData\Local\Temp\qtC.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of SetWindowsHookEx
  PID:1740

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fefb549758,0x7fefb549768,0x7fefb549778
  2⤵
  PID:904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=284 --field-trial-handle=1208,i,3430697344325608275,17329206642589411626,131072 /prefetch:2
  2⤵
  PID:1352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1540 --field-trial-handle=1208,i,3430697344325608275,17329206642589411626,131072 /prefetch:8
  2⤵
  PID:324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1420 --field-trial-handle=1208,i,3430697344325608275,17329206642589411626,131072 /prefetch:8
  2⤵
  PID:1984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2248 --field-trial-handle=1208,i,3430697344325608275,17329206642589411626,131072 /prefetch:1
  2⤵
  PID:1940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2256 --field-trial-handle=1208,i,3430697344325608275,17329206642589411626,131072 /prefetch:1
  2⤵
  PID:1132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=3484 --field-trial-handle=1208,i,3430697344325608275,17329206642589411626,131072 /prefetch:2
  2⤵
  PID:2104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3612 --field-trial-handle=1208,i,3430697344325608275,17329206642589411626,131072 /prefetch:1
  2⤵
  PID:2300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3624 --field-trial-handle=1208,i,3430697344325608275,17329206642589411626,131072 /prefetch:8
  2⤵
  PID:2468

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1980

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Fraps\data\Aatrox.jpg

Filesize
2KB

MD5
86d5ffe2d4b1d6cee733545f94318497

SHA1
481e24429563efe543f9c691100a00bd9351ad39

SHA256
7330d6b01b100e786175380388f17e15362796034f2cf0538dd54a5f619018f0

SHA512
05a410de84af4592a5499511f7e19a68c5d842f9729df28a5085d22fe1cd7a8d9e7d305639e762330576d192e10024bd34c6da68668f458ad057777814418094

Download Submit
C:\Fraps\data\Ahri.jpg

Filesize
2KB

MD5
d9bd25224aa2498fcf7c452825681c1f

SHA1
fd1ce923ffc0e5db574b9aca9acbed725abcbd88

SHA256
7743fa84a04fd32649b2d405516285f155683862f157eddbfd2c68ccab204879

SHA512
65e8a7f4ef807570f25b3e1e53ef9031aa56ed3cac402e99adf54ee5d0ed2e793798dc5f55f0f3042634233c7a7b718b0e8082558e60bccaab978d0e9add6555

Download Submit
C:\Fraps\data\Akali.jpg

Filesize
2KB

MD5
27ed1f09db99d75b09b44652b29bad11

SHA1
7387ecd3befc161349cfb71d7f3001936d528a5c

SHA256
4fedb39ba7b3b5a5f2e3191fca0753af4628343982ed318af270dfd19fbc28ad

SHA512
328e6147c1b69e7c4279fe42cc22d9d87c41728bd11885cead005900e1d096dd60ea2430146775b2f96637318891e09b61660101d56fd9d359c2404662271a99

Download Submit
C:\Fraps\data\Akshan.jpg

Filesize
2KB

MD5
9eeebd9ef2c12ff98fa5ebc1e7f98fe0

SHA1
eb44a83daa2290c5c90cdaed8807a549a83ff543

SHA256
edfb55e6875af8901a722721c4a536249f8401fad2cb0621b40c5447e8068c9d

SHA512
dea2660cfb8cf5002968d3faec1db198bd8022b724990b0d17f7621e21a4875659783d90b6a6511636514bfdb69a7f40e42b948ddcb218c16be185837ba4ddb0

Download Submit
C:\Fraps\data\Alistar.jpg

Filesize
2KB

MD5
6d143011393c8a81ce2703aaa1397108

SHA1
bb1893ef07a2c0adfdb836a8d826fd16a9528690

SHA256
01caad5ea1f869a63488c630f3921c29e275abf1dfe8c0c05f9f8b1b85eff668

SHA512
a0a32601cacecd4f838d0f3720497f14cea6f67e8173210aae33056252103fcaa7cc36f7ab282a22cd28b048854687df25b5eeaf361240ff5313a65b5b103781

Download Submit
C:\Fraps\data\Amumu.jpg

Filesize
2KB

MD5
6432e5b78ac194554d925db5adc58ae1

SHA1
e470630215a97c0c9f760b1bbb80ac9405c8c75b

SHA256
fc31ecf2dd0e4f543756b7e507bb666d43037494c0c8da1d602333a238dbc40d

SHA512
fa153379cd998dde630d2a20f8a504b1f2fe31fa154cc8e928ea96161dfc6b42ae2746f8b7d7fe341e739464e2427b9485b015f0e099a85c07f057868faebd84

Download Submit
C:\Fraps\data\Anivia.jpg

Filesize
3KB

MD5
49623765801dc613710ee2e69b38e39d

SHA1
00c74a1aa0108ed908e2a74c0844d9af03413edb

SHA256
4a89d9679ebad1da3220b759d686565891bde6aa2cf975a252675e7c02e6a8d7

SHA512
75a48c22b8994bd443b6ca21184fe581e56d28f92342401504d8a33a0241afe15a4fd0c89beac3e4682932ac48b2f2a1f126c12da7281c0be4bd293996707011

Download Submit
C:\Fraps\data\Annie.jpg

Filesize
2KB

MD5
1782b6d5ca65fe7a5aec922d35e3ac88

SHA1
7e7dfdbf9bff1d4124a0c3ca0e0642e96527b678

SHA256
8530ee6918ed06dac2ed6e1ac04587cbf08bb483bd567e33960b0add7ecf8090

SHA512
0e217f1d31d220d38040698f920c2386aa8891a39429f1ac770a605277a18c6ef4f3cde9f6f4aa76d1e917a1fbd01728a1c758d9451ea801566c1d0709aa4ac0

Download Submit
C:\Fraps\data\Aphelios.jpg

Filesize
2KB

MD5
f01c01627c66ba6a5a52b16df75e8ab7

SHA1
f2ea76f09d0291fefe8f137eb78bf6360a774ee8

SHA256
ab2fd494d306948cfaeff5c0bab478209fe4a719894a52b7c4fd5a0d93418423

SHA512
6874335f0f8f73b31071a7fb4018e4cae7fa2ad9eba6bfab8e8e868f5acd1e19dee4ac0573b4ad614f3d4e5d86504178773a792171a4425b51b4259c3cced5e6

Download Submit
C:\Fraps\data\Ashe.jpg

Filesize
3KB

MD5
048b8f5e25771c5a003fcf383b46cea6

SHA1
eb915ec1af4d3805db23e75c1006d0c84c7d91f5

SHA256
84e32c03e410e5a67a743e26491bf1bbad5461efcd427a62859e303f6664e974

SHA512
b5af2b49563ca456034df3c838dafe0c629c2a06ef1752d446e036d21bb8ab96299fd9333cdac075dd6cd38c24186744f96c97dba4fee09d3850a0c1b5385370

Download Submit
C:\Fraps\data\AurelionSol.jpg

Filesize
2KB

MD5
e17a1a62d73947b513d4367bb895491a

SHA1
575446d7654a7c35e6c204241e9f70999a866cf8

SHA256
ecc6ca5b3915e5abfe54dbc705c1c8a4c69d98aa8ad794467075d9e6f481891d

SHA512
7422fecaee253f587e9b8eba5e2fc9ec3d080291852ebe05dd2217dfb058972064a8b54860acc804e46c2df32947bb9387bfef9df39ddbded63436bc83b17417

Download Submit
C:\Fraps\data\Azir.jpg

Filesize
3KB

MD5
f4f83206637cefaf0e028651a5062e01

SHA1
48886a726461b5d5fbb6a7a1ea5545519ac1d7a8

SHA256
6250106b1f077bcf10ad966a1f88a67b5a22e596e3133735aa851d81f6ce6f4c

SHA512
996ce89a0aaf8f56d5479f6e280c97a6596f2cf84d4430625e325fbaeca44cb67e3d001e69ace45566fc9b25b2485c0d8514a493371ea470f43c6fb36c407bd9

Download Submit
C:\Fraps\data\Bard.jpg

Filesize
2KB

MD5
12683f279bd0cc4dc6cb56700370377c

SHA1
9f024f3a0fab9f4fab0cfadc73eb2227395603ad

SHA256
fb57d887c4273f94641799b5c3b4cf07320dc2d0ed9bb4d108d35929e57a97f3

SHA512
d03c4a1c1cc0acf727a2716510d43ae4adcda449f416e020c63f0924d0f16bcfd1873cf30bf431e6083d37c10ace7f096b31c5bce57f17e1c4161c6072875713

Download Submit
C:\Fraps\data\Blitzcrank.jpg

Filesize
3KB

MD5
0d7d95e37e33728c0c5879eb15021113

SHA1
9f8b82c6dbe9543ce2fa1ea1cad0410065ac4fa0

SHA256
847c9a2fe0f4d93449f452c8c08a04b7c5e258c5a0c8ec9e82f778c01ec46ab7

SHA512
4c65f0772debfc9a9023cd00327ccb5f840aa819e811b229f5f5b357c17e2d9298b894050b9ef3e863dd288bd82788acd4f3aca21478d2ff7a4bb9fcdf1c7d25

Download Submit
C:\Fraps\data\Brand.jpg

Filesize
3KB

MD5
d7546d8cf809c6f946bce3b21f8efbd8

SHA1
ca5fa2fff44f4e0ee91e445ed0488f9585a6a63f

SHA256
a8dcd6ea1b403e6b2d0a5d7da82abe3da54c781fd07eb88311ba6bea48b2fc45

SHA512
1c4e5f802430fb6b476925e485147079f151e1c9e0cab0ea23affd8a191c9cc6a8a24b40f796079523d81804f6fee896086dc14efcfe894adc32d66ca12f3665

Download Submit
C:\Fraps\data\Braum.jpg

Filesize
2KB

MD5
a4bab2a4421699ca21d0da1965740eaf

SHA1
e421ca1e8d8047a050a7a0ded4bde1a836b5f6af

SHA256
cd1f1b3ac70c1f0282549918b6580fd9dc84de90d099ebb2db71d5e4f7695bdc

SHA512
ba34250bf6a7d781efcd414568541a38eb70e9e3f01092d6b81cff6cae5e942ccc50137f3cf9065007b3109e5c42e2c77c799a9bcc4f21cdc9b71eba40a6b547

Download Submit
C:\Fraps\data\Caitlyn.jpg

Filesize
2KB

MD5
1c6fe44737cd9dba2f18499fa543c2cc

SHA1
1078ac2b2113d6d50fc0daf42fbfff155984cfdc

SHA256
6a73773164d12dbf8fd6625d3b01695178f08fee3119c3d89f26a24b217b5d5a

SHA512
7d2b0bd04618d036044b82326b3483062e951855c9831a785eb0244eabbf2ca1db82ebe6ee1a1fdc49db88acca9fc9c79c72fd5ac727717c0cdd39af4815a953

Download Submit
C:\Fraps\data\Camille.jpg

Filesize
2KB

MD5
2332373e2a133be87b56b0b833969c26

SHA1
d37a1a7d771536e4143a5bec9cdce211be7eb767

SHA256
9487e90f127e84f2ec22f4cded3595b19691bab024dcbce7e25524283b9103bc

SHA512
e347163c167e71ae5e577858bab62a91483a3e7d465a3f9fe27b374bbddef665a63b4804591d25933cb1212e264eef933d94a713cbe654b87a89ab62665cdd2c

Download Submit
C:\Fraps\data\Cassiopeia.jpg

Filesize
2KB

MD5
b2b812403dc5857ca10ab070e20e7c57

SHA1
e9fb727dfbb0070a4104bcbe334fb75f52b35f2e

SHA256
c12585bc45d54a7a52d287dee8f57cc7af92c66695603f344b17565fb7186492

SHA512
f64e84e9194d94ffccbad7e4204d4f10badd0779ed7e6b0fa250a1dbc27b4e14ddc17aad8176418322184ad962383f48a554a08b4d49e06eac1674a5b9741f95

Download Submit
C:\Fraps\data\Chogath.jpg

Filesize
3KB

MD5
205f5e5ebbb1a39059c49a66a56af752

SHA1
c009e2e910c4e801e51e89fbc3671fafc78b2620

SHA256
17a4b65c72952811e12af8dc52be40d136a52139d97cdaa8b3eaa85eee9dcfe6

SHA512
8f55c5f4d8e3b3284bc8a84947b9fb6aafc4b181a316ede5c56d3e9c1f34eaa31b7ef17598c05fae1dd739ba187af67776d59a37e638b8738fc722e2afe1b1db

Download Submit
C:\Fraps\data\Corki.jpg

Filesize
2KB

MD5
d8ba213c2c4171a8e06beb26d5fe8a13

SHA1
5b21d5853b533d67b2255cc899706567aa8b8866

SHA256
965c040bc208b189be5aa88a23fd6ba2b531613b0856922365eeab0872188d9e

SHA512
e390cfcfe51b2aaf7a52c25f72843064c225d147f69a047ef9b6935198ab5d4e2e978a41312f523bb4fda28b7ec30844aa5174b8965607b0bf4b5c506254ffcd

Download Submit
C:\Fraps\data\Darius.jpg

Filesize
2KB

MD5
3b124920a70dfdbed2e1bbd29aaa9c4c

SHA1
8c2cff9f77fe0e478febde393dabf9fa002474ad

SHA256
d51ff576198c29118b5093f2bf74b36ef4b5e50c3e68fd3562eb20407bcfa933

SHA512
b367c07de1f8f1c6e78aa7fa7f1be078b6700585ae91dfad3d18cefe223109fd7e5992dc6b3c77fccd35ef9c6216c0a3cd45100c22d38ea9545c8ce33337d762

Download Submit
C:\Fraps\data\Default\All.ini

Filesize
1KB

MD5
67ad1fefc8406ad6b28c42ec1aea7457

SHA1
cbd0f5dc7b9276cfb7b8445d804712d7ee2b073c

SHA256
abfa47e39005947c5e8e3944e061c6940e7f564e80074847835433216c7797d3

SHA512
731a01150bdff27112c4db3393eaf4b6bf1dbcb5fc8544c48311af7cf173f15c5e0d10809fb2bbe7551b099be91bb598aca6a399b624652c63d5498a92ed1352

Download Submit
C:\Fraps\data\Default\Config.ini

Filesize
1KB

MD5
e3a33b332d831f9df34b52e27fb38cf4

SHA1
d25658e1826f21fa0a7be249379afb5fec8bc1d5

SHA256
a83a471ab0bccad73e021f6f71797616833a60279777b66671ec5219b88d9e90

SHA512
93f3657326737cca9dbe8f2101cf9d565faafe041a58701b527215adccac194bd3341553f3d099bbdf77b0734ef1d0f802b1a29ad95b10df0d72ff1c1057ef99

Download Submit
C:\Fraps\data\Diana.jpg

Filesize
2KB

MD5
035b003a752d22cc0ef5973090993e17

SHA1
b9563006f176018a7bfb37d46433ba4f6720eb26

SHA256
ac9309f94d0b6279272dca7a35e081a539254ed14af36eba2c0431f895978c2d

SHA512
7e899b84bc22343c41e1cf0c4519da1b561f85852513fd6102a47e8547b8b18f8039b8d45ffe81902d1fa524e85f6f9f5cd7b12ef7309d7cc95f6afa1dc2b903

Download Submit
C:\Fraps\data\DrMundo.jpg

Filesize
2KB

MD5
0a6ca32f36606cf0237b7e4ae89dfb3b

SHA1
4014eda3486514a1b49a9026390ce59a3532e85f

SHA256
1b65db05ee95a0ceb7c8574b2a6e9cc801f67c85e5d0a9c757fd05531d3fd74e

SHA512
f1553400385d78690b278a1c1101c4001eec89c7382c7ce82e32bda82bf7fbf07aeaf53064197f5bd52067fda03adb086ba288e57ddd8bc3030c78da465171e7

Download Submit
C:\Fraps\data\Draven.jpg

Filesize
2KB

MD5
7af7e23289495a3944cb345a961e809d

SHA1
f2a6eb1d2c4a5e7739ff4a9d420667a80ff47310

SHA256
4e7d4e3f70b9253a59897f93d156626120cde6d12203dc84b2c258aa2301dc54

SHA512
a59878f78feee1f5fb4332f4689503c510a2118139c88c29aed70c2ad2648078441a97b0ab48c268206dc7dda0685599308b57bf46b8164b688f177f4c502353

Download Submit
C:\Fraps\data\Ekko.jpg

Filesize
2KB

MD5
62ec1e8a11855ce2b6b0d6f4a0e5f402

SHA1
b63b1b65062b0bfba10aa56edd557abbf96e1f7b

SHA256
dda98680ca4aac63407290a45d9a0ebea45731d8c9cd5560b93f59d3c966d694

SHA512
82218a383f76bfdc5fa12f60b90893e551b1a1d38f8613835100e97d91901281c5cfaa36b1f29732c45d31d4868ff217b2c23f8b7615d9c2aaccef1358566369

Download Submit
C:\Fraps\data\Elise.jpg

Filesize
2KB

MD5
f514abd1af9f4dc3d3b002c3303d781a

SHA1
fad834c2ed2a5adbd2e2f4b1612e53772ec2835e

SHA256
54950fd50096dc35e3e8e0ddcf9e31f03cddc8789872945de5d831fb0e255881

SHA512
d5e43dd8d82cba6d4570dffb9a0fded155ce22adfe162919b373d81d5a2c80c82e6d11bcea358e0a2f4760f7ac66180cf4971ad3c2025092771357933efeee88

Download Submit
C:\Fraps\data\Evelynn.jpg

Filesize
2KB

MD5
2e6eb6e17c794a4704dab6e1ff90a546

SHA1
2473eb2b872419f9c41caf2293e6745f01d874ca

SHA256
906e1ab0a3b0a75984863afbd0d300fdaedd0058c22823bb75d1f536c03af8e0

SHA512
c6e6d67c290fb1f554884eeadde02d9f9877f77cdce124a5b9fbbc10714d485bd0aced20109661a13017856d213e2aaced95eae19dd589b7c41fb0bd045d1d3b

Download Submit
C:\Fraps\data\Ezreal.jpg

Filesize
2KB

MD5
b283c8779680d2c6f1704b8ee8e07d5a

SHA1
ee2874c6a9ae6866e0e783ea2e7a3376bc958cd9

SHA256
42e0547d35a4c61a0348390b2751e50432bb77343023fc92409bddc1c4ebe53a

SHA512
8629589312c1bb2203888c6976ea65b4da0f7420fb07d1a59313892f56a929a5ba38c47ed28344ee65350e9b86a230f55b48a4138526075cab77d0895c44d372

Download Submit
C:\Fraps\data\Fiddlesticks.jpg

Filesize
2KB

MD5
37392d7809709050d327e0f475ca7b21

SHA1
73b537116332581368a47386d33ded35913f8273

SHA256
d6b72b99d0e8668d41ea486511ae89879ef61d62d5e3ec3353b2bb4ed0b22c5d

SHA512
390f87fbc2d23dac12ae6a927240be7a032fe35a17b4f4e352375f5d9909b044a7a7ce08e1b881ed340c39850a84bf07b30aaa5cdc5ed48e1ef76a1866dbfb09

Download Submit
C:\Fraps\data\Fiora.jpg

Filesize
2KB

MD5
06c864491cf9d86f425366c3a69b776d

SHA1
71140e94511a88fc130f89473402839928bdfad9

SHA256
836a9b9eff8d6e269ea9157673f3635ee0e78e0e08751e38032e136b1bc3ff99

SHA512
323819a22c6bbc647c32d9e06f02aa4439a920d6d01aa5504a9293091ec4524e04406e7ccd48026467d965a21728f4229a86bae014f99385f4c9d0b11940af4f

Download Submit
C:\Fraps\data\Fizz.jpg

Filesize
2KB

MD5
05a379a87077ea57cf46ae03f2e36fc6

SHA1
173523b8c23ee68f451c483547dafbb9edbc3dc9

SHA256
9c92a996c6eb7766f4d7ae46109747d51f774c78ae87cdba0a27e554c7a2f7b7

SHA512
104b5bb3c4faf99d47281b5af907bb0c07ee437c784e372dc3ae9b4e6946e520915660a291f9798d0cd46d61137c40bb24ea59d956fda8557fb607614a35c950

Download Submit
C:\Fraps\data\Galio.jpg

Filesize
2KB

MD5
e6e553bd976cfa9b83589e60f6ffb9d7

SHA1
126fe29eee6aabae76181e038a7b400b72ed6a6b

SHA256
e2dc2fe8eab127db0233fbda6ddf119c7b3f7e840760ffa94a2591e3bd19ed86

SHA512
956348fc81b83a7661c6a3d018ecc60aed4dc7edd2f6289130e1bf8664b8dafeb4abc805c71e87cd82f9da0d666082b81aa642679703627d55ffb853dcafc054

Download Submit
C:\Fraps\data\Gangplank.jpg

Filesize
2KB

MD5
ab859ee908ad5cec92ad736ee6c1eb72

SHA1
a6476469eb8309a7168d8dd01f3554156ebe0530

SHA256
5d8439bc389118b0c6e05018f596dbaa7b11de28ea3991fa71d43bb68f0b09d9

SHA512
2ca92200ca6fb47f57923c24c4f4e0d39c05b3201adce255c7401154ae3049ce3596ee25f4f295772c21e4ca0b8908bc58fdbf08641f2992e479ed4fc0a622e7

Download Submit
C:\Fraps\data\Garen.jpg

Filesize
3KB

MD5
9b46e4f2f240c6a7b9ded8c98eea9083

SHA1
1c1c6878382d0994f1617fb78109b7fbe6f30da1

SHA256
b930a70294b0d0f7de6a8162adc4cb9657379310bde008772be09d144bf317c1

SHA512
61eabe329c52cf1622e71a146e262d0575c7b876852aa351c0f5e15c1b81d3189efa4d58ba68f5d3f885315dbebd9a6c7e9205c406e87ee36bf022c8224cdf85

Download Submit
C:\Fraps\data\Gnar.jpg

Filesize
2KB

MD5
db856ef3848374c74b35c9a527f4cf20

SHA1
9f3b7f1075c6a5d860ad8f566a776898db8ddc58

SHA256
c2ee8c74dd05f3817d861261237a712812dcfa0f0902574ddb97eec7ddcdea11

SHA512
571948396da30d75393f6a53d8d37796e84edd1ec196a12400b2cd048a394d52eeb74bf80e1f1c31016c8e590db68dc734e33c0be75da77970f8b1c9d9de2438

Download Submit
C:\Fraps\data\Gragas.jpg

Filesize
2KB

MD5
d589706fb647d777d778893b174a703b

SHA1
9ad2ca71f906314d086be3d6790982e53ddaaa7d

SHA256
33181ecd61ce50fc77653cbf59d930ef08aafe20a3c160723793d3ebc2ac278d

SHA512
89f6b47e3e86e72ee811ab0140dd93960e6f488e7ecce8dfee74eebf141fff84d8b156b7fead0f6856795cabb87c0ae958a03a53a4734199733dc6e13468ff4c

Download Submit
C:\Fraps\data\Graves.jpg

Filesize
2KB

MD5
a1c63a181dd61acffd7856806ca32c2b

SHA1
de120f5ea3a05cd71b9c750dfc100ed8ef989ab9

SHA256
0139a54e8ec233997ec5ebc159787dedf627e2b34f9abe48d1c32b60b71e2093

SHA512
6e252bbc0690f1fa18fd452ca71fa857b70ee511f9dbfe02b3135e6d3859378426158b7ee45132ccbc35242ec20305c54b01c41a407699f7dfe857135f011673

Download Submit
C:\Fraps\data\Gwen.jpg

Filesize
3KB

MD5
e7617b294709c99c2f61fa15e2fa7308

SHA1
df00a8b41e99f24e6cb4e1ff2aaa27d5cd487d82

SHA256
cf77ae993fd7633e10d815f02951c360b81652c2d951af0fdd97384e7b67dbcb

SHA512
8775fa7fa2486a25cce14d533ab8234545f99bc3b06da43c4405ba457104d9e0b6ffbd0cde7bbab7328361bcfd3b964b8cad8ce60a042c65940be4ef16ed0bf6

Download Submit
C:\Fraps\data\Hecarim.jpg

Filesize
3KB

MD5
faa67dbe39186098e1fc6957b480b986

SHA1
75dc9e3504a9823d903b9d7a9e5da485c35ebecb

SHA256
e761356c8cd6357ad5a7c1649df02d5e82884e2b5394ba35104b59d9cb40393a

SHA512
2a8cec1ccf26d9f69d8b0e40cbb9d98483a1cd13df78c374700a3f7a5b3c37aeb7f5d09afa2920c1fb695bf49420418d0bd615cee02a99e17fe5863466f36e68

Download Submit
C:\Fraps\data\Heimerdinger.jpg

Filesize
3KB

MD5
26e2755476fd77cbac93b541438fd8cf

SHA1
e318567f667b77ca9dd612c4dfe8b5ab1813b969

SHA256
659980902d01da802f140025f8de2a5e4f75722da953e814ab16cd255825c5bb

SHA512
333bd89da7fe8ab84b05a8cfbeba51b090d2940014c216abd331998f8b0537db23bad5b0d81cb10efec95008589046e2b183fc361dfc47a936e686239e441b6f

Download Submit
C:\Fraps\data\Illaoi.jpg

Filesize
2KB

MD5
d7dc4fe07ab04c6d0f30c1f88730d4e4

SHA1
6f02da0a8c5efb3eb7d5f434ad71126ad1e88c86

SHA256
eb420cd069c17b5952330d6357cf4aa5f4fbfcceff28b50708eb427a830c96fe

SHA512
febfda8063f76893aafc7c30df67073a6c491ecdac0022f69e932bf2a5a3ab957e151df12b48163d57197f3443d0563e43b770dfa752b1e9285fa7a19dd1e6be

Download Submit
C:\Fraps\data\Irelia.jpg

Filesize
2KB

MD5
1e11bb6328fb1db42cae92567e2bedb2

SHA1
a78caa2961caa8c4379e2a8a7b7f987192c85464

SHA256
cbd614a83b659128b76941ac5c93e1150a9af3dd53fb51879bfb742b3e27762d

SHA512
93668611753e18c47929cad15d71ee8c1ce5571c8dc87dbf3348a51fec2aafaf88baf294096cf7f95bdc4cbe1328f6ce024e958d0bea2abc90a13f6b7b39134d

Download Submit
C:\Fraps\data\Ivern.jpg

Filesize
2KB

MD5
5f2d4903ce20b6401c42158d7f2bb745

SHA1
93aa1a6330989a76cc6bec6943b594e95d3f52af

SHA256
2a28330a379f57c53d694eaa2a0a1ed253f6d1956bb2e4a5fb575c01af37d1e0

SHA512
a6e231270fb7ceba79d8f69f0955958f4733d3b401baf1ac6b1e1a4d69a9d7e2ff7779a30cb5c960b2648f9a69b5e7af1c11d32be0155d38fb94aa9e89087050

Download Submit
C:\Fraps\data\Janna.jpg

Filesize
2KB

MD5
bc33e20904a4928ad098e40db0b94228

SHA1
e2fdac7a5d56ecebf1feaeec4740c6201ec2e03b

SHA256
65d433783846ef908ca178216f2a958522a2212e7ee65b1b9f86cb4af96e697f

SHA512
ae2f88b1290acc3a8fe6b91ef16989406167c4df9618ae054a8a49849f5557fe4aa39dcc8a8d6075e2c0d632fee9d089e0b35b12c0c4928768b4b45484ab842a

Download Submit
C:\Fraps\data\JarvanIV.jpg

Filesize
3KB

MD5
6fab5c8673f39141d54590d0d2be9697

SHA1
a2e29ad19b2cf377fa4981e49325a5a7013749ed

SHA256
7d1cda62b88a8f88e584c43ba1a785d186834cf756e594fd7d5e9e478ed6b7d0

SHA512
56e4aad6ef6186f9e7cfc8f2392c033b571a1a809beff15e1cbf54b6a1a17fe37f607de27c64d2a0e3afa41f2cdb596114406ac9664d388a76dafccfe758b602

Download Submit
C:\Fraps\data\Jax.jpg

Filesize
2KB

MD5
3189ea9a57ecea8218cc995cb0408374

SHA1
a7bd160ae151a00ee53c25f7c9fe6bee7a86e7be

SHA256
53cfce80f876f2cc9c331385360d942ae4f6ff4bf3300d8fd44c9abd3e199f1e

SHA512
2f25ae92d3a159637319482585be1909e6e61de32d2bad4de521a77193105dab2fa982958cb089092aabdf69f39469e40c427cc28e6b8ceb8ba2baee331ccfa9

Download Submit
C:\Fraps\data\Jayce.jpg

Filesize
2KB

MD5
a6f9c5b99698872b8d0d58a03f4a87de

SHA1
6313e8ea7e92d8886dd2e18fb0a6ce6cf54054be

SHA256
4c0bfc836d20a53d40ae312da1525e462f7ff9e3f940037089b1692d2f6960e5

SHA512
f274251d0197a6e1eb9c7f7ee4f7ad9c7d7d6c0713d51638b4ca53c330fa9f508b72ce4551875419c7d2f522468fe8bbb5e1689b7feee12c691020e32c89e69b

Download Submit
C:\Fraps\data\Jhin.jpg

Filesize
2KB

MD5
0d05e6ca2566b9781e31740da6d14024

SHA1
063acec73208caff62a063bc0a11bfd192cdaee5

SHA256
0110c22d3b35ace7965f0a83d636d4c09c13373a9670a8b764b41e9b244d7085

SHA512
3d419482861dd73e95532be5e0d15d644aeceed98fe4721100f34cb75c09c06f74b36ab618675f53a20adbb3770720396d7a9499b780f4570d1878696feacbd6

Download Submit
C:\Fraps\data\Jinx.jpg

Filesize
3KB

MD5
60cd937f8222136dcd20984de4ea9118

SHA1
b38bb11fc9ae195cc0c8e6639e621e4026671475

SHA256
71c109572402ba2fb15b80c21e24141a952f7f3c9fbff7fd2699ddb335fc4960

SHA512
979c1676c3ce2bbb532eb3ec180a2271ed3fcd4123803916c8b05083f4c29c4e6fa95c11fae1501a317988f0169e7cfcd68dc4d28d517b0c3c0102a871498ada

Download Submit
C:\Fraps\data\Kaisa.jpg

Filesize
2KB

MD5
b8794c53bb0e9bb1b9e28456c3a8c69f

SHA1
64889ee85fc94970e9197dba5951b798fb38c432

SHA256
3cd3ea02225dc231afe2fa07860788707d4850624ff85012151e6e1691a704a0

SHA512
a769cc32026d0dcfa2ed4079f9baa897e8c9e27ee74b1aa3b3703c47028e09cd36e08999a6c74cd78018355b76c813473cc7afd618f7dbb6c90a8f543f055be5

Download Submit
C:\Fraps\data\Kalista.jpg

Filesize
2KB

MD5
9f9daff62f4e90e7bd44a4ae87fdabd9

SHA1
15636171ded08eb7834352d189d27add5a1fbf3b

SHA256
768d8ae60e561889744f5c6732cd10924eb8c88104335d3921985dc9c5ddb23c

SHA512
f353a08315d75d2335bc379a25a3e0df772a55319b33dadc62409ffd17100928c0092781bed0e48cf7ea91a78705ae1b3b5f98f94ec189944aaa05b59f50abac

Download Submit
C:\Fraps\data\Karma.jpg

Filesize
3KB

MD5
e2280413717d5a28fa410224eaadbf91

SHA1
41162ecddbf95102661498e905fda96545a58ee9

SHA256
6d7ce4d8355406dcf79a7ad32257d697be40d77b851b94fb2da4b442bccfc5ca

SHA512
705fe385ed1da1f7f2cfdfdf90fb6d9d33b1fdee0dee6eac09c4f263e51eaa5c6a676fe5d8ae50983f221c5a8f7981156925ba6691b52a341e9f3b2bbafd737a

Download Submit
C:\Fraps\data\Karthus.jpg

Filesize
2KB

MD5
dde4a3e2d5039fdd81fe179c69fb89a1

SHA1
6a9d05872c89c1d2b33adde5fdfb16e9492d4277

SHA256
178352cd17fc1dd40f80213ef2bf38f53b80107570e354d13d16d088c90feca9

SHA512
e249ce77cdc98223661cbc69ab06c320028f770f42a1e0055f9eda73bf2c2fe28dac78641573c29d5092a4cd67acebc07dbb9eb4f21ede4e96cf707828672a62

Download Submit
C:\Fraps\data\font.ttf

Filesize
31KB

MD5
169a18caf29078b016d60796993684af

SHA1
a6e35ca6adf18b74a33708c7599faac8660440eb

SHA256
59ebc9e21f2b7f706a313c7188b26d3f69431487ec73da963923fd8d4e1ce6b1

SHA512
5a2c9ce02584f144fcae7c9e1ad07bb7d71a9e46e638ce970e9d3cd4fc11aad18aae260c8a1fcd3dd28b0b2fdd56f8de943de6e91e8f3c8213ef88a2c3f36b2f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
f331e2510bda4882fa86b7343df719c4

SHA1
06625dfedab9eb17c2dd9ae71b4d264c527dd823

SHA256
391d4d4b75d004c4ef09d1285fc95777d08c8dce21c930074538e50c43b6d0e7

SHA512
50329cdcadbfe50d12162b1f9033ccbd5d8f8d3e7832732bad902265d0f32e217dfadcf1ebc0db496c4b1a40e4a5935f76a1d22ae807f0e924ef4743cebb9e41

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
8dc923f27530ef1bd36fa50c6e0e50ea

SHA1
255d705ec5fa7efbd02e0d0edd414e4ad5ae6ef8

SHA256
b3fda0b9d5c2019a037e913e0660a2cc4a5adf74e2c2ee86a712e88bfeb10349

SHA512
2291329404b83e64a22f02b5e591050d4a3b8ee5e37c82c5c2e86f8521bea9366de2c4388a34a64d64015776d2527a69d80b84419ab6daf4cb1ad71797b741f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000004.dbtmp

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\b87f0a38-7689-4b71-934b-f5dfe8a12ed7.tmp

Filesize
4KB

MD5
d846ed4775a107aa26ad1475ebd622a0

SHA1
0b68b3b2f201bcd016776d94bd004d4da4352c58

SHA256
08250054a098c76a1a24395fe7234ec9f7fc3798b788c955fc8d80f6ba162e76

SHA512
f192a00dc7e4df940afe5a242b72469ae77a8e0ca723803aa8b736c5a302daff5b2ca8a25bf7ab6acd7cf5f7e75944b9f9b89630d6523ef716360c021cdd6121

Download Submit
C:\Users\Admin\AppData\Local\Temp\qtC.exe

Filesize
544KB

MD5
d1cdf07b0a0587c72b55146081b0464c

SHA1
8358e460c9909087750cc121c057ec65321a0f19

SHA256
4623511d7ad5912be5ed0c89f9227d65ae6309dbcb9f4c40fdcba90012261cf1

SHA512
25c43884a9313d0041e181bf5a0b91550ad5db9c9552bee9b61a25ecf55e9b10ffc321f4fb0308bb08654bae1218470c82e479a6dcd7a10b16501f6526a06382

Download Submit
C:\Users\Admin\AppData\Local\Temp\qtC.exe

Filesize
544KB

MD5
d1cdf07b0a0587c72b55146081b0464c

SHA1
8358e460c9909087750cc121c057ec65321a0f19

SHA256
4623511d7ad5912be5ed0c89f9227d65ae6309dbcb9f4c40fdcba90012261cf1

SHA512
25c43884a9313d0041e181bf5a0b91550ad5db9c9552bee9b61a25ecf55e9b10ffc321f4fb0308bb08654bae1218470c82e479a6dcd7a10b16501f6526a06382

Download Submit
C:\Users\Admin\AppData\Local\Temp\qtC.exe

Filesize
544KB

MD5
d1cdf07b0a0587c72b55146081b0464c

SHA1
8358e460c9909087750cc121c057ec65321a0f19

SHA256
4623511d7ad5912be5ed0c89f9227d65ae6309dbcb9f4c40fdcba90012261cf1

SHA512
25c43884a9313d0041e181bf5a0b91550ad5db9c9552bee9b61a25ecf55e9b10ffc321f4fb0308bb08654bae1218470c82e479a6dcd7a10b16501f6526a06382

Download Submit
\Users\Admin\AppData\Local\Temp\qtC.exe

Filesize
544KB

MD5
d1cdf07b0a0587c72b55146081b0464c

SHA1
8358e460c9909087750cc121c057ec65321a0f19

SHA256
4623511d7ad5912be5ed0c89f9227d65ae6309dbcb9f4c40fdcba90012261cf1

SHA512
25c43884a9313d0041e181bf5a0b91550ad5db9c9552bee9b61a25ecf55e9b10ffc321f4fb0308bb08654bae1218470c82e479a6dcd7a10b16501f6526a06382

Download Submit
\Users\Admin\AppData\Local\Temp\qtC.exe

Filesize
544KB

MD5
d1cdf07b0a0587c72b55146081b0464c

SHA1
8358e460c9909087750cc121c057ec65321a0f19

SHA256
4623511d7ad5912be5ed0c89f9227d65ae6309dbcb9f4c40fdcba90012261cf1

SHA512
25c43884a9313d0041e181bf5a0b91550ad5db9c9552bee9b61a25ecf55e9b10ffc321f4fb0308bb08654bae1218470c82e479a6dcd7a10b16501f6526a06382

Download Submit
\Users\Admin\AppData\Local\Temp\qtC.exe

Filesize
544KB

MD5
d1cdf07b0a0587c72b55146081b0464c

SHA1
8358e460c9909087750cc121c057ec65321a0f19

SHA256
4623511d7ad5912be5ed0c89f9227d65ae6309dbcb9f4c40fdcba90012261cf1

SHA512
25c43884a9313d0041e181bf5a0b91550ad5db9c9552bee9b61a25ecf55e9b10ffc321f4fb0308bb08654bae1218470c82e479a6dcd7a10b16501f6526a06382

Download Submit
\Users\Admin\AppData\Local\Temp\qtC.exe

Filesize
544KB

MD5
d1cdf07b0a0587c72b55146081b0464c

SHA1
8358e460c9909087750cc121c057ec65321a0f19

SHA256
4623511d7ad5912be5ed0c89f9227d65ae6309dbcb9f4c40fdcba90012261cf1

SHA512
25c43884a9313d0041e181bf5a0b91550ad5db9c9552bee9b61a25ecf55e9b10ffc321f4fb0308bb08654bae1218470c82e479a6dcd7a10b16501f6526a06382

Download Submit
\Users\Admin\AppData\Local\Temp\qtC.exe

Filesize
544KB

MD5
d1cdf07b0a0587c72b55146081b0464c

SHA1
8358e460c9909087750cc121c057ec65321a0f19

SHA256
4623511d7ad5912be5ed0c89f9227d65ae6309dbcb9f4c40fdcba90012261cf1

SHA512
25c43884a9313d0041e181bf5a0b91550ad5db9c9552bee9b61a25ecf55e9b10ffc321f4fb0308bb08654bae1218470c82e479a6dcd7a10b16501f6526a06382

Download Submit
memory/1352-561-0x0000000077950000-0x0000000077951000-memory.dmp

Filesize
4KB

Download
memory/1352-507-0x0000000000060000-0x0000000000061000-memory.dmp

Filesize
4KB

Download