9a3245e6d3af81f8f515fca1dee9dc5e3aad9c2d263825ce975e2f2d19aa44e4

Analysis

max time kernel
67s
max time network
192s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
30-03-2023 03:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Smartphone.Tycoon MT/Smartphone Tycoon.exe
Size

1.9MB
MD5

fc29756628077940742f0540bae0ae4c
SHA1

6612192e8dfd51005fc078e069c971f16b7c3b4d
SHA256

7c5a8506b85cb9a80d2af9d2106ea02a2b142f1a6289a93d7a8f9aed3f2ebf33
SHA512

5acb17b0b37d1e8df1ac528a0335a7d5e689c104bc5cc969e67fa67da9e369afd7d01d9133d3ca709f213960833089d67903fa2339498edf0e0aee502e43706f
SSDEEP

24576:DvVACJt/RbRhLqYAy1Em+cq6vlB7F84Bn6JZUlN7MxU40KbZXH05jbXT1acPrmq5:DvVnLYyNjn6JZUfr4XF0NXT4rHAAA7

Score

7^/10

Malware Config

Signatures

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

Processes:

Smartphone Tycoon.exe

description	ioc	process
Key value queried	\REGISTRY\USER\S-1-5-21-144354903-2550862337-1367551827-1000\Control Panel\International\Geo\Nation	Smartphone Tycoon.exe

Modifies registry class 1 IoCs

Processes:

Smartphone Tycoon.exe

description	ioc	process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-144354903-2550862337-1367551827-1000\{75FB9BAF-2ABB-490C-90B2-3515EEB91BBA}	Smartphone Tycoon.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

Processes:

Smartphone Tycoon.exeSmartphone Tycoon.exeSmartphone Tycoon.exeSmartphone Tycoon.exeSmartphone Tycoon.exeSmartphone Tycoon.exe

pid	process
4140	Smartphone Tycoon.exe
4140	Smartphone Tycoon.exe
1264	Smartphone Tycoon.exe
1264	Smartphone Tycoon.exe
4116	Smartphone Tycoon.exe
4116	Smartphone Tycoon.exe
4128	Smartphone Tycoon.exe
4128	Smartphone Tycoon.exe
3120	Smartphone Tycoon.exe
3120	Smartphone Tycoon.exe
324	Smartphone Tycoon.exe
324	Smartphone Tycoon.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes:

AUDIODG.EXE

description pid process

Token: 33 2896 AUDIODG.EXE
Token: SeIncBasePriorityPrivilege 2896 AUDIODG.EXE
Suspicious use of FindShellTrayWindow 2 IoCs

Processes:

Smartphone Tycoon.exe

pid process

1264 Smartphone Tycoon.exe
1264 Smartphone Tycoon.exe

description	pid	process
Token: 33	2896	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	2896	AUDIODG.EXE

pid	process
1264	Smartphone Tycoon.exe
1264	Smartphone Tycoon.exe

Suspicious use of WriteProcessMemory 18 IoCs

Processes:

Smartphone Tycoon.exe

description	pid	process	target process
PID 1264 wrote to memory of 3892	1264	Smartphone Tycoon.exe	Smartphone Tycoon.exe
PID 1264 wrote to memory of 3892	1264	Smartphone Tycoon.exe	Smartphone Tycoon.exe
PID 1264 wrote to memory of 3892	1264	Smartphone Tycoon.exe	Smartphone Tycoon.exe
PID 1264 wrote to memory of 4140	1264	Smartphone Tycoon.exe	Smartphone Tycoon.exe
PID 1264 wrote to memory of 4140	1264	Smartphone Tycoon.exe	Smartphone Tycoon.exe
PID 1264 wrote to memory of 4140	1264	Smartphone Tycoon.exe	Smartphone Tycoon.exe
PID 1264 wrote to memory of 4116	1264	Smartphone Tycoon.exe	Smartphone Tycoon.exe
PID 1264 wrote to memory of 4116	1264	Smartphone Tycoon.exe	Smartphone Tycoon.exe
PID 1264 wrote to memory of 4116	1264	Smartphone Tycoon.exe	Smartphone Tycoon.exe
PID 1264 wrote to memory of 4128	1264	Smartphone Tycoon.exe	Smartphone Tycoon.exe
PID 1264 wrote to memory of 4128	1264	Smartphone Tycoon.exe	Smartphone Tycoon.exe
PID 1264 wrote to memory of 4128	1264	Smartphone Tycoon.exe	Smartphone Tycoon.exe
PID 1264 wrote to memory of 3120	1264	Smartphone Tycoon.exe	Smartphone Tycoon.exe
PID 1264 wrote to memory of 3120	1264	Smartphone Tycoon.exe	Smartphone Tycoon.exe
PID 1264 wrote to memory of 3120	1264	Smartphone Tycoon.exe	Smartphone Tycoon.exe
PID 1264 wrote to memory of 324	1264	Smartphone Tycoon.exe	Smartphone Tycoon.exe
PID 1264 wrote to memory of 324	1264	Smartphone Tycoon.exe	Smartphone Tycoon.exe
PID 1264 wrote to memory of 324	1264	Smartphone Tycoon.exe	Smartphone Tycoon.exe

C:\Users\Admin\AppData\Local\Temp\Smartphone.Tycoon MT\Smartphone Tycoon.exe
"C:\Users\Admin\AppData\Local\Temp\Smartphone.Tycoon MT\Smartphone Tycoon.exe"
1⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:1264

C:\Users\Admin\AppData\Local\Temp\Smartphone.Tycoon MT\Smartphone Tycoon.exe
"C:\Users\Admin\AppData\Local\Temp\Smartphone.Tycoon MT\Smartphone Tycoon.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data" --annotation=plat=Win32 --annotation=prod=SmartphoneTycoon --annotation=ver=1.0.5 --initial-client-data=0x2bc,0x2b8,0x2b4,0x2ac,0x2b0,0x74db0cf8,0x74db0d08,0x74db0d14
2⤵
PID:3892

C:\Users\Admin\AppData\Local\Temp\Smartphone.Tycoon MT\Smartphone Tycoon.exe
"C:\Users\Admin\AppData\Local\Temp\Smartphone.Tycoon MT\Smartphone Tycoon.exe" --type=gpu-process --field-trial-handle=1652,681163086253353557,16132127386923958139,131072 --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data" --nwapp-path="C:\Users\Admin\AppData\Local\Temp\nw1264_11888" --disable-breakpad --gpu-preferences=KAAAAAAAAACAAwDAAQAAAAAAAAAAAGAAAAAAAAIAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=100261354461754183 --mojo-platform-channel-handle=1672 /prefetch:2
2⤵
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
PID:4140

C:\Users\Admin\AppData\Local\Temp\Smartphone.Tycoon MT\Smartphone Tycoon.exe
"C:\Users\Admin\AppData\Local\Temp\Smartphone.Tycoon MT\Smartphone Tycoon.exe" --type=renderer --no-sandbox --file-url-path-alias="/gen=C:\Users\Admin\AppData\Local\Temp\Smartphone.Tycoon MT\gen" --no-zygote --field-trial-handle=1652,681163086253353557,16132127386923958139,131072 --service-pipe-token=6630725163655505636 --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data" --nwapp-path="C:\Users\Admin\AppData\Local\Temp\nw1264_11888" --nwjs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6630725163655505636 --renderer-client-id=3 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2592 /prefetch:1
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4116

C:\Users\Admin\AppData\Local\Temp\Smartphone.Tycoon MT\Smartphone Tycoon.exe
"C:\Users\Admin\AppData\Local\Temp\Smartphone.Tycoon MT\Smartphone Tycoon.exe" --type=gpu-process --field-trial-handle=1652,681163086253353557,16132127386923958139,131072 --disable-gpu-sandbox --use-gl=disabled --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data" --nwapp-path="C:\Users\Admin\AppData\Local\Temp\nw1264_11888" --disable-breakpad --gpu-preferences=KAAAAAAAAACAAwDAAQAAAAAAAAAAAGAAAAAAAAIAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=18139218511500916168 --mojo-platform-channel-handle=3320 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4128

C:\Users\Admin\AppData\Local\Temp\Smartphone.Tycoon MT\Smartphone Tycoon.exe
"C:\Users\Admin\AppData\Local\Temp\Smartphone.Tycoon MT\Smartphone Tycoon.exe" --type=utility --field-trial-handle=1652,681163086253353557,16132127386923958139,131072 --lang=en-US --service-sandbox-type=audio --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data" --nwapp-path="C:\Users\Admin\AppData\Local\Temp\nw1264_11888" --service-request-channel-token=15449188046593881990 --mojo-platform-channel-handle=4232 /prefetch:8
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:3120

C:\Users\Admin\AppData\Local\Temp\Smartphone.Tycoon MT\Smartphone Tycoon.exe
"C:\Users\Admin\AppData\Local\Temp\Smartphone.Tycoon MT\Smartphone Tycoon.exe" --type=utility --field-trial-handle=1652,681163086253353557,16132127386923958139,131072 --lang=en-US --no-sandbox --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data" --nwapp-path="C:\Users\Admin\AppData\Local\Temp\nw1264_11888" --service-request-channel-token=5777944918287943980 --mojo-platform-channel-handle=2364 /prefetch:8
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:324

C:\Users\Admin\AppData\Local\Temp\Smartphone.Tycoon MT\Smartphone Tycoon.exe
"C:\Users\Admin\AppData\Local\Temp\Smartphone.Tycoon MT\Smartphone Tycoon.exe" --type=utility --field-trial-handle=1652,681163086253353557,16132127386923958139,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data" --nwapp-path="C:\Users\Admin\AppData\Local\Temp\nw1264_11888" --service-request-channel-token=9399203404244396994 --mojo-platform-channel-handle=1584 /prefetch:8
2⤵
PID:3288

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4d0 0x45c
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2896

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data\Crashpad\settings.dat
Filesize
40B

MD5
d7c0b108a65b252b84cb92e9c3ca2e26

SHA1
b61dbe9ef9016ade69bb52cbf871b2ac55317684

SHA256
711d686f9bd184a9ab84484c11347ad37ea9ffeaf428c3a1a4acc85c20e90ec7

SHA512
b23456f1ef157c347cd7824354651ceb7c5db0c0c3613040c65651a88af06781b22dff706a0060469649bf0e4b19f40882335a823ebdb49241629aa89cef70fc

Download Submit
C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data\Default\2f43b186-8403-4962-af4c-9568ddcbed9c.tmp
Filesize
4KB

MD5
cd199ea8ea21a5c83c687c8a7cec6519

SHA1
698c7d22bb145e6a8259b7031e47af57b19a6ed9

SHA256
74bfdd836b6a4a8c9ab9f8a9ab2b0a801112bd61e6b09f026f6867d57d9756c6

SHA512
b1b9738e680bf1b76da2a9cd97568433df65d4ed5b3715073c76b695af8c34a857d56105b744e4c2adc3977283b243d3c2ed7ca6cbfef74f682128b5fc55bb41

Download Submit
C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data\Default\4fbc845c-7726-4a4d-b47d-0e84fb44c15d.tmp
Filesize
138B

MD5
71305b4c868460b24cf5a6ee1be521f2

SHA1
541f1f7d2a2e582ca25b7124e1eafccc0b1e1604

SHA256
b05a4106bc8d8c9cc8e66eb19d06524cfb295b94e1717dec1b21f8af7b425f85

SHA512
d90decf0ff4a50e5346fa552ca44b034a7e0145c8debd31f78e4d733a116eb23d72381a1f754d548caf3e9be1b1ad00574de2d03492bad44dfa8d22da61d1993

Download Submit
C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data\Default\615ce118-36c5-408b-a84c-40fd52ad15e3.tmp
Filesize
2KB

MD5
08495ede3c5589193be11f3b171f87b9

SHA1
37e6fcc0e15942065a02a8ac812d24b5dc5dcb20

SHA256
226ab9b81f63165e4c7f49b8a2119978b4b0feb3b2ad2cd1c58e2adeeca345da

SHA512
7d5c007ea63d9f35170ecb1b0d33fa7287270d2ade6e76df8abacdd94664374ad81999ca50309587dc150e7593e630a049bff76aa60fb2a66b2114d44c3a9f91

Download Submit
C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data\Default\Cache\data_0
Filesize
8KB

MD5
cf89d16bb9107c631daabf0c0ee58efb

SHA1
3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

SHA256
d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

SHA512
8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

Download Submit
C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data\Default\Cache\data_1
Filesize
264KB

MD5
d0d388f3865d0523e451d6ba0be34cc4

SHA1
8571c6a52aacc2747c048e3419e5657b74612995

SHA256
902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b

SHA512
376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

Download Submit
C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data\Default\Cache\data_2
Filesize
8KB

MD5
0962291d6d367570bee5454721c17e11

SHA1
59d10a893ef321a706a9255176761366115bedcb

SHA256
ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

SHA512
f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

Download Submit
C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data\Default\Cache\data_3
Filesize
8KB

MD5
41876349cb12d6db992f1309f22df3f0

SHA1
5cf26b3420fc0302cd0a71e8d029739b8765be27

SHA256
e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

SHA512
e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

Download Submit
C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data\Default\Network Persistent State~RFe58b273.TMP
Filesize
84B

MD5
32b9dc9cc81d0682e78627c873fdd651

SHA1
46c486386d3e153c3e9b11d54cb52cf0064b71cf

SHA256
712196693e3527ac1131831f1a2108b6c0e5c68967b26d51a452611cdfb86e0c

SHA512
f18bc37f8b72411548da247aa1394cc5ac03c3bbd98e82eb8ba290ef239ef5b8625cf4835bd41ce7c52766d0bc3bfe9150dd22dbf62f0f05992ddde5fbfdc811

Download Submit
C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data\Default\Preferences~RFe57beac.TMP
Filesize
1KB

MD5
e5966993edb4bb7993beb152cf2af526

SHA1
0f54d05988823abe4a85282bf5685e9f77f92833

SHA256
18c6668df155b7da956d0daf00255c028a2c7b899dd24d9f0fdacc9a6c5d2728

SHA512
ac27290e1f351d79eba0ad4db1e1858eb96d03359a8e86e45163224e77bdb83fe223acd799ead441504e583af46c3eb0c653096322e4dc0beb0c71e0bad67537

Download Submit
C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data\Default\Secure Preferences~RFe57beac.TMP
Filesize
4KB

MD5
a7e643f045913dd6065c334921b9fd56

SHA1
5e625bc2a2f9ec3c8d14d6b86222f53a226b2111

SHA256
6bbe0273833691e8084a4225b20729c95b83d79b88317cb26fbc56842cf21527

SHA512
ba7c9bf94eae81304f56c702c1dddea23fc242c4b195fa9363a352e6ddaf337c3879c6a779219e4b67e9f9080b52056525c7a35ebe2be5ee6aa509b0de01946e

Download Submit
C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data\Default\Site Characteristics Database\CURRENT
Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data\Default\Site Characteristics Database\MANIFEST-000001
Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data\Default\data_reduction_proxy_leveldb\000002.dbtmp
Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data\Default\db5ee195-f953-44dd-b78a-030078854b8c.tmp
Filesize
2KB

MD5
1be7043661dbed55a21de44c18f8f15e

SHA1
bf8a574e5d96b0eb3f7ea1e1ec17a5b29d65250a

SHA256
4a2d4009d13ba221bc1a5a7bedf54b91189e6da10b3fcd3c63e3c8cc1ed544fd

SHA512
8bc1cf752afd3d915c407235225eeb4b50b36a48b7b3794c822eada2854e940c2d9f039d5fa4e3ee745e6aa5acb769dfa49907f4630a25729bc9007384ab90de

Download Submit
C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data\Local State~RFe579ff9.TMP
Filesize
1KB

MD5
c1ce1a1e88b7bc371d96727c990ffc3d

SHA1
6bb3fe65f4ba1ec1be3d4dcc26da62977f5399e3

SHA256
e39e50d095f5bde188755b8f417307e78aa55d4070c29e443b959acd5f0db4b7

SHA512
a5b64cb2fbdb35e2b01708819308136ff4e09428ab93fdb9fd3ba66c96474ae30afdf759e330129b46b938a734f1ee38c5255a47abf6bdf1aca9316035293945

Download Submit
C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data\a683dc4e-4ccb-4251-9578-5381136faf3d.tmp
Filesize
1KB

MD5
37c57da4ccd6bd622772b9020e704199

SHA1
2231c079e32a01a4529a598618ad6f75af54186e

SHA256
1ec87b34c0ac27ce25284624559d3ea2fa1a632c6bd106281d24ce196d3f4acf

SHA512
e87e4b815abb8530eb2c3dbb54d327cbbf70cd963ac2fe7057f337cda20fbc100d1cb4f35852821a828fb395efaf2f55bdcbd8871c9bde927d0ec6d89a8a031d

Download Submit
C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data\afa0ca2d-11ea-44d4-bcd0-52c8d31ff78c.tmp
Filesize
1KB

MD5
7d2f40c9d978508e044566def97f33da

SHA1
070f7ddc1d318d884cf3246e289f0cca700c15cb

SHA256
0daf2e5f3f8a050cbec566a4781496e50fc6f0fd593178f4fca4e60e77ad2f56

SHA512
b8f31ec3778264e28e49306c28740aaba8a4bdc4706a7de126492879c66803664d6c05eba6669ee376817ad0442a6157ad0bda2cbfe4218dca1462dd9eaa8ce1

Download Submit
C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data\d51561b4-1132-40e3-b1c4-9c443a018920.tmp
Filesize
1KB

MD5
164e884326a5f690984579e3c781235f

SHA1
ae963029ec578ab059fed75483998b98bbacf72c

SHA256
087f1ea5533a499d92ccf29fa82553b0604c7484018f4094b52b53795622daca

SHA512
fb4705adc31a68a85aa27f37b39d708add1a2787f2918470712847671dc8f605f14cb57d22b205137880a021ee44e8e62a10266866b5e3ee2ca77bd81f64beff

Download Submit
C:\Users\Admin\AppData\Local\SmartphoneTycoon\User Data\eb9b0bb8-09d1-44e1-a2a2-857bbec964a9.tmp
Filesize
3KB

MD5
5261a5126cfb45959b06ca0157101299

SHA1
c39d1d5b6db849c129b0d5807a13b664be7377bd

SHA256
2b87d99c62f6aafe23dba13a135668ee29f38535fc29985a5beabf7a67dff7ba

SHA512
50a8baadf8e691977b0c091636b391041fdc58ad9a55606bb32b73e0d93dc072ed2d019f58749188e3b21915b91c20c13b9b84b9fa462c5a738f5ff79c171eae

Download Submit
C:\Users\Admin\AppData\Local\Temp\nw1264_11888\icon-128.png
Filesize
32KB

MD5
ccf2ea1eb2c13f1ecd4f49d429ed1505

SHA1
78fea75b0c6b16ca032d3ff5681469e57ac83c3a

SHA256
9144b06589551cab2217f99be40af85c4c970037e5b13e5da859d2e5563aa1ef

SHA512
fbd34c0e75bdd0ef5946cd9f4eb7a775bc550ebf74d997111b977679faf1849db057def9bbc6a8d3020717e112deea7e241e2a5d5e76edb82b56d32bdd702c5f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nw1264_11888\package.json
Filesize
614B

MD5
3298836767b0ca30941a7061bea8a700

SHA1
a0397e946ecaad34e2cf942ff74bb33f58de278c

SHA256
255c45efa50d788d75edb82591dd18a83e92b18922191113fa0c0f14c29e387d

SHA512
e5e420213353d3b12b1f39f978a4e327d8c2c6052a42ad3d32b4d0c856565e972268ca91b82718a21a8ad6eded8b0bd60a8dc0882999694a445d67df1a0fbed5

Download Submit