ac1c6f7db22eacae336347be3dc5930ceb39b61efd3e9b10488363406a3c01f2

Resubmissions

31/03/2023, 21:29

230331-1cdzcsdf28 7

31/03/2023, 21:24

230331-z8184ade78 7

Analysis

max time kernel
143s
max time network
110s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
31/03/2023, 21:29

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

Instalador Omniversal Penguin.exe
Size

72.2MB
MD5

de3835dd51ebddbfc4a21107c22fe302
SHA1

9dcdc6060c6f3c417062add2b85304e3f81eb08d
SHA256

ac1c6f7db22eacae336347be3dc5930ceb39b61efd3e9b10488363406a3c01f2
SHA512

1ce75b92a8326ae739cf9d60f56829721c33c461ddbfd5fb5e1764049c7560c2bec01100bcce937ef71ed28ac1b086fd2696d497aed039f60d9b75fb365fdbcd
SSDEEP

1572864:Oe3cwnj4IykZHRQ5c6UbQDhGTE1/rkuTrbBL6MTZzcuOz+6fXH6ks:OK/4j8HcbxhGTbuTh+MtzPOzpfHs

Score

7^/10

discovery

Malware Config

Signatures

Executes dropped EXE 2 IoCs

pid	Process
4864	Instalador Omniversal Penguin.tmp
216	Omniversal.exe

Loads dropped DLL 1 IoCs

pid	Process
216	Omniversal.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Omniversal Penguin\locales\is-K7LAT.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\argparse\lib\is-HR5S9.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\argparse\lib\action\append\is-GDT4V.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\node_modules\fs-extra\lib\mkdirs\is-HNO17.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\locales\is-Q9QMD.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\flash\is-ARM72.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\argparse\lib\action\is-5M8DK.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\node_modules\fs-extra\lib\copy-sync\is-IKQVD.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\node_modules\fs-extra\lib\copy-sync\is-FO3LE.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\out\is-O53IT.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\js-yaml\is-R9ONG.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\ms\is-5GDAE.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\node-fetch\is-GDCD6.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\ws\lib\is-7HLEE.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\is-N49IC.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\is-8UGR9.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\node_modules\fs-extra\lib\ensure\is-BEOFT.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\out\is-5PD9J.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\out\providers\is-B8RPO.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\js-yaml\is-09BFS.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\out\is-6B548.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\out\differentialDownloader\is-TJCH7.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\pako\lib\zlib\is-97404.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\universalify\is-VC2E7.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\is-LLJ3E.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\locales\is-V65E6.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\is-NBJ1E.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\node_modules\fs-extra\lib\move\is-EONO7.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\ws\is-5OL16.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\is-B1HBP.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\out\differentialDownloader\is-UP41O.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\is-4I93Q.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\argparse\lib\action\store\is-AIPDO.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\discord-rpc\is-EOUSD.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\node_modules\builder-util-runtime\out\is-FP6B1.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\node_modules\builder-util-runtime\out\is-UM6SE.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\node_modules\debug\is-U7OGS.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\graceful-fs\is-M22G0.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\locales\is-QP59B.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\locales\is-K1SR7.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\node_modules\fs-extra\lib\ensure\is-4US8N.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\universalify\is-GKQF0.tmp	Instalador Omniversal Penguin.tmp
File opened for modification	C:\Program Files (x86)\Omniversal Penguin\libEGL.dll	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\locales\is-I300S.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\argparse\lib\is-VGDLA.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\out\differentialDownloader\is-4B3T8.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\out\differentialDownloader\is-RLSFN.tmp	Instalador Omniversal Penguin.tmp
File opened for modification	C:\Program Files (x86)\Omniversal Penguin\resources\app\flash\pepflashplayer32_32_0_0_303.dll	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\locales\is-VAT0E.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\node_modules\debug\src\is-128VK.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\node_modules\fs-extra\lib\mkdirs\is-GGDRG.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\node_modules\fs-extra\lib\move-sync\is-DABPD.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\js-yaml\lib\js-yaml\type\is-RR2S6.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\js-yaml\lib\js-yaml\type\is-4RPQB.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\js-yaml\lib\js-yaml\type\js\is-LOAAI.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\pako\lib\zlib\is-CBSOQ.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\pako\lib\zlib\is-JOB6C.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\ws\lib\is-L4DHA.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\locales\is-DBR81.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\flash\PepperFlashPlayer.plugin\Contents\_CodeSignature\is-VF9BF.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\node_modules\builder-util-runtime\out\is-8GNKA.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\node_modules\debug\is-5SGH3.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\node_modules\fs-extra\lib\json\is-SS1CA.tmp	Instalador Omniversal Penguin.tmp
File created	C:\Program Files (x86)\Omniversal Penguin\resources\app\node_modules\electron-updater\out\is-UBKJL.tmp	Instalador Omniversal Penguin.tmp

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Modifies registry class 19 IoCs

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.myp\OpenWithProgids\OmniversalPenguinFile.myp	Instalador Omniversal Penguin.tmp
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\OmniversalPenguinFile.myp\DefaultIcon\ = "C:\\Program Files (x86)\\Omniversal Penguin\\Omniversal.exe,0"	Instalador Omniversal Penguin.tmp
Key created	\REGISTRY\MACHINE\Software\Classes\OmniversalPenguinFile.myp\shell\open\command	Instalador Omniversal Penguin.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\OmniversalPenguinFile.myp	Instalador Omniversal Penguin.tmp
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Applications\Omniversal.exe\SupportedTypes\.myp	Instalador Omniversal Penguin.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.myp	Instalador Omniversal Penguin.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.myp\OpenWithProgids	Instalador Omniversal Penguin.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\OmniversalPenguinFile.myp\shell\open	Instalador Omniversal Penguin.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Applications\Omniversal.exe	Instalador Omniversal Penguin.tmp
Key created	\REGISTRY\MACHINE\Software\Classes\OmniversalPenguinFile.myp	Instalador Omniversal Penguin.tmp
Key created	\REGISTRY\MACHINE\Software\Classes\Applications\Omniversal.exe\SupportedTypes	Instalador Omniversal Penguin.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Applications	Instalador Omniversal Penguin.tmp
Key created	\REGISTRY\MACHINE\Software\Classes\.myp\OpenWithProgids	Instalador Omniversal Penguin.tmp
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\OmniversalPenguinFile.myp\ = "Omniversal Penguin File"	Instalador Omniversal Penguin.tmp
Key created	\REGISTRY\MACHINE\Software\Classes\OmniversalPenguinFile.myp\DefaultIcon	Instalador Omniversal Penguin.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\OmniversalPenguinFile.myp\shell	Instalador Omniversal Penguin.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\OmniversalPenguinFile.myp\shell\open\command	Instalador Omniversal Penguin.tmp
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\OmniversalPenguinFile.myp\shell\open\command\ = "\"C:\\Program Files (x86)\\Omniversal Penguin\\Omniversal.exe\" \"%1\""	Instalador Omniversal Penguin.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Applications\Omniversal.exe\SupportedTypes	Instalador Omniversal Penguin.tmp

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4864	Instalador Omniversal Penguin.tmp
4864	Instalador Omniversal Penguin.tmp

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
4864	Instalador Omniversal Penguin.tmp

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 1336 wrote to memory of 4864	1336	Instalador Omniversal Penguin.exe	81
PID 1336 wrote to memory of 4864	1336	Instalador Omniversal Penguin.exe	81
PID 1336 wrote to memory of 4864	1336	Instalador Omniversal Penguin.exe	81
PID 4864 wrote to memory of 216	4864	Instalador Omniversal Penguin.tmp	91
PID 4864 wrote to memory of 216	4864	Instalador Omniversal Penguin.tmp	91
PID 4864 wrote to memory of 216	4864	Instalador Omniversal Penguin.tmp	91

C:\Users\Admin\AppData\Local\Temp\Instalador Omniversal Penguin.exe
"C:\Users\Admin\AppData\Local\Temp\Instalador Omniversal Penguin.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1336
- C:\Users\Admin\AppData\Local\Temp\is-VEVQA.tmp\Instalador Omniversal Penguin.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-VEVQA.tmp\Instalador Omniversal Penguin.tmp" /SL5="$9003A,74678597,823296,C:\Users\Admin\AppData\Local\Temp\Instalador Omniversal Penguin.exe"
  2⤵
  - Executes dropped EXE
  - Drops file in Program Files directory
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:4864
- - C:\Program Files (x86)\Omniversal Penguin\Omniversal.exe
    "C:\Program Files (x86)\Omniversal Penguin\Omniversal.exe"
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    PID:216

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Omniversal Penguin\Omniversal.exe

Filesize
82.1MB

MD5
8cf3568c1ab9f22018bcae1b61ade26f

SHA1
12f87b5616d454efbf75a383f2c37c582a8fdab7

SHA256
733c7013b485b1cd47d646932d0937771ebb37e0fe6f0afc3f40588ddda4cef5

SHA512
179e6cc6037802fb2378ff3dae89453eda752853d6ecfa804d6b5966799bc8356c9919d81ce7692c4f713a2d30bbd164a00bf3e5e5e1652f344425f6715f3a2b

Download Submit
C:\Program Files (x86)\Omniversal Penguin\Omniversal.exe

Filesize
73.2MB

MD5
2b47a2533e968d97f805e3fec6255706

SHA1
4b85919964e2b9118cb2ba1b643b0df2d020cdfc

SHA256
b7342f98d924b27b885a27af69d2db2332b3a0229565193d778653823e6d1985

SHA512
695f946f5ddad87604bd027414eb2f03aa8f68ece688f4c6b1f2b02b3bb61e4d846f76ac9a9ec4b118acad48e74c28a2e1f1bd8070bc7a27e50a46a73540f9c2

Download Submit
C:\Program Files (x86)\Omniversal Penguin\Omniversal.exe

Filesize
65.3MB

MD5
5879676ecb00476bec8829afda7d2e38

SHA1
dd41c867741cb7ef401c4e092d5512d750383369

SHA256
86a54d68b6ba09cd9543ceec846b3376632bdf56cd0a320e85fd81432cc66da6

SHA512
59a297706159af8228323e485fa11a8038cbe959dd4d086edcc25eed9890f6391527af0731d784a8914ba176ce5ed48e3d6d3b27d88f6b33ad929b5ac85572b0

Download Submit
C:\Program Files (x86)\Omniversal Penguin\chrome_100_percent.pak

Filesize
142KB

MD5
8d56d44c318d122f7931d03ba435f00b

SHA1
387f530e06f79a2a9f7fbf4446c71c31db08e7e0

SHA256
fcb4faaa82d13d90c42dfa0669f67391b3124d30310d0f4c510f31412974cab2

SHA512
03bd2f56f73ad06fe22ebd94fb0de4e37d1771f8a9d82a47ea93002ba4696d906b59d0e25db63e98af10a169a8c3dc9d047cfcbca01030924bf93abe7bce1590

Download Submit
C:\Program Files (x86)\Omniversal Penguin\chrome_200_percent.pak

Filesize
204KB

MD5
879f88cafa5714994744bde20e7bd2c2

SHA1
d63b55f9f7c0e40f9585cac8a5cb28c0ea9f32ee

SHA256
76126341d0dc2b4b6ddccf30559709e6a856cd47148107808bd18ceb16ed1df3

SHA512
4d70ae16c2656cf3a8aaad00e2ce0ddcc030bf1ad29bbb1d0e90c03f866c413f893b273b8b03aa12c9ea5ae01537ad1d2d1b2c52b35bf7773278121a09a3af9c

Download Submit
C:\Program Files (x86)\Omniversal Penguin\ffmpeg.dll

Filesize
1.9MB

MD5
181e4e41784a8068c834adc7b243c448

SHA1
fe3e5e6b32a518b94c16904c8b1ce2a9a6b91f06

SHA256
fc344c8da10544dab87911fb2431929d760df1dc2537eb96c50aedb8a7ca6564

SHA512
6d25688d63a4bda8c618bdcef2b5c9c91c637decb4cbf00bb3862e965f0ae5bcf84f65085f1d7420cbc8f41a4b98892fbcc5d8dc9440697d7f761251b7f50aba

Download Submit
C:\Program Files (x86)\Omniversal Penguin\ffmpeg.dll

Filesize
1.9MB

MD5
181e4e41784a8068c834adc7b243c448

SHA1
fe3e5e6b32a518b94c16904c8b1ce2a9a6b91f06

SHA256
fc344c8da10544dab87911fb2431929d760df1dc2537eb96c50aedb8a7ca6564

SHA512
6d25688d63a4bda8c618bdcef2b5c9c91c637decb4cbf00bb3862e965f0ae5bcf84f65085f1d7420cbc8f41a4b98892fbcc5d8dc9440697d7f761251b7f50aba

Download Submit
C:\Program Files (x86)\Omniversal Penguin\icudtl.dat

Filesize
9.9MB

MD5
4c8a9e9c260dc5a6fee2a3c37520f5bf

SHA1
5a9883dbeb5314a98e7ab5326f9868e78ba387dc

SHA256
8c2df1f6e2ea8df2e5fc5e4b016b0cddd64a7ce6985189ca45be3c0ec99472c2

SHA512
c0da0b08a0b0eaa898f96c6e6c6fb65bc7f773f5814fc0d612a40e2fcaea4049c67cd2812716a564dbc16d609677ee62eaa9f9747d2a7bc5c9bce43cd2208aa7

Download Submit
C:\Program Files (x86)\Omniversal Penguin\locales\en-US.pak

Filesize
69KB

MD5
15e8556f737d17bd4d645513ee190990

SHA1
a24844d68fe3e9f4c57d14e6091a06f5e6b5f327

SHA256
12e4fd083a49e038578ea2993e6c88239083c8d098231527eee861299a4e1c99

SHA512
4e5c423b2b14def0e6ebb9c7844bdc050198064c9db69d3a880c1444314211995b1f0dec6fcbb12c6d5e59f690c3ffc893c2265bf7168d1ecbc8d83dfa5e1465

Download Submit
C:\Program Files (x86)\Omniversal Penguin\natives_blob.bin

Filesize
81KB

MD5
f8ac49858ca8739658ff44c296f8aba6

SHA1
427b4da3bd619d85381c36d61daf2ce392e07909

SHA256
354ff502a0e1ed73df4e5c7b52970356b04777461f6e169f72a8567ab5f4c317

SHA512
52e875aedbdc5dad21e01a42e333ff5aefed9ae6468a00e80f2bb373b871196f9a82bc3f43a6c72c9dd6be0e4fbc591d3ede41ca47b23a806b788db5aa9bf313

Download Submit
C:\Program Files (x86)\Omniversal Penguin\resources.pak

Filesize
8.1MB

MD5
978e8122033961585e14c65949d15e11

SHA1
3097d04bbcdfc6ff9e0bb52c2d38f6395e4bb631

SHA256
a435fa0e07a9124b0d457811de5e2245aeb225ad55ab99186cb665c6ec6e30ef

SHA512
5f6706116b7eaec70213f7343cac44eea2dc735de6262524b5508a659b150d8a5ad7f449fec984b45a2e5c170e1cb4feb927a19530c94841f3e6429a2fcaa1c0

Download Submit
C:\Program Files (x86)\Omniversal Penguin\v8_context_snapshot.bin

Filesize
596KB

MD5
4453a66a6e810591ea9f5122514d7cb7

SHA1
d005ab8967c98338f381af090f68206c31dfdeef

SHA256
71a3723be4d336849ad93174116a1d8566a07fd3fe0a3bed781ea386589fb441

SHA512
e88fc5a4adfe34ac81668df1703b675a2ee36f0e0bc583b367be6a9c009a79b80b223432dfdc52a2dc76eaefceb577e8f0bf9a9722a08b61f268c994f3bfe928

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-VEVQA.tmp\Instalador Omniversal Penguin.tmp

Filesize
3.0MB

MD5
49c3b876ad707a87421e12af5f7126de

SHA1
e80eb7c3fef883fc7fbdae0d4cc750dd8325209d

SHA256
90eaac73bbd1b68e3be0936ce0efb7c2570fccdd20abb89812acb006d041a62f

SHA512
5bad296aa91aca05b4f20bb4d7255daa0610dd36bf746d09e68b1c3e9218ba55086d86a4053010d1bd96c1ad33b0e31f063eee1c7ed172cba9c90b3cb6d87146

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-VEVQA.tmp\Instalador Omniversal Penguin.tmp

Filesize
3.0MB

MD5
49c3b876ad707a87421e12af5f7126de

SHA1
e80eb7c3fef883fc7fbdae0d4cc750dd8325209d

SHA256
90eaac73bbd1b68e3be0936ce0efb7c2570fccdd20abb89812acb006d041a62f

SHA512
5bad296aa91aca05b4f20bb4d7255daa0610dd36bf746d09e68b1c3e9218ba55086d86a4053010d1bd96c1ad33b0e31f063eee1c7ed172cba9c90b3cb6d87146

Download Submit
memory/1336-133-0x0000000000400000-0x00000000004D6000-memory.dmp

Filesize
856KB

Download
memory/1336-932-0x0000000000400000-0x00000000004D6000-memory.dmp

Filesize
856KB

Download
memory/1336-140-0x0000000000400000-0x00000000004D6000-memory.dmp

Filesize
856KB

Download
memory/4864-138-0x0000000000AA0000-0x0000000000AA1000-memory.dmp

Filesize
4KB

Download
memory/4864-142-0x0000000000AA0000-0x0000000000AA1000-memory.dmp

Filesize
4KB

Download
memory/4864-337-0x0000000000400000-0x0000000000711000-memory.dmp

Filesize
3.1MB

Download
memory/4864-931-0x0000000000400000-0x0000000000711000-memory.dmp

Filesize
3.1MB

Download
memory/4864-917-0x0000000000400000-0x0000000000711000-memory.dmp

Filesize
3.1MB

Download
memory/4864-165-0x0000000000400000-0x0000000000711000-memory.dmp

Filesize
3.1MB

Download
memory/4864-141-0x0000000000400000-0x0000000000711000-memory.dmp

Filesize
3.1MB

Download