Analysis
-
max time kernel
35s -
max time network
158s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
-
submitted
31-03-2023 17:30
General
-
Target
BloxCrusher Setup 11.0.5.exe
-
Size
66.3MB
-
MD5
deb2636fcf2ea677ac8ea6c7ef17e1f4
-
SHA1
6c2000cf4c5610201edff270fd13a148374c2bc9
-
SHA256
0d7bb479f096702a966531fcb175eef15dc6536c902fda582b4e873823ceae69
-
SHA512
c9d7889fdc3f5b1adf314ff581b55b01ac9eb76f154ce463ff43d8bd629f126ddee120ac9f83004ae232ee32a08c06bc4067e96558a9512c0cfa5454310b8dd7
-
SSDEEP
1572864:Bfwt27lWjDCKnF73AMVkYoxjIkC1rlgMug+Fb7QiHZi:Bo47lWjDFzFkNMD+Fdi
Malware Config
Signatures
-
Checks computer location settings 2 TTPs 2 IoCs
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE 4 IoCs
-
Loads dropped DLL 20 IoCs
-
Adds Run key to start application 2 TTPs 2 IoCs
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Checks processor information in registry 2 TTPs 7 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Kills process with taskkill 8 IoCs
-
Modifies registry class 9 IoCs
-
Modifies registry key 1 TTPs 2 IoCs
-
Suspicious behavior: EnumeratesProcesses 10 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\BloxCrusher Setup 11.0.5.exe"C:\Users\Admin\AppData\Local\Temp\BloxCrusher Setup 11.0.5.exe"1⤵
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\BloxCrusher.exe"C:\Users\Admin\AppData\Local\Programs\BloxCrusher\BloxCrusher.exe"1⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\reg.exeC:\Windows\system32\reg.exe QUERY HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v BloxCrusher2⤵
- Modifies registry key
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\BloxCrusher.exe"C:\Users\Admin\AppData\Local\Programs\BloxCrusher\BloxCrusher.exe" --type=gpu-process --field-trial-handle=1744,14374494672789620965,9286062729413572207,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --user-data-dir="C:\Users\Admin\AppData\Roaming\BloxCrusher" --gpu-preferences=UAAAAAAAAADgAAAIAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1752 /prefetch:22⤵
- Executes dropped EXE
- Loads dropped DLL
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\BloxCrusher.exe"C:\Users\Admin\AppData\Local\Programs\BloxCrusher\BloxCrusher.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1744,14374494672789620965,9286062729413572207,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\BloxCrusher" --mojo-platform-channel-handle=2020 /prefetch:82⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\BloxCrusher.exe"C:\Users\Admin\AppData\Local\Programs\BloxCrusher\BloxCrusher.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\BloxCrusher" --app-path="C:\Users\Admin\AppData\Local\Programs\BloxCrusher\resources\app.asar" --no-sandbox --no-zygote --field-trial-handle=1744,14374494672789620965,9286062729413572207,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=3 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2392 /prefetch:12⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
- Checks processor information in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /d /s /c "chcp"3⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\chcp.comchcp4⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /d /s /c "taskkill /F /IM bloxcookerv4.exe /T"3⤵
-
C:\Windows\system32\taskkill.exetaskkill /F /IM bloxcookerv4.exe /T4⤵
- Kills process with taskkill
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /d /s /c "taskkill /F /IM bloxcookerv4.exe /T"3⤵
-
C:\Windows\system32\taskkill.exetaskkill /F /IM bloxcookerv4.exe /T4⤵
- Kills process with taskkill
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /d /s /c "taskkill /F /IM bloxcookerv3.exe /T"3⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /d /s /c "taskkill /F /IM bloxcookerv3.exe /T"3⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /d /s /c "taskkill /F /IM bloxcookerv2.exe /T"3⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /d /s /c "taskkill /F /IM bloxcookerv2.exe /T"3⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /d /s /c "taskkill /F /IM bloxcooker.exe /T"3⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /d /s /c "taskkill /F /IM bloxcooker.exe /T"3⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /d /s /c "killall xbloxcrusher"3⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /d /s /c "killall xbloxcrusher"3⤵
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\WindowsPowerShell\v1.0\powershell -NoProfile -NonInteractive –ExecutionPolicy Bypass -EncodedCommand UwB0AGEAcgB0ACAAIgBoAHQAdABwAHMAOgAvAC8AZABpAHMAYwBvAHIAZAAuAGcAZwAvAGIAbABvAHgAbABhAG4AZAAiAA==3⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://discord.gg/bloxland4⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc037a46f8,0x7ffc037a4708,0x7ffc037a47185⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,12883027107818508039,2292078728023324740,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:25⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,12883027107818508039,2292078728023324740,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:35⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,12883027107818508039,2292078728023324740,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2852 /prefetch:85⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,12883027107818508039,2292078728023324740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3644 /prefetch:15⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,12883027107818508039,2292078728023324740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3632 /prefetch:15⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,12883027107818508039,2292078728023324740,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:15⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2108,12883027107818508039,2292078728023324740,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5492 /prefetch:85⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2108,12883027107818508039,2292078728023324740,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3824 /prefetch:85⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,12883027107818508039,2292078728023324740,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5928 /prefetch:15⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,12883027107818508039,2292078728023324740,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5832 /prefetch:15⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,12883027107818508039,2292078728023324740,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6276 /prefetch:15⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,12883027107818508039,2292078728023324740,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5344 /prefetch:15⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,12883027107818508039,2292078728023324740,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5832 /prefetch:85⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings5⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x278,0x27c,0x280,0x254,0x284,0x7ff7a5635460,0x7ff7a5635470,0x7ff7a56354806⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,12883027107818508039,2292078728023324740,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5832 /prefetch:85⤵
-
C:\Windows\system32\reg.exeC:\Windows\system32\reg.exe ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v BloxCrusher /t REG_SZ /d "\"C:\Users\Admin\AppData\Local\Programs\BloxCrusher\BloxCrusher.exe\"" /f2⤵
- Modifies registry key
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\BloxCrusher.exe"C:\Users\Admin\AppData\Local\Programs\BloxCrusher\BloxCrusher.exe" --type=gpu-process --field-trial-handle=1744,14374494672789620965,9286062729413572207,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\Admin\AppData\Roaming\BloxCrusher" --gpu-preferences=UAAAAAAAAADoAAAIAAAAAAAAAAAAAAAAAABgAAAIAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3432 /prefetch:22⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\Conhost.exe\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV11⤵
- Adds Run key to start application
-
C:\Windows\system32\taskkill.exetaskkill /F /IM bloxcookerv2.exe /T1⤵
- Kills process with taskkill
-
C:\Windows\system32\taskkill.exetaskkill /F /IM bloxcookerv3.exe /T1⤵
- Kills process with taskkill
-
C:\Windows\system32\taskkill.exetaskkill /F /IM bloxcooker.exe /T1⤵
- Kills process with taskkill
-
C:\Windows\system32\taskkill.exetaskkill /F /IM bloxcooker.exe /T1⤵
- Kills process with taskkill
-
C:\Windows\system32\taskkill.exetaskkill /F /IM bloxcookerv3.exe /T1⤵
- Kills process with taskkill
-
C:\Windows\system32\taskkill.exetaskkill /F /IM bloxcookerv2.exe /T1⤵
- Kills process with taskkill
-
C:\Windows\System32\Conhost.exe\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV11⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.datFilesize
152B
MD5b8c9383861d9295966a7f745d7b76a13
SHA1d77273648971ec19128c344f78a8ffeb8a246645
SHA256b75207c223dfc38fbb3dbf03107043a7dce74129d88053c9316350c97ac26d2e
SHA512094e6978e09a6e762022e8ff57935a26b3171a0627639ca91a373bddd06092241d695b9f3b609ba60bc28e78a5c78cf0f072d79cd5769f1b9f6d873169f0df14
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.datFilesize
152B
MD591fa8f2ee8bf3996b6df4639f7ca34f7
SHA1221b470deb37961c3ebbcc42a1a63e76fb3fe830
SHA256e8e0588b16d612fa9d9989d16b729c082b4dd9bfca62564050cdb8ed03dd7068
SHA5125415cd41f2f3bb5d9c7dadc59e347994444321cf8abe346b08e8c5a3fc6a5adae910eda43b4251ba4e317fbb7696c45dba9fd5e7fa61144c9b947206c7b999c4
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-indexFilesize
48B
MD5f495debe1543a2478f21cfcce49a12de
SHA1e1f782a15671d3e081d02ac2ae90bd02e5c7bd50
SHA2569d2be3785df7b46c3e4f7d1b5c6e5c84c1ea167ab88e1b3eca0e29b3bccb6138
SHA5128d6c6499b2c9c84a86328774aa943076680e39656f42b80a9c2a9d415cd5c586f51c08f4e9f2e04004bb618286de3590a15fc9d10669cb77b4a7034ad9830c09
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-indexFilesize
408B
MD5a11f07b893c59ab9107637e470b734c3
SHA158caf2bb8ec951a8ee2a3931dd1ceb6f16a9834d
SHA256c4f101aad486ebc346df538eda2f346a259fdffc58452083252d55b5fdb1917f
SHA512f01157f69a91522cd95977591dc7a8400e9e79f22d53ed70d40b20ac113ad4ceff734301c152d90d31a0e0420f10188f8232d63d49aa4a4cbe4b28612d9afe7f
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.icoFilesize
70KB
MD5e5e3377341056643b0494b6842c0b544
SHA1d53fd8e256ec9d5cef8ef5387872e544a2df9108
SHA256e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25
SHA51283f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnkFilesize
2KB
MD55768c2bdcb61b02ec791527546f84733
SHA12d0ae6aa2a926d2c986569c4de9b349305f44b06
SHA2563f457783026b06479b6bd2d960183a798be623d7dcc35b62c22d65a3f9cc62c7
SHA5122476bd86c231d5eec8323dcfe36882fbbf521cd59ab4abe683ee04875ac556be7ce9747a907313add79b4f0a2dfb6119b365c1937c281234923fece4adc3d07a
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent StateFilesize
111B
MD5285252a2f6327d41eab203dc2f402c67
SHA1acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA2565dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA51211ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent StateFilesize
685B
MD5dc5ce7ec6eae6a3361e0e2a8c82b9534
SHA10d146b56cb55f7991c5f74999d92c00d8318a595
SHA256bfcf2c11e4c6682f91443b4ea89cfa36a5ef8103a3897c1a656a138fd0aca9eb
SHA512a506bba869809b12566672f11371c01d2eded97ee3b7cce7340bc3e095a6f1c99a9bd0fd0a3997a23bf12733346a83ba1d1ce04759e8dad8ae69a470b3b38210
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
4KB
MD508aaeb92f887381ef613f3b95529633f
SHA1ba9e8a5683b25113f80fe552dec72ba02953ad06
SHA25610ab5092c05374aca196228f14bbff414b1632bbce05425d74ece14507ce7adc
SHA512b88eaac99c7f19461e10d6ed6d75b38f20cf3d8dfd513b281c96d6b07e8e671724516b0d1050b46232e066fafd8d38c3315c274c9475ec334f5f8cacf1b395ab
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
5KB
MD5465a4bc2ad1a719ebc6f251229bdeca6
SHA13b14b4d64a1f3354dcf69f942c0db91c0722a91c
SHA256811996c6e7c66fd61d99205d99ccd7104471de5a737da2620ee377ee698f8572
SHA5121e90a5253c34f2eefd0dc183f42209727c5e47be4af595bf20bf0d62842e432117141947335de47fda78cc39c10cf0f1adb6d5f421f59a1b2088854d1cfcc1d3
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
5KB
MD551f07e367cec862a25fe37eb1297c72f
SHA1e1d0e92ba0d79a3b853ac979f9af22b015e7a1c8
SHA25665d35178558808d89a4f565e5f68828c13bca01a28e770349ec0be5ab33b628c
SHA51209f63edbdcf6597a8cc29409d6598b395ba21bc4a6c71f0692f714c54fd540fc96cd749f08e8bfdd75fc1168f8019138333f32f79437f49bd5810c5b106ceeb0
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure PreferencesFilesize
24KB
MD560b345592703258c513cb5fc34a2f835
SHA139991bd7ea37e2fc394be3b253ef96ce04088a6d
SHA2567e358b4f7553c9385e8eb2c5692d426bc257bbd4c0213e6c69294459734f6300
SHA5120346fb4096eb285ab0fdf7e7ec38c4daf7bbb0c506f09975eb2290121d169a34c886fca342c3e06371cb697f2753a697ca4f72af7817ed340eee6063897110a5
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\MANIFEST-000001Filesize
41B
MD55af87dfd673ba2115e2fcf5cfdb727ab
SHA1d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurityFilesize
370B
MD5154c8942ccb4fe8edf42e83f2c99b3d1
SHA1e7917aad96d21f1aba94e99cd0a1464ea1321b6f
SHA2562069fdb4a4ec202094740bbb085b228fd223d231dcf9e2ea0109145029e95ed2
SHA51287eb6d4a1e8b1f6607190df07e0efb87031e0e787ec603f8132df19fe415b344ac9e5a6eb3b047a609f31f09c83fcdf4314a25879aec8faa048dba28ca339c17
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57d1a8.TMPFilesize
370B
MD51bb467859ff12ef1cb6d5e62fca2e3fa
SHA1bb14cde478436b159ed5325fadb5e7520cbc03c0
SHA256516cb2ef7d11c2becdc95d2b6a6dc4f7bf430097745de299f41c81711752132c
SHA5125b7799e66ab3d1ff671e4f456b0a713d080024d626ebeeeabbdc133bcf0a80e268669d14689499326c6ca5256f801ecf6442a1119c32554ee93bcc1692243282
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENTFilesize
16B
MD5206702161f94c5cd39fadd03f4014d98
SHA1bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA2561005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA5120af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local StateFilesize
9KB
MD5019fa6a59a8191d4e17d382923f5a5bc
SHA194c3f41f7267aee2fcf0588093b46c39838dd836
SHA256eb0ca3ed2b3f50caffec222fc4ddee5571695aecf8c57d1b31a58a9445e17160
SHA512b2ede6c800b3c68a08d02314631c3acd435066d53117904616ee354d5fa9c0e3e8c592bfb7f82bd63f9b1ca0bcbc4aa7edd8e96d3d3f2b24d68a79feccec4840
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local StateFilesize
11KB
MD567ba4f99c57b4bba24b47d8678bf49c6
SHA1d2bc24e836fbbd0662b6d40bc9eebfcc157bf9cb
SHA2565a259cba88c9edc369befd96377ff29bea02ce0b4ae1eb7df70582a93c55ec4d
SHA5122c8b6cc6c9455ddfda6c8d13b97ca68e325454bef0f782fc0c155b5e390cb922d6c63b532787b7e86d68afe9e52fbf77ac9224ff4e50c4c99b496f4cdff2a7bc
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\BloxCrusher.exeFilesize
134.3MB
MD5d53016fcda64349cb2ac7aba7d190810
SHA190f31bba751df6a34300c841db3cad2bac273767
SHA256169e72c341d87f1219e61d137fca9db4817e12e687d5088cf01f0c51986d8dd8
SHA5127e8744fe95f3d44352d964f43253b73eb90de70c7892dce5d9995bc680de32b5c151130da5ff8c2e46b544f92a0ff665ca2f73aba610e99123a1a0828eb70c8a
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\BloxCrusher.exeFilesize
117.7MB
MD562bd987e682570f9aed98beb6e682125
SHA179d112a8978435099fd6e15af87918f29c858e3e
SHA25649e1f5bfbc39324ed7a9f1f9bb991a2aa745cce4c75b198ce3f77fd651ae7f5e
SHA5126ac463c472eaa0bb287d3ae3dbb1df62cb77754c73fa45a1063ad0a6f660d1acd4f9b500e6719e38119c919741da9132895128d06d5d7acdb50e635e677c47bc
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\BloxCrusher.exeFilesize
113.7MB
MD59360d394c8a5150e3f3196316d0022ca
SHA1f4a244a1b8eab4b4f4d508cd9b583eac9d79652b
SHA25662375e8f5891728cc01902345c990bfba906dd064c3773d858ad33ceb1821607
SHA51207beb23ca534b4fb42627252efd7d12027733ca2e4d2c49d3772bf21d8d4c08d794f28e2c1ceebce5b8098e25f2fb80e8f941dd90b9b419f864432661481b38b
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\BloxCrusher.exeFilesize
112.8MB
MD55072f72bf09100680e880f5051a6b351
SHA1a088e1ec49dc265920b7b2468a63b34f6fa1e7a6
SHA256e666a605a3762d05a2431b0e67d7a8b56c84319a19a45c055434dc315248d141
SHA5129de9a81fcf585b7696e6584c52da470112850babe161b9827bc534e368f5f547b8f4a051d993df2f8f50867ba4e005cf26e6efa9c830e6c4baafaff2d2f58038
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\BloxCrusher.exeFilesize
113.4MB
MD54ee7473eae8ce02e1b44f372a135d051
SHA10be1526c856a7c15794dcec01d97748956c00654
SHA256c21d80028fdb2f40500db5ca7c49a16dbdfca74ae97f9ad5dc5368485ea22a3c
SHA512b48b53ac289c48eec2638ea972d82f6dbef6ab3bc08980c40361e4d589cdda86565205eec3717732d4d88280f168db95ca21268ce418fbf47dfff8b689cac9f4
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\BloxCrusher.exeFilesize
112.6MB
MD57b38f26687d46f8a9cd2b8673e08a461
SHA1d3f8caf655bb8a709c118d77d68e277a70cd8414
SHA25615085addc670a7f14826187006aa62de7bf90d2f3114203a0ac6cde7f8cd203d
SHA5123e0e8148fd4884e10116ce9dfae59924d36279eb48ebfd448f1e5c50fcbca3c16134cd6c703cb6c53e614ee842b2eede923bfde50886b24b4d5cdfa5dfa52ec1
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\BloxCrusher.exeFilesize
3.7MB
MD5e1c7c1c1351a48ad0695ede8b760af53
SHA14add3681bcc991eafe414e0453ee182905295a41
SHA256cfd83c28d06d33763a5a29f8481745d8b5beb19994c1715c2e520b76800c8b11
SHA512b9bbc192535211804de616c8369a9d27b57d45464ff0209087f7febd377ce9ffe8e702782642fc512c177d747f66665a9dc8429cc2d9b67ab3f63656470470a6
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\D3DCompiler_47.dllFilesize
4.3MB
MD57641e39b7da4077084d2afe7c31032e0
SHA12256644f69435ff2fee76deb04d918083960d1eb
SHA25644422e6936dc72b7ac5ed16bb8bcae164b7554513e52efb66a3e942cec328a47
SHA5128010e1cb17fa18bbf72d8344e1d63ded7cef7be6e7c13434fa6d8e22ce1d58a4d426959bdcb031502d4b145e29cb111af929fcbc66001111fbc6d7a19e8800a5
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\chrome_100_percent.pakFilesize
138KB
MD50fd0a948532d8c353c7227ae69ed7800
SHA1c6679bfb70a212b6bc570cbdf3685946f8f9464c
SHA25669a3916ed3a28cd5467b32474a3da1c639d059abbe78525a3466aa8b24c722bf
SHA5120ee0d16ed2afd7ebd405dbe372c58fd3a38bb2074abc384f2c534545e62dfe26986b16df1266c5807a373e296fe810554c480b5175218192ffacd6942e3e2b27
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\chrome_200_percent.pakFilesize
202KB
MD51014a2ee8ee705c5a1a56cda9a8e72ee
SHA15492561fb293955f30e95a5f3413a14bca512c30
SHA256ed8afe63f5fc494fd00727e665f7f281600b09b4f4690fa15053a252754e9d57
SHA512ac414855c2c1d6f17a898418a76cce49ad025d24c90c30e71ad966e0fd6b7286acf456e9f5a6636fd16368bc1a0e8b90031e9df439b3c7cd5e1e18b24a32c508
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\d3dcompiler_47.dllFilesize
4.3MB
MD57641e39b7da4077084d2afe7c31032e0
SHA12256644f69435ff2fee76deb04d918083960d1eb
SHA25644422e6936dc72b7ac5ed16bb8bcae164b7554513e52efb66a3e942cec328a47
SHA5128010e1cb17fa18bbf72d8344e1d63ded7cef7be6e7c13434fa6d8e22ce1d58a4d426959bdcb031502d4b145e29cb111af929fcbc66001111fbc6d7a19e8800a5
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\ffmpeg.dllFilesize
2.6MB
MD5df91054cae8a363d1c54e588cac92d45
SHA1c505ea5a1cdc8a0e4ece29cdc3d51dd01a2d40fc
SHA256f30d30e28ac7d14d6aaccd28f4fc92a47440bd8b7109bd3c44572ac85ea3ca6d
SHA51298849cd0f0ce4e0a5f0c181bf37076d5017e70296c052d2230d83c34da7f412791c4df64505f57d8aca7664dafa996122f0b66f89d8ffd79cc911700f0331039
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\ffmpeg.dllFilesize
2.6MB
MD5df91054cae8a363d1c54e588cac92d45
SHA1c505ea5a1cdc8a0e4ece29cdc3d51dd01a2d40fc
SHA256f30d30e28ac7d14d6aaccd28f4fc92a47440bd8b7109bd3c44572ac85ea3ca6d
SHA51298849cd0f0ce4e0a5f0c181bf37076d5017e70296c052d2230d83c34da7f412791c4df64505f57d8aca7664dafa996122f0b66f89d8ffd79cc911700f0331039
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\ffmpeg.dllFilesize
2.6MB
MD5df91054cae8a363d1c54e588cac92d45
SHA1c505ea5a1cdc8a0e4ece29cdc3d51dd01a2d40fc
SHA256f30d30e28ac7d14d6aaccd28f4fc92a47440bd8b7109bd3c44572ac85ea3ca6d
SHA51298849cd0f0ce4e0a5f0c181bf37076d5017e70296c052d2230d83c34da7f412791c4df64505f57d8aca7664dafa996122f0b66f89d8ffd79cc911700f0331039
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\ffmpeg.dllFilesize
2.6MB
MD5df91054cae8a363d1c54e588cac92d45
SHA1c505ea5a1cdc8a0e4ece29cdc3d51dd01a2d40fc
SHA256f30d30e28ac7d14d6aaccd28f4fc92a47440bd8b7109bd3c44572ac85ea3ca6d
SHA51298849cd0f0ce4e0a5f0c181bf37076d5017e70296c052d2230d83c34da7f412791c4df64505f57d8aca7664dafa996122f0b66f89d8ffd79cc911700f0331039
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\ffmpeg.dllFilesize
2.6MB
MD5df91054cae8a363d1c54e588cac92d45
SHA1c505ea5a1cdc8a0e4ece29cdc3d51dd01a2d40fc
SHA256f30d30e28ac7d14d6aaccd28f4fc92a47440bd8b7109bd3c44572ac85ea3ca6d
SHA51298849cd0f0ce4e0a5f0c181bf37076d5017e70296c052d2230d83c34da7f412791c4df64505f57d8aca7664dafa996122f0b66f89d8ffd79cc911700f0331039
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\ffmpeg.dllFilesize
2.3MB
MD533069866dcab19b78dbdedc1b18e8552
SHA175e370445d10713d3655f039dc6b7a18ec82c0cf
SHA256175d9c0f295e41f9c7b8f8137ac85eca5cf3c644d9b1b7c8f4f69d8a39e74cf5
SHA51257045b975a8414ce8414b1e866048edc24316bcf37cf1c21f57cf7a389bd78830decf9763a15832bd272effc35306b0b5519dc6d72dffdb334dcefaf993f0381
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\icudtl.datFilesize
9.7MB
MD5224ba45e00bbbb237b34f0facbb550bf
SHA11b0f81da88149d9c610a8edf55f8f12a87ca67de
SHA2568dee674ccd2387c14f01b746779c104e383d57b36c2bdc8e419c470a3d5ffadc
SHA512c04d271288dd2eff89d91e31829586706eba95ffbab0b75c2d202a4037e66a4e2205e8a37ecf15116302c51239b1826064ed4670a3346439470b260aba0ea784
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\libEGL.dllFilesize
431KB
MD5581865902ddddce8fafaae80c04b9354
SHA133b7d75394021db65756730717d5c360b4ff5555
SHA2565c472a5929a4829036f730735d065a34dc8789041b415c57b0905e022e839e06
SHA5123b10c6c6c68131e7de9f24eb2ac52c82c67dd588999bfd861805af80a2f37a25f1dc7df8efbe1d50cdc983596e1343e0548063454d7d47936a64361dcaf7bc79
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\libGLESv2.dllFilesize
7.5MB
MD52bde6484071e518b9bef23b1d0e6cb90
SHA136d5f7702c3af075769d2a5203bf81111368aeb8
SHA25675ca35847d4afe42cc4e8d954a044c68660423e567412dbef119eb1f37a6a5f0
SHA5126f67ca15584ea148c156451884f1d4c5b5319e8d8bb3ddc87e96485fb200c25805c471f9cd9077d5ca0fcb6ae69cec3a87bf3ec99fb9bea1d018755301a0d0d1
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\libegl.dllFilesize
431KB
MD5581865902ddddce8fafaae80c04b9354
SHA133b7d75394021db65756730717d5c360b4ff5555
SHA2565c472a5929a4829036f730735d065a34dc8789041b415c57b0905e022e839e06
SHA5123b10c6c6c68131e7de9f24eb2ac52c82c67dd588999bfd861805af80a2f37a25f1dc7df8efbe1d50cdc983596e1343e0548063454d7d47936a64361dcaf7bc79
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\libglesv2.dllFilesize
7.5MB
MD52bde6484071e518b9bef23b1d0e6cb90
SHA136d5f7702c3af075769d2a5203bf81111368aeb8
SHA25675ca35847d4afe42cc4e8d954a044c68660423e567412dbef119eb1f37a6a5f0
SHA5126f67ca15584ea148c156451884f1d4c5b5319e8d8bb3ddc87e96485fb200c25805c471f9cd9077d5ca0fcb6ae69cec3a87bf3ec99fb9bea1d018755301a0d0d1
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\locales\en-US.pakFilesize
95KB
MD5214e2b52108bbde227209a00664d30a5
SHA1e2ac97090a3935c8aa7aa466e87b67216284b150
SHA2561673652b703771ef352123869e86130c9cb7c027987753313b4c555a52992bab
SHA5129029402daea1cbe0790f9d53adc6940c1e483930cf24b3a130a42d6f2682f7c2d6833f2cd52f2417009c3655fed6a648b42659729af3c745eaa6c5e8e2b5bb9e
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\resources.pakFilesize
5.6MB
MD51f46000d6ae1277ee4e97bfe4f457a89
SHA16597e91194f785e117b15dd8e6538fef75d9b7db
SHA2566251353228a758cd9e747492a38b302acb9f16c80b234c6e5a79b23d0b369f92
SHA5121049b09e600157226ec232c610d150a7a414c99623cc4e3ae112543c39315a7c2d56e47932714a1280420df2dbbfafd3ba50961e79a8b01b73d3c20234155323
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\resources\app-update.ymlFilesize
106B
MD5feb3d8689fde53e0d10b4fe75668f727
SHA1ba8bf209a26a02380776ce0e30796681c874fe50
SHA256d52cc326b27781534fe879852e6a1144cc0e42423141ce2728667abfc1c4d0e2
SHA51209a0f45eb12f935664a1aee749c35896d74f05a5cfb9c8a9d7ab9475c90e1380cb630cd8d0eb0be0ec63febb554b5daaf66a3488acfb7e5793b170118bf5438e
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\resources\app.asarFilesize
35.9MB
MD5d11787f441bcb1ef70fb591ae2aa4595
SHA125453fead8c6596bac9f37f8e27357679e0da626
SHA256db38602caa34c7e722fc41580a3a81a2da875949f618310c5783d520ca649ca3
SHA5123039a6466643f7019b8f396508e43e74c45755e180a78db30660f8dd8e31d9b91c3787bc6158a589f6c5d668ed5809b54eb889ff502c483994fc1f7c5e770fb8
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\v8_context_snapshot.binFilesize
160KB
MD50f913247501a017fdf0b1f640a793d34
SHA1daf26456a8045fa1080074e992ef43690604fb68
SHA2569cc3c86088867f6e822c370439e7c7707e0429a82007d1b1440bcabc229e717a
SHA5129d9837e9a9979f9c73ed71dcc9bca88494e733028157f6d122250a3dee8c0a2199f2860fca1799e3c0b565181b52293f14bc019706ba96fa6da391827b428317
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\vk_swiftshader.dllFilesize
4.3MB
MD592ac3a137f4c60289e4584d7bc75a596
SHA126892fc1c5f01460a84a25712620d6f5e350b1dc
SHA256a16da326432f8776732e87a7049998baa9a257b5d240e9667824980e7b22411e
SHA512e7f2c54ef39358533d63d6bcbb9d6b98b3a2c76758194e60b039f41507faee54a5214b5e7581273695168781800bffc776c10d8d2066a8bfc4662aba6eeeffdb
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\vk_swiftshader.dllFilesize
4.3MB
MD592ac3a137f4c60289e4584d7bc75a596
SHA126892fc1c5f01460a84a25712620d6f5e350b1dc
SHA256a16da326432f8776732e87a7049998baa9a257b5d240e9667824980e7b22411e
SHA512e7f2c54ef39358533d63d6bcbb9d6b98b3a2c76758194e60b039f41507faee54a5214b5e7581273695168781800bffc776c10d8d2066a8bfc4662aba6eeeffdb
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\vk_swiftshader_icd.jsonFilesize
106B
MD58642dd3a87e2de6e991fae08458e302b
SHA19c06735c31cec00600fd763a92f8112d085bd12a
SHA25632d83ff113fef532a9f97e0d2831f8656628ab1c99e9060f0332b1532839afd9
SHA512f5d37d1b45b006161e4cefeebba1e33af879a3a51d16ee3ff8c3968c0c36bbafae379bf9124c13310b77774c9cbb4fa53114e83f5b48b5314132736e5bb4496f
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\vulkan-1.dllFilesize
715KB
MD561c006105abd621ca684e4b80ea2c9da
SHA199e786c70a2d57774868c960614a2d19f83efe09
SHA256d2b79d713fde37fba9de6f8f30fe14b4f8009b9102bf08aec67819f793d76b32
SHA512d6dc5be0fb982787568dcb1209428064964058230927823671083fd6c7e906f4db5d6995988ad5e398d35dfc7939d623c6051bcf590edccc48252837c01e01e4
-
C:\Users\Admin\AppData\Local\Programs\BloxCrusher\vulkan-1.dllFilesize
715KB
MD561c006105abd621ca684e4b80ea2c9da
SHA199e786c70a2d57774868c960614a2d19f83efe09
SHA256d2b79d713fde37fba9de6f8f30fe14b4f8009b9102bf08aec67819f793d76b32
SHA512d6dc5be0fb982787568dcb1209428064964058230927823671083fd6c7e906f4db5d6995988ad5e398d35dfc7939d623c6051bcf590edccc48252837c01e01e4
-
C:\Users\Admin\AppData\Local\Temp\51cf106e-efff-4e44-8df8-b5c1adcdb3f0.tmp.nodeFilesize
146KB
MD51cc38cc82163fc52974b28ee8361f361
SHA12471449261a69ef14373ed82e8b0a1e299906b7c
SHA2567e9d6d7424f04c5735e881818203ccb8144f37fd06a46ea30ab2125dc05ce995
SHA51274cdac71268c1490688c1bd29f199e6f6c788771a8d632b1a4c9f90af98a23ff477415368bb0c5235b98aaa2e8b1dab601da7cc70b2e2d1e891b51bd1d2170ed
-
C:\Users\Admin\AppData\Local\Temp\6f213cfb-6e46-4f59-89e7-1bd0f204685c.tmp.nodeFilesize
579KB
MD57f7f7ab15463f54a79f99ed4d25bd4fc
SHA1f7d48127d79f73849c9b45687cfd3740421656fd
SHA256589de3ce6edeef6482300277cf0433ada8fb7f71c18e81cd6859be3f69ef5e3c
SHA512cfd773944db6be129964da5b4b52dd0a248c068d117ef6dd8b031427a19bd2207a30c841369b117641c761076fbd8f5590497deae6f0d2de63ae92fa6222d1d4
-
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_5rgezzmr.0ph.ps1Filesize
60B
MD5d17fe0a3f47be24a6453e9ef58c94641
SHA16ab83620379fc69f80c0242105ddffd7d98d5d9d
SHA25696ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7
SHA5125b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82
-
C:\Users\Admin\AppData\Local\Temp\nshF245.tmp\SpiderBanner.dllFilesize
9KB
MD517309e33b596ba3a5693b4d3e85cf8d7
SHA17d361836cf53df42021c7f2b148aec9458818c01
SHA256996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93
SHA5121abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298
-
C:\Users\Admin\AppData\Local\Temp\nshF245.tmp\StdUtils.dllFilesize
100KB
MD5c6a6e03f77c313b267498515488c5740
SHA13d49fc2784b9450962ed6b82b46e9c3c957d7c15
SHA256b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
SHA5129870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803
-
C:\Users\Admin\AppData\Local\Temp\nshF245.tmp\StdUtils.dllFilesize
100KB
MD5c6a6e03f77c313b267498515488c5740
SHA13d49fc2784b9450962ed6b82b46e9c3c957d7c15
SHA256b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
SHA5129870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803
-
C:\Users\Admin\AppData\Local\Temp\nshF245.tmp\System.dllFilesize
12KB
MD50d7ad4f45dc6f5aa87f606d0331c6901
SHA148df0911f0484cbe2a8cdd5362140b63c41ee457
SHA2563eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
SHA512c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9
-
C:\Users\Admin\AppData\Local\Temp\nshF245.tmp\WinShell.dllFilesize
3KB
MD51cc7c37b7e0c8cd8bf04b6cc283e1e56
SHA10b9519763be6625bd5abce175dcc59c96d100d4c
SHA2569be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6
SHA5127acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f
-
C:\Users\Admin\AppData\Local\Temp\nshF245.tmp\WinShell.dllFilesize
3KB
MD51cc7c37b7e0c8cd8bf04b6cc283e1e56
SHA10b9519763be6625bd5abce175dcc59c96d100d4c
SHA2569be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6
SHA5127acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f
-
C:\Users\Admin\AppData\Local\Temp\nshF245.tmp\WinShell.dllFilesize
3KB
MD51cc7c37b7e0c8cd8bf04b6cc283e1e56
SHA10b9519763be6625bd5abce175dcc59c96d100d4c
SHA2569be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6
SHA5127acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f
-
C:\Users\Admin\AppData\Local\Temp\nshF245.tmp\WinShell.dllFilesize
3KB
MD51cc7c37b7e0c8cd8bf04b6cc283e1e56
SHA10b9519763be6625bd5abce175dcc59c96d100d4c
SHA2569be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6
SHA5127acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f
-
C:\Users\Admin\AppData\Local\Temp\nshF245.tmp\WinShell.dllFilesize
3KB
MD51cc7c37b7e0c8cd8bf04b6cc283e1e56
SHA10b9519763be6625bd5abce175dcc59c96d100d4c
SHA2569be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6
SHA5127acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f
-
C:\Users\Admin\AppData\Local\Temp\nshF245.tmp\nsProcess.dllFilesize
4KB
MD5f0438a894f3a7e01a4aae8d1b5dd0289
SHA1b058e3fcfb7b550041da16bf10d8837024c38bf6
SHA25630c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11
SHA512f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7
-
C:\Users\Admin\AppData\Local\Temp\nshF245.tmp\nsProcess.dllFilesize
4KB
MD5f0438a894f3a7e01a4aae8d1b5dd0289
SHA1b058e3fcfb7b550041da16bf10d8837024c38bf6
SHA25630c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11
SHA512f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7
-
C:\Users\Admin\AppData\Local\Temp\nshF245.tmp\nsis7z.dllFilesize
424KB
MD580e44ce4895304c6a3a831310fbf8cd0
SHA136bd49ae21c460be5753a904b4501f1abca53508
SHA256b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592
SHA512c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df
-
C:\Users\Admin\AppData\Roaming\BloxCrusher\3cad5b09-dcea-4a1e-ae6e-b54e0a613d3f.tmpFilesize
57B
MD558127c59cb9e1da127904c341d15372b
SHA162445484661d8036ce9788baeaba31d204e9a5fc
SHA256be4b8924ab38e8acf350e6e3b9f1f63a1a94952d8002759acd6946c4d5d0b5de
SHA5128d1815b277a93ad590ff79b6f52c576cf920c38c4353c24193f707d66884c942f39ff3989530055d2fade540ade243b41b6eb03cd0cc361c3b5d514cca28b50a
-
C:\Users\Admin\AppData\Roaming\BloxCrusher\Cache\data_0Filesize
8KB
MD5cf89d16bb9107c631daabf0c0ee58efb
SHA13ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA5128cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0
-
C:\Users\Admin\AppData\Roaming\BloxCrusher\Cache\data_2Filesize
8KB
MD50962291d6d367570bee5454721c17e11
SHA159d10a893ef321a706a9255176761366115bedcb
SHA256ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed
-
C:\Users\Admin\AppData\Roaming\BloxCrusher\Cache\data_3Filesize
8KB
MD541876349cb12d6db992f1309f22df3f0
SHA15cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e
-
C:\Users\Admin\AppData\Roaming\BloxCrusher\Local Storage\leveldb\CURRENTFilesize
16B
MD546295cac801e5d4857d09837238a6394
SHA144e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA2560f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA5128969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23
-
C:\Users\Admin\AppData\Roaming\BloxCrusher\Network Persistent StateFilesize
393B
MD50b88e3713cfd5c9a0f30132e7a6f452b
SHA182a9cb43b526135ef3dd64232656cdf8b267cc59
SHA256632e34f5521593fc267e073f89f02cd221cd301b8437053de87807e295ab2a88
SHA512b65e7b061d8190a335846bae14db4f1aed2635cee19a67697ca3cdf3fdade2e16f33563071b34e5ec823c38cd63194d6c7aef2bbd2261dc8b0549b29ea735986
-
C:\Users\Admin\AppData\Roaming\BloxCrusher\Partitions\35ec3617-478e-4c95-9f52-fe68e82982cf.tmpFilesize
371B
MD528e376b2d3b6935ae377f7eb759d091d
SHA119c9d4fbe99da285cea825cce88b2ee265b7fcab
SHA256e92ec2832d60e10ced5310232e37beeba880e53c5a407190bdebb10cf5c05c1a
SHA51276aa64b28e04b19f78ea75df9ee06ff5c202e9188c644529222919de6a74d199d087bfaa74ef698cbe7a8d68c818a5108ddc63e42c62cce564262ec37620cc1a
-
C:\Users\Admin\AppData\Roaming\BloxCrusher\Partitions\bloxcrusher\Network Persistent StateFilesize
59B
MD52800881c775077e1c4b6e06bf4676de4
SHA12873631068c8b3b9495638c865915be822442c8b
SHA256226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b
-
C:\Users\Admin\AppData\Roaming\BloxCrusher\Partitions\bloxcrusher\Network Persistent StateFilesize
1KB
MD57c35bb0751c3aa3ed0417c3bffa81bd0
SHA12109413c68453ed4999f2654e2c0be45bd701d8d
SHA2567bb19ce0e7d4e397b2ae784429bf5e50d97aac6aafa9deeb9e909cb3d614cdb6
SHA512225d7302d685b91a978e8e88dbefc12707e7f3f3200d6a7ba9c613dbd5e8150e7f18dd1f6d6d62080f56c4948c1546fdce35df47134486fe8e8fa74cfd9c7d67
-
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dicFilesize
2B
MD5f3b25701fe362ec84616a93a45ce9998
SHA1d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA51298c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84
-
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-msFilesize
3KB
MD568146bbbdaa4c20c1c742aa86bb1dcf4
SHA1e8711f6bd27f608a5d4e623de4f37f42406044da
SHA25682e38710ed731efbffd6e593115800f02f7f7970a4ab1643a6596de551771dda
SHA5123d349a1e91871d469afb658bc829c70458d786bd7fef8baddcb73c55fae128f190df8d4852e431878afb9909ed45e173ddcd87b8437479ce6c598826b63c634d
-
C:\Users\Admin\AppData\Roaming\a4c21720-192a-4170-9591-a0c66e8e92d2.tmpFilesize
203B
MD55290059ac3c051ee04702ffb18598c43
SHA1736ef0db938985fad6795a99211afb8cbaf99328
SHA25639fbcd46d44e6bbd1e6892bc66ecbbb6b70a97458eb769806a844480e7db1ece
SHA512859e9084745f1804098eaa80f125e5c508df34988c1caf713ccd92e80c3a225bc66f956a4acd4aee296ece43d9ac9ad590070cdc9b7990ae324be1ea73a8c6de
-
\??\pipe\LOCAL\crashpad_1680_JUSGWLWDWBBADRGBMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
memory/792-485-0x0000018F78D10000-0x0000018F78D32000-memory.dmpFilesize
136KB
-
memory/792-486-0x0000018F78DD0000-0x0000018F78DE0000-memory.dmpFilesize
64KB
-
memory/792-491-0x0000018F78DD0000-0x0000018F78DE0000-memory.dmpFilesize
64KB
-
memory/792-492-0x0000018F78DD0000-0x0000018F78DE0000-memory.dmpFilesize
64KB
-
memory/1300-496-0x00000174A7AB0000-0x00000174A7F51000-memory.dmpFilesize
4.6MB
-
memory/1300-714-0x00000174A7AB0000-0x00000174A7F51000-memory.dmpFilesize
4.6MB
-
memory/1300-363-0x00007FFC20990000-0x00007FFC20991000-memory.dmpFilesize
4KB
-
memory/1300-628-0x00000174A7AB0000-0x00000174A7F51000-memory.dmpFilesize
4.6MB
-
memory/5748-869-0x00000193DBF10000-0x00000193DBF11000-memory.dmpFilesize
4KB
-
memory/5748-868-0x00000193DBF10000-0x00000193DBF11000-memory.dmpFilesize
4KB
-
memory/5748-867-0x00000193DBF10000-0x00000193DBF11000-memory.dmpFilesize
4KB
-
memory/5748-879-0x00000193DBF10000-0x00000193DBF11000-memory.dmpFilesize
4KB
-
memory/5748-878-0x00000193DBF10000-0x00000193DBF11000-memory.dmpFilesize
4KB
-
memory/5748-877-0x00000193DBF10000-0x00000193DBF11000-memory.dmpFilesize
4KB
-
memory/5748-876-0x00000193DBF10000-0x00000193DBF11000-memory.dmpFilesize
4KB
-
memory/5748-875-0x00000193DBF10000-0x00000193DBF11000-memory.dmpFilesize
4KB
-
memory/5748-874-0x00000193DBF10000-0x00000193DBF11000-memory.dmpFilesize
4KB
-
memory/5748-873-0x00000193DBF10000-0x00000193DBF11000-memory.dmpFilesize
4KB