snakebot | 21fbcab3c652d5af9efe57454d60d5a5057773e1c234ed16ae14233724502b44

Resubmissions

17-04-2023 21:33

230417-1eadysgb53 10

Analysis

max time kernel
113s
max time network
152s
platform
windows10-1703_x64
resource
win10-20230220-es
resource tags

arch:x64arch:x86image:win10-20230220-eslocale:es-esos:windows10-1703-x64systemwindows
submitted
17-04-2023 21:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

setup_undertale_1.08_(18328).exe
Size

126.7MB
MD5

69a1054bcf85084cc4bc33e332f1844d
SHA1

a3db1a7c5a07ea07c31d40ab4c7685215ac4f170
SHA256

21fbcab3c652d5af9efe57454d60d5a5057773e1c234ed16ae14233724502b44
SHA512

f57df05d2d5db04cb48a1d72070ac5d76ae29620cca314817fbfbb30d42c2150115ac510acb216095115c210fe2eee80575ffc78a36fd455e72e4de9492b4f81
SSDEEP

3145728:WSHIqNWvNc0rn+0fslfSob+5Framz9LQMj5jMgQN7:WytNAfcSob2NaoLQ+7c7

Score

10^/10

snakebot discovery snakebot

Malware Config

Signatures

SnakeBOT
SnakeBOT is a heavily obfuscated .NET downloader.
snakebot

Contains SnakeBOT related strings 1 IoCs

snakebot

Processes:

resource	yara_rule
C:\GOG Games\Undertale\data.win	snakebot_strings

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

Processes:

scriptinterpreter.tmp

description	ioc	process
Key value queried	\REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000\Control Panel\International\Geo\Nation	scriptinterpreter.tmp

Executes dropped EXE 3 IoCs

Processes:

setup_undertale_1.08_(18328).tmpscriptinterpreter.exescriptinterpreter.tmp

pid process

4388 setup_undertale_1.08_(18328).tmp
5008 scriptinterpreter.exe
4908 scriptinterpreter.tmp

Loads dropped DLL 6 IoCs

Processes:

setup_undertale_1.08_(18328).tmpscriptinterpreter.tmp

pid	process
4388	setup_undertale_1.08_(18328).tmp
4388	setup_undertale_1.08_(18328).tmp
4388	setup_undertale_1.08_(18328).tmp
4388	setup_undertale_1.08_(18328).tmp
4388	setup_undertale_1.08_(18328).tmp
4908	scriptinterpreter.tmp

Modifies file permissions 1 TTPs 4 IoCs
discovery

File Permissions Modification
T1222

Processes:

icacls.exeicacls.exeicacls.exeicacls.exe

pid process

3400 icacls.exe
3420 icacls.exe
464 icacls.exe
848 icacls.exe
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

pid	process
3400	icacls.exe
3420	icacls.exe
464	icacls.exe
848	icacls.exe

Modifies registry class 2 IoCs

Processes:

scriptinterpreter.tmpsetup_undertale_1.08_(18328).tmp

description	ioc	process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance	scriptinterpreter.tmp
Key created	\REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings	setup_undertale_1.08_(18328).tmp

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

setup_undertale_1.08_(18328).tmpscriptinterpreter.tmp

pid process

4388 setup_undertale_1.08_(18328).tmp
4388 setup_undertale_1.08_(18328).tmp
4908 scriptinterpreter.tmp
4908 scriptinterpreter.tmp
Suspicious use of FindShellTrayWindow 2 IoCs

Processes:

setup_undertale_1.08_(18328).tmpscriptinterpreter.tmp

pid process

4388 setup_undertale_1.08_(18328).tmp
4908 scriptinterpreter.tmp

Suspicious use of WriteProcessMemory 21 IoCs

Processes:

setup_undertale_1.08_(18328).exesetup_undertale_1.08_(18328).tmpscriptinterpreter.exescriptinterpreter.tmp

description	pid	process	target process
PID 4348 wrote to memory of 4388	4348	setup_undertale_1.08_(18328).exe	setup_undertale_1.08_(18328).tmp
PID 4348 wrote to memory of 4388	4348	setup_undertale_1.08_(18328).exe	setup_undertale_1.08_(18328).tmp
PID 4348 wrote to memory of 4388	4348	setup_undertale_1.08_(18328).exe	setup_undertale_1.08_(18328).tmp
PID 4388 wrote to memory of 5008	4388	setup_undertale_1.08_(18328).tmp	scriptinterpreter.exe
PID 4388 wrote to memory of 5008	4388	setup_undertale_1.08_(18328).tmp	scriptinterpreter.exe
PID 4388 wrote to memory of 5008	4388	setup_undertale_1.08_(18328).tmp	scriptinterpreter.exe
PID 5008 wrote to memory of 4908	5008	scriptinterpreter.exe	scriptinterpreter.tmp
PID 5008 wrote to memory of 4908	5008	scriptinterpreter.exe	scriptinterpreter.tmp
PID 5008 wrote to memory of 4908	5008	scriptinterpreter.exe	scriptinterpreter.tmp
PID 4908 wrote to memory of 3400	4908	scriptinterpreter.tmp	icacls.exe
PID 4908 wrote to memory of 3400	4908	scriptinterpreter.tmp	icacls.exe
PID 4908 wrote to memory of 3400	4908	scriptinterpreter.tmp	icacls.exe
PID 4908 wrote to memory of 3420	4908	scriptinterpreter.tmp	icacls.exe
PID 4908 wrote to memory of 3420	4908	scriptinterpreter.tmp	icacls.exe
PID 4908 wrote to memory of 3420	4908	scriptinterpreter.tmp	icacls.exe
PID 4908 wrote to memory of 464	4908	scriptinterpreter.tmp	icacls.exe
PID 4908 wrote to memory of 464	4908	scriptinterpreter.tmp	icacls.exe
PID 4908 wrote to memory of 464	4908	scriptinterpreter.tmp	icacls.exe
PID 4908 wrote to memory of 848	4908	scriptinterpreter.tmp	icacls.exe
PID 4908 wrote to memory of 848	4908	scriptinterpreter.tmp	icacls.exe
PID 4908 wrote to memory of 848	4908	scriptinterpreter.tmp	icacls.exe

C:\Users\Admin\AppData\Local\Temp\setup_undertale_1.08_(18328).exe
"C:\Users\Admin\AppData\Local\Temp\setup_undertale_1.08_(18328).exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4348

C:\Users\Admin\AppData\Local\Temp\is-G7SNO.tmp\setup_undertale_1.08_(18328).tmp
"C:\Users\Admin\AppData\Local\Temp\is-G7SNO.tmp\setup_undertale_1.08_(18328).tmp" /SL5="$90062,132362071,185856,C:\Users\Admin\AppData\Local\Temp\setup_undertale_1.08_(18328).exe"
2⤵
- Executes dropped EXE
- Loads dropped DLL
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:4388

C:\GOG Games\Undertale\__support\scriptinterpreter.exe
"C:\GOG Games\Undertale\__support\scriptinterpreter.exe" /verysilent /supportDir="C:\GOG Games\Undertale\__support" /SUPPRESSMSGBOXES /NORESTART /DIR="C:\GOG Games\Undertale" /productId="1456487183" /buildId="50921790503031850" /versionName="1.08" /Language="English" /LANG="english"
3⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
PID:5008

C:\Users\Admin\AppData\Local\Temp\is-60TDV.tmp\scriptinterpreter.tmp
"C:\Users\Admin\AppData\Local\Temp\is-60TDV.tmp\scriptinterpreter.tmp" /SL5="$40204,569884,191488,C:\GOG Games\Undertale\__support\scriptinterpreter.exe" /verysilent /supportDir="C:\GOG Games\Undertale\__support" /SUPPRESSMSGBOXES /NORESTART /DIR="C:\GOG Games\Undertale" /productId="1456487183" /buildId="50921790503031850" /versionName="1.08" /Language="English" /LANG="english"
4⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:4908

C:\Windows\SysWOW64\icacls.exe
"C:\Windows\System32\icacls.exe" "c:\gog games\undertale" /grant Everyone:(OI)(CI)F
5⤵
- Modifies file permissions
PID:3400

C:\Windows\SysWOW64\icacls.exe
"C:\Windows\System32\icacls.exe" "c:\gog games\undertale" /grant Everyone:(OI)(CI)F
5⤵
- Modifies file permissions
PID:3420

C:\Windows\SysWOW64\icacls.exe
"C:\Windows\System32\icacls.exe" "c:\gog games\undertale\options.ini" /grant Everyone:(OI)(CI)F
5⤵
- Modifies file permissions
PID:464

C:\Windows\SysWOW64\icacls.exe
"C:\Windows\System32\icacls.exe" "C:\Users\Admin\AppData\Local\UNDERTALE" /grant Everyone:(OI)(CI)F
5⤵
- Modifies file permissions
PID:848

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Permissions Modification

T1222

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\GOG Games\Undertale\D3DX9_43.dll
Filesize
1.9MB

MD5
86e39e9161c3d930d93822f1563c280d

SHA1
f5944df4142983714a6d9955e6e393d9876c1e11

SHA256
0b28546be22c71834501f7d7185ede5d79742457331c7ee09efc14490dd64f5f

SHA512
0a3e311c4fd5c2194a8807469e47156af35502e10aeb8a3f64a01ff802cd8669c7e668cc87b593b182fd830a126d002b5d5d7b6c77991158bffdb0b5b997f6b3

Download Submit
C:\GOG Games\Undertale\Launch Undertale.lnk
Filesize
750B

MD5
733e1892dd624dba49ffaf14fe9bcc60

SHA1
7fe435e20a594bf2882d4d929f4f2b5150134e5f

SHA256
6656367ad2a02b16025513cace17205cee730bfe3769bf2b9f3598d0f4c303bf

SHA512
150075708802896ae7c56e30d887764fa1aa879a8dea199364399ffe7ff47e4d0f230ffb17b49178bdc223e524d338ff55eb9b3a67d39a61d38ec2377908f03d

Download Submit
C:\GOG Games\Undertale\__support\app\options.ini
Filesize
97B

MD5
40ede613879f6406fd90c4bad9ba08cb

SHA1
234d1a88ecb5eb2f945f0f8959df69bc154a4677

SHA256
52a59e5417778aac32756ac0617d5b00fd47a9015e54b3865fdc17a867b58cf9

SHA512
c42b738b58298bdd8866b6f053df12a13b9eee3917e86846a7fa3d00248a7dc1c7658878c06f51d6b9e0450a4eee940c61d56ad11fe32656bd64f9341abdcaab

Download Submit
C:\GOG Games\Undertale\__support\scriptinterpreter.exe
Filesize
1.1MB

MD5
cd0222b112878c6b1074c2354aa026f0

SHA1
395bccec3fb71ef8f0c4ceb9dee63efa21d948b0

SHA256
6dd87cb725336bcce9c75eed40fe544cd5cab32a2ea3ed09c6fa901a47db2f53

SHA512
8afaeef70f6913b898621516900c133465d5eef481217417caee012fc776c2a75fe6aa589cbf6b01f9423838be4c898f7cf2051ac8729ce22e7075bd24535f33

Download Submit
C:\GOG Games\Undertale\__support\scriptinterpreter.exe
Filesize
1.1MB

MD5
cd0222b112878c6b1074c2354aa026f0

SHA1
395bccec3fb71ef8f0c4ceb9dee63efa21d948b0

SHA256
6dd87cb725336bcce9c75eed40fe544cd5cab32a2ea3ed09c6fa901a47db2f53

SHA512
8afaeef70f6913b898621516900c133465d5eef481217417caee012fc776c2a75fe6aa589cbf6b01f9423838be4c898f7cf2051ac8729ce22e7075bd24535f33

Download Submit
C:\GOG Games\Undertale\abc_123_a.ogg
Filesize
40KB

MD5
0db017fdf19134876127376ad1d56a8c

SHA1
0f78b9af1858c6c7c01205bfaa99f3c4934c510e

SHA256
baf01fcee2fa3cc9769af20407a4de9b30027a5e651be601808ab521485fea55

SHA512
7fb4cb4a54ffe57ac7f5989f969ec8b6e0088d319479ca83c69b0ce71b8a06ef480a8184ff8e3bb827c7bb6f784a94654003dd63f59983a601997a989fb9b67f

Download Submit
C:\GOG Games\Undertale\credits.txt
Filesize
11KB

MD5
85ef2348d70f81de3b00be93348361f1

SHA1
6c734e646ca25e19391099e32aea9f1a006722aa

SHA256
5e5ab1852c4734a547e6143ef643b43d211e3cee334e949cb59fffb51bf04098

SHA512
01661bda880aa2ea085fa98eb565fd5b938cb86d673908fad80980ea3a13d0a5255a431a909388740a33b8e33e2ae4b4a38c9de141eb072048d47d81aa6268e3

Download Submit
C:\GOG Games\Undertale\data.win
Filesize
60.0MB

MD5
ff4f10d0434b332f46e1f35a900ec862

SHA1
845ce7e926ee2188821293707735fc56ac122b90

SHA256
946c738c6d6182f683431320a0e32470bc3deb50f3e8887e61998df0c4e3abc8

SHA512
60b8b3bf9a5819c493bf641bf339b41f56417e998fe06efb660da0c98f0f44a265098a000f4ba015dc5bba13211acaef6a9b9bc48a803863d40fd1358ec662aa

Download Submit
C:\GOG Games\Undertale\goggame-1456487183.hashdb
Filesize
7KB

MD5
17f41c26cc277c59e53c5bdb54343776

SHA1
5891b83ff264d03f2a1aaac2f167b421824a3f51

SHA256
07f899a497faa6d3befbead9cc86f8ca24fcad719426f106a1eb2c28217743bc

SHA512
450514f863398b115a5870941a00570879f4d1cc74a25ef51c6dbd217448769d0d57dbf67b14c8ecf1c8d3d2d7b08d4539a50ae1795a4b7943e59d776be91f17

Download Submit
C:\GOG Games\Undertale\is-490LL.tmp
Filesize
79KB

MD5
d292e2349754e997b1fc3ecc8c9955de

SHA1
3decdf189a116665fe52facafc072dd974ad27d8

SHA256
6cba65c3c927a68407e8941ac8b12e3089130709efbdb2399123d084f1475d54

SHA512
29f0cccdf471018b10cd72b80d9860d33ab16aaa0db8ddcc20ec664e72a61c9f60d37b442cdca415cd227fd53594632d0de8ed02a742828d26c2f27f33ac45c0

Download Submit
C:\GOG Games\Undertale\is-TDDCG.tmp
Filesize
1.3MB

MD5
25909912e6190316be2fca698dc86d7e

SHA1
ddeb3a1b00e537e0cd364af87727bf4d66d39162

SHA256
5a1fa7eedda77ab1b422ec7bfa6ff22dd10449da5f3ad557c147302913cffd16

SHA512
1913ee97b93f6b2b3cb88ccf02e617bcdce54427fc5d6c4030bf5108f9143868bb98beb1e82a86269d64fce482810850fa8f6b6f2694e478eafa4b79f4bc4457

Download Submit
C:\GOG Games\Undertale\mus_a2.ogg
Filesize
186KB

MD5
ee6282e61da71efdd1da75676044c0a1

SHA1
6caffe6d1838fb16138ed30f1f89890ac7e5df5b

SHA256
244ca709fe88618b2ae34a2767bdea7ea6b79df4f795b5f4fc00eab3c03e2ba7

SHA512
3f81d07e73c0dbda25c3af2440bcf1e25e1dcb568fd1c2d337d615ee833179053f5e7983048dd5db258a0116604abc27ee3919397939e3dad95c23ae0b983cec

Download Submit
C:\GOG Games\Undertale\mus_alphysfix.ogg
Filesize
36KB

MD5
dcafc0871eb93693cc5b0f9bf169df55

SHA1
cea9c096f8285d77b348d92fc26e27d45a889424

SHA256
6f4cd2037b27e6dc0ab6044ce58a2e66db380a13e67b5167d50d9caf02e37ca0

SHA512
369a3bca748b14589da221746d681191a90221337c197871952006efe184c9eb9b499107013d90385056b9d44d496a74336cf603eaacb81843d600b186c5f608

Download Submit
C:\GOG Games\Undertale\mus_amalgam.ogg
Filesize
903KB

MD5
b962c05bd42cf19f3a61c8d7e2410677

SHA1
8e027bf46c905bb154bc9fcef6c4d7bc02923100

SHA256
249e51b1e8a06e4b1b4d9387a6a5362cbd65ec89e06f4d5028308402c6e1371a

SHA512
a981387faa1c440bcf2e6d646bf55cf0d945c8f997b8aa00acff5144fd31693f7f42dc6f72ac2ed95af8f408aac4a64345b758fa7391e97a4cf3a1e5139b22de

Download Submit
C:\GOG Games\Undertale\mus_ambientwater.ogg
Filesize
24KB

MD5
c5d95352887d3ba20b0fff600284822d

SHA1
aa3b09a27a46a196baafb03736b9493d9933e8cd

SHA256
195b5bdbc3066c2025b28667b5c7f72a22b01cd0f629d9601ec3c749858b706b

SHA512
02884b849ddafe1b736497b7bb1be0067f1d92842940c0435a292384023dad97a5880c3cf38e041a7630b6f908b78c1f0ec84840f05a04ac63d2d134bc1fdf51

Download Submit
C:\GOG Games\Undertale\mus_anothermedium.ogg
Filesize
1.6MB

MD5
94726a30486ad58169ac6bb1272a8436

SHA1
ecd3f44bf107d08ace8c0c19691674be8318c692

SHA256
6d43d0a4a8a67918e0f4add018580f9ef120b9e0190cbdc0581d12827fb07ab8

SHA512
cb60cefbb14048c07c7a717c6c1c20a5d0e7462b542d0b119ea5c825fc2b9b97d6626693ee6ead7b46724e443ab72783dbfe24f56705335d54feae02d8cd0117

Download Submit
C:\GOG Games\Undertale\mus_bad.ogg
Filesize
15KB

MD5
92952e0422d298e61cde62bb2a5f5f88

SHA1
b98324d43c5b5e59a9e767ee6b5db75c74d8fa57

SHA256
79d6af19bc9ac74221af85e1ab5fa67c466b08ede7979090870d93a368f5abf6

SHA512
c38300948b9c8553af11cf01f81a3d7d6875d32f40934c27030b844e206237ff36c1499d1e559b6b21bbff6c710a01a2b3e24f043c2df5b49e9c00ef4d1ac5aa

Download Submit
C:\GOG Games\Undertale\mus_barrier.ogg
Filesize
287KB

MD5
b5c9f5d843f07bdff5b49a600a9737cc

SHA1
3779f0e0a31cf06186db71d8d81cd7111012995c

SHA256
3424de311fc694a93a8bfa7fbee2cba120f7377fea174f75a2cf6fe86dafd9d0

SHA512
3d9281f9746ba012a1dc71c2c52e45c5742476bea738cd443b519ffa3d9c16620a447bc227bde7d65ab186942fe5d4ad3d375b9e37a1ba2a95860ab7a79ac45c

Download Submit
C:\GOG Games\Undertale\mus_battle1.ogg
Filesize
642KB

MD5
336e2f63c6629fcf4334b145e1adc0f7

SHA1
d26f7d8a4c901c6fed5a98d91bddbefce35d7c52

SHA256
7101b56bf94fba741e8d36ccc51e10616808a1d6d898e970c56b824973c6d529

SHA512
0367ac313439f22eb036d41566d737783cf59914f7f94b6d3f3aed61544c8ab43e2d75ce5f16f710dadfed01e36b30a1d82fc702018389d2319937d297b955f8

Download Submit
C:\GOG Games\Undertale\mus_battle2.ogg
Filesize
706KB

MD5
0a242440e79ca4ad5c5ad85bb4194ffc

SHA1
c06f6e41d67b2d7ca7f53616102ad30fd8eb3d2d

SHA256
c75329c5308e0e2184eb106dc7a946d54bc51ad0ea2eb790c0bfad8f7f1dfa4d

SHA512
082e8f684a3e10a2ba0eedc71f775a2b56f36a751ad1882ae5eb70cefd4a713a0de12e7c6bbe153aeb22d2c8628aaecc78cbfdfe92b72ef55574da1f9d068f8d

Download Submit
C:\GOG Games\Undertale\mus_bergentruckung.ogg
Filesize
135KB

MD5
33d2e6dba7df72da33035c3be20152d1

SHA1
29643f786d78007d810af7cf389a0c243b6e1594

SHA256
61c0413b9179fbdfebcf8f2cdd122d8dd142887c35aad12f47dcfd7630dd5f78

SHA512
54c918db41731c1896cfc9179b7522418ad17e78e1ac853cb5d1b65aa0e31f1c3ae1794455047eb70da491c52f72e221096c664f04bf1daa70f5664fc87fc13b

Download Submit
C:\GOG Games\Undertale\mus_bgflameA.ogg
Filesize
53KB

MD5
67f5e7072204bc20998066de1ff20e2e

SHA1
3aa37c53f9d5ac5507e5250bb07900e61c897f49

SHA256
0c9eee11f57a00368f7fa165ece1f97c345f03c28826d6dd55c49006c545177f

SHA512
7313a86d3fe5e0d151b6a503844758bb1af4713d1be313e23eb9d34ff79fe1666fb8d6c6af03a6f175ee8aa611e331aa56323bb7baeb1577b7e0804243fdeb8a

Download Submit
C:\GOG Games\Undertale\mus_birdnoise.ogg
Filesize
331KB

MD5
85e7b2bc28a0e551dfdedd1f6646b681

SHA1
a1aa92d97f6092979320544942edf6b746a67527

SHA256
f68530da7bae270a3779be498d04145fcd4012cbccd0720501263f1be59b2f94

SHA512
582ac73e9ae4a0643134ddba3d6bb918b017e540a1b87834b23dc8e30c3d41bf6b5b34afc35a1031ba7e4c6f3d84bb4c6f994657515d57ab297f2ee354fbb512

Download Submit
C:\GOG Games\Undertale\mus_birdsong.ogg
Filesize
251KB

MD5
fa7183f5b9d75a05bff866183f0166b0

SHA1
aff7e644834cdc5bd769b45cf73ad43dacf96be9

SHA256
618c46734918c8211b58a636c0a4280ee961842b22c91135a9da0d6970613be6

SHA512
5047f6628db2a7806f2d47acf01a973bb89c9d0cfde8a2dde956224c258443598345c03dcab6e39809748d39c140c1a7629722acff007805b7cc5b7e5e31c4c1

Download Submit
C:\GOG Games\Undertale\mus_boss1.ogg
Filesize
1.2MB

MD5
0bbcb73ab5f262f048af4ef813efaac9

SHA1
541bf218e80b46be16dd4b781ff859c09b731272

SHA256
ef21b8a3e3834771d073c70c384ea2a6e05cbbf1ff8314b73e84e53b620183bb

SHA512
063dbeb7cc64ce1a7d1387fb0f526ea1c546020f54a27cf388322e3ea7efa44a93f8eb53946f5169ba061aeeac0cc70739a17dd00bdd8558f024b1422242eef3

Download Submit
C:\GOG Games\Undertale\mus_cast_1.ogg
Filesize
411KB

MD5
91e6c5088ff417ff22e469fa057c7ff0

SHA1
e15bb06a48832fea9e5a29c224950c90dff3ad80

SHA256
d7c39d948c7e20e72dfb43d25d1c4806390495dd8410ea2c8071ba3f32efeaa1

SHA512
75d76502cb1242c8a9ecdde50e2d76dab039826d2e15558823bfa370af31834c88c69e0b2fcf2190abd2272547b510325416e7142622b7e7cf8ad981bb5ef92e

Download Submit
C:\GOG Games\Undertale\mus_cast_2.ogg
Filesize
213KB

MD5
0e757e12c0f27d8e6faaab0d67d9189c

SHA1
5c7b31369419618c61f072c4631fdd8cd6f8a7d6

SHA256
6b061c68869002370fcd2725977f01c2a68fa592d7fd0ad934f680600a1b6c1f

SHA512
e15803787eee5e3d40ef3cedecea9090a6f735d6b193c771b2f37fa093b5371837e1b5807ddef9d81e0e6826717daea5918f27750b3fff5cf95ed9aa80db4c8d

Download Submit
C:\GOG Games\Undertale\mus_cast_3.ogg
Filesize
409KB

MD5
5f1964a271e8c6c34f51e5e67e236114

SHA1
1ba1490bddf8ff05995779ccc4a08438875db20a

SHA256
1f263161035bed24f70dd343587c447e545ff8890f3fd63587b0e49dba43debf

SHA512
57fecd3f16877245b1c9a84c8a960d262d309d9e1dfacea91c1b5714f5bf04d5495a5e1fe95364034d44e0d44b09fd6006565df6648920c69ac91085e64af766

Download Submit
C:\GOG Games\Undertale\mus_cast_4.ogg
Filesize
530KB

MD5
25d6c1762b5b478c61b23be07f384314

SHA1
51b2beb223183fe6824fe1f7b45113a8cd1b55f7

SHA256
7ecfa22aa880f4232854095dd408d9211a396524a1c96a3fe0354ab040b2e216

SHA512
3ca8c772ec79a90f5a1aeb06b435a9f9f9418304e4607c1eff00e56ec19aba9ff77b325fd7fca184dfb06200b57a86aad29868a6328e9722971e8fa22980e9c5

Download Submit
C:\GOG Games\Undertale\mus_cast_5.ogg
Filesize
815KB

MD5
e8524403d3fc9708e1980f38ac00f36a

SHA1
a6b6ca0a567fa43d8222be40def80edc7546c028

SHA256
e799798cde27f5887a0c650a07ca29b99cdf84fdc3864f4e3569f72219e35043

SHA512
ff788dfa983e217df23b72d4f21273a2df580726b5c38db1d85efeba554f363faa4d9ef1c4addf9c01a1d9c012d674214ebb3333eac2b8a3d121622f15fd40d8

Download Submit
C:\GOG Games\Undertale\mus_cast_6.ogg
Filesize
208KB

MD5
87ee8f9cccff5d32e054c8737bde915d

SHA1
dcbf4e5a137f248b8c4b404f847b5181fae4ee8d

SHA256
5c35750896f5eec85c502a00b935c7a96a6aa6b8655936ae99059fe2bbc6b9f9

SHA512
13fb4afa9fb65e95092de7ed9bde3cc56a9172dee4fc89569205fbf672f936cdb306fc912e8f7bbef4e420534561177107b085f976861d3d580fd25a6aaf07d5

Download Submit
C:\GOG Games\Undertale\mus_cast_7.ogg
Filesize
183KB

MD5
aeefd8eee053a0c3186efe9c5d0d6e81

SHA1
a0957dc42d8c3bd8c064a3b91336ff115d47897f

SHA256
0c5d9697e3d40f21f32b027026e8c117b242bd522ec0f08abf545b236f6c7bc6

SHA512
6bdd0377d2fe3aa59c0b9799fdc0397f6cda8a3149acc2e2e6b267176f0970a9f68d3b260592577ebff81c775181dbebcbef27eab21f2c0b2da83f3d518ed297

Download Submit
C:\GOG Games\Undertale\mus_chokedup.ogg
Filesize
1.6MB

MD5
cae6f64fcdb667dc64515c3e6c07fbc8

SHA1
f54327a0d7d11d5942dd2a5bbc6069f1db909c8c

SHA256
b77e1fc84dc3b20e779f23c376a457eeb9ba78adf06365d20481a8cb97c7cba3

SHA512
86ce7dbda1f92ec2ed18340727b697618fac8e59499efd0c030eecd86797808c655c6100ba3eab5608abd0e471c067aaa70b86080db959acbde0b99760f4d267

Download Submit
C:\GOG Games\Undertale\mus_churchbell.ogg
Filesize
77KB

MD5
aa4061c1c89e8221087449b54f370784

SHA1
d33f4acf8838d0ac962199191590b838fc1068ea

SHA256
efeb11babe4a529587614df295b473896e03393fa73c897dde9b02120389d620

SHA512
bef6790840b062bca813579093e25a72570d428fe5906ad116011de6baa337bafc9016ce26cf689752e5c0946f687c8cf7c56f69577fbb013a57dd346b73d55d

Download Submit
C:\GOG Games\Undertale\mus_computer.ogg
Filesize
17KB

MD5
bf3fd98aad1f2414f286221bf127e61b

SHA1
69d7ba47a60c69490af8429dcc2808630d73b03b

SHA256
4c4062d9f91a6801715aeff168ae4a6568f5e280b729691e6962331c270978c9

SHA512
0c266c3dda15d38572621e10c4cd48ca3b2e142fc3af73bcdb3ac97efb068e269c70a507e6590ae20322ed0956fa174a75c8adae4f96fa0b91fdd2de7e8b88ee

Download Submit
C:\GOG Games\Undertale\mus_confession.ogg
Filesize
210KB

MD5
edfd9d675bb2a2ce9132f4f3e5c9349b

SHA1
06d4ccc7727628d6c2d1d787ace97570e60e7bf6

SHA256
a4ca01491ad3ebfdb466a1b129f59fa46dea1d02b8761ac81c016432d9d0f9a3

SHA512
fa8eff518047ee267e51ab5a69a4ec5f270250b6b26ef817626b603b3b12fcae7f76c49402a6a342619bc55af92866ecc7b9bd84b1906307f51849aef984042b

Download Submit
C:\GOG Games\Undertale\mus_coolbeat.ogg
Filesize
23KB

MD5
2d721315d4b952cd0413123744470cd5

SHA1
71905ca68789f608cd18b75811ef2e464a3c6061

SHA256
b2502de775ddd9cd544958795d6f5b4b771249cce9142424b48e732cdaa51699

SHA512
76d7833debc58f2f55a418657ae1bd0dcb48ec851a2d66620d16ecfbbe3cbcb04ec2af916ff2eaad9bdf1df7b04e9f8a1fbfffe31039ecad9ee2796efa9f3f30

Download Submit
C:\GOG Games\Undertale\mus_core.ogg
Filesize
1.9MB

MD5
52013a81b15d85d4ba782d1f615b81a2

SHA1
76cc3316f50546ae09a58c2633de421c9cbc600e

SHA256
bad6636afb54e3b2a387fd07127a9a1ad4ab6f78171627dfe318bbfb9bc56a25

SHA512
b1ace698d8cfa1f100c08a68a6dd6517f430c1cc081f9104e354029a771d08f6827c2a867855340ae3a270c7c7b47de346d88a8cddee8413f0b5682edd33d286

Download Submit
C:\GOG Games\Undertale\mus_core_ambience.ogg
Filesize
60KB

MD5
2cdb01b7748ec9e635897ce6ef73f56e

SHA1
7caa08c67929d607feaba45432447c35f17f95ac

SHA256
94169292a9f99fe70992d4c0749bbc1889bdc7565dccdd83e3c73abd2c9485d5

SHA512
09fa5dd823a5d5e9b5c59e088d3a97dac722c06edb5a3145cafd7c3fc3288a01cc307a4f77a4b305cc65134fd5a53410f854e427f0ec6d0681293cae2e7088eb

Download Submit
C:\GOG Games\Undertale\mus_coretransition.ogg
Filesize
119KB

MD5
fa3925cec8965ca76dfc062b7e1ae9eb

SHA1
5b28e1d4ba5164f4f05387b1cac9c65f01333485

SHA256
0b5d6a8dfbf5ad68b0318808f3c8edd0da2213fbf67b359f3fbbcec854f3374c

SHA512
9a4a2ad218ce66d6a0d9f1fb1c55839c01a23c73b32a0329b5c6d1f7533024837ad170592e14fa4ef69cfda5f885b01a6f2b9b6302a0bf0f160b6f5451b2c971

Download Submit
C:\GOG Games\Undertale\mus_creepy_ambience.ogg
Filesize
139KB

MD5
466bf722f3d469ce001682992f4240bd

SHA1
8304d66bfb92a8cc583023bd060bdd78f97b7cb6

SHA256
105e5f99a30e1b1836b8d3980ae1be289e06e0122e91d1f7910181a7720e9d6e

SHA512
a1421009ad5f4d07e0fb33883aa82a5e6fcc008386fb7a4718d8312d58beeb0aec7bd419c4b464aadc760b2c1daaf0907347939686cf25497f95d47f38d72dc0

Download Submit
C:\GOG Games\Undertale\mus_crickets.ogg
Filesize
509KB

MD5
dc5a47a35a9cefbb89fa2871cbbc0c58

SHA1
30b4dac52a4d4417d4aff50a7e94dabdaff21175

SHA256
42ffa30414831e2ba55984edf269cae7eca398773d84b93f554752bb91924af6

SHA512
d816386576c33b8d5349a1e418f06a84bb0564bfaa163e2585b4a6512f9416febc472e7ec605eb084f073e827e728cd6218595e75e32515efe3735855ad2d249

Download Submit
C:\GOG Games\Undertale\mus_cymbal.ogg
Filesize
53KB

MD5
90a422f31063a50989b358708e68f109

SHA1
1c4605a43688cb893947cf0342673e9a212f6780

SHA256
ad536a8aef8f7485ff1f9c76ea9aadc156b7d3702d82078165e38a39977d9d85

SHA512
05301abcbe370deb41f8271891c6418684b9a461e6fe38354b4effe6cf053cb1c4963824b342e8a7492d9e3ff21c4bfddab95d88e83a5bb222bcffa09a6c97a8

Download Submit
C:\GOG Games\Undertale\mus_dance_of_dog.ogg
Filesize
113KB

MD5
b4e28f5b3e88139674359c3a97f545d1

SHA1
7e33a017272db837ee5172d8cb0dd4d1ef538c95

SHA256
3dd733edfe675fd5ec84a0186d2784ff83ddd0ff69c1b96c975be5c0086893a7

SHA512
238be7129ed51cbb2062d1c9c382a528e43abc61d375a1007b2f173e92f4197635888bde5ad8adc974588ae8c4a71b8c07fda314c30c274e1d1cd662cb73698d

Download Submit
C:\GOG Games\Undertale\mus_date.ogg
Filesize
1.3MB

MD5
2ec4e784ed2f5b0bd9c4ba0a3d4bf03e

SHA1
d1a6a88547738092dc8b65f5cc410f88cf76d56d

SHA256
a303ee85751ae94b16a1daa0ad258285b0da885142ee1820948bbe72b1b9969b

SHA512
e2ee77cecebc51e8597c962f6c55031b4cea0adf2ada3fbed8c0b8918525adad06bb4b1b7ea1a3bfed0c6af31f2808bb49b71d437848ac9e4d4663aa202ddce5

Download Submit
C:\GOG Games\Undertale\mus_date_fight.ogg
Filesize
380KB

MD5
f48e2cbc55d6d7bef38054db905ced93

SHA1
8e299d008315c75441539d38759d6ce89ae3c742

SHA256
7ccba51e2205f014e550f472ef847575bd12b4fec677462a274a5e2af0468c1d

SHA512
c2923da574d8e2159e34ca9b32f88c6db9948ec11b6ffd6ce30e342e708097bea5640847f7dd5eac5341a87c55bd980fcc13180491a6079c3fb06e4abf097452

Download Submit
C:\GOG Games\Undertale\mus_date_tense.ogg
Filesize
287KB

MD5
687f5597ecbb83868feaefe1ad4d3b45

SHA1
19677da55f31fbeacb09aec999b6616684205f83

SHA256
fef99e4757e91191d97335da62b7aa49bfe7a116ebf216f79a863e6ac9ee72c5

SHA512
358fd5440f3f11f9e2759248e2566c8a68e253c616747d1d34d46d7126005259f1d2e220b11a13ba9825c4d239a1b50af84876f0e5e0985175297f3ddcdf24b9

Download Submit
C:\GOG Games\Undertale\mus_deeploop2.ogg
Filesize
70KB

MD5
d471a28314b4d267104419b00a9c4420

SHA1
be301daf432602439e16f9a42b1c61708d4c8ced

SHA256
5c4df79571d6e20216cf57d9c823b54f210fe4efb1b13dd0f9dce7d64d6beaa5

SHA512
eabb9139cdc22759c45ca29f136e79b643f0bacb984219dd601622770de8a2aecb11804b1fe078bc98d2e9eb1e4b394a0629bab9468d9715ee75d6ae18f11e1e

Download Submit
C:\GOG Games\Undertale\mus_disturbing.ogg
Filesize
82KB

MD5
629f9c621c906b0f1a2d445e0fdc050e

SHA1
52fc9035a8192ed872b92a51014beaafa5e677be

SHA256
86a66166b93962edb0455f63959eb53c297c1d52bec13e32877eb8bf6f6a4b34

SHA512
dec3ebe2158702d0f619d513ca4d62ddbfe76f8e969d0fa57078e1e6b2e9afb724257c46566e3d7f3e514513bdc76f05dccb7920a83572d32ba3707ed8b715a1

Download Submit
C:\GOG Games\Undertale\mus_dogappear.ogg
Filesize
24KB

MD5
2d2cf95ff2877f86dd5de21fa6df3758

SHA1
33345114743cfc37cbe76cfd4a89fc2ed84ca07b

SHA256
9c0dc0331ee3164c43eb7ba25028d3923433f88cf27c72a464fb64ded95dd045

SHA512
3a8d21ea725635ec25615e3139e4d69161c87ecf729970dfda6a14041677fd7cd14d13ece16704462814722d2524eb029cf2d4bcdac7a5542d6b6faf31c50a7a

Download Submit
C:\GOG Games\Undertale\mus_dogmeander.ogg
Filesize
85KB

MD5
2ac546432377f6e1f9b212353e26fd02

SHA1
356dbbb1f24a8b7238ef3547362540b96804e03e

SHA256
fdfd3d9e926427c5681c683c8523f34754fd5cc88da3308420f016cc9cbafc4a

SHA512
448d1af59fbe1d8031aa14c7ba2b73aeb4689500619847c91abd6d0f229a100cd282b98bd1ac7914cc62578c0bf7ead110cd16ea409feb394cdcac29393ae67d

Download Submit
C:\GOG Games\Undertale\mus_dogroom.ogg
Filesize
345KB

MD5
bf7de16b8a2a6aae1d3605bd8af94eed

SHA1
02e7d8e8ca785775ed21d4cc413e18478850ea42

SHA256
56386401e7e2d75ae1ebc148483654bec8d89cd0f2364f2104b2a0b529af6516

SHA512
b72ab2c3c3ec8cd5e587b0a84b9166051283e1aab2defc953c258ea8117f7bca9114fb4e7c2f0ee7cacbca0d4fbd1093cfb68ada7273eb142cb2349500516095

Download Submit
C:\GOG Games\Undertale\mus_dogshrine_1.ogg
Filesize
556KB

MD5
1898412d05c0cb107d5bf879b44aee52

SHA1
9b054610f1a61c92c129c77506e70dd8c9cfbfaa

SHA256
75480e33442c016d961e0c9af33c07a9d7131288de41ee700b8da1e09c84d191

SHA512
ee4139ba5e5526bde772d43090cca4d1c8b3a4631c584b2755476f44b2f4c1b9d5823f4751874f6dfe39bc332dba397117f9182943e7ad7ef76ce1a5f2cd2c66

Download Submit
C:\GOG Games\Undertale\mus_dogshrine_2.ogg
Filesize
175KB

MD5
c4f8ce27eeb6f4bab11f149be5048862

SHA1
0436080344e8a7d386a3caa5b512703a5d18241d

SHA256
06afb33e9b3f2a89c8ccee969ce52c0010a9319c4e0310d26eca4ff01f2ab673

SHA512
cf2e8fb31fecf85e1b756d6cb444df9c38a0f5f0a32243182085831b56dc5232f2b721d5a0459afe8b28dbec1f5c8e5735daa0e07f5c5022dca5e91a57c8a4a7

Download Submit
C:\GOG Games\Undertale\mus_dogsong.ogg
Filesize
377KB

MD5
99b908d3f817b259a7779f299880222c

SHA1
331b6322f22b4fbe78d8a7bb00353b1d776739da

SHA256
cca3580a7a2db38481919c6827697c7558e9090b81f2fb4f31695b602d102654

SHA512
e4cf8eee6f63df20c0862b6915bbef1660ee68069f143fa1d22193ae6f1c165067fa58554650f15295efaa763e238128e06f98c07ea817e3a68c5da22c26ac9e

Download Submit
C:\GOG Games\Undertale\mus_dontgiveup.ogg
Filesize
1.4MB

MD5
82b23480adb513ca60400b6eab9d702e

SHA1
a1d569b491b7ce929f3da9e8d8cfd5362833290d

SHA256
51bfe55a523921c54884f3fb7f307201c4c796bac9c3d90faf2ac34a54115084

SHA512
4595a68a82db27770dcfc4e257acdd1e26fef5b8c41464b8f810f7949ba78eb3ba8d5fe6a775cca0fe64cbf1be44c874be8d24debc748d31f391591812131375

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Undertale [GOG.com]\Documents\Support.url
Filesize
116B

MD5
e9d4aa9b7a63e065bf1454d024be8e25

SHA1
5568fd6ca3332c9b53830634c4c2c8f7d2a9e201

SHA256
292c0769418d52376dce7c0602e5699b02007d6207ff375555d5b657a3adcdd6

SHA512
68b17a2f4e653d4c930afabda7e9747c3044e972e7c654841dc4128e00130c07b5f4ccb1cca88e6c119e55df410d469eccb02d680737bc471bd635afe310cfac

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Undertale [GOG.com]\Undertale.lnk
Filesize
822B

MD5
bc9454aa61a2eb179f3e2277f9063dcf

SHA1
57a1b9374dee28336f9b97eba8903def9e4becbf

SHA256
27c8d5f856f9a08062db6803c6cf705282c04d8e1e76824e83facb9c83043ad4

SHA512
01abef5b1569d25c9b26faeaa7288d44d22b58abf1774830da2f9c09f3ccb9538f627cbe90f92e06f2df3d01173b6bd4aa7602cd894ada52f76253bc4a9def45

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Undertale [GOG.com]\Uninstall Undertale.lnk
Filesize
817B

MD5
d7b8a295701322c02c9733b9f555c31b

SHA1
66a8d7fddb5a889dca9c249d923fe546be305a7d

SHA256
d3d9a4131f284bd42068419c7aab9f19b3106fecfcb009b57ea716c924aece0e

SHA512
92ffec0c4f47ed69f52c590c8e7cc99db53838c3c8cd4ada1fa43e70dedd80e6c63902c8ae601da94211efda529a435e1193f0e90de0f26022c6bdaaf5495b46

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-60TDV.tmp\scriptinterpreter.tmp
Filesize
1.3MB

MD5
25909912e6190316be2fca698dc86d7e

SHA1
ddeb3a1b00e537e0cd364af87727bf4d66d39162

SHA256
5a1fa7eedda77ab1b422ec7bfa6ff22dd10449da5f3ad557c147302913cffd16

SHA512
1913ee97b93f6b2b3cb88ccf02e617bcdce54427fc5d6c4030bf5108f9143868bb98beb1e82a86269d64fce482810850fa8f6b6f2694e478eafa4b79f4bc4457

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-G7SNO.tmp\setup_undertale_1.08_(18328).tmp
Filesize
1.2MB

MD5
3602e9114e7254a36fcd909cfa490c3a

SHA1
198af4c93cbcf2195df4cb4aa42096a799c7f374

SHA256
a153c8db6f20f9c54f4bd1607b2502d3914662caa9615e1c557cf0abd8777bab

SHA512
eb1caf37de29467977088952b782dd1cd97969083ef60a0307aa4dd1dde1a44227ef4a871da775b05665f5fec780294c15d6c0f2d9c275e519054eb4628d7fdf

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-G7SNO.tmp\setup_undertale_1.08_(18328).tmp
Filesize
1.2MB

MD5
3602e9114e7254a36fcd909cfa490c3a

SHA1
198af4c93cbcf2195df4cb4aa42096a799c7f374

SHA256
a153c8db6f20f9c54f4bd1607b2502d3914662caa9615e1c557cf0abd8777bab

SHA512
eb1caf37de29467977088952b782dd1cd97969083ef60a0307aa4dd1dde1a44227ef4a871da775b05665f5fec780294c15d6c0f2d9c275e519054eb4628d7fdf

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-T692C.tmp\1207658702_english.jpg
Filesize
195KB

MD5
ed224bf981e588b310321e3364cde5cd

SHA1
b3a7c43742304b6541bd83b04104ba0511103cd9

SHA256
988c25e3d92bbce791a012beabe67b70d0f708fe658a75304261f9699de0c063

SHA512
9c1ee058e5adeb765b435c4de9b1c9d211dbfec1d6d9b78abb5c38887d21a9920d35cb61b8139662b03acc5b74132c4bf267a91927587ab59b490cdf519e3902

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-T692C.tmp\1449139823_english.jpg
Filesize
192KB

MD5
c86d1d0ecf523cbc44a0f3cff1f81586

SHA1
a906d195974ef3afd6d7da7d820dcc9a4efe3987

SHA256
5091f3f1bd82d677b364080052f9166a0b85ae179c6ab6bbd6b87f4203c14e1f

SHA512
fab06cea1446b58abeece64a7e4bcd5e9f8a6ca75aa2255ae65f3e5d88c81abd17be9946e3702a30d7978660ec363c73c4e9483678558e8a79ffdfcaafd24bba

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-T692C.tmp\BigOK.png
Filesize
3KB

MD5
5b43a5d975a53f4fc1da67ce9f7784c1

SHA1
8543fa1e471030049942252b23cb22e0880c3af5

SHA256
59d8bb3e87a89ef523c0495addce38d69560af42aaa82f56dd41b12e6612c13a

SHA512
5dd5c4e9859a555a4a32da76f5231b44f7556274c6501da530b2cdd570bcb4675f710bee708322a40ed3ef9280c0d652b4e7ef0e9eaf128c08534f59291917f5

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-T692C.tmp\EULAAccepted.png
Filesize
2KB

MD5
461dfeb75927bdb39f9db5348612a611

SHA1
b7893b1fff6801e37ee7337d876962a09184941e

SHA256
0de278f5ca6d8570d9bda592268a14a28b87d3631fea2d25721947397aaab79c

SHA512
68528cf45c81c2c024a672f42c2cd6d4f72c015b443f103ca21deb8ee2bec4f4027490e7f33b5338a87537b5bf7f255f2828aed149f622155ec89cc81687651b

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-T692C.tmp\EULAShow.png
Filesize
1KB

MD5
c596bc9111edc702bbbb29b70984254f

SHA1
d4712c7b91ff4f8994e7907d31357c42eb47c738

SHA256
6112851daea2aaa7174e8cfac4a0f61c968bc090342503804c476eff47cc2462

SHA512
db50d0a39ec644873a03d64552fff1776cc94f016e8dfc8918e65aee94f7529a6de4637567b5e65c4ea988f3775785c4b52c2d96fe8dbc52b1e21ff59c737c2a

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-T692C.tmp\GOG_new.png
Filesize
3KB

MD5
d5b63bdfa47ef5954917c148bacf7b13

SHA1
5302c6715d9e9b5d2768b130f3e516e175684cc9

SHA256
0804b385c1736e009fe8c3b1b14085b9b9abb40ce487360002ab4a8f3505f4e0

SHA512
b5cde681be9ad1c1211559dc4b363003bf547e8dc965dbb9560fdddfc28ee1d8f27cc534dd00864d800fd351c48694d7dc8df55fc3d8d69acf8b702c7b421aa9

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-T692C.tmp\OpenSans-Regular.ttf
Filesize
212KB

MD5
629a55a7e793da068dc580d184cc0e31

SHA1
3564ed0b5363df5cf277c16e0c6bedc5a682217f

SHA256
e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee

SHA512
6c24c71bee7370939df8085fa70f1298cfa9be6d1b9567e2a12b9bb92872a45547cbabcf14a5d93a6d86cd77165eb262ba8530b988bf2c989fadb255c943df9b

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-T692C.tmp\background.jpg
Filesize
308KB

MD5
79dd8f2494aef70c997f7627449d7e9d

SHA1
6fc00daa1c26ee76a90a55e39e0c3a72cf4b36e7

SHA256
502d1b67b2a2b390753fdcafd9b5f33c97796b580eaff893ba7360931092989f

SHA512
3af7da0eb62a38a3a4445cd0bd563a8fc7c3010830228d2bc075ae7b5bf990ca20bef806116c60d4a367548a821587328ab0509ab8ba73e6fdfc0a7be30a6c78

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-T692C.tmp\btn_md5.png
Filesize
8KB

MD5
3befe9739354ee24a0b1ea8df05ce274

SHA1
ab0bda986a8c46aa19f57b75a2b7b22445a3c625

SHA256
b0193ab375f604fa4a25cabdea8f713babde1c07ab562ffc5679352c8e01db47

SHA512
ac016a59e0bfc9b22c376ae5d498c5660893a983d932b2bd502dabe032883c69e79ea8d93c2db49f95415c3cdb068e9f7d1d85527a4f9e68e065a989852d09dd

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-T692C.tmp\error.png
Filesize
726B

MD5
df10adc25b673e74e19971c17bee5a98

SHA1
ee16fb1cf9491f5e611282f0574b27d76fede412

SHA256
142b16dc6239421691fa6e619d1a61e61176d89fa018a88b46893c29a57aad8b

SHA512
dc3de10e0321966cbbfb2e57b3b41da6f26dff0c7233a47469da58775b5c471e6b5181e4d4ffc81ef8b83dbcad74ccc1aad7678518f99c9185a441d2a23e010f

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-T692C.tmp\error_icon.png
Filesize
1KB

MD5
263720c4b8bb111567a2a49989b8f467

SHA1
cf346fa3c70164648e0eaf72a37c6f4920ab4792

SHA256
acdf96ee4261fae138e6350a0ad50b367022ed5b908fa168baad92644f566ee8

SHA512
94f06a81dc735cf264abde86e6169e5fd78d873d2e926fd48287d2ac5208fc930c3c432186e3510add002bd1b4ae32ad8d35270b17c3ce5f18c43764a8e9de43

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-T692C.tmp\ok.png
Filesize
1KB

MD5
103c1368e60806b1b7995a0894eacf87

SHA1
971392527f6e4b655044773132505c901a6b5469

SHA256
0d37d4421a39ca8852eb6760b8e914302bdc6cfcc7b170dc1b6c9bb9be148b7e

SHA512
652177e94438aff102f2ed873b26f0985ebed134763852b49b1ca2698463c1dbeb85152f19c8e18d397229ec5cb2cd1d17c61d454ab7c425a2cab540adc8228a

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-T692C.tmp\progress_center.png
Filesize
1KB

MD5
ad7fc1e37e40da38dd57adc446cc6c0e

SHA1
08033265deb9b45243cfa0065d98ffe13a039e26

SHA256
2b9dae87340e66b67ab1d8247d4a137628e324969f92fe1098f95a7c5bab2f43

SHA512
dd715d74f8e1ed6ab75b7b6530b383ac47040d8baa7728be160f6d230bf485a9cc54f15f7dc85b122ce56e54d63fa4890e510dfc89d9c9344e31f789ebac8756

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-T692C.tmp\progress_left.png
Filesize
1KB

MD5
290c7612ad7a077028cd3dc78ce99673

SHA1
18995fbe39d05e4a1cafc7cc2e0f6fb745442f77

SHA256
85e39d909a7300fa2043ec42818582867b981401264b14fc5408e477ae0b4668

SHA512
799841f5b8a1056e78a49c823009750e4b93af130a6c4ff9dc6d386c06b88614e53b46a6df62f5a217d5c99da01cf4e2fe8392c73d39e81000045291cf24205a

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-T692C.tmp\progress_right.png
Filesize
1KB

MD5
c25a41f022a74308d944d1e807d72f44

SHA1
83c6bbec3fb373fcc78ce0e737742100994cd6d4

SHA256
396a3351fe409328782ab138282cf9cec061a5a9540a3506700a620db1f54e7d

SHA512
d2f4449195f3e60c826cfabb52a083d829eb9d0509272977d8fdb33bc5214678949cd27d0594684594e0a3eda2351c39cec8d91923cb716ad144ccf2b966c8e6

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-T692C.tmp\slideshow.ini
Filesize
298B

MD5
dd34f5881d26a40468f4eb1a01aeb892

SHA1
6065a141c70d7eff63a0e879dad4868e1868a3f8

SHA256
23ffd13e24c21c28893f350c1283c8faa856a45ef554ecff9e96442bc51bc214

SHA512
34c7652ff16ce6895c20b63e6d9b33626f14bbbf549fd3662bb17c464f501d08a4cff8dcdcbc153cd7b76da09060d7e42babc683e441f8dbe69438ab9b98bf02

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-T692C.tmp\track_center.png
Filesize
1KB

MD5
3f2b0c22f8ea28dcbb82b39a16a039aa

SHA1
b3f4dfc2ea86fbdad05877b4c356b7fa8016731d

SHA256
794f9eeca7fd99846968376b76a296c927532cef1271325cbf555caa0d0d5860

SHA512
b4bf65d751717e85418947662d315ae3bcb177f60914832fefeeb95da9eddb75eb5531c62e5a5a70ff03c8a025b5a03e61ffbdecc9f483bea9684454ca9362d3

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-T692C.tmp\track_left.png
Filesize
1KB

MD5
55dacb00cbe2825a8540236c5777a205

SHA1
18a52ac6c741b558500fbc1716d46b4fe4471982

SHA256
a8340fb5380c922b60ea40043590dba067dcfed6e22636851691df38156a3aa8

SHA512
2ea444cc1080f20761c8d71d96fcd04ef48254cdc1dc41d1d139f459ea5613fe12f6e4bd026bf33a5c01ff038e72e05dae2f8fba33ff517dd395e1911f10ff10

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-T692C.tmp\track_right.png
Filesize
1KB

MD5
ddec70b6c49be3e8c3a7d01c2f6ff1c5

SHA1
5383271999f787c36b1dc8f3cc13c8407b195439

SHA256
f54cd6e42f2b2bc5cb8a15f6a28f1499abf094a519ebdf39f4c4e167312c9c16

SHA512
f43f94b194b5a7eafcec9e831f61042859c30e1af2e2447195bdd06b12c90982181161a1c1be5aa5223ff664f88e4891bd71cfffb7ef672d6fe4f614030e0e01

Download Submit
C:\Users\Public\Desktop\Undertale.lnk
Filesize
804B

MD5
0b206729d3758a89cf28478c681b86c3

SHA1
f9a31fa9fbf34ec6d0743973c7a2e677cdc63d2a

SHA256
247c741a345aef5802b27c08fa4c5aba96a8220a59457665318b53783a276816

SHA512
b5e7742b70673a56b31baf6e1e12ff1faf6fdf0b85d6aff8047308e54e63a81a051ca639bfb49642f1c860845c6742eaf4e26b784fa60a8adc3cfc92dd9abe89

Download Submit
\??\c:\gog games\undertale\goggame-1456487183.info
Filesize
840B

MD5
72c5257a93fbeec975a4a4175b50080d

SHA1
7b28af62c13cc120f3ac3e0ef273be85116d8d76

SHA256
adb26c3daa0b8511e8219b7ee950c8cdc527795f7e3b2a6a42355f27fcdc1b29

SHA512
f8ec190ba65211588f6156e74d1e8e842fe959ab1f8830e8ee1c9adaf35bbbbcaff7814560fa7e5c7e075c5d33422144070e114727229343087465f6895fed2c

Download Submit
\??\c:\gog games\undertale\goggame-1456487183.script
Filesize
419B

MD5
ecfe49b9be64a0e398f861c8d5f16f53

SHA1
465087b4a0a9045d3de22ec0ec92287acf26b47b

SHA256
f1c0f97ea9a8dbbb37355cef6f2d42832e97acb47b5e9bc327ece2d9b397c5a7

SHA512
25239ddf866e6d0e2fa53b033e6aa26978ae8a342ee123592e974e911db9fe130204e675bb61079cc3f45451663e5276062d391638ecd83756c4d9e14c52474a

Download Submit
\Users\Admin\AppData\Local\Temp\is-E6505.tmp\uninstall.dll
Filesize
698KB

MD5
73e7b1edd7e389d8fddf31273b34bd14

SHA1
c4d51c194b1901b186c815101424a58419bbcb3d

SHA256
5091cd5eef67f8f4cf9ae53b52160d6bedf7245c580d8a231595ba39e55ffdb1

SHA512
1d0673f8c87a42cff4f3440527824e192c2fa3c410227ed46aa05dc2fe068f170df771777cea11f171f75b7a7897e9e0d9eb9106db56996f8c95cbe7abef5c8f

Download Submit
\Users\Admin\AppData\Local\Temp\is-T692C.tmp\botva2.dll
Filesize
35KB

MD5
0177746573eed407f8dca8a9e441aa49

SHA1
6b462adf78059d26cbc56b3311e3b97fcb8d05f7

SHA256
a4b61626a1626fdabec794e4f323484aa0644baa1c905a5dcf785dc34564f008

SHA512
d4ac96da2d72e121d1d63d64e78bcea155d62af828324b81889a3cd3928ceeb12f7a22e87e264e34498d100b57cdd3735d2ab2316e1a3bf7fa099ddb75c5071a

Download Submit
\Users\Admin\AppData\Local\Temp\is-T692C.tmp\botva2.dll
Filesize
35KB

MD5
0177746573eed407f8dca8a9e441aa49

SHA1
6b462adf78059d26cbc56b3311e3b97fcb8d05f7

SHA256
a4b61626a1626fdabec794e4f323484aa0644baa1c905a5dcf785dc34564f008

SHA512
d4ac96da2d72e121d1d63d64e78bcea155d62af828324b81889a3cd3928ceeb12f7a22e87e264e34498d100b57cdd3735d2ab2316e1a3bf7fa099ddb75c5071a

Download Submit
\Users\Admin\AppData\Local\Temp\is-T692C.tmp\crcdll.dll
Filesize
69KB

MD5
1d51fac9e2384eeb674199cfd5281d7d

SHA1
861dfdc121357d605d0cc3793266713788109eb2

SHA256
23e90ce5a1f2d634a7bf5d5d0522fafeea6df9e536e16f5ce91035d5197128ec

SHA512
921b00adfe43b883200960e8d0958d4e6b97f6d5cfc096ee277766a3e44cc7805a20877a4edf8bd4d9102bb71a20ac218a9a512f4f76bd751d3ef14f4e0a6eda

Download Submit
\Users\Admin\AppData\Local\Temp\is-T692C.tmp\innocallback.dll
Filesize
63KB

MD5
1c55ae5ef9980e3b1028447da6105c75

SHA1
f85218e10e6aa23b2f5a3ed512895b437e41b45c

SHA256
6afa2d104be6efe3d9a2ab96dbb75db31565dad64dd0b791e402ecc25529809f

SHA512
1ec4d52f49747b29cfd83e1a75fc6ae4101add68ada0b9add5770c10be6dffb004bb47d0854d50871ed8d77acf67d4e0445e97f0548a95c182e83b94ddf2eb6b

Download Submit
\Users\Admin\AppData\Local\Temp\is-T692C.tmp\innocallback.dll
Filesize
63KB

MD5
1c55ae5ef9980e3b1028447da6105c75

SHA1
f85218e10e6aa23b2f5a3ed512895b437e41b45c

SHA256
6afa2d104be6efe3d9a2ab96dbb75db31565dad64dd0b791e402ecc25529809f

SHA512
1ec4d52f49747b29cfd83e1a75fc6ae4101add68ada0b9add5770c10be6dffb004bb47d0854d50871ed8d77acf67d4e0445e97f0548a95c182e83b94ddf2eb6b

Download Submit
memory/4348-248-0x0000000000400000-0x0000000000437000-memory.dmp

Filesize
220KB

Download
memory/4348-116-0x0000000000400000-0x0000000000437000-memory.dmp

Filesize
220KB

Download
memory/4348-1039-0x0000000000400000-0x0000000000437000-memory.dmp

Filesize
220KB

Download
memory/4388-121-0x00000000006A0000-0x00000000006A1000-memory.dmp

Filesize
4KB

Download
memory/4388-316-0x0000000000400000-0x000000000053D000-memory.dmp

Filesize
1.2MB

Download
memory/4388-335-0x0000000004A10000-0x0000000004A25000-memory.dmp

Filesize
84KB

Download
memory/4388-254-0x0000000000400000-0x000000000053D000-memory.dmp

Filesize
1.2MB

Download
memory/4388-386-0x0000000000400000-0x000000000053D000-memory.dmp

Filesize
1.2MB

Download
memory/4388-880-0x0000000000400000-0x000000000053D000-memory.dmp

Filesize
1.2MB

Download
memory/4388-127-0x0000000004A10000-0x0000000004A25000-memory.dmp

Filesize
84KB

Download
memory/4388-391-0x0000000004A10000-0x0000000004A25000-memory.dmp

Filesize
84KB

Download
memory/4388-318-0x0000000004D40000-0x0000000004D4E000-memory.dmp

Filesize
56KB

Download
memory/4388-881-0x0000000004A10000-0x0000000004A25000-memory.dmp

Filesize
84KB

Download
memory/4388-249-0x0000000000400000-0x000000000053D000-memory.dmp

Filesize
1.2MB

Download
memory/4388-334-0x0000000000400000-0x000000000053D000-memory.dmp

Filesize
1.2MB

Download
memory/4388-172-0x0000000004D40000-0x0000000004D4E000-memory.dmp

Filesize
56KB

Download
memory/4388-252-0x00000000006A0000-0x00000000006A1000-memory.dmp

Filesize
4KB

Download
memory/4388-317-0x0000000004A10000-0x0000000004A25000-memory.dmp

Filesize
84KB

Download
memory/4388-250-0x0000000004A10000-0x0000000004A25000-memory.dmp

Filesize
84KB

Download
memory/4388-1038-0x0000000000400000-0x000000000053D000-memory.dmp

Filesize
1.2MB

Download
memory/4388-944-0x0000000000400000-0x000000000053D000-memory.dmp

Filesize
1.2MB

Download
memory/4388-945-0x0000000004A10000-0x0000000004A25000-memory.dmp

Filesize
84KB

Download
memory/4388-946-0x0000000004D40000-0x0000000004D4E000-memory.dmp

Filesize
56KB

Download
memory/4388-251-0x0000000004D40000-0x0000000004D4E000-memory.dmp

Filesize
56KB

Download
memory/4908-812-0x0000000001370000-0x0000000001371000-memory.dmp

Filesize
4KB

Download
memory/4908-936-0x0000000000C40000-0x0000000000D90000-memory.dmp

Filesize
1.3MB

Download
memory/5008-800-0x00000000013B0000-0x00000000013E9000-memory.dmp

Filesize
228KB

Download
memory/5008-937-0x00000000013B0000-0x00000000013E9000-memory.dmp

Filesize
228KB

Download